public void ValidUserNameCredentialValidClientCredentialUseRefreshToken()
{
var client = new OAuth2Client(
new Uri(baseAddress),
Constants.Credentials.ValidClientId,
Constants.Credentials.ValidClientSecret);
var response = client.RequestAccessTokenUserName(
Constants.Credentials.ValidUserName,
Constants.Credentials.ValidPassword,
scopeSymmetric);
Assert.IsTrue(response != null, "response is null");
Assert.IsTrue(!string.IsNullOrWhiteSpace(response.AccessToken), "access token is null");
Assert.IsTrue(!string.IsNullOrWhiteSpace(response.TokenType), "token type is null");
Assert.IsTrue(response.ExpiresIn > 0, "expiresIn is 0");
Assert.IsTrue(!string.IsNullOrWhiteSpace(response.RefreshToken));
var form = new FormUrlEncodedContent(new Dictionary<string, string>
{
{ OAuth2Constants.GrantType, "refresh_token" },
{ "refresh_token", response.RefreshToken },
{ OAuth2Constants.Scope, scopeSymmetric }
});
var httpClient = new HttpClient();
httpClient.DefaultRequestHeaders.Authorization = new BasicAuthenticationHeaderValue(Constants.Credentials.ValidClientId, Constants.Credentials.ValidClientSecret);
var result = httpClient.PostAsync(new Uri(baseAddress), form).Result;
Assert.AreEqual<HttpStatusCode>(HttpStatusCode.OK, result.StatusCode);
}
public void ValidUserNameCredentialWithTokenValidation()
{
var client = new OAuth2Client(new Uri(baseAddress));
var response = client.RequestAccessTokenUserName(
Constants.Credentials.ValidUserName,
Constants.Credentials.ValidPassword,
scope);
Assert.IsTrue(response != null, "response is null");
Assert.IsTrue(!string.IsNullOrWhiteSpace(response.AccessToken), "access token is null");
Assert.IsTrue(!string.IsNullOrWhiteSpace(response.TokenType), "token type is null");
Assert.IsTrue(response.ExpiresIn > 0, "expiresIn is 0");
Trace.WriteLine(response.AccessToken);
var config = new SecurityTokenHandlerConfiguration();
var registry = new WebTokenIssuerNameRegistry();
registry.AddTrustedIssuer("http://identityserver45.thinktecture.com/trust/changethis", "http://identityserver45.thinktecture.com/trust/initial");
config.IssuerNameRegistry = registry;
var issuerResolver = new WebTokenIssuerTokenResolver();
issuerResolver.AddSigningKey("http://identityserver45.thinktecture.com/trust/changethis", "3ihK5qGVhp8ptIk9+TDucXQW4Aaengg3d5m6gU8nzc8=");
config.IssuerTokenResolver = issuerResolver;
config.AudienceRestriction.AllowedAudienceUris.Add(new Uri(scope));
var handler = new JsonWebTokenHandler();
handler.Configuration = config;
var jwt = handler.ReadToken(response.AccessToken);
var id = handler.ValidateToken(jwt);
}
public async Task<ActionResult> Login(string userName, string password)
{
UserCredentialsModel user = null;
try
{
var client = new OAuth2Client(new Uri(tokenEndPointURL), "mymonkeycap", "Nexusdata#1");
await Task.Run(() =>
{
var requestResponse = client.RequestAccessTokenUserName(userName, password, "openid profile offline_access");
var claims = new[]
{
new Claim("access_token",requestResponse.AccessToken),
new Claim("refresh_token", requestResponse.RefreshToken)
};
var claimsIdentity = new ClaimsIdentity(claims,
DefaultAuthenticationTypes.ApplicationCookie);
HttpContext.GetOwinContext().Authentication.SignIn(claimsIdentity);
});
user = new UserCredentialsModel
{
Email = userName,
IsLoggedIn = true
};
}
catch (Exception ex)
{
return Json(ex.Message, JsonRequestBehavior.AllowGet);
}
return Json(user, JsonRequestBehavior.AllowGet);
}
public void ValidUserNameCredentialMissingClientCredential()
{
var client = new OAuth2Client(new Uri(baseAddress));
var response = client.RequestAccessTokenUserName(
Constants.Credentials.ValidUserName,
Constants.Credentials.ValidPassword,
scope);
}
private static string RequestToken()
{
var client = new OAuth2Client(new Uri("https://localhost/idsrv/issue/oauth2/token"), "OAuthTest",
