public static Tuple <ServerWithAuthorizationCode, ResourceOwner> GetCredentialsFromAuthorizationRedirect(this IWebOperationContext context) { var code = context.IncomingRequest.UriTemplateMatch.QueryParameters.Get("code"); var state = context.IncomingRequest.UriTemplateMatch.QueryParameters.Get("state"); if (string.IsNullOrEmpty(code)) { throw new InvalidAuthorizationRequestException("the query parameters 'code' is not set."); } if (string.IsNullOrEmpty(state)) { throw new InvalidAuthorizationRequestException("the query parameters 'state' is not set."); } if (!state.Contains("_")) { throw new InvalidAuthorizationRequestException("the query parameters 'state' must be of type '<GUID of Server>_<GUID of ResourceOwner>'"); } var states = state.Split('_'); var server = ServersWithAuthorizationCode.GetServerWithAuthorizationCode(new Guid(states[0])); var resourceOwner = ResourceOwners.GetResourceOwner(new Guid(states[1])); var token = Tokens.GetToken(server, resourceOwner); token.AuthorizationCode = code; return(new Tuple <ServerWithAuthorizationCode, ResourceOwner>(server, resourceOwner)); }
public void DisposeAndLoad() { Tokens.CleanUpForTests(); var server1 = ServersWithAuthorizationCode.Add("testclient", "testsecret", new Uri("http://example.com/uri1"), new Uri("http://example.org/access"), new Uri("http://example.com/uri2")); var resourceOwner1 = ResourceOwners.Add("testuser"); Token token = Tokens.GetToken(server1, resourceOwner1); token.Expires = DateTime.Now; token.AccessToken = "token1"; token.AuthorizationCode = "token2"; token.RefreshToken = "token3"; Tokens.SaveToIsoStore(); Tokens.LoadFromIsoStore(); var tokenAfter = Tokens.GetToken(server1, resourceOwner1); tokenAfter.Should().NotBeNull(); tokenAfter.Expires.ToString().Should().Be(token.Expires.ToString()); tokenAfter.AccessToken.Should().Be(token.AccessToken); tokenAfter.AuthorizationCode.Should().Be(token.AuthorizationCode); tokenAfter.RefreshToken.Should().Be(token.RefreshToken); }
public void GetCredentialsFromAuthorizationRedirectTest() { var resourceOwner = ResourceOwners.Add("testusercredetials1"); var authorizationRequestUri = new Uri("http://example.com/TokenTest/AuthRequest"); var accessTokenRequestUri = new Uri("http://example.com/TokenTest/AuthAccess"); var redirectUri = new Uri("http://example.com/TokenTest/Redirect"); var server = ServersWithAuthorizationCode.Add("testclienid", "testsecret", authorizationRequestUri, accessTokenRequestUri, redirectUri); Mock <IWebOperationContext> mockContext = new Mock <IWebOperationContext> { DefaultValue = DefaultValue.Mock }; var context = mockContext.Object; context.IncomingRequest.UriTemplateMatch.RequestUri = new Uri("http://example.org/TokenTest/Redirect"); context.IncomingRequest.UriTemplateMatch.QueryParameters.Add("code", "Splx10BeZQQYbYS6WxSbIA"); context.IncomingRequest.UriTemplateMatch.QueryParameters.Add("state", server.Guid.ToString() + "_" + resourceOwner.Guid.ToString()); var tuple = context.GetCredentialsFromAuthorizationRedirect(); tuple.Item1.AuthorizationRequestUri.ToString().Should().Be(server.AuthorizationRequestUri.ToString()); tuple.Item1.RedirectionUri.ToString().Should().Be(server.RedirectionUri.ToString()); tuple.Item1.ClientId.Should().Be(server.ClientId); tuple.Item2.Name.Should().Be(resourceOwner.Name); tuple.Item2.Guid.Should().Be(resourceOwner.Guid); var token = Tokens.GetToken(tuple.Item1, tuple.Item2); token.AuthorizationCode.Should().Be("Splx10BeZQQYbYS6WxSbIA"); }
