public void IssueAccessTokenForClientCredentials() { ClientBase cl = new ClientBase { ClientId = "123", ClientSecret = "secret" }; AccessTokenBase token = new AccessTokenBase{ ExpiresIn = 120, Token = Guid.NewGuid().ToString()}; TokenContext context = new TokenContext { Client = new ClientBase { ClientId = "123", ClientSecret = "secret" }, GrantType = Parameters.GrantTypeValues.ClientCredentials }; Mock<IClientService> mckClientService = new Mock<IClientService>(); mckClientService.Setup(x=>x.AuthenticateClient(context)).Returns(true); mckClientService.Setup(x => x.FindClient("123")).Returns(cl); Mock<ITokenService> mckTokenService = new Mock<ITokenService>(); mckTokenService.Setup(x=>x.IssueAccessToken(cl)).Returns(token); Mock<IServiceFactory> mckServiceFactory = new Mock<IServiceFactory>(); mckServiceFactory.SetupGet(x=>x.ClientService).Returns(mckClientService.Object); mckServiceFactory.SetupGet(x=>x.TokenService).Returns(mckTokenService.Object); ClientCredentialsProcessor processor = new ClientCredentialsProcessor(mckServiceFactory.Object); processor.Process(context); mckClientService.VerifyAll(); mckServiceFactory.VerifyAll(); mckTokenService.VerifyAll(); Assert.AreEqual(token, context.Token); }
public void TestProcessTokenRequest() { AccessTokenBase token = new AccessTokenBase { Scope = new string[] { "create", "delete" }, ExpiresIn = 120, RefreshToken = "refresh", Token = "token", TokenType = "bearer" }; ClientBase client = new ClientBase { ClientId = "123", ClientSecret = "secret" }; IAuthorizationGrant grant = new AuthorizationGrantBase { Code = "123" }; AuthorizationContext context = new AuthorizationContext { Client = new ClientBase { ClientId = "123" }, IsApproved = true, RedirectUri = new Uri("http://www.mysite.com/callback"), Scope = new string[] { "create", "delete" }, ResourceOwnerUsername = "******" }; Mock<IClientService> mckClientService = new Mock<IClientService>(); mckClientService.Setup(x => x.FindClient("123")).Returns(client); Mock<IAuthorizationGrantService> mckGrantService = new Mock<IAuthorizationGrantService>(); mckGrantService.Setup(x => x.IssueAuthorizationGrant(context)).Returns(grant); Mock<ITokenService> mckTokenService = new Mock<ITokenService>(); mckTokenService.Setup(x => x.IssueAccessToken(grant)).Returns(token); Mock<IServiceFactory> mckFactory = new Mock<IServiceFactory>(); mckFactory.SetupGet(x => x.TokenService).Returns(mckTokenService.Object); mckFactory.SetupGet(x => x.ClientService).Returns(mckClientService.Object); mckFactory.SetupGet(x => x.AuthorizationGrantService).Returns(mckGrantService.Object); ImplicitFlowProcessor processor = new ImplicitFlowProcessor(mckFactory.Object); processor.Process(context); Assert.AreEqual(token, context.Token); mckClientService.VerifyAll(); mckFactory.VerifyAll(); mckTokenService.VerifyAll(); }
public IToken IssueAccessToken(ClientBase client) { AccessToken token = new AccessToken { ExpiresIn = 120, Token = Guid.NewGuid().ToString(), Scope = new string[] { "create-member" }, Client = (Client)client }; TokenRepo.AddAccessToken(token); return token; }
public void TestExchangingRefreshTokenForWrongClient() { ClientBase client = new ClientBase { ClientId = "id", ClientSecret = "secret" }; TokenContext context = new TokenContext { RefreshToken = "refresh_token", Client = new ClientBase { ClientId = "id" }, ResourceOwnerUsername = "******" }; RefreshTokenBase refreshToken = new RefreshTokenBase { ClientId = "123", Scope = new string[] { "create", "delete" }, Token = "refresh_token" }; Mock<IClientService> mckClientService = new Mock<IClientService>(); mckClientService.Setup(x => x.AuthenticateClient(context)).Returns(true); mckClientService.Setup(x => x.FindClient("id")).Returns(client); Mock<ITokenService> mckTokenService = new Mock<ITokenService>(); mckTokenService.Setup(x => x.FindRefreshToken("refresh_token")).Returns(refreshToken); Mock<IServiceFactory> mckFactory = new Mock<IServiceFactory>(); mckFactory.SetupGet(x => x.ClientService).Returns(mckClientService.Object); mckFactory.SetupGet(x => x.TokenService).Returns(mckTokenService.Object); RefreshTokenProcessor processor = new RefreshTokenProcessor(mckFactory.Object); try { processor.Process(context); Assert.Fail("no exception trhown"); } catch (OAuthErrorResponseException<IOAuthContext> x) { Assert.AreEqual(Parameters.ErrorParameters.ErrorValues.InvalidClient, x.Error); } catch (Exception x) { Assert.Fail("unexpected exception: " + x.Message); } mckFactory.VerifyAll(); mckClientService.VerifyAll(); mckTokenService.VerifyAll(); }