"Zt7EAk32Sp2W5QorFC3DDGWSkp49bXYirFexRUmFrr4=");
var response = client.RequestAccessTokenUserName("admin", "BASE64", "https://localhost:44308/");
return response.AccessToken;
}
public ActionResult RenewToken(string refreshToken)
{
var client = new OAuth2Client(
new Uri(Constants.AS.OAuth2TokenEndpoint),
Constants.Clients.CodeClient,
Constants.Clients.CodeClientSecret);
var response = client.RequestAccessTokenRefreshToken(refreshToken);
return View("Postback", response);
}
public ActionResult RenewToken(string refreshToken)
{
var client = new OAuth2Client(
new Uri("https://idsrv.local/issue/oauth2/token"),
"codeflowclient",
"secret");
var response = client.RequestAccessTokenRefreshToken(refreshToken);
return View("Postback", response);
}
private static string GetIdentityToken()
{
"Requesting token".ConsoleYellow();
var client = new OAuth2Client(_oauth2Address);
var response = client.RequestAccessTokenUserName("bob", "abc!123", Constants.Realm);
return response.AccessToken;
}
private static string GetServiceTokenOAuth2(string samlToken)
{
"Converting token from SAML to SWT".ConsoleYellow();
var client = new OAuth2Client(_acsOAuth2Endpoint);
return client.RequestAccessTokenAssertion(
samlToken,
TokenTypes.Saml2TokenProfile11,
Constants.Realm).AccessToken;
}
private static string ConvertToJwt(string samlToken)
{
"Converting token from SAML to JWT using ACS".ConsoleYellow();
var client = new OAuth2Client(new Uri(Constants.ACS.OAuth2Endpoint));
return client.RequestAccessTokenAssertion(
samlToken,
TokenTypes.Saml2TokenProfile11,
Constants.Realm).AccessToken;
}
public static string BuildJwtToken()
{
var client = new OAuth2Client(
new Uri("https://localhost/idsrv/issue/oauth2/token"),
"BasicHttpIdsrvTest",
"fRcnE4PvE5pMu4Xj0gxzKs0/iSYtGxn+nhM+Cu+zr10=");
var response_admin = client.RequestAccessTokenUserName("admin", "Verrus123", "https://localhost:44301/");
var response_nino = client.RequestAccessTokenUserName("nino", "Verrus123", "https://localhost:44301/");
return response_admin.AccessToken;
}
private static string RequestToken()
{
"Requesting token.".ConsoleYellow();
var client = new OAuth2Client(
new Uri(Constants.IdSrv.OAuth2TokenEndpoint),
Constants.IdSrv.OAuthClientName,
Constants.IdSrv.OAuthClientSecret);
var response = client.RequestAccessTokenUserName("bob", "abc!123", Constants.Scope);
return response.AccessToken;
}
private static string RefreshToken(string refreshToken)
{
"Refreshing token.".ConsoleYellow();
var client = new OAuth2Client(
new Uri(Constants.AS.OAuth2TokenEndpoint),
Constants.Clients.ResourceOwnerClient,
Constants.Clients.ResourceOwnerClientSecret);
var response = client.RequestAccessTokenRefreshToken(refreshToken);
return response.AccessToken;
}
public ActionResult Postback()
{
var client = new OAuth2Client(
new Uri("https://idsrv.local/issue/oauth2/token"),
"codeflowclient",
"secret");
var code = Request.QueryString["code"];
var response = client.RequestAccessTokenCode(code);
return View("Postback", response);
}
public ActionResult Postback()
{
var client = new OAuth2Client(
new Uri(Constants.AS.OAuth2TokenEndpoint),
Constants.Clients.CodeClient,
Constants.Clients.CodeClientSecret);
var code = Request.QueryString["code"];
var response = client.RequestAccessTokenCode(
code,
new Uri(Constants.Clients.CodeClientRedirectUrl));
return View("Postback", response);
}
public void ValidUserNameCredentialInvalidClientCredential()
{
var client = new OAuth2Client(new Uri(baseAddress), "invalid", "invalid");
var response = client.RequestAccessTokenUserName(
Constants.Credentials.ValidUserName,
Constants.Credentials.ValidPassword,
scope);
Assert.IsTrue(response != null, "response is null");
Assert.IsTrue(!string.IsNullOrWhiteSpace(response.AccessToken), "access token is null");
