private static PersistedGrantService CreateSut() { var authorizationCodeStoreMock = new Mock <IAdminStore <Entity.AuthorizationCode> >(); var userConsentStoreMock = new Mock <IAdminStore <Entity.UserConsent> >(); var refreshTokenStoreMock = new Mock <IAdminStore <Entity.RefreshToken> >(); var referenceTokenStoreMock = new Mock <IAdminStore <Entity.ReferenceToken> >(); var serializer = new PersistentGrantSerializer(); var sut = new PersistedGrantService(authorizationCodeStoreMock.Object, userConsentStoreMock.Object, refreshTokenStoreMock.Object, referenceTokenStoreMock.Object, serializer); authorizationCodeStoreMock.Setup(m => m.GetAsync(It.IsAny <PageRequest>(), default)).ReturnsAsync(new PageResponse <Entity.AuthorizationCode> { Items = new[] { new Entity.AuthorizationCode { Data = serializer.Serialize(new AuthorizationCode { RequestedScopes = Array.Empty <string>() }) } } }); userConsentStoreMock.Setup(m => m.GetAsync(It.IsAny <PageRequest>(), default)).ReturnsAsync(new PageResponse <Entity.UserConsent> { Items = new[] { new Entity.UserConsent { Data = serializer.Serialize(new Consent { Scopes = Array.Empty <string>() }) } } }); refreshTokenStoreMock.Setup(m => m.GetAsync(It.IsAny <PageRequest>(), default)).ReturnsAsync(new PageResponse <Entity.RefreshToken> { Items = new[] { new Entity.RefreshToken() { Data = serializer.Serialize(new RefreshToken { AccessToken = new Token { Claims = Array.Empty <Claim>() } }) } } }); referenceTokenStoreMock.Setup(m => m.GetAsync(It.IsAny <PageRequest>(), default)).ReturnsAsync(new PageResponse <Entity.ReferenceToken> { Items = new[] { new Entity.ReferenceToken() { Data = serializer.Serialize(new Token { Claims = Array.Empty <Claim>() }) } } }); return(sut); }
public async Task RemoveReferenceTokenAsync_by_subjectId_clientId_should_delete_entity() { using var store = new RavenDbTestDriverWrapper().GetDocumentStore(); var serializer = new PersistentGrantSerializer(); var loggerMock = new Mock <ILogger <ReferenceTokenStore> >(); using var s1 = store.OpenAsyncSession(); await s1.StoreAsync(new Entity.ReferenceToken { Id = "test", ClientId = "test", UserId = "test", Data = serializer.Serialize(new Token { ClientId = "test" }) }, $"{nameof(Entity.ReferenceToken)}/test"); await s1.SaveChangesAsync(); using var session = store.OpenAsyncSession(); var sut = new ReferenceTokenStore(new ScopedAsynDocumentcSession(session), serializer, loggerMock.Object); await sut.RemoveReferenceTokensAsync("test", "test"); using var s2 = store.OpenAsyncSession(); var result = await s2.LoadAsync <Entity.ReferenceToken>($"{nameof(Entity.ReferenceToken)}/test"); Assert.Null(result); }
public async Task GetReferenceTokenAsync_should_return_grant_by_hamlder() { using var store = new RavenDbTestDriverWrapper().GetDocumentStore(); var serializer = new PersistentGrantSerializer(); var loggerMock = new Mock <ILogger <ReferenceTokenStore> >(); using var s1 = store.OpenAsyncSession(); await s1.StoreAsync(new Entity.ReferenceToken { Id = "test", ClientId = "test", Data = serializer.Serialize(new Token { ClientId = "test" }) }, $"{nameof(Entity.ReferenceToken)}/test"); await s1.SaveChangesAsync(); using var session = store.OpenAsyncSession(); var sut = new ReferenceTokenStore(new ScopedAsynDocumentcSession(session), serializer, loggerMock.Object); var result = await sut.GetReferenceTokenAsync("test"); Assert.NotNull(result); }
public async Task StoreReferenceTokenAsync_should_update_entity() { using var store = new RavenDbTestDriverWrapper().GetDocumentStore(); var serializer = new PersistentGrantSerializer(); var loggerMock = new Mock <ILogger <ReferenceTokenStore> >(); var token = new Token { ClientId = "test" }; using var s1 = store.OpenAsyncSession(); await s1.StoreAsync(new Entity.ReferenceToken { Id = "test", ClientId = "test", Data = serializer.Serialize(token) }, $"{nameof(Entity.ReferenceToken)}/test"); await s1.SaveChangesAsync(); using var session = store.OpenAsyncSession(); var sut = new ReferenceTokenStore(new ScopedAsynDocumentcSession(session), serializer, loggerMock.Object); var code = await sut.StoreReferenceTokenAsync(token); Assert.Equal("test", code); }