public void RedirectToAuthorizationTest() { var resourceOwner = ResourceOwners.Add("testauthredirect1"); var authorizationRequestUri = new Uri("http://example.com/TokenTest/AuthRequest"); var accessTokenRequestUri = new Uri("http://example.com/TokenTest/accessTokenRequestUri"); var redirectUri = new Uri("http://example.com/TokenTest/Redirect"); var server = ServersWithAuthorizationCode.Add("testauthredirectserver", "testsecret", authorizationRequestUri, accessTokenRequestUri, redirectUri, new List <string>() { "scope1", "scope2" }); var mock = new Mock <IWebOperationContext>() { }; var context = mock.Object; mock.SetupAllProperties(); context.RedirectToAuthorization(server, resourceOwner); context.OutgoingResponse.StatusCode.Should().Be(HttpStatusCode.Redirect); var expectedRedirectionUri = "http://example.com/TokenTest/AuthRequest?response_type=code&client_id=" + server.ClientId + "&state=" + server.Guid + "_" + resourceOwner.Guid + "&scope=scope1+scope2" + "&redirect_uri=http%3a%2f%2fexample.com%2fTokenTest%2fRedirect"; context.OutgoingResponse.Location.Should().Be(expectedRedirectionUri); var token = Tokens.GetToken(server, resourceOwner); token.RedirectUri.ToString().Should().Be(redirectUri.ToString()); }
public void GetAuthorizationCodeViaUserAgentAndRequestProtectedResource() { //TODO: webrequest mocken // diesen dann mit "Pseudo"-Auth-Code ausstatten, die SetToken(server, incommingRequest) => resoruceOwner // und die WebRequest.Authorize(server, resourceOwner) anschubsen // dabei müssen die UserCredentials richtig gesetzt sein var resourceOwnertmp = ResourceOwners.GetResourceOwner(_resourceOwnerName); var servertmp = ServersWithAuthorizationCode.GetServerWithAuthorizationCode(_clientId, _authorizationRequestUri, _accessTokenRequestUri, _redirectionUri); var mockContext = new Mock <IWebOperationContext> { DefaultValue = DefaultValue.Mock }; mockContext.SetupAllProperties(); var context = mockContext.Object; context.IncomingRequest.UriTemplateMatch.RequestUri = _redirectionUri; context.IncomingRequest.UriTemplateMatch.QueryParameters.Add("code", "Splx10BeZQQYbYS6WxSbIA"); context.IncomingRequest.UriTemplateMatch.QueryParameters.Add("state", servertmp.Guid.ToString() + "_" + resourceOwnertmp.Guid.ToString()); var tuple = context.GetCredentialsFromAuthorizationRedirect(); var server = tuple.Item1; var resourceOwner = tuple.Item2; server.Should().Be(servertmp); resourceOwner.Should().Be(resourceOwner); var webRequest = resourceOwner.GetSignedRequestFor(server, "http://example.com/ProtectedResource");; //Test ob WebRequest richtig unterschrieben wurde Assert.Fail("Test is not completed yet"); }
public void TokenFromXElement() { var element = new XElement("Token"); var server = ServersWithAuthorizationCode.Add("testclient1", "testsecret", new Uri("http://example.com/uri1"), new Uri("http://example.org/access"), new Uri("http://example.com/uri2")); var resourceOwner = ResourceOwners.Add("testuser1"); element.Add(new XElement("Server", server.Guid.ToString())); element.Add(new XElement("ResourceOwner", resourceOwner.Name)); element.Add(new XElement("AuthorizationCode", "foobar4")); element.Add(new XElement("AccessToken", "foobar1")); element.Add(new XElement("RefreshToken", "foobar2")); element.Add(new XElement("Expires", DateTime.Today.ToString())); element.Add(new XElement("RedirectUri", "http://example.org/redirect")); var token = Token.FromXElement(element); token.Server.Should().NotBeNull(); token.ResourceOwner.Should().Be(resourceOwner); token.AuthorizationCode.Should().Be("foobar4"); token.AccessToken.Should().Be("foobar1"); token.RefreshToken.Should().Be("foobar2"); token.RedirectUri.Should().Be("http://example.org/redirect"); }
