/// <summary> /// Initializes a new instance of the <see cref="UserInfoEndpointController"/> class. /// </summary> /// <param name="options">The options.</param> /// <param name="tokenValidator">The token validator.</param> /// <param name="generator">The generator.</param> /// <param name="tokenUsageValidator">The token usage validator.</param> public UserInfoEndpointController(IdentityServerOptions options, TokenValidator tokenValidator, UserInfoResponseGenerator generator, BearerTokenUsageValidator tokenUsageValidator) { _tokenValidator = tokenValidator; _generator = generator; _options = options; _tokenUsageValidator = tokenUsageValidator; }
public async Task No_Header_no_Body_Get() { var request = new HttpRequestMessage(); request.Method = HttpMethod.Get; var validator = new BearerTokenUsageValidator(); var result = await validator.ValidateAsync(request); result.TokenFound.Should().BeFalse(); }
public async Task Whitespaces_Bearer_Scheme_Header() { var request = new HttpRequestMessage(); request.Method = HttpMethod.Get; request.Headers.Add("Authorization", "Bearer "); var validator = new BearerTokenUsageValidator(); var result = await validator.ValidateAsync(request); result.TokenFound.Should().BeFalse(); }
public async Task No_Header_no_Body_Post() { var request = new HttpRequestMessage(); request.Method = HttpMethod.Post; request.Content = new FormUrlEncodedContent(new Dictionary<string, string>()); var validator = new BearerTokenUsageValidator(); var result = await validator.ValidateAsync(request); result.TokenFound.Should().BeFalse(); }
public async Task Valid_Bearer_Scheme_Header() { var request = new HttpRequestMessage(); request.Method = HttpMethod.Get; request.Headers.Add("Authorization", "Bearer token"); var validator = new BearerTokenUsageValidator(); var result = await validator.ValidateAsync(request); result.TokenFound.Should().BeTrue(); result.Token.Should().Be("token"); result.UsageType.Should().Be(BearerTokenUsageType.AuthorizationHeader); }
public async Task Body_Post_Whitespace_Token() { var request = new HttpRequestMessage(); request.Method = HttpMethod.Post; request.Content = new FormUrlEncodedContent(new Dictionary<string, string> { { "access_token", " " } }); var validator = new BearerTokenUsageValidator(); var result = await validator.ValidateAsync(request); result.TokenFound.Should().BeFalse(); }
public async Task Valid_Body_Post() { var request = new HttpRequestMessage(); request.Method = HttpMethod.Post; request.Content = new FormUrlEncodedContent(new Dictionary<string, string> { { "access_token", "token" } }); var validator = new BearerTokenUsageValidator(); var result = await validator.ValidateAsync(request); result.TokenFound.Should().BeTrue(); result.Token.Should().Be("token"); result.UsageType.Should().Be(BearerTokenUsageType.PostBody); }