public async Task ThrottledRequests_WithAllowedFailuresAndBadRequestResponse_ShouldThrottleRequestsAboveThreshold() { const int numberOfAllowedLoginFailures = 3; using (var server = new IdentityServerWithThrottledLoginRequests() .WithNumberOfAllowedLoginFailures(numberOfAllowedLoginFailures) .WithRequestsThrottledAsBadRequest() .WithProtectedGrantType("password").Build()) { const int numberOfFailedLoginAttemptsThatExceedThreshold = numberOfAllowedLoginFailures + 1; for (var attempt = 1; attempt <= numberOfFailedLoginAttemptsThatExceedThreshold; ++attempt) { await server.CreateNativeLoginRequest() .WithUsername("jeuser") .WithPassword("Passw0rd123") .Build() .PostAsync(); } var response = await server.CreateNativeLoginRequest() .WithUsername("jeuser") .WithPassword("Passw0rd123") .Build() .PostAsync(); response.StatusCode.Should().Be(HttpStatusCode.BadRequest); var tokenResponse = await response.Content.ReadAsAsync <IdentityServerBadRequestChallengeResource>(); tokenResponse.Message.Should().Be("Too many connections"); } }
public async Task ThrottledRequests_WithZeroAllowedFailures_ShouldAllowLogins() { using (var server = new IdentityServerWithThrottledLoginRequests() .WithNumberOfAllowedLoginFailures(0).Build()) { var response = await server.CreateNativeLoginRequest() .WithUsername("jeuser") .WithPassword("Passw0rd") .Build() .PostAsync(); response.StatusCode.Should().Be(HttpStatusCode.OK); var tokenResponse = await response.Content.ReadAsAsync <TokenResponseModel>(); tokenResponse.AccessToken.Should().NotBeNullOrEmpty(); } }
public async Task ThrottledRequestsWithMissingGrantType_WithZeroAllowedFailures_ShouldFailOnLoginFailures() { using (var server = new IdentityServerWithThrottledLoginRequests() .WithNumberOfAllowedLoginFailures(0).Build()) { var response = await server.CreateNativeLoginRequest() .WithUsername("jeuser") .WithPassword("Passw0rd123") .Build() .PostAsync(); response.StatusCode.Should().Be(HttpStatusCode.BadRequest); var tokenFailureResponse = await response.Content.ReadAsAsync <TokenFailureResponseModel>(); tokenFailureResponse.Error.Should().Be("invalid_grant"); } }
public async Task ThrottledRequests_WithAllowedFailures_ShouldAllowFailuresBelowThreshold() { const int numberOfAllowedLoginFailures = 3; using (var server = new IdentityServerWithThrottledLoginRequests() .WithNumberOfAllowedLoginFailures(numberOfAllowedLoginFailures) .WithProtectedGrantType("password").Build()) { for (var attempt = 1; attempt <= numberOfAllowedLoginFailures; ++attempt) { var response = await server.CreateNativeLoginRequest() .WithUsername("jeuser") .WithPassword("Passw0rd123") .Build() .PostAsync(); response.StatusCode.Should().Be(HttpStatusCode.BadRequest); var tokenFailureResponse = await response.Content.ReadAsAsync <TokenFailureResponseModel>(); tokenFailureResponse.Error.Should().Be("invalid_grant"); } } }