public void CreateResourceOwner() { ResourceOwners.CleanUpForTests(); var resourceOwner = ResourceOwners.Add("user1"); Assert.IsNotNull(resourceOwner); Assert.AreEqual("user1", resourceOwner.Name); }
public void ConfigureServices(IServiceCollection services) { var isSqlServer = bool.Parse(Configuration["isSqlServer"]); var isSqlLite = bool.Parse(Configuration["isSqlLite"]); // Add the dependencies needed to enable CORS services.AddCors(options => options.AddPolicy("AllowAll", p => p.AllowAnyOrigin() .AllowAnyMethod() .AllowAnyHeader())); var connectionString = Configuration["Data:DefaultConnection:ConnectionString"]; // Configure the rate limitation services.Configure <RateLimitationOptions>(opt => { opt.IsEnabled = true; opt.RateLimitationElements = new List <RateLimitationElement> { new RateLimitationElement { Name = "PostToken", NumberOfRequests = 20, SlidingTime = 2000 } }; opt.MemoryCache = new MemoryCache(new MemoryCacheOptions()); }); var dataSourceType = DataSourceTypes.InMemory; if (isSqlServer) { dataSourceType = DataSourceTypes.SqlServer; } else if (isSqlLite) { dataSourceType = DataSourceTypes.SqlLite; } // Configure Simple identity server services.AddSimpleIdentityServer(new DataSourceOptions { DataSourceType = dataSourceType, ConnectionString = connectionString, Clients = Clients.Get(), JsonWebKeys = JsonWebKeys.Get(), ResourceOwners = ResourceOwners.Get(), Scopes = Scopes.Get(), Translations = Translations.Get() }, _swaggerOptions); services.AddLogging(); }
public void GetResourceOwner() { ResourceOwners.CleanUpForTests(); ResourceOwners.Add("user1"); ResourceOwners.Add("user2"); var resourceOwner = ResourceOwners.GetResourceOwner("user1"); resourceOwner.Name.Should().Be("user1"); ResourceOwners.GetResourceOwner(resourceOwner.Guid).Should().NotBeNull(); var resourceOwnerNull = ResourceOwners.GetResourceOwner("foo"); resourceOwnerNull.Should().BeNull(); ResourceOwners.GetResourceOwner(Guid.NewGuid()).Should().BeNull(); }
public void SetUp() { Tokens.CleanUpForTests(); ResourceOwners.CleanUpForTests(); ServersWithAuthorizationCode.CleanUpForTests(); var authorizationRequestUri = new Uri("http://example.org/GetAccessAndRefreshTokenTest/Authorization"); var accessTokenUri = new Uri("http://example.org/GetAccessAndRefreshTokenTest/Access"); var redirectionUri = new Uri("http://example.org/GetAccessAndRefreshTokenTest/redirectionUri"); _server = ServersWithAuthorizationCode.Add("123456789", "testsecret", authorizationRequestUri, accessTokenUri, redirectionUri); _resourceOwner = ResourceOwners.Add("Test"); _token = Tokens.GetToken(_server, _resourceOwner); _token.RedirectUri = _server.RedirectionUri; _token.AuthorizationCode = "Aplx10BeZQQYbYS6WxSbIA"; }
public void AuthorizesMeToAccessTo() { var resourceOwner1 = ResourceOwners.Add("testusertoken1"); var resourceOwner2 = ResourceOwners.Add("testusertoken2"); var authorizationRequestUri = new Uri("http://example.com/TokenTest/AuthRequest"); var accessTokenRequestUri = new Uri("http://example.com/TokenTest/AccessRequest"); var redirectUri = new Uri("http://example.com/TokenTest/Redirect"); var server = ServersWithAuthorizationCode.Add("testclienid", "testsecret", authorizationRequestUri, accessTokenRequestUri, redirectUri); var token = new Token(server, resourceOwner1); token.AuthorizationCode = "foobar"; Tokens.AddToken(token); resourceOwner1.AuthorizesMeToAccessTo(server).Should().BeTrue(); resourceOwner2.AuthorizesMeToAccessTo(server).Should().BeFalse(); }
