public async Task ResourceOwnerPasswordCredentialGrant(bool anonymousClient)
{
var authHostMock = CreateAuthorizationServerMock();
if (anonymousClient)
{
authHostMock.Setup(
m =>
m.IsAuthorizationValid(
It.Is <IAuthorizationDescription>(
d =>
d.ClientIdentifier == null && d.User == ResourceOwnerUsername &&
MessagingUtilities.AreEquivalent(d.Scope, TestScopes)))).Returns(true);
}
Handle(AuthorizationServerDescription.TokenEndpoint).By(async(req, ct) => {
var server = new AuthorizationServer(authHostMock.Object);
return(await server.HandleTokenRequestAsync(req, ct));
});
var client = new WebServerClient(AuthorizationServerDescription, ClientId, ClientSecret, this.HostFactories);
if (anonymousClient)
{
client.ClientIdentifier = null;
}
var authState = await client.ExchangeUserCredentialForTokenAsync(ResourceOwnerUsername, ResourceOwnerPassword, TestScopes);
Assert.That(authState.AccessToken, Is.Not.Null.And.Not.Empty);
Assert.That(authState.RefreshToken, Is.Not.Null.And.Not.Empty);
}
public async Task ResourceOwnerScopeOverride()
{
var clientRequestedScopes = new[] { "scope1", "scope2" };
var serverOverriddenScopes = new[] { "scope1", "differentScope" };
var authServerMock = CreateAuthorizationServerMock();
authServerMock
.Setup(a => a.CheckAuthorizeResourceOwnerCredentialGrant(ResourceOwnerUsername, ResourceOwnerPassword, It.IsAny <IAccessTokenRequest>()))
.Returns <string, string, IAccessTokenRequest>((un, pw, req) => {
var response = new AutomatedUserAuthorizationCheckResponse(req, true, ResourceOwnerUsername);
response.ApprovedScope.Clear();
response.ApprovedScope.UnionWith(serverOverriddenScopes);
return(response);
});
Handle(AuthorizationServerDescription.TokenEndpoint).By(
async(req, ct) => {
var server = new AuthorizationServer(authServerMock.Object);
return(await server.HandleTokenRequestAsync(req, ct));
});
var client = new WebServerClient(AuthorizationServerDescription, hostFactories: this.HostFactories);
var result = await client.ExchangeUserCredentialForTokenAsync(ResourceOwnerUsername, ResourceOwnerPassword, clientRequestedScopes);
Assert.That(result.Scope, Is.EquivalentTo(serverOverriddenScopes));
}
public async Task CreateAccessTokenSeesAuthorizingUserResourceOwnerGrant()
{
var authServerMock = CreateAuthorizationServerMock();
authServerMock
.Setup(a => a.CheckAuthorizeResourceOwnerCredentialGrant(ResourceOwnerUsername, ResourceOwnerPassword, It.IsAny <IAccessTokenRequest>()))
.Returns <string, string, IAccessTokenRequest>((un, pw, req) => {
var response = new AutomatedUserAuthorizationCheckResponse(req, true, ResourceOwnerUsername);
Assert.That(req.UserName, Is.EqualTo(ResourceOwnerUsername));
return(response);
});
Handle(AuthorizationServerDescription.TokenEndpoint).By(
async(req, ct) => {
var server = new AuthorizationServer(authServerMock.Object);
return(await server.HandleTokenRequestAsync(req, ct));
});
var client = new WebServerClient(AuthorizationServerDescription, hostFactories: this.HostFactories);
var result = await client.ExchangeUserCredentialForTokenAsync(ResourceOwnerUsername, ResourceOwnerPassword, TestScopes);
Assert.That(result.AccessToken, Is.Not.Null);
}
