public async Task Authenticated_request_from_upstream_should_trigger_authenticated_request_to_proper_downstream_when_multiple_clients_registered() { var tokenEndpointA = TokenEndpointHandler.ValidBearerToken("downstream-token-a", TimeSpan.MaxValue); var downstreamApiA = new DownstreamApiHandler(); var tokenEndpointB = TokenEndpointHandler.ValidBearerToken("downstream-token-b", TimeSpan.MaxValue); var downstreamApiB = new DownstreamApiHandler(); var client = WebHostFactory.CreateClient( services => { services.AddHttpClient("api-a-authority").AddHttpMessageHandler(() => tokenEndpointA); services.AddHttpClient("api-b-authority").AddHttpMessageHandler(() => tokenEndpointB); }, false, new DownstreamApi("downstream-a", downstreamApiA, b => b.AddOidcTokenDelegation(o => { _options(o); o.Scope = "downstream-api-a"; o.AuthorityHttpClientName = "api-a-authority"; })), new DownstreamApi("downstream-b", downstreamApiB, b => b.AddOidcTokenDelegation(o => { _options(o); o.Scope = "downstream-api-b"; o.AuthorityHttpClientName = "api-b-authority"; }))); client.SetBearerToken("upstream-token"); await client.GetAsync("https://downstream-b"); Check.That(downstreamApiA.LastRequestToken).IsNull(); Check.That(downstreamApiB.LastRequestToken).IsEqualTo("downstream-token-b"); }
public async Task Successful_token_request_should_trigger_authenticated_request_to_proper_api_when_multiple_clients_registered() { var tokenEndpointA = TokenEndpointHandler.ValidBearerToken("api-token-a", TimeSpan.MaxValue); var apiA = new DownstreamApiHandler(); var tokenEndpointB = TokenEndpointHandler.ValidBearerToken("api-token-b", TimeSpan.MaxValue); var apiB = new DownstreamApiHandler(); var client = HostFactory.CreateClient( "api-b", services => { services.AddHttpClient("api-a-authority").AddHttpMessageHandler(() => tokenEndpointA); services.AddHttpClient("api-b-authority").AddHttpMessageHandler(() => tokenEndpointB); }, false, new DownstreamApi("api-a", apiA, b => b.AddOidcRefreshToken(o => { _options(o); o.AuthorityHttpClientName = "api-a-authority"; })), new DownstreamApi("api-b", apiB, b => b.AddOidcRefreshToken(o => { _options(o); o.AuthorityHttpClientName = "api-b-authority"; }))); await client.GetAsync("https://api-b"); Check.That(apiA.LastRequestToken).IsNull(); Check.That(apiB.LastRequestToken).IsEqualTo("api-token-b"); }
public void No_Authority_but_TokenEndpoint_should_not_throw() { Task Act() => HostFactory .CreateClient( b => b.AddOidcRefreshToken(o => { o.TokenEndpoint = "https://authority/connect/token"; o.ClientId = "test-client"; o.ClientSecret = "test-client secret key"; o.RefreshTokenRetriever = (_) => "some-refresh-token"; }), TokenEndpointHandler.ValidBearerToken("some-token", TimeSpan.MaxValue)) .GetAsync("https://default"); Check.ThatAsyncCode(Act).Not.ThrowsAny(); }
public async Task Successful_token_request_should_trigger_TokenAcquired_event() { var eventsMock = new TokenEventsMock(); var client = HostFactory.CreateClient( b => b.AddOidcRefreshToken(o => { _options(o); o.Events = eventsMock.CreateEvents(); }), TokenEndpointHandler.ValidBearerToken("access-token", TimeSpan.MaxValue)); await client.GetAsync("https://default"); Check.That(eventsMock.LatestTokenAcquired).IsNotNull(); Check.That(eventsMock.LatestTokenAcquired.AccessToken).IsEqualTo("access-token"); }
public async Task Successful_token_request_should_trigger_authenticated_request_to_api() { var tokenEndpoint = TokenEndpointHandler.ValidBearerToken("access-token", TimeSpan.MaxValue); var api = new DownstreamApiHandler(); var client = HostFactory.CreateClient( b => b.AddOidcRefreshToken(_options), tokenEndpoint, api: api); await client.GetAsync("https://default"); Check.That(tokenEndpoint.LastRequestClientId).IsEqualTo(ClientId); Check.That(tokenEndpoint.LastRequestClientSecret).IsEqualTo(ClientSecret); Check.That(tokenEndpoint.LastRequestRefreshToken).IsEqualTo(RefreshToken); Check.That(api.LastRequestToken).IsEqualTo("access-token"); }
public async Task Authenticated_request_from_upstream_should_trigger_authenticated_request_to_downstream() { var tokenEndpoint = TokenEndpointHandler.ValidBearerToken("downstream-token", TimeSpan.MaxValue); var downstreamApi = new DownstreamApiHandler(); var client = WebHostFactory.CreateClient( b => b.AddOidcTokenDelegation(_options), tokenEndpoint, downstreamApi: downstