public void ExpiredRefreshToken() { TestTokenHandleManager handleManager = new TestTokenHandleManager("abc", "codeclient", "https://validredirect", expired: true); var validator = new TokenRequestValidator(handleManager); var app = _testConfig.FindApplication("test"); var request = new TokenRequest { Grant_Type = OAuthConstants.GrantTypes.RefreshToken, Refresh_Token = "abc" }; try { var result = validator.Validate(app, request, _client); } catch (TokenRequestValidationException ex) { Assert.AreEqual(OAuthConstants.Errors.InvalidGrant, ex.OAuthError); return; } Assert.Fail("No exception thrown."); }
public void EmptyParameters() { var validator = new TokenRequestValidator(); var app = _testConfig.FindApplication("test"); var result = validator.Validate(app, new TokenRequest(), _codeClient); }
public void NoParameters() { var validator = new TokenRequestValidator(); var app = _testConfig.FindApplication("test"); var result = validator.Validate(app, null, null); }
public void MissingClientId() { var validator = new TokenRequestValidator(); var app = _testConfig.FindApplication("test"); var request = new TokenRequest { Grant_Type = OAuthConstants.GrantTypes.Password, UserName = "******", Password = "******", Scope = "read" }; try { var client = Principal.Create("Test", new Claim("password", "secret")); var result = validator.Validate(app, request, client); } catch (TokenRequestValidationException ex) { Assert.AreEqual(OAuthConstants.Errors.InvalidClient, ex.OAuthError); return; } Assert.Fail("No exception thrown."); }
public void ValidSingleScope() { var validator = new TokenRequestValidator(); var app = _testConfig.FindApplication("test"); var request = new TokenRequest { Grant_Type = OAuthConstants.GrantTypes.ClientCredentials, Scope = "read" }; var result = validator.Validate(app, request, _client); }
public void ValidRequest() { var validator = new TokenRequestValidator(_handleManager); var app = _testConfig.FindApplication("test"); var request = new TokenRequest { Grant_Type = OAuthConstants.GrantTypes.RefreshToken, Refresh_Token = "abc" }; var result = validator.Validate(app, request, _client); }
public void ValidCodeGrant() { var validator = new TokenRequestValidator(new TestTokenHandleManager("codeclient", "https://todo")); var app = _testConfig.FindApplication("test"); var request = new TokenRequest { Grant_Type = OAuthConstants.GrantTypes.AuthorizationCode, Code = "abc", Redirect_Uri = "https://todo" }; var result = validator.Validate(app, request, _codeClient); }
public void ValidSingleScope() { var validator = new TokenRequestValidator(_handleManager); var app = _testConfig.FindApplication("test"); var request = new TokenRequest { Grant_Type = OAuthConstants.GrantTypes.AuthorizationCode, Code = "abc", Redirect_Uri = "https://validredirect" }; var result = validator.Validate(app, request, _client); }
public void ValidSingleScope() { var validator = new TokenRequestValidator(_clientManager); var app = _testConfig.FindApplication("test"); var request = new TokenRequest { Grant_Type = "assertion", Assertion = "assertion", Scope = "read" }; var result = validator.Validate(app, request, _client); }
public void ValidSingleScope() { var validator = new TokenRequestValidator(); var app = _testConfig.FindApplication("test"); var request = new TokenRequest { Grant_Type = OAuthConstants.GrantTypes.Password, UserName = "******", Password = "******", Scope = "read" }; var result = validator.Validate(app, request, _client); }