public async Task StoreAuthorizationCodeAsync_should_update_entity() { using var store = new RavenDbTestDriverWrapper().GetDocumentStore(); var serializer = new PersistentGrantSerializer(); var loggerMock = new Mock <ILogger <AuthorizationCodeStore> >(); var authorizationCode = new AuthorizationCode { ClientId = "test", Subject = new ClaimsPrincipal(new ClaimsIdentity(new[] { new Claim(JwtClaimTypes.Subject, "test") })) }; using var s1 = store.OpenAsyncSession(); await s1.StoreAsync(new Entity.AuthorizationCode { Id = "test", ClientId = "test", UserId = "test", Data = serializer.Serialize(authorizationCode) }, $"{nameof(Entity.AuthorizationCode)}/test"); await s1.SaveChangesAsync(); using var session = store.OpenAsyncSession(); var sut = new AuthorizationCodeStore(new ScopedAsynDocumentcSession(session), serializer, loggerMock.Object); var code = await sut.StoreAuthorizationCodeAsync(authorizationCode); Assert.Equal("test", code); }
public async Task FindByUserCodeAsync_should_find_device_code_by_user_code() { using var store = new RavenDbTestDriverWrapper().GetDocumentStore(); var serializer = new PersistentGrantSerializer(); var loggerMock = new Mock <ILogger <DeviceFlowStore> >(); using var s1 = store.OpenAsyncSession(); await s1.StoreAsync(new Entity.DeviceCode { Id = "test", UserCode = "code", Data = serializer.Serialize(new DeviceCode { AuthorizedScopes = new[] { "client_credential" } }) }, $"{nameof(Entity.DeviceCode)}/test"); await s1.SaveChangesAsync(); var sut = new DeviceFlowStore(new ScopedAsynDocumentcSession(store.OpenAsyncSession()), serializer, loggerMock.Object); var result = await sut.FindByUserCodeAsync("code"); Assert.NotNull(result); }
public async Task UpdateByUserCodeAsync_should_update_device_code() { using var store = new RavenDbTestDriverWrapper().GetDocumentStore(); var serializer = new PersistentGrantSerializer(); var loggerMock = new Mock <ILogger <DeviceFlowStore> >(); using var s1 = store.OpenAsyncSession(); await s1.StoreAsync(new Entity.DeviceCode { Id = "test", UserCode = "code", Data = serializer.Serialize(new DeviceCode { AuthorizedScopes = new[] { "client_credential" } }) }, $"{nameof(Entity.DeviceCode)}/test"); await s1.SaveChangesAsync(); var sut = new DeviceFlowStore(new ScopedAsynDocumentcSession(store.OpenAsyncSession()), serializer, loggerMock.Object); await sut.UpdateByUserCodeAsync("code", new DeviceCode { ClientId = "test" }); using var s2 = store.OpenAsyncSession(); var updated = await s2.LoadAsync <Entity.DeviceCode>($"{nameof(Entity.DeviceCode)}/test"); var data = serializer.Deserialize <DeviceCode>(updated.Data); Assert.Equal("test", data.ClientId); }
public async Task StoreUserConsentAsync_should_update_entity() { using var store = new RavenDbTestDriverWrapper().GetDocumentStore(); var serializer = new PersistentGrantSerializer(); var loggerMock = new Mock <ILogger <UserConsentStore> >(); var UserConsent = new Consent { ClientId = "test", SubjectId = "test" }; using var s1 = store.OpenAsyncSession(); await s1.StoreAsync(new Entity.UserConsent { Id = "test", ClientId = "test", UserId = "test", Data = serializer.Serialize(UserConsent) }, $"{nameof(Entity.UserConsent)}/test"); await s1.SaveChangesAsync(); using var session = store.OpenAsyncSession(); var sut = new UserConsentStore(new ScopedAsynDocumentcSession(session), serializer, loggerMock.Object); await sut.StoreUserConsentAsync(UserConsent); using var s2 = store.OpenAsyncSession(); var result = await s2.Advanced.LoadStartingWithAsync <Entity.UserConsent>($"{nameof(Entity.UserConsent).ToLowerInvariant()}/"); Assert.Single(result); }
