public async Task Expired_RefreshToken()
{
var refreshToken = new RefreshToken
{
AccessToken = new Token("access_token") { Client = new Client() { ClientId = "roclient" } },
LifeTime = 10,
CreationTime = DateTimeOffset.UtcNow.AddSeconds(-15)
};
var handle = Guid.NewGuid().ToString();
var store = new InMemoryRefreshTokenStore();
await store.StoreAsync(handle, refreshToken);
var client = await _clients.FindClientByIdAsync("roclient");
var validator = Factory.CreateTokenRequestValidator(
refreshTokens: store);
var parameters = new NameValueCollection();
parameters.Add(OidcConstants.TokenRequest.GrantType, "refresh_token");
parameters.Add(OidcConstants.TokenRequest.RefreshToken, handle);
var result = await validator.ValidateRequestAsync(parameters, client);
result.IsError.Should().BeTrue();
result.Error.Should().Be(OidcConstants.TokenErrors.InvalidGrant);
}
public async Task Client_has_no_OfflineAccess_Scope_anymore_at_RefreshToken_Request()
{
var refreshToken = new RefreshToken
{
AccessToken = new Token("access_token")
{
Client = new Client
{
ClientId = "roclient_restricted"
},
},
LifeTime = 600,
CreationTime = DateTimeOffset.UtcNow
};
var handle = Guid.NewGuid().ToString();
var store = new InMemoryRefreshTokenStore();
await store.StoreAsync(handle, refreshToken);
var client = await _clients.FindClientByIdAsync("roclient_restricted");
var validator = Factory.CreateTokenRequestValidator(
refreshTokens: store);
var parameters = new NameValueCollection();
parameters.Add(Constants.TokenRequest.GrantType, "refresh_token");
parameters.Add(Constants.TokenRequest.RefreshToken, handle);
var result = await validator.ValidateRequestAsync(parameters, client);
result.IsError.Should().BeTrue();
result.Error.Should().Be(Constants.TokenErrors.InvalidGrant);
}