public HttpResponseMessage Post(string appName, TokenRequest request) { Tracing.Start("OAuth2 Token Endpoint"); // make sure application is registered var application = _config.FindApplication(appName); if (application == null) { Tracing.Error("Application not found: " + appName); return(Request.CreateErrorResponse(HttpStatusCode.NotFound, "Not found")); } // validate token request ValidatedRequest validatedRequest; try { validatedRequest = new TokenRequestValidator(_handleManager).Validate(application, request, ClaimsPrincipal.Current); } catch (TokenRequestValidationException ex) { Tracing.Error("Aborting OAuth2 token request"); return(Request.CreateOAuthErrorResponse(ex.OAuthError)); } // switch over the grant type if (validatedRequest.GrantType.Equals(OAuthConstants.GrantTypes.Password)) { return(ProcessResourceOwnerCredentialRequest(validatedRequest)); } else if (validatedRequest.GrantType.Equals(OAuthConstants.GrantTypes.AuthorizationCode)) { return(ProcessAuthorizationCodeRequest(validatedRequest)); } else if (string.Equals(validatedRequest.GrantType, OAuthConstants.GrantTypes.RefreshToken)) { return(ProcessRefreshTokenRequest(validatedRequest)); } else if (string.Equals(validatedRequest.GrantType, OAuthConstants.GrantTypes.ClientCredentials)) { return(ProcessClientCredentialsRequest(validatedRequest)); } Tracing.Error("invalid grant type: " + request.Grant_Type); return(Request.CreateOAuthErrorResponse(OAuthConstants.Errors.UnsupportedGrantType)); }
public HttpResponseMessage Post(string appName, TokenRequest request) { Tracing.Start("OAuth2 Token Endpoint"); // make sure application is registered var application = _config.FindApplication(appName); if (application == null) { Tracing.Error("Application not found: " + appName); return Request.CreateErrorResponse(HttpStatusCode.NotFound, "Not found"); } // validate token request ValidatedRequest validatedRequest; try { validatedRequest = new TokenRequestValidator(_handleManager).Validate(application, request, ClaimsPrincipal.Current); } catch (TokenRequestValidationException ex) { Tracing.Error("Aborting OAuth2 token request"); return Request.CreateOAuthErrorResponse(ex.OAuthError); } // switch over the grant type if (validatedRequest.GrantType.Equals(OAuthConstants.GrantTypes.Password)) { return ProcessResourceOwnerCredentialRequest(validatedRequest); } else if (validatedRequest.GrantType.Equals(OAuthConstants.GrantTypes.AuthorizationCode)) { return ProcessAuthorizationCodeRequest(validatedRequest); } else if (string.Equals(validatedRequest.GrantType, OAuthConstants.GrantTypes.RefreshToken)) { return ProcessRefreshTokenRequest(validatedRequest); } else if (string.Equals(validatedRequest.GrantType, OAuthConstants.GrantTypes.ClientCredentials)) { return ProcessClientCredentialsRequest(validatedRequest); } Tracing.Error("invalid grant type: " + request.Grant_Type); return Request.CreateOAuthErrorResponse(OAuthConstants.Errors.UnsupportedGrantType); }
public void MissingScope() { var validator = new TokenRequestValidator(); var app = _testConfig.FindApplication("test"); var request = new TokenRequest { Grant_Type = OAuthConstants.GrantTypes.ClientCredentials, }; try { var result = validator.Validate(app, request, _client); } catch (TokenRequestValidationException ex) { Assert.AreEqual(OAuthConstants.Errors.InvalidScope, ex.OAuthError); return; } Assert.Fail("No exception thrown."); }
public void MissingCode() { var validator = new TokenRequestValidator(_handleManager); var app = _testConfig.FindApplication("test"); var request = new TokenRequest { Grant_Type = OAuthConstants.GrantTypes.RefreshToken, }; try { var result = validator.Validate(app, request, _client); } catch (TokenRequestValidationException ex) { Assert.AreEqual(OAuthConstants.Errors.InvalidGrant, ex.OAuthError); return; } Assert.Fail("No exception thrown."); }
