コード例 #1
0
        public async Task ResourceOwnerPasswordCredentialGrant(bool anonymousClient)
        {
            var authHostMock = CreateAuthorizationServerMock();

            if (anonymousClient)
            {
                authHostMock.Setup(
                    m =>
                    m.IsAuthorizationValid(
                        It.Is <IAuthorizationDescription>(
                            d =>
                            d.ClientIdentifier == null && d.User == ResourceOwnerUsername &&
                            MessagingUtilities.AreEquivalent(d.Scope, TestScopes)))).Returns(true);
            }

            Handle(AuthorizationServerDescription.TokenEndpoint).By(async(req, ct) => {
                var server = new AuthorizationServer(authHostMock.Object);
                return(await server.HandleTokenRequestAsync(req, ct));
            });

            var client = new WebServerClient(AuthorizationServerDescription, ClientId, ClientSecret, this.HostFactories);

            if (anonymousClient)
            {
                client.ClientIdentifier = null;
            }

            var authState = await client.ExchangeUserCredentialForTokenAsync(ResourceOwnerUsername, ResourceOwnerPassword, TestScopes);

            Assert.That(authState.AccessToken, Is.Not.Null.And.Not.Empty);
            Assert.That(authState.RefreshToken, Is.Not.Null.And.Not.Empty);
        }
コード例 #2
0
        public async Task ClientCredentialScopeOverride()
        {
            var clientRequestedScopes  = new[] { "scope1", "scope2" };
            var serverOverriddenScopes = new[] { "scope1", "differentScope" };
            var authServerMock         = CreateAuthorizationServerMock();

            authServerMock
            .Setup(a => a.CheckAuthorizeClientCredentialsGrant(It.IsAny <IAccessTokenRequest>()))
            .Returns <IAccessTokenRequest>(req => {
                var response = new AutomatedAuthorizationCheckResponse(req, true);
                response.ApprovedScope.Clear();
                response.ApprovedScope.UnionWith(serverOverriddenScopes);
                return(response);
            });

            Handle(AuthorizationServerDescription.TokenEndpoint).By(
                async(req, ct) => {
                var server = new AuthorizationServer(authServerMock.Object);
                return(await server.HandleTokenRequestAsync(req, ct));
            });

            var client = new WebServerClient(AuthorizationServerDescription, ClientId, ClientSecret, this.HostFactories);
            var result = await client.GetClientAccessTokenAsync(clientRequestedScopes);

            Assert.That(result.AccessToken, Is.Not.Null.And.Not.Empty);
            Assert.That(result.Scope, Is.EquivalentTo(serverOverriddenScopes));
        }
コード例 #3
0
        public async Task GetClientAccessTokenReturnsApprovedScope()
        {
            string[] approvedScopes = new[] { "Scope2", "Scope3" };
            var      authServer     = CreateAuthorizationServerMock();

            authServer.Setup(
                a => a.IsAuthorizationValid(It.Is <IAuthorizationDescription>(d => d.User == null && d.ClientIdentifier == ClientId && MessagingUtilities.AreEquivalent(d.Scope, TestScopes))))
            .Returns(true);
            authServer.Setup(
                a => a.CheckAuthorizeClientCredentialsGrant(It.Is <IAccessTokenRequest>(d => d.ClientIdentifier == ClientId && MessagingUtilities.AreEquivalent(d.Scope, TestScopes))))
            .Returns <IAccessTokenRequest>(req => {
                var response = new AutomatedAuthorizationCheckResponse(req, true);
                response.ApprovedScope.ResetContents(approvedScopes);
                return(response);
            });
            Handle(AuthorizationServerDescription.TokenEndpoint).By(
                async(req, ct) => {
                var server = new AuthorizationServer(authServer.Object);
                return(await server.HandleTokenRequestAsync(req, ct));
            });

            var client    = new WebServerClient(AuthorizationServerDescription, ClientId, ClientSecret, this.HostFactories);
            var authState = await client.GetClientAccessTokenAsync(TestScopes);

            Assert.That(authState.Scope, Is.EquivalentTo(approvedScopes));
        }
コード例 #4
0
        private async Task <string> ObtainValidAccessTokenAsync()
        {
            string accessToken = null;
            var    authServer  = CreateAuthorizationServerMock();

            authServer.Setup(
                a => a.IsAuthorizationValid(It.Is <IAuthorizationDescription>(d => d.User == null && d.ClientIdentifier == ClientId && MessagingUtilities.AreEquivalent(d.Scope, TestScopes))))
            .Returns(true);
            authServer.Setup(
                a => a.CheckAuthorizeClientCredentialsGrant(It.Is <IAccessTokenRequest>(d => d.ClientIdentifier == ClientId && MessagingUtilities.AreEquivalent(d.Scope, TestScopes))))
            .Returns <IAccessTokenRequest>(req => new AutomatedAuthorizationCheckResponse(req, true));