public void TestExchangingRefreshTokenForAccessToken() { ClientBase client = new ClientBase{ ClientId = "id", ClientSecret = "secret" }; AccessTokenBase token = new AccessTokenBase{ ExpiresIn = 120, RefreshToken = "refresh_token", Token = "new-token", TokenType = Parameters.AccessTokenTypeValues.Bearer }; TokenContext context = new TokenContext { RefreshToken = "refresh_token", Client = client, ResourceOwnerUsername = "******" }; RefreshTokenBase refreshToken = new RefreshTokenBase { ClientId = "id", Scope = new string[] { "create", "delete" }, Token = "refresh_token" }; Mock<IClientService> mckClientService = new Mock<IClientService>(); mckClientService.Setup(x => x.AuthenticateClient(context)).Returns(true); mckClientService.Setup(x => x.FindClient("id")).Returns(client); Mock<ITokenService> mckTokenService = new Mock<ITokenService>(); mckTokenService.Setup(x => x.FindRefreshToken("refresh_token")).Returns(refreshToken); mckTokenService.Setup(x => x.IssueAccessToken(refreshToken)).Returns(token); Mock<IServiceFactory> mckFactory = new Mock<IServiceFactory>(); mckFactory.SetupGet(x => x.ClientService).Returns(mckClientService.Object); mckFactory.SetupGet(x => x.TokenService).Returns(mckTokenService.Object); RefreshTokenProcessor processor = new RefreshTokenProcessor(mckFactory.Object); processor.Process(context); Assert.AreEqual(token, context.Token); mckFactory.VerifyAll(); mckClientService.VerifyAll(); mckTokenService.VerifyAll(); }
public void IssueAccessTokenForInvalidClientCredentials() { ClientBase cl = new ClientBase { ClientId = "123", ClientSecret = "secret" }; AccessTokenBase token = new AccessTokenBase { ExpiresIn = 120, Token = Guid.NewGuid().ToString() }; TokenContext context = new TokenContext { Client = cl, GrantType = Parameters.GrantTypeValues.ClientCredentials }; Mock<IClientService> mckClientService = new Mock<IClientService>(); mckClientService.Setup(x => x.AuthenticateClient(context)).Returns(false); Mock<IServiceFactory> mckServiceFactory = new Mock<IServiceFactory>(); mckServiceFactory.SetupGet(x => x.ClientService).Returns(mckClientService.Object); ClientCredentialsProcessor processor = new ClientCredentialsProcessor(mckServiceFactory.Object); try { processor.Process(context); Assert.Fail("no exception thrown"); } catch (OAuthErrorResponseException<ITokenContext> x) { Assert.AreEqual(Parameters.ErrorParameters.ErrorValues.UnauthorizedClient, x.Error); Assert.AreEqual(401, x.HttpStatusCode); } catch (Exception x) { Assert.Fail("unexpected exception was thrown: " + x.Message); } mckClientService.VerifyAll(); mckServiceFactory.VerifyAll(); }
public void TestInvalidClientExchangingRefreshToken() { ClientBase client = new ClientBase { ClientId = "id", ClientSecret = "secret" }; TokenContext context = new TokenContext { RefreshToken = "refresh_token", Client = client }; Mock<IClientService> mckClientService = new Mock<IClientService>(); mckClientService.Setup(x => x.AuthenticateClient(context)).Returns(false); Mock<IServiceFactory> mckFactory = new Mock<IServiceFactory>(); mckFactory.SetupGet(x => x.ClientService).Returns(mckClientService.Object); RefreshTokenProcessor processor = new RefreshTokenProcessor(mckFactory.Object); AssertExceptionResponse(context, processor, Parameters.ErrorParameters.ErrorValues.UnauthorizedClient, 401); mckFactory.VerifyAll(); mckClientService.VerifyAll(); }
public void TestInvalidRefreshTokenForClient() { ClientBase client = new ClientBase { ClientId = "id", ClientSecret = "secret" }; TokenContext context = new TokenContext { RefreshToken = "refresh_token", Client = client }; Mock<IClientService> mckClientService = new Mock<IClientService>(); mckClientService.Setup(x => x.AuthenticateClient(context)).Returns(true); mckClientService.Setup(x => x.FindClient("id")).Returns(client); Mock<ITokenService> mckTokenService = new Mock<ITokenService>(); mckTokenService.Setup(x => x.FindRefreshToken("refresh_token")).Returns((RefreshTokenBase)null); Mock<IServiceFactory> mckFactory = new Mock<IServiceFactory>(); mckFactory.SetupGet(x => x.ClientService).Returns(mckClientService.Object); mckFactory.SetupGet(x => x.TokenService).Returns(mckTokenService.Object); RefreshTokenProcessor processor = new RefreshTokenProcessor(mckFactory.Object); AssertExceptionResponse(context, processor, Parameters.ErrorParameters.ErrorValues.InvalidRequest, 400); mckFactory.VerifyAll(); mckClientService.VerifyAll(); mckTokenService.VerifyAll(); }