public void InvalidClientIdReturnsOAUTHError() { var formCollection = new FormCollection { {"client_id", ""}, {"client_secret", ""}, {"grant_type", ""}, {"refresh_token", ""}, {"code", ""} }; HttpContextBase context = Mocking.FakeHttpContext(); var loginServiceMock = new Mock<ILoginService>(); var controller = new TokenController(loginServiceMock.Object); controller.ControllerContext = new ControllerContext(context, new RouteData(), controller); var result = (JsonResult)controller.Index(formCollection); Assert.AreEqual(400, context.Response.StatusCode); Assert.IsInstanceOf(typeof(Error), result.Data); var error = (Error)result.Data; Assert.AreEqual(400, error.status); Assert.AreEqual("", error.error_uri); Assert.AreEqual("client is not registered", error.error_description); Assert.AreEqual("invalid_client", error.error); }
public void ValidRefreshCodeReturnsToken() { var formCollection = new FormCollection { {"client_id", _client_id}, {"client_secret", _client_secret}, {"grant_type", "refresh_token"}, {"refresh_token", _refresh_token} }; HttpContextBase context = Mocking.FakeHttpContext(); var loginServiceMock = new Mock<ILoginService>(); loginServiceMock.Setup(m => m.Login(It.IsAny<string>(), It.IsAny<string>())).Returns( new ApiLogOnResponseDTO { AllowedAccountOperator = true, PasswordChangeRequired = false, Session = _session }); var controller = new TokenController(loginServiceMock.Object); controller.ControllerContext = new ControllerContext(context, new RouteData(), controller); var result = (JsonResult)controller.Index(formCollection); Assert.IsInstanceOf(typeof(AccessToken), result.Data); var token = (AccessToken)result.Data; Assert.AreEqual(string.Format("{0}:{1}", _username, _session), token.access_token); Assert.AreEqual(_refresh_token, token.refresh_token); Assert.AreEqual("bearer", token.token_type); }
public void ValidRefreshCodeButBadCredentialsReturnsError() { var formCollection = new FormCollection { {"client_id", _client_id}, {"client_secret", _client_secret}, {"grant_type", "refresh_token"}, {"refresh_token", _refresh_token} }; HttpContextBase context = Mocking.FakeHttpContext(); var loginServiceMock = new Mock<ILoginService>(); loginServiceMock.Setup(m => m.Login(It.IsAny<string>(), It.IsAny<string>())).Throws( new InvalidCredentialsException("Invalid")); var controller = new TokenController(loginServiceMock.Object); controller.ControllerContext = new ControllerContext(context, new RouteData(), controller); var result = (JsonResult)controller.Index(formCollection); Assert.AreEqual(401, context.Response.StatusCode); Assert.IsInstanceOf(typeof(Error), result.Data); var error = (Error)result.Data; Assert.AreEqual(401, error.status); Assert.AreEqual("", error.error_uri); Assert.AreEqual("Invalid Username or Password", error.error_description); Assert.AreEqual("invalid_request", error.error); }
public void ValidRefreshCodeButPasswordChangeRequiredReturnsError() { var formCollection = new FormCollection { {"client_id", _client_id}, {"client_secret", _client_secret}, {"grant_type", "refresh_token"}, {"refresh_token", _refresh_token} }; HttpContextBase context = Mocking.FakeHttpContext(); var loginServiceMock = new Mock<ILoginService>(); loginServiceMock.Setup(m => m.Login(It.IsAny<string>(), It.IsAny<string>())).Returns( new ApiLogOnResponseDTO { AllowedAccountOperator = true, PasswordChangeRequired = true, Session = _session }); var controller = new TokenController(loginServiceMock.Object); controller.ControllerContext = new ControllerContext(context, new RouteData(), controller); var result = (JsonResult)controller.Index(formCollection); Assert.AreEqual(400, context.Response.StatusCode); Assert.IsInstanceOf(typeof(Error), result.Data); var error = (Error)result.Data; Assert.AreEqual(400, error.status); Assert.AreEqual("", error.error_uri); Assert.AreEqual("password change required", error.error_description); Assert.AreEqual("invalid_request", error.error); }
public void ValidCodeReturnsToken() { var formCollection = new FormCollection { {"client_id", _client_id}, {"client_secret", _client_secret}, {"grant_type", "authorization_code"}, {"code", "JpstAC9GbwGop5FiEqfs3Q=="} }; HttpContextBase context = Mocking.FakeHttpContext(); var loginServiceMock = new Mock<ILoginService>(); var controller = new TokenController(loginServiceMock.Object); controller.ControllerContext = new ControllerContext(context, new RouteData(), controller); var result = (JsonResult)controller.Index(formCollection); Assert.IsInstanceOf(typeof(AccessToken), result.Data); var token = (AccessToken)result.Data; Assert.AreEqual("foo:session", token.access_token); Assert.AreEqual(_refresh_token, token.refresh_token); Assert.AreEqual("bearer", token.token_type); }