public async Task Should_Retrieve_Data_By_DeviceCode(TestDatabase testDb) { var loggerMock = new Mock <ILogger <DeviceFlowStore> >(); var serializer = new PersistentGrantSerializer(); var testDeviceCode = $"device_{Guid.NewGuid()}"; var testUserCode = $"user_{Guid.NewGuid()}"; var expectedSubject = $"sub_{Guid.NewGuid()}"; var expectedDeviceCodeData = new DeviceCode() { ClientId = "device_flow", RequestedScopes = new[] { "openid", "api1" }, CreationTime = new DateTime(2018, 12, 7, 14, 15, 16), Lifetime = 300, IsOpenId = true, Subject = new ClaimsPrincipal( new ClaimsIdentity( new List <Claim> { new Claim(JwtClaimTypes.Subject, expectedSubject) } ) ) }; using (var session = testDb.SessionFactory.OpenSession()) { using (var tx = session.BeginTransaction()) { await session.SaveAsync(new DeviceFlowCodes { DeviceCode = testDeviceCode, ID = testUserCode, ClientId = expectedDeviceCodeData.ClientId, SubjectId = expectedDeviceCodeData.Subject.FindFirst(JwtClaimTypes.Subject).Value, CreationTime = expectedDeviceCodeData.CreationTime, Expiration = expectedDeviceCodeData.CreationTime.AddSeconds(expectedDeviceCodeData.Lifetime), Data = serializer.Serialize(expectedDeviceCodeData) }); await tx.CommitAsync(); } } DeviceCode code; using (var session = testDb.SessionFactory.OpenSession()) { var store = new DeviceFlowStore(session, serializer, loggerMock.Object); code = await store.FindByDeviceCodeAsync(testDeviceCode); } code.Should().BeEquivalentTo(expectedDeviceCodeData, assertionOptions => assertionOptions.Excluding(x => x.Subject)); code.Subject.Claims.FirstOrDefault(x => x.Type == JwtClaimTypes.Subject && x.Value == expectedSubject).Should().NotBeNull(); await CleanupTestDataAsync(testDb); }
public async Task Should_Throw_Exception_If_DeviceCode_Already_Exists(TestDatabase testDb) { var loggerMock = new Mock <ILogger <DeviceFlowStore> >(); var serializer = new PersistentGrantSerializer(); var existingUserCode = $"user_{Guid.NewGuid()}"; var deviceCodeData = new DeviceCode() { ClientId = "device_flow", RequestedScopes = new[] { "openid", "api1" }, CreationTime = new DateTime(2018, 12, 07, 8, 00, 00), Lifetime = 300, IsOpenId = true, Subject = new ClaimsPrincipal( new ClaimsIdentity( new List <Claim> { new Claim(JwtClaimTypes.Subject, $"sub_{Guid.NewGuid()}") } ) ) }; using (var session = testDb.SessionFactory.OpenSession()) { using (var tx = session.BeginTransaction()) { await session.SaveAsync(new DeviceFlowCodes() { DeviceCode = $"device_{Guid.NewGuid()}", ID = existingUserCode, ClientId = deviceCodeData.ClientId, SubjectId = deviceCodeData.Subject.FindFirst(JwtClaimTypes.Subject).Value, CreationTime = deviceCodeData.CreationTime, Expiration = deviceCodeData.CreationTime.AddSeconds(deviceCodeData.Lifetime), Data = serializer.Serialize(deviceCodeData) }); await tx.CommitAsync(); } } using (var session = testDb.SessionFactory.OpenSession()) { var store = new DeviceFlowStore(session, new PersistentGrantSerializer(), loggerMock.Object); Func <Task> act = async() => await store.StoreDeviceAuthorizationAsync($"device_{Guid.NewGuid()}", existingUserCode, deviceCodeData); await act.Should().ThrowAsync <HibernateException>(); } await CleanupTestDataAsync(testDb); }
public async Task Should_Remove_Existing_DeviceCode(TestDatabase testDb) { var loggerMock = new Mock <ILogger <DeviceFlowStore> >(); var serializer = new PersistentGrantSerializer(); var testDeviceCode = $"device_{Guid.NewGuid()}"; var testUserCode = $"user_{Guid.NewGuid()}"; var existingDeviceCode = new DeviceCode { ClientId = "device_flow", RequestedScopes = new[] { "openid", "api1" }, CreationTime = new DateTime(2018, 12, 7, 14, 15, 16), Lifetime = 42, IsOpenId = true }; using (var session = testDb.SessionFactory.OpenSession()) { using (var tx = session.BeginTransaction()) { await session.SaveAsync(new DeviceFlowCodes { DeviceCode = testDeviceCode, ID = testUserCode, ClientId = existingDeviceCode.ClientId, CreationTime = existingDeviceCode.CreationTime, Expiration = existingDeviceCode.CreationTime.AddSeconds(existingDeviceCode.Lifetime), Data = serializer.Serialize(existingDeviceCode) }); await tx.CommitAsync(); } } using (var session = testDb.SessionFactory.OpenSession()) { var store = new DeviceFlowStore(session, serializer, loggerMock.Object); await store.RemoveByDeviceCodeAsync(testDeviceCode); } using (var session = testDb.SessionFactory.OpenSession()) { (await session.GetAsync <DeviceFlowCodes>(testUserCode)).Should().BeNull(); } await CleanupTestDataAsync(testDb); }
public async Task UpdateByUserCodeAsync_should_update_token() { using var store = new RavenDbTestDriverWrapper().GetDocumentStore(); var serializer = new PersistentGrantSerializer(); var loggerMock = new Mock <ILogger <RefreshTokenStore> >(); var token = new RefreshToken { AccessToken = new Token { ClientId = "test" } }; using var s1 = store.OpenAsyncSession(); await s1.StoreAsync(new Entity.RefreshToken { Id = "test", ClientId = "test", Data = serializer.Serialize(token) }, $"{nameof(Entity.RefreshToken)}/test"); await s1.SaveChangesAsync(); var sut = new RefreshTokenStore(new ScopedAsynDocumentcSession(store.OpenAsyncSession()), serializer, loggerMock.Object); await sut.UpdateRefreshTokenAsync("test", new RefreshToken { AccessToken = new Token { ClientId = "test", Description = "test" } }); using var s2 = store.OpenAsyncSession(); var updated = await s2.LoadAsync <Entity.RefreshToken>($"{nameof(Entity.RefreshToken)}/test"); var data = serializer.Deserialize <RefreshToken>(updated.Data); Assert.Equal("test", data.AccessToken.Description); }
async Task StoreItem <T>(string key, T item, string type, string clientId, string subjectId, DateTime created, int lifetime) { key = HashKey(key, type); var json = _serializer.Serialize(item); var grant = new PersistedGrant { Key = key, Type = type, ClientId = clientId, SubjectId = subjectId, CreationTime = created, Expiration = created.AddSeconds(lifetime), Data = json }; await _store.StoreAsync(grant); }
protected async Task StoreItemAsync(string key, T item, string clientId, string subjectId, DateTime created, int lifetime) { key = GetHashedKey(key); var json = _serializer.Serialize(item); var grant = new PersistedGrant() { Key = key, Type = _grantType, ClientId = clientId, SubjectId = subjectId, CreationTime = created, Expiration = created.AddSeconds(lifetime), Data = json, }; await _store.StoreAsync(grant); }
private static PersistedGrantService CreateSut(out Mock <IDataProtector> mock) { var authorizationCodeStoreMock = new Mock <IAdminStore <Entity.AuthorizationCode> >(); var userConsentStoreMock = new Mock <IAdminStore <Entity.UserConsent> >(); var refreshTokenStoreMock = new Mock <IAdminStore <Entity.RefreshToken> >(); var referenceTokenStoreMock = new Mock <IAdminStore <Entity.ReferenceToken> >(); var dataProtectorProviderMock = new Mock <IDataProtectionProvider>(); var dataProtectorMock = new Mock <IDataProtector>(); dataProtectorMock.Setup(m => m.Protect(It.IsAny <byte[]>())).Returns <byte[]>(b => b); dataProtectorMock.Setup(m => m.Unprotect(It.IsAny <byte[]>())).Returns <byte[]>(b => b); dataProtectorProviderMock.Setup(m => m.CreateProtector(It.IsAny <string>())).Returns(dataProtectorMock.Object); #if DUENDE var serializer = new PersistentGrantSerializer(new PersistentGrantOptions { DataProtectData = true }, dataProtectorProviderMock.Object); #else var serializer = new PersistentGrantSerializer(); #endif var localizerMock = new Mock <IStringLocalizer <PersistedGrantService> >(); var loggerMock = new Mock <ILogger <PersistedGrantService> >(); var sut = new PersistedGrantService(authorizationCodeStoreMock.Object, userConsentStoreMock.Object, refreshTokenStoreMock.Object, referenceTokenStoreMock.Object, serializer, localizerMock.Object, loggerMock.Object); authorizationCodeStoreMock.Setup(m => m.GetAsync(It.IsAny <PageRequest>(), default)).ReturnsAsync(new PageResponse <Entity.AuthorizationCode> { Items = new[] { new Entity.AuthorizationCode { Data = serializer.Serialize(new AuthorizationCode { RequestedScopes = Array.Empty <string>() }) } } }); userConsentStoreMock.Setup(m => m.GetAsync(It.IsAny <PageRequest>(), default)).ReturnsAsync(new PageResponse <Entity.UserConsent> { Items = new[] { new Entity.UserConsent { Data = serializer.Serialize(new Consent { Scopes = Array.Empty <string>() }) } } }); #if DUENDE var refreshToken = new RefreshToken(); refreshToken.SetAccessToken(new Token { Claims = Array.Empty <Claim>() }); #else var refreshToken = new RefreshToken { AccessToken = new Token { Claims = Array.Empty <Claim>() } }; #endif refreshTokenStoreMock.Setup(m => m.GetAsync(It.IsAny <PageRequest>(), default)).ReturnsAsync(new PageResponse <Entity.RefreshToken> { Items = new[] { new Entity.RefreshToken() { Data = serializer.Serialize(refreshToken) } } }); referenceTokenStoreMock.Setup(m => m.GetAsync(It.IsAny <PageRequest>(), default)).ReturnsAsync(new PageResponse <Entity.ReferenceToken> { Items = new[] { new Entity.ReferenceToken() { Data = serializer.Serialize(new Token { Claims = Array.Empty <Claim>() }) } } }); mock = dataProtectorMock; return(sut); }
public async Task Should_Update_Authorized_Device_Code(TestDatabase testDb) { var loggerMock = new Mock <ILogger <DeviceFlowStore> >(); var serializer = new PersistentGrantSerializer(); var testDeviceCode = $"device_{Guid.NewGuid()}"; var testUserCode = $"user_{Guid.NewGuid()}"; var expectedSubject = $"sub_{Guid.NewGuid()}"; var unauthorizedDeviceCode = new DeviceCode() { ClientId = "device_flow", RequestedScopes = new[] { "openid", "api1" }, CreationTime = new DateTime(2018, 12, 7, 14, 15, 16), Lifetime = 42, IsOpenId = true }; using (var session = testDb.SessionFactory.OpenSession()) { using (var tx = session.BeginTransaction()) { await session.SaveAsync(new DeviceFlowCodes { DeviceCode = testDeviceCode, ID = testUserCode, ClientId = unauthorizedDeviceCode.ClientId, CreationTime = unauthorizedDeviceCode.CreationTime, Expiration = unauthorizedDeviceCode.CreationTime.AddSeconds(unauthorizedDeviceCode.Lifetime), Data = serializer.Serialize(unauthorizedDeviceCode) }); await tx.CommitAsync(); } } var authorizedDeviceCode = new DeviceCode { ClientId = unauthorizedDeviceCode.ClientId, RequestedScopes = unauthorizedDeviceCode.RequestedScopes, AuthorizedScopes = unauthorizedDeviceCode.RequestedScopes, Subject = new ClaimsPrincipal( new ClaimsIdentity( new List <Claim> { new Claim(JwtClaimTypes.Subject, expectedSubject) } ) ), IsAuthorized = true, IsOpenId = true, CreationTime = new DateTime(2018, 12, 7, 14, 15, 16), Lifetime = 42 }; using (var session = testDb.SessionFactory.OpenSession()) { var store = new DeviceFlowStore(session, serializer, loggerMock.Object); await store.UpdateByUserCodeAsync(testUserCode, authorizedDeviceCode); } DeviceFlowCodes updatedCodes; using (var session = testDb.SessionFactory.OpenSession()) { updatedCodes = await session.GetAsync <DeviceFlowCodes>(testUserCode); } // Unchanged updatedCodes.DeviceCode.Should().Be(testDeviceCode); updatedCodes.ClientId.Should().Be(unauthorizedDeviceCode.ClientId); updatedCodes.CreationTime.Should().Be(unauthorizedDeviceCode.CreationTime); updatedCodes.Expiration.Should().Be(unauthorizedDeviceCode.CreationTime.AddSeconds(unauthorizedDeviceCode.Lifetime)); // Updated var parsedCode = serializer.Deserialize <DeviceCode>(updatedCodes.Data); parsedCode.Should().BeEquivalentTo(authorizedDeviceCode, assertionOptions => assertionOptions.Excluding(x => x.Subject)); parsedCode.Subject.Claims.FirstOrDefault(x => x.Type == JwtClaimTypes.Subject && x.Value == expectedSubject).Should().NotBeNull(); await CleanupTestDataAsync(testDb); }