public void UnknownScope() { var validator = new TokenRequestValidator(_clientManager); var app = _testConfig.FindApplication("test"); var request = new TokenRequest { Grant_Type = "assertion", Assertion = "assertion", Scope = "unknown" }; try { var result = validator.Validate(app, request, _client); } catch (TokenRequestValidationException ex) { Assert.AreEqual(OAuthConstants.Errors.InvalidScope, ex.OAuthError); return; } Assert.Fail("No exception thrown."); }
public void MissingScope() { var validator = new TokenRequestValidator(_clientManager); var app = _testConfig.FindApplication("test"); var request = new TokenRequest { Grant_Type = OAuthConstants.GrantTypes.Password, UserName = "******", Password = "******", }; try { var result = validator.Validate(app, request, _client); } catch (TokenRequestValidationException ex) { Assert.AreEqual(OAuthConstants.Errors.InvalidScope, ex.OAuthError); return; } Assert.Fail("No exception thrown."); }
public void NonMatchingRedirectUri() { var validator = new TokenRequestValidator(_handleManager); var app = _testConfig.FindApplication("test"); var request = new TokenRequest { Grant_Type = OAuthConstants.GrantTypes.AuthorizationCode, Code = "abc", Redirect_Uri = "https://invalidredirect" }; try { var result = validator.Validate(app, request, _client); } catch (TokenRequestValidationException ex) { Assert.AreEqual(OAuthConstants.Errors.InvalidRequest, ex.OAuthError); return; } Assert.Fail("No exception thrown."); }
public void UnknownGrantType() { var validator = new TokenRequestValidator(); var app = _testConfig.FindApplication("test"); var request = new TokenRequest { Grant_Type = "unknown" }; try { var result = validator.Validate(app, request, null); } catch (TokenRequestValidationException ex) { Assert.AreEqual(OAuthConstants.Errors.UnsupportedGrantType, ex.OAuthError); return; } Assert.Fail("No exception thrown."); }
public void NoParameters() { var validator = new TokenRequestValidator(); var app = _testConfig.FindApplication("test"); try { var result = validator.Validate(app, null, null); } catch (TokenRequestValidationException ex) { Assert.AreEqual(OAuthConstants.Errors.InvalidRequest, ex.OAuthError); return; } Assert.Fail("No exception thrown."); }
public void UnauthorizedCodeGrant() { var validator = new TokenRequestValidator(new TestTokenHandleManager(null, null)); var app = _testConfig.FindApplication("test"); var request = new TokenRequest { Grant_Type = OAuthConstants.GrantTypes.AuthorizationCode, Code = "abc" }; var result = validator.Validate(app, request, _resourceOwnerClient); }
public void AnonymousCodeGrant() { var validator = new TokenRequestValidator(); var app = _testConfig.FindApplication("test"); var request = new TokenRequest { Grant_Type = OAuthConstants.GrantTypes.AuthorizationCode, Code = "abc", Redirect_Uri = "https://validredirect" }; try { var result = validator.Validate(app, request, Principal.Anonymous); } catch (TokenRequestValidationException ex) { Assert.AreEqual(OAuthConstants.Errors.InvalidClient, ex.OAuthError); return; } Assert.Fail("No exception thrown."); }
public void UnauthorizedScopeMultiple() { var validator = new TokenRequestValidator(); var app = _testConfig.FindApplication("test"); var request = new TokenRequest { Grant_Type = OAuthConstants.GrantTypes.Password, UserName = "******", Password = "******", Scope = "read delete" }; var result = validator.Validate(app, request, _resourceOwnerClient); }
public void UnauthorizedClientCredentialGrant() { var validator = new TokenRequestValidator(_handleManager, _clientManager); var app = _testConfig.FindApplication("test"); var request = new TokenRequest { Grant_Type = OAuthConstants.GrantTypes.ClientCredentials, }; try { var result = validator.Validate(app, request, _client); } catch (TokenRequestValidationException ex) { Assert.AreEqual(OAuthConstants.Errors.UnauthorizedClient, ex.OAuthError); return; } Assert.Fail("No exception thrown."); }
