public async Task GetClientAccessTokenReturnsApprovedScope()
{
string[] approvedScopes = new[] { "Scope2", "Scope3" };
var authServer = CreateAuthorizationServerMock();
authServer.Setup(
a => a.IsAuthorizationValid(It.Is <IAuthorizationDescription>(d => d.User == null && d.ClientIdentifier == ClientId && MessagingUtilities.AreEquivalent(d.Scope, TestScopes))))
.Returns(true);
authServer.Setup(
a => a.CheckAuthorizeClientCredentialsGrant(It.Is <IAccessTokenRequest>(d => d.ClientIdentifier == ClientId && MessagingUtilities.AreEquivalent(d.Scope, TestScopes))))
.Returns <IAccessTokenRequest>(req => {
var response = new AutomatedAuthorizationCheckResponse(req, true);
response.ApprovedScope.ResetContents(approvedScopes);
return(response);
});
Handle(AuthorizationServerDescription.TokenEndpoint).By(
async(req, ct) => {
var server = new AuthorizationServer(authServer.Object);
return(await server.HandleTokenRequestAsync(req, ct));
});
var client = new WebServerClient(AuthorizationServerDescription, ClientId, ClientSecret, this.HostFactories);
var authState = await client.GetClientAccessTokenAsync(TestScopes);
Assert.That(authState.Scope, Is.EquivalentTo(approvedScopes));
}
private async Task <string> ObtainValidAccessTokenAsync()
{
string accessToken = null;
var authServer = CreateAuthorizationServerMock();
authServer.Setup(
a => a.IsAuthorizationValid(It.Is <IAuthorizationDescription>(d => d.User == null && d.ClientIdentifier == ClientId && MessagingUtilities.AreEquivalent(d.Scope, TestScopes))))
.Returns(true);
authServer.Setup(
a => a.CheckAuthorizeClientCredentialsGrant(It.Is <IAccessTokenRequest>(d => d.ClientIdentifier == ClientId && MessagingUtilities.AreEquivalent(d.Scope, TestScopes))))
.Returns <IAccessTokenRequest>(req => new AutomatedAuthorizationCheckResponse(req, true));
Handle(AuthorizationServerDescription.TokenEndpoint).By(
async(req, ct) => {
var server = new AuthorizationServer(authServer.Object);
return(await server.HandleTokenRequestAsync(req, ct));
});
var client = new WebServerClient(AuthorizationServerDescription, ClientId, ClientSecret, this.HostFactories);
var authState = await client.GetClientAccessTokenAsync(TestScopes);
Assert.That(authState.AccessToken, Is.Not.Null.And.Not.Empty);
Assert.That(authState.RefreshToken, Is.Null);
accessToken = authState.AccessToken;
return(accessToken);
}
public async Task ClientCredentialScopeOverride()
{
var clientRequestedScopes = new[] { "scope1", "scope2" };
var serverOverriddenScopes = new[] { "scope1", "differentScope" };
var authServerMock = CreateAuthorizationServerMock();
authServerMock
.Setup(a => a.CheckAuthorizeClientCredentialsGrant(It.IsAny <IAccessTokenRequest>()))
.Returns <IAccessTokenRequest>(req => {
var response = new AutomatedAuthorizationCheckResponse(req, true);
response.ApprovedScope.Clear();
response.ApprovedScope.UnionWith(serverOverriddenScopes);
return(response);
});
Handle(AuthorizationServerDescription.TokenEndpoint).By(
async(req, ct) => {
var server = new AuthorizationServer(authServerMock.Object);
return(await server.HandleTokenRequestAsync(req, ct));
});
var client = new WebServerClient(AuthorizationServerDescription, ClientId, ClientSecret, this.HostFactories);
var result = await client.GetClientAccessTokenAsync(clientRequestedScopes);
Assert.That(result.AccessToken, Is.Not.Null.And.Not.Empty);
Assert.That(result.Scope, Is.EquivalentTo(serverOverriddenScopes));
}
protected async void Button1_Click(object sender, EventArgs e)
{
var authServer = new AuthorizationServerDescription()
{
TokenEndpoint = new Uri("http://localhost:53022/OAuth/token "),
ProtocolVersion = ProtocolVersion.V20
};
WebServerClient Client = new WebServerClient(authServer, "idefav", "1");
var code = await Client.GetClientAccessTokenAsync(new string[] { "http://localhost:55045/IService1/DoWork" });
string token = code.AccessToken;
Service1Reference.Service1Client service1Client = new Service1Client();
var httpRequest = (HttpWebRequest)WebRequest.Create(service1Client.Endpoint.Address.Uri);
ClientBase.AuthorizeRequest(httpRequest, token);
var httpDetails = new HttpRequestMessageProperty();
httpDetails.Headers[HttpRequestHeader.Authorization] = httpRequest.Headers[HttpRequestHeader.Authorization];
using (var scope = new OperationContextScope(service1Client.InnerChannel))
{
if (OperationContext.Current.OutgoingMessageProperties.ContainsKey(HttpRequestMessageProperty.Name))
{
OperationContext.Current.OutgoingMessageProperties[HttpRequestMessageProperty.Name] = httpDetails;
}
else
{
OperationContext.Current.OutgoingMessageProperties.Add(HttpRequestMessageProperty.Name, httpDetails);
}
Button1.Text = service1Client.DoWork();
}
}
public async Task CreateAccessTokenSeesAuthorizingUserClientCredentialGrant()
{
var authServerMock = CreateAuthorizationServerMock();
authServerMock
.Setup(a => a.CheckAuthorizeClientCredentialsGrant(It.IsAny <IAccessTokenRequest>()))
.Returns <IAccessTokenRequest>(req => {
Assert.That(req.UserName, Is.Null);
return(new AutomatedAuthorizationCheckResponse(req, true));
});
Handle(AuthorizationServerDescription.TokenEndpoint).By(
async(req, ct) => {
var server = new AuthorizationServer(authServerMock.Object);
return(await server.HandleTokenRequestAsync(req, ct));
});
var client = new WebServerClient(AuthorizationServerDescription, ClientId, ClientSecret, this.HostFactories);
var result = await client.GetClientAccessTokenAsync(TestScopes);
Assert.That(result.AccessToken, Is.Not.Null);
}
