public async Task Valid_Code_Request()
{
var client = await _settings.FindClientByIdAsync("codeclient");
var store = new TestAuthorizationCodeStore();
var code = new AuthorizationCode
{
Client = client,
IsOpenId = true,
RedirectUri = new Uri("https://server/cb"),
};
await store.StoreAsync("valid", code);
var validator = ValidatorFactory.CreateTokenValidator(_settings, _logger,
authorizationCodeStore: store,
customRequestValidator: _customRequestValidator);
var parameters = new NameValueCollection();
parameters.Add(Constants.TokenRequest.GrantType, Constants.GrantTypes.AuthorizationCode);
parameters.Add(Constants.TokenRequest.Code, "valid");
parameters.Add(Constants.TokenRequest.RedirectUri, "https://server/cb");
var result = await validator.ValidateRequestAsync(parameters, client);
Assert.IsFalse(result.IsError);
}
public async Task Unknown_Grant_Type()
{
var client = await _settings.FindClientByIdAsync("codeclient");
var store = new TestAuthorizationCodeStore();
var code = new AuthorizationCode
{
Client = client,
IsOpenId = true,
RedirectUri = new Uri("https://server/cb"),
};
await store.StoreAsync("valid", code);
var validator = ValidatorFactory.CreateTokenValidator(_settings, _logger,
authorizationCodeStore: store);
var parameters = new NameValueCollection();
parameters.Add(Constants.TokenRequest.GrantType, "unknown");
parameters.Add(Constants.TokenRequest.Code, "valid");
parameters.Add(Constants.TokenRequest.RedirectUri, "https://server/cb");
var result = await validator.ValidateRequestAsync(parameters, client);
Assert.IsTrue(result.IsError);
Assert.AreEqual(Constants.TokenErrors.UnsupportedGrantType, result.Error);
}
public async Task Parameters_Null()
{
var store = new TestAuthorizationCodeStore();
var validator = ValidatorFactory.CreateTokenValidator(_settings, _logger,
authorizationCodeStore: store);
var result = await validator.ValidateRequestAsync(null, null);
}
public async Task Client_Null()
{
var store = new TestAuthorizationCodeStore();
var validator = ValidatorFactory.CreateTokenValidator(_settings, _logger,
authorizationCodeStore: store);
var parameters = new NameValueCollection();
parameters.Add(Constants.TokenRequest.GrantType, Constants.GrantTypes.AuthorizationCode);
parameters.Add(Constants.TokenRequest.Code, "valid");
parameters.Add(Constants.TokenRequest.RedirectUri, "https://server/cb");
var result = await validator.ValidateRequestAsync(parameters, null);
}
public async Task Client_Trying_To_Request_Token_Using_Another_Clients_Code()
{
var client1 = await _settings.FindClientByIdAsync("codeclient");
var client2 = await _settings.FindClientByIdAsync("codeclient_restricted");
var store = new TestAuthorizationCodeStore();
var code = new AuthorizationCode
{
Client = client1,
IsOpenId = true,
RedirectUri = new Uri("https://server/cb"),
};
await store.StoreAsync("valid", code);
var validator = ValidatorFactory.CreateTokenValidator(_settings, _logger,
authorizationCodeStore: store);
var parameters = new NameValueCollection();
parameters.Add(Constants.TokenRequest.GrantType, Constants.GrantTypes.AuthorizationCode);
parameters.Add(Constants.TokenRequest.Code, "valid");
parameters.Add(Constants.TokenRequest.RedirectUri, "https://server/cb");
var result = await validator.ValidateRequestAsync(parameters, client2);
Assert.IsTrue(result.IsError);
Assert.AreEqual(Constants.TokenErrors.InvalidGrant, result.Error);
}