public void DisposeAndLoad() { ResourceOwners.CleanUpForTests(); ResourceOwners.Add("user1"); ResourceOwners.Add("user2"); ResourceOwners.SaveToIsoStore(); ResourceOwners.LoadFromIsoStore(); var resourceOwner = ResourceOwners.GetResourceOwner("user1"); Assert.IsNotNull(resourceOwner); Assert.AreEqual("user1", resourceOwner.Name); var resourceOwnerNull = ResourceOwners.GetResourceOwner("foo"); Assert.IsNull(resourceOwnerNull); }
public void SetUp() { _resourceOwnerName = "stoeren"; if (!ResourceOwners.ResourceOwnerExists(_resourceOwnerName)) { ResourceOwners.Add(_resourceOwnerName); } _clientId = "268852326492238"; _clientSharedSecret = "124564561125648"; _authorizationRequestUri = new Uri("http://example.com/AuthorizationRequest"); _accessTokenRequestUri = new Uri("http://example.com/access"); _redirectionUri = new Uri("http://example.com/RedirectionUri"); if (!ServersWithAuthorizationCode.ServerWithAuthorizationCodeExists(_clientId, _authorizationRequestUri, _accessTokenRequestUri, _redirectionUri)) { ServersWithAuthorizationCode.Add(_clientId, _clientSharedSecret, _authorizationRequestUri, _accessTokenRequestUri, _redirectionUri); } }
public void CreateServerAndUsersAndGetCorrectRedirectToAuthorizationRequest() { // Spec v2-22 4.1.1 var resourceOwner = ResourceOwners.GetResourceOwner(_resourceOwnerName); var server = ServersWithAuthorizationCode.GetServerWithAuthorizationCode(_clientId, _authorizationRequestUri, _accessTokenRequestUri, _redirectionUri); var mockContext = new Mock <IWebOperationContext> { DefaultValue = DefaultValue.Mock }; mockContext.SetupAllProperties(); resourceOwner.AuthorizesMeToAccessTo(server).Should().BeFalse(); var context = mockContext.Object; context.RedirectToAuthorization(server, resourceOwner); context.OutgoingResponse.StatusCode.Should().Be(HttpStatusCode.Redirect); context.OutgoingResponse.Location.Should().NotBeNullOrEmpty(); }
public void GetSignedRequestTest() { var resourceOwner = ResourceOwners.Add("testusersignedRequest"); var server = ServersWithAuthorizationCode.Add("clientid", "secret", new Uri("http://example.org/auth"), new Uri("http://example.org/access"), new Uri("http://example.org/redirect")); var token = new Token(server, resourceOwner); Tokens.AddToken(token); token.AuthorizationCode = "authcode"; token.AccessToken = "access123"; token.Expires = DateTime.Now.AddHours(1); var location1 = "http://example.org/protectedresource1"; var location2 = "http://example.org/protectedresource2?foo=bar"; var webRequest1 = resourceOwner.GetSignedRequestFor(server, location1); var webRequest2 = resourceOwner.GetSignedRequestFor(server, location2); webRequest1.RequestUri.Should().Be(location1 + "?access_token=access123"); webRequest2.RequestUri.Should().Be(location2 + "&access_token=access123"); }
private void CmdResourceOwnerCreateClick(object sender, EventArgs e) { _resourceOwner = ResourceOwners.Add(txtResourceOwnerName.Text); lblResourceOwnerGUID.Text = _resourceOwner.Guid.ToString(); }
public void SetUp() { ResourceOwners.CleanUpForTests(); ServersWithAuthorizationCode.CleanUpForTests(); Tokens.CleanUpForTests(); }