            Handle(AuthorizationServerDescription.TokenEndpoint).By(
                async(req, ct) => {
                var server = new AuthorizationServer(authServer.Object);
                return(await server.HandleTokenRequestAsync(req, ct));
            });

            var client    = new WebServerClient(AuthorizationServerDescription, ClientId, ClientSecret, this.HostFactories);
            var authState = await client.GetClientAccessTokenAsync(TestScopes);

            Assert.That(authState.AccessToken, Is.Not.Null.And.Not.Empty);
            Assert.That(authState.RefreshToken, Is.Null);
            accessToken = authState.AccessToken;

            return(accessToken);
        }
コード例 #5
0
        public async Task ResourceOwnerScopeOverride()
        {
            var clientRequestedScopes  = new[] { "scope1", "scope2" };
            var serverOverriddenScopes = new[] { "scope1", "differentScope" };
            var authServerMock         = CreateAuthorizationServerMock();

            authServerMock
            .Setup(a => a.CheckAuthorizeResourceOwnerCredentialGrant(ResourceOwnerUsername, ResourceOwnerPassword, It.IsAny <IAccessTokenRequest>()))
            .Returns <string, string, IAccessTokenRequest>((un, pw, req) => {
                var response = new AutomatedUserAuthorizationCheckResponse(req, true, ResourceOwnerUsername);
                response.ApprovedScope.Clear();
                response.ApprovedScope.UnionWith(serverOverriddenScopes);
                return(response);
            });

            Handle(AuthorizationServerDescription.TokenEndpoint).By(
                async(req, ct) => {
                var server = new AuthorizationServer(authServerMock.Object);
                return(await server.HandleTokenRequestAsync(req, ct));
            });

            var client = new WebServerClient(AuthorizationServerDescription, hostFactories: this.HostFactories);
            var result = await client.ExchangeUserCredentialForTokenAsync(ResourceOwnerUsername, ResourceOwnerPassword, clientRequestedScopes);

            Assert.That(result.Scope, Is.EquivalentTo(serverOverriddenScopes));
        }
コード例 #6
0
        public async Task <ActionResult> Token()
        {
            var response = await authorizationServer.HandleTokenRequestAsync(Request);

            Response.ContentType = response.Content.Headers.ContentType.ToString();
            return(response.AsActionResult());
        }
コード例 #7
0
        public async Task <ActionResult> Token()
        {
            var request = await _authorizationServer.HandleTokenRequestAsync(Request, Response.ClientDisconnectedToken);

            Response.ContentType = request.Content.Headers.ContentType.ToString();
            return(request.AsActionResult());
        }
コード例 #8
0
        public async Task DecodeRefreshToken()
        {
            var refreshTokenSource = new TaskCompletionSource <string>();

            Handle(AuthorizationServerDescription.AuthorizationEndpoint).By(
                async(req, ct) => {
                var server  = new AuthorizationServer(AuthorizationServerMock);
                var request = await server.ReadAuthorizationRequestAsync(req, ct);
                Assert.That(request, Is.Not.Null);
                var response = server.PrepareApproveAuthorizationRequest(request, ResourceOwnerUsername);
                return(await server.Channel.PrepareResponseAsync(response));
            });
            Handle(AuthorizationServerDescription.TokenEndpoint).By(
                async(req, ct) => {
                var server        = new AuthorizationServer(AuthorizationServerMock);
                var response      = await server.HandleTokenRequestAsync(req, ct);
                var authorization = server.DecodeRefreshToken(refreshTokenSource.Task.Result);
                Assert.That(authorization, Is.Not.Null);
                Assert.That(authorization.User, Is.EqualTo(ResourceOwnerUsername));
                return(response);
            });

            var client = new WebServerClient(AuthorizationServerDescription);

            try {
                var authState = new AuthorizationState(TestScopes)
                {
                    Callback = ClientCallback,
                };
                var authRedirectResponse = await client.PrepareRequestUserAuthorizationAsync(authState);

                this.HostFactories.CookieContainer.SetCookies(authRedirectResponse, ClientCallback);
                Uri authCompleteUri;
                using (var httpClient = this.HostFactories.CreateHttpClient()) {
                    using (var response = await httpClient.GetAsync(authRedirectResponse.Headers.Location)) {
                        response.EnsureSuccessStatusCode();
                        authCompleteUri = response.Headers.Location;
                    }
                }

                var authCompleteRequest = new HttpRequestMessage(HttpMethod.Get, authCompleteUri);
                this.HostFactories.CookieContainer.ApplyCookies(authCompleteRequest);
                var result = await client.ProcessUserAuthorizationAsync(authCompleteRequest);