Assert.IsTrue(!string.IsNullOrWhiteSpace(response.TokenType), "token type is null");
Assert.IsTrue(response.ExpiresIn > 0, "expiresIn is 0");
Trace.WriteLine(response.AccessToken);
}
private static string RequestToken()
{
"Requesting token.".ConsoleYellow();
var client = new OAuth2Client(
new Uri(Constants.AS.OAuth2TokenEndpoint),
Constants.Clients.Client,
Constants.Clients.ClientSecret);
var response = client.RequestAccessTokenClientCredentials("read");
Console.WriteLine(" access token");
response.AccessToken.ConsoleGreen();
Console.WriteLine();
return response.AccessToken;
}
public static OidcTokenResponse RefreshAccessToken(Uri tokenEndpoint, string clientId, string clientSecret, string refreshToken)
{
var client = new OAuth2Client(
tokenEndpoint,
clientId,
clientSecret);
var response = client.RequestAccessTokenRefreshToken(refreshToken);
return new OidcTokenResponse
{
AccessToken = response.AccessToken,
ExpiresIn = response.ExpiresIn,
TokenType = response.TokenType,
RefreshToken = refreshToken
};
}
public static OidcTokenResponse RefreshAccessToken(Uri tokenEndpoint, string clientId, string clientSecret, string refreshToken)
{
var client = new OAuth2Client(
tokenEndpoint,
clientId,
clientSecret);
var response = client.RequestAccessTokenRefreshToken(refreshToken);
return(new OidcTokenResponse
{
AccessToken = response.AccessToken,
ExpiresIn = response.ExpiresIn,
TokenType = response.TokenType,
RefreshToken = refreshToken
});
}
private static string RequestToken()
{
"Requesting token.".ConsoleYellow();
var client = new OAuth2Client(
new Uri(Constants.AS.OAuth2TokenEndpoint),
Constants.Clients.ResourceOwnerClient,
Constants.Clients.ResourceOwnerClientSecret);
var response = client.RequestAccessTokenUserName("bob", "abc!123", "read");
Console.WriteLine(" access token");
response.AccessToken.ConsoleGreen();
Console.WriteLine("\n refresh token");
response.RefreshToken.ConsoleGreen();
Console.WriteLine();
return response.AccessToken;
}
protected void btnLogin_Click(object sender, EventArgs e)
{
tbAccessToken.Text = "";
if (string.IsNullOrEmpty(tbUserName.Text))
{
lblLoginStatus.Text = Constant.INVALID_USERNAME;
lblLoginStatus.ForeColor = Color.Red;
lblLoginStatus.Visible = true;
}
else if (string.IsNullOrEmpty(tbPassword.Text))
{
lblLoginStatus.Text = Constant.INVALID_PASSWORD;
lblLoginStatus.ForeColor = Color.Red;
lblLoginStatus.Visible = true;
}
else if (string.IsNullOrEmpty(tbAPIKey.Text))
{
lblLoginStatus.Text = Constant.INVALID_APIKEY;
lblLoginStatus.ForeColor = Color.Red;
lblLoginStatus.Visible = true;
}
else if (string.IsNullOrEmpty(tbRootId.Text))
{
lblLoginStatus.Text = Constant.INVALID_ROOT_ID;
lblLoginStatus.ForeColor = Color.Red;
lblLoginStatus.Visible = true;
}
else if (string.IsNullOrEmpty(tbAccessTokenEndPoint.Text))
{
lblLoginStatus.Text = Constant.INVALID_ACCESS_TOKEN_END_POINT;
lblLoginStatus.ForeColor = Color.Red;
lblLoginStatus.Visible = true;
}
else
{
string userName = tbUserName.Text;
string password = tbPassword.Text;
string baseScope = ConfigurationManager.AppSettings["BaseScopes"].ToString();
string tokenUrl = tbAccessTokenEndPoint.Text;
Uri tokenEndpoint = new Uri(tokenUrl);
string clientId = tbRootId.Text;
string clientSecret = tbAPIKey.Text;
try
{
OAuth2Client client = new OAuth2Client(tokenEndpoint, clientId, clientSecret);
var tokenResponse = client.RequestAccessTokenUserName(userName, password, baseScope);
if (tokenResponse != null)
{
tbAccessToken.Visible = true;
string accessToken = tokenResponse.AccessToken;
tbAccessToken.Text = accessToken;
lblLoginStatus.Text = Constant.LOGIN_SUCCESSFUL;
lblLoginStatus.ForeColor = Color.Green;
lblLoginStatus.Visible = true;
idTbToken.Visible = true;
}
}
catch (Exception ex)
{
lblLoginStatus.Text = Constant.LOGIN_ERROR;
lblLoginStatus.ForeColor = Color.Red;
lblLoginStatus.Visible = true;
}
}
}
