public async Task Create_Returns400IfCredentialsAreMalformed()
{
// Arrange
var request = new TokenRequest
{
Credentials = "THIS IS NOT HOW THEY SHOULD BE DONE"
};
// Act
var response = await _controller.CreateTokenAsync(request) as BadRequestObjectResult;
// Assert
response.StatusCode.Should().Be(StatusCodes.Status400BadRequest);
response.Value.Should().Be("Invalid credentials");
}