public static ResponseToken GenerateToken(RefreshTokenBase source, string key, int?expires = null, string issuer = null, string audience = null, DateTime?notBefore = null)
{
var symmetricSecurityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(key));
var creds = new SigningCredentials(symmetricSecurityKey, SecurityAlgorithms.HmacSha512);
DateTime?expiresDate = null;
if (expires != null)
{
expiresDate = DateTime.Now.AddSeconds((int)expires);
}
var token = new JwtSecurityToken(issuer,
audience,
claims: GenerateClaims(source, source.GetType()),
expires: expiresDate,
signingCredentials: creds);
var response = new ResponseToken
{
AccessToken = new JwtSecurityTokenHandler().WriteToken(token),
TokenType = "bearer",
ExpiresIn = expires.ToString(),
RefreshToken = source.RefreshToken
};
return(response);
}
static InMemoryTokenRepository()
{
RefreshTokenRepo["refresh"] = new RefreshTokenBase
{
ClientId = "12345",
Scope = new string[] { "create", "view", "delete" },
Token = "refresh"
};
}
public void TestExchangingRefreshTokenForWrongClient()
{
ClientBase client = new ClientBase {
ClientId = "id", ClientSecret = "secret"
};
TokenContext context = new TokenContext
{
RefreshToken = "refresh_token",
Client = new ClientBase {
ClientId = "id"
},
ResourceOwnerUsername = "******"
};
RefreshTokenBase refreshToken = new RefreshTokenBase
{
ClientId = "123",
Scope = new string[] { "create", "delete" },
Token = "refresh_token"
};
Mock <IClientService> mckClientService = new Mock <IClientService>();
mckClientService.Setup(x => x.AuthenticateClient(context)).Returns(true);
mckClientService.Setup(x => x.FindClient("id")).Returns(client);
Mock <ITokenService> mckTokenService = new Mock <ITokenService>();
mckTokenService.Setup(x => x.FindRefreshToken("refresh_token")).Returns(refreshToken);
Mock <IServiceFactory> mckFactory = new Mock <IServiceFactory>();
mckFactory.SetupGet(x => x.ClientService).Returns(mckClientService.Object);
mckFactory.SetupGet(x => x.TokenService).Returns(mckTokenService.Object);
RefreshTokenProcessor processor = new RefreshTokenProcessor(mckFactory.Object);
try
{
processor.Process(context);
Assert.Fail("no exception trhown");
}
catch (OAuthErrorResponseException <IOAuthContext> x)
{
Assert.AreEqual(Parameters.ErrorParameters.ErrorValues.InvalidClient, x.Error);
}
catch (Exception x)
{
Assert.Fail("unexpected exception: " + x.Message);
}
mckFactory.VerifyAll();
mckClientService.VerifyAll();
mckTokenService.VerifyAll();
}
public IToken IssueAccessToken(RefreshTokenBase refreshToken)
{
AccessToken token = new AccessToken
{
ExpiresIn = 120,
Token = Guid.NewGuid().ToString(),
RefreshToken = refreshToken.Token,
Scope = refreshToken.Scope,
TokenType = "bearer"
};
TokenRepo.AddAccessToken(token);
return(token);
}
public void TestExchangingRefreshTokenForAccessToken()
{
ClientBase client = new ClientBase {
ClientId = "id", ClientSecret = "secret"
};
AccessTokenBase token = new AccessTokenBase {
ExpiresIn = 120,
RefreshToken = "refresh_token",
Token = "new-token",
TokenType = Parameters.AccessTokenTypeValues.Bearer
};
TokenContext context = new TokenContext
{
RefreshToken = "refresh_token",
Client = client,
ResourceOwnerUsername = "******"
};
RefreshTokenBase refreshToken = new RefreshTokenBase
{
ClientId = "id",
Scope = new string[] { "create", "delete" },
Token = "refresh_token"
};
Mock <IClientService> mckClientService = new Mock <IClientService>();
mckClientService.Setup(x => x.AuthenticateClient(context)).Returns(true);
mckClientService.Setup(x => x.FindClient("id")).Returns(client);
Mock <ITokenService> mckTokenService = new Mock <ITokenService>();
mckTokenService.Setup(x => x.FindRefreshToken("refresh_token")).Returns(refreshToken);
mckTokenService.Setup(x => x.IssueAccessToken(refreshToken)).Returns(token);
Mock <IServiceFactory> mckFactory = new Mock <IServiceFactory>();
mckFactory.SetupGet(x => x.ClientService).Returns(mckClientService.Object);
mckFactory.SetupGet(x => x.TokenService).Returns(mckTokenService.Object);
RefreshTokenProcessor processor = new RefreshTokenProcessor(mckFactory.Object);
processor.Process(context);
Assert.AreEqual(token, context.Token);
mckFactory.VerifyAll();
mckClientService.VerifyAll();
mckTokenService.VerifyAll();
}
public override void Process(ITokenContext context)
{
if (!ServiceFactory.ClientService.AuthenticateClient(context))
{
throw Errors.UnauthorizedClient(context, context.Client);
}
ClientBase client = ServiceFactory.ClientService.FindClient(context.Client.ClientId);
RefreshTokenBase refreshToken = ServiceFactory.TokenService.FindRefreshToken(context.RefreshToken);
if (refreshToken == null)
{
throw Errors.InvalidRequestException(context, Parameters.RefreshToken);
}
if (refreshToken.ClientId != context.Client.ClientId)
{
throw Errors.InvalidClient(context);
}
context.Token = ServiceFactory.TokenService.IssueAccessToken(refreshToken);
}