                Assert.That(result.AccessToken, Is.Not.Null.And.Not.Empty);
                Assert.That(result.RefreshToken, Is.Not.Null.And.Not.Empty);
                refreshTokenSource.SetResult(result.RefreshToken);
            } catch {
                refreshTokenSource.TrySetCanceled();
            }
        }
コード例 #9
0
        public async Task CreateAccessTokenSeesAuthorizingUserAuthorizationCodeGrant()
        {
            var authServerMock = CreateAuthorizationServerMock();

            authServerMock
            .Setup(a => a.IsAuthorizationValid(It.IsAny <IAuthorizationDescription>()))
            .Returns <IAuthorizationDescription>(req => {
                Assert.That(req.User, Is.EqualTo(ResourceOwnerUsername));
                return(true);
            });

            Handle(AuthorizationServerDescription.AuthorizationEndpoint).By(
                async(req, ct) => {
                var server  = new AuthorizationServer(authServerMock.Object);
                var request = await server.ReadAuthorizationRequestAsync(req, ct);
                Assert.That(request, Is.Not.Null);
                var response = server.PrepareApproveAuthorizationRequest(request, ResourceOwnerUsername);
                return(await server.Channel.PrepareResponseAsync(response));
            });
            Handle(AuthorizationServerDescription.TokenEndpoint).By(
                async(req, ct) => {
                var server = new AuthorizationServer(authServerMock.Object);
                return(await server.HandleTokenRequestAsync(req, ct));
            });

            var client    = new WebServerClient(AuthorizationServerDescription, ClientId, ClientSecret, this.HostFactories);
            var authState = new AuthorizationState(TestScopes)
            {
                Callback = ClientCallback,
            };
            var authRedirectResponse = await client.PrepareRequestUserAuthorizationAsync(authState);

            this.HostFactories.CookieContainer.SetCookies(authRedirectResponse, ClientCallback);
            Uri authCompleteUri;

            this.HostFactories.AllowAutoRedirects = false;
            using (var httpClient = this.HostFactories.CreateHttpClient()) {
                using (var response = await httpClient.GetAsync(authRedirectResponse.Headers.Location)) {
                    Assert.That(response.StatusCode, Is.EqualTo(HttpStatusCode.Redirect));
                    authCompleteUri = response.Headers.Location;
                }
            }

            var authCompleteRequest = new HttpRequestMessage(HttpMethod.Get, authCompleteUri);

            this.HostFactories.CookieContainer.ApplyCookies(authCompleteRequest);
            var result = await client.ProcessUserAuthorizationAsync(authCompleteRequest);

            Assert.That(result.AccessToken, Is.Not.Null.And.Not.Empty);
            Assert.That(result.RefreshToken, Is.Not.Null.And.Not.Empty);
        }
コード例 #10
0
        public ActionResult Token()
        {
            HttpResponseMessage request = null;

            try
            {
                request = m_AuthorizationServer.HandleTokenRequestAsync(this.Request, this.Response.ClientDisconnectedToken);
            }
            catch (Exception ex)
            {
                throw ex;
            }
            Response.ContentType = request.Content.Headers.ContentType.ToString();
            return(request.AsActionResult());
        }
コード例 #11
0
        public async Task ErrorResponseTest()
        {
            Handle(AuthorizationServerDescription.TokenEndpoint).By(
                async(req, ct) => {
                var server = new AuthorizationServer(AuthorizationServerMock);
                return(await server.HandleTokenRequestAsync(req, ct));
            });
            var request = new AccessTokenAuthorizationCodeRequestC(AuthorizationServerDescription)
            {
                ClientIdentifier = ClientId, ClientSecret = ClientSecret, AuthorizationCode = "foo"
            };
            var client   = new UserAgentClient(AuthorizationServerDescription, hostFactories: this.HostFactories);
            var response = await client.Channel.RequestAsync <AccessTokenFailedResponse>(request, CancellationToken.None);

