public async Task GetReferenceTokenAsync_should_return_grant_by_hamlder()
{
using var store = new RavenDbTestDriverWrapper().GetDocumentStore();
var serializer = new PersistentGrantSerializer();
var loggerMock = new Mock <ILogger <ReferenceTokenStore> >();
using var s1 = store.OpenAsyncSession();
await s1.StoreAsync(new Entity.ReferenceToken
{
Id = "test",
ClientId = "test",
Data = serializer.Serialize(new Token
{
ClientId = "test"
})
}, $"{nameof(Entity.ReferenceToken)}/test");
await s1.SaveChangesAsync();
using var session = store.OpenAsyncSession();
var sut = new ReferenceTokenStore(new ScopedAsynDocumentcSession(session), serializer, loggerMock.Object);
var result = await sut.GetReferenceTokenAsync("test");
Assert.NotNull(result);
}
// revoke access token only if it belongs to client doing the request
private async Task <bool> RevokeAccessTokenAsync(TokenRevocationRequestValidationResult validationResult)
{
var token = await ReferenceTokenStore.GetReferenceTokenAsync(validationResult.Token);
if (token != null)
{
if (token.ClientId == validationResult.Client.ClientId)
{
Logger.LogDebug("Access token revoked");
await ReferenceTokenStore.RemoveReferenceTokenAsync(validationResult.Token);
}
else
{
Logger.LogWarning("Client {clientId} tried to revoke an access token belonging to a different client: {clientId}", validationResult.Client.ClientId, token.ClientId);
}
return(true);
}
return(false);
}