public void DisabledClient() { var validator = new TokenRequestValidator(); var app = _testConfig.FindApplication("test"); var request = new TokenRequest { Grant_Type = OAuthConstants.GrantTypes.ClientCredentials }; try { var client = Principal.Create("Test", new Claim("client_id", "disabledclient"), new Claim("secret", "secret")); var result = validator.Validate(app, request, client); } catch (TokenRequestValidationException ex) { Assert.AreEqual(OAuthConstants.Errors.InvalidClient, ex.OAuthError); return; } Assert.Fail("No exception thrown."); }
public void UnauthorizedScopeSingle() { var validator = new TokenRequestValidator(); var app = _testConfig.FindApplication("test"); var request = new TokenRequest { Grant_Type = OAuthConstants.GrantTypes.Password, UserName = "******", Password = "******", Scope = "delete" }; try { var result = validator.Validate(app, request, _client); } catch (TokenRequestValidationException ex) { Assert.AreEqual(OAuthConstants.Errors.InvalidScope, ex.OAuthError); return; } Assert.Fail("No exception thrown."); }
public void InvalidCodeToClientBinding() { var handleManager = new TestTokenHandleManager("abc", "someotherclient", "https://validredirect"); var validator = new TokenRequestValidator(handleManager, _clientManager); var app = _testConfig.FindApplication("test"); var request = new TokenRequest { Grant_Type = OAuthConstants.GrantTypes.AuthorizationCode, Code = "abc", Redirect_Uri = "https://validredirect" }; try { var result = validator.Validate(app, request, _client); } catch (TokenRequestValidationException ex) { Assert.AreEqual(OAuthConstants.Errors.InvalidGrant, ex.OAuthError); return; } Assert.Fail("No exception thrown."); }
public void AnonymousCodeGrant() { var validator = new TokenRequestValidator(); var app = _testConfig.FindApplication("test"); var request = new TokenRequest { Grant_Type = OAuthConstants.GrantTypes.AuthorizationCode, Code = "abc" }; var result = validator.Validate(app, request, Principal.Anonymous); }
public void UnauthorizedCodeGrant() { TestTokenHandleManager handleManager = new TestTokenHandleManager("abc", "codeclient", "https://validredirect"); var validator = new TokenRequestValidator(handleManager); var app = _testConfig.FindApplication("test"); var request = new TokenRequest { Grant_Type = OAuthConstants.GrantTypes.AuthorizationCode, }; try { var result = validator.Validate(app, request, _client); } catch (TokenRequestValidationException ex) { Assert.AreEqual(OAuthConstants.Errors.UnauthorizedClient, ex.OAuthError); return; } Assert.Fail("No exception thrown."); }
public void MissingResourceOwnerPassword() { var validator = new TokenRequestValidator(); var app = _testConfig.FindApplication("test"); var request = new TokenRequest { Grant_Type = OAuthConstants.GrantTypes.Password, UserName = "******", Scope = "read" }; try { var result = validator.Validate(app, request, _client); } catch (TokenRequestValidationException ex) { Assert.AreEqual(OAuthConstants.Errors.InvalidGrant, ex.OAuthError); return; } Assert.Fail("No exception thrown."); }
public void MissingAssertionValue() { var validator = new TokenRequestValidator(); var app = _testConfig.FindApplication("test"); var request = new TokenRequest { Grant_Type = "assertion", Scope = "read" }; try { var result = validator.Validate(app, request, _client); } catch (TokenRequestValidationException ex) { Assert.AreEqual(OAuthConstants.Errors.UnsupportedGrantType, ex.OAuthError); return; } Assert.Fail("No exception thrown."); }
public void UnknownGrantType() { var validator = new TokenRequestValidator(); var app = _testConfig.FindApplication("test"); var request = new TokenRequest { Grant_Type = "unknown" }; var result = validator.Validate(app, request, _resourceOwnerClient); }