public void CommonTokenRequestParamsHandlesScopes()
{
var opts = new AuthServerOptions {
AdditionalTokenScopes = "onescope", RequiredScopes = new string[] { "twoscope" }
};
var tEx = new TokenExchanger(opts);
var parameters = tEx.CommonTokenRequestParams();
Assert.Equal("openid onescope twoscope", parameters.First(i => i.Key == CloudFoundryDefaults.ParamsScope).Value);
}
public async Task ExchangeAuthCodeForClaimsIdentity_ExchangesCodeForIdentity()
{
var options = new AuthServerOptions()
{
AuthorizationUrl = "http://localhost/tokenUrl"
};
var exchanger = new TokenExchanger(options, GetMockHttpClient());
var identity = await exchanger.ExchangeAuthCodeForClaimsIdentity("goodCode");
Assert.IsType <ClaimsIdentity>(identity);
}
public async Task ExchangeAuthCodeForClaimsIdentity_ReturnsNullOnFailure()
{
var options = new AuthServerOptions()
{
AuthorizationUrl = "http://localhost/tokenUrl"
};
var httpClient = new object(); // TODO: replace with mock that does stuff
var exchanger = new TokenExchanger(options, GetMockHttpClient());
var identity = await exchanger.ExchangeAuthCodeForClaimsIdentity("badCode");
Assert.Null(identity);
}
public void ClientCredentialsTokenRequestParameters_ReturnsCorrectly()
{
var opts = new AuthServerOptions {
ClientId = "clientId", ClientSecret = "clientSecret", CallbackUrl = "redirect_uri"
};
var tEx = new TokenExchanger(opts);
var parameters = tEx.ClientCredentialsTokenRequestParameters();
Assert.NotNull(parameters);
Assert.Equal(opts.ClientId, parameters.First(i => i.Key == "client_id").Value);
Assert.Equal(opts.ClientSecret, parameters.First(i => i.Key == "client_secret").Value);
Assert.Equal(OpenIdConnectGrantTypes.ClientCredentials, parameters.First(i => i.Key == "grant_type").Value);
}
public void GetTokenRequestMessage_ReturnsCorrectly()
{
var opts = new AuthServerOptions {
ClientId = "clientId", ClientSecret = "clientSecret"
};
var tEx = new TokenExchanger(opts);
var message = tEx.GetTokenRequestMessage(new List <KeyValuePair <string, string> >(), "redirectUri");
Assert.NotNull(message);
var content = message.Content as FormUrlEncodedContent;
Assert.NotNull(content);
Assert.Equal(HttpMethod.Post, message.Method);
Assert.Contains(new MediaTypeWithQualityHeaderValue("application/json"), message.Headers.Accept);
}
public void AuthCodeTokenRequestParameters_ReturnsCorrectly()
{
// arrange
var opts = new AuthServerOptions {
ClientId = "clientId", ClientSecret = "clientSecret", CallbackUrl = "redirect_uri"
};
var tEx = new TokenExchanger(opts);
// act
var parameters = tEx.AuthCodeTokenRequestParameters("authcode");
// assert
Assert.NotNull(parameters);
Assert.Equal(opts.ClientId, parameters.First(i => i.Key == "client_id").Value);
Assert.Equal(opts.ClientSecret, parameters.First(i => i.Key == "client_secret").Value);
Assert.Equal("redirect_uri", parameters.First(i => i.Key == "redirect_uri").Value);
Assert.Equal("authcode", parameters.First(i => i.Key == "code").Value);
Assert.Equal(OpenIdConnectGrantTypes.AuthorizationCode, parameters.First(i => i.Key == "grant_type").Value);
}
/// <summary>
/// Initializes a new instance of the <see cref="CloudFoundryClientTokenResolver"/> class.
/// This class can be used to get access tokens from an OAuth server
/// </summary>
/// <param name="options">Con</param>
/// <param name="httpClient">For interacting with the OAuth server. A new instance will be created if not provided.</param>
public CloudFoundryClientTokenResolver(CloudFoundryOptions options, HttpClient httpClient = null)
{
Options = options ?? throw new ArgumentNullException(nameof(options), "Options are required");
_tokenExchanger = new TokenExchanger(options, httpClient, options.LoggerFactory?.CreateLogger <TokenExchanger>());
_logger = Options.LoggerFactory?.CreateLogger <CloudFoundryClientTokenResolver>();
}