            Assert.That(response.Error, Is.Not.Null.And.Not.Empty);
            Assert.That(response.Error, Is.EqualTo(Protocol.AccessTokenRequestErrorCodes.InvalidRequest));
        }
コード例 #12
0
        public async Task AuthorizationCodeGrant()
        {
            Handle(AuthorizationServerDescription.AuthorizationEndpoint).By(
                async(req, ct) => {
                var server  = new AuthorizationServer(AuthorizationServerMock);
                var request = await server.ReadAuthorizationRequestAsync(req, ct);
                Assert.That(request, Is.Not.Null);
                var response = server.PrepareApproveAuthorizationRequest(request, ResourceOwnerUsername);
                return(await server.Channel.PrepareResponseAsync(response, ct));
            });
            Handle(AuthorizationServerDescription.TokenEndpoint).By(
                async(req, ct) => {
                var server = new AuthorizationServer(AuthorizationServerMock);
                return(await server.HandleTokenRequestAsync(req, ct));
            });
            {
                var client    = new UserAgentClient(AuthorizationServerDescription, ClientId, ClientSecret, this.HostFactories);
                var authState = new AuthorizationState(TestScopes)
                {
                    Callback = ClientCallback,
                };
                var request = client.PrepareRequestUserAuthorization(authState);
                Assert.AreEqual(EndUserAuthorizationResponseType.AuthorizationCode, request.ResponseType);
                var authRequestRedirect = await client.Channel.PrepareResponseAsync(request);

                Uri authRequestResponse;
                this.HostFactories.AllowAutoRedirects = false;
                using (var httpClient = this.HostFactories.CreateHttpClient()) {
                    using (var httpResponse = await httpClient.GetAsync(authRequestRedirect.Headers.Location)) {
                        authRequestResponse = httpResponse.Headers.Location;
                    }
                }
                var incoming =
                    await
                    client.Channel.ReadFromRequestAsync(
                        new HttpRequestMessage(HttpMethod.Get, authRequestResponse), CancellationToken.None);

                var result = await client.ProcessUserAuthorizationAsync(authState, incoming, CancellationToken.None);

                Assert.That(result.AccessToken, Is.Not.Null.And.Not.Empty);
                Assert.That(result.RefreshToken, Is.Not.Null.And.Not.Empty);
            }
        }
コード例 #13
0
        public async Task CreateAccessTokenSeesAuthorizingUserClientCredentialGrant()
        {
            var authServerMock = CreateAuthorizationServerMock();

            authServerMock
            .Setup(a => a.CheckAuthorizeClientCredentialsGrant(It.IsAny <IAccessTokenRequest>()))
            .Returns <IAccessTokenRequest>(req => {
                Assert.That(req.UserName, Is.Null);
                return(new AutomatedAuthorizationCheckResponse(req, true));
            });

            Handle(AuthorizationServerDescription.TokenEndpoint).By(
                async(req, ct) => {
                var server = new AuthorizationServer(authServerMock.Object);
                return(await server.HandleTokenRequestAsync(req, ct));
            });

            var client = new WebServerClient(AuthorizationServerDescription, ClientId, ClientSecret, this.HostFactories);
            var result = await client.GetClientAccessTokenAsync(TestScopes);

            Assert.That(result.AccessToken, Is.Not.Null);
        }
コード例 #14
0
        public async Task CreateAccessTokenSeesAuthorizingUserResourceOwnerGrant()
        {
            var authServerMock = CreateAuthorizationServerMock();

            authServerMock
            .Setup(a => a.CheckAuthorizeResourceOwnerCredentialGrant(ResourceOwnerUsername, ResourceOwnerPassword, It.IsAny <IAccessTokenRequest>()))
            .Returns <string, string, IAccessTokenRequest>((un, pw, req) => {
                var response = new AutomatedUserAuthorizationCheckResponse(req, true, ResourceOwnerUsername);
                Assert.That(req.UserName, Is.EqualTo(ResourceOwnerUsername));
                return(response);
            });

            Handle(AuthorizationServerDescription.TokenEndpoint).By(
                async(req, ct) => {
                var server = new AuthorizationServer(authServerMock.Object);
                return(await server.HandleTokenRequestAsync(req, ct));
            });

            var client = new WebServerClient(AuthorizationServerDescription, hostFactories: this.HostFactories);
            var result = await client.ExchangeUserCredentialForTokenAsync(ResourceOwnerUsername, ResourceOwnerPassword, TestScopes);

            Assert.That(result.AccessToken, Is.Not.Null);
        }
コード例 #15
0
        public async Task <HttpResponseMessage> Create()
        {
            var response = await authorizationServer.HandleTokenRequestAsync(Request);

            return(response);
        }
コード例 #16
0
        // POST /api/token
        public Task <HttpResponseMessage> Post(HttpRequestMessage request)
        {
            var authServer = new AuthorizationServer(new AuthorizationServerHost());

            return(authServer.HandleTokenRequestAsync(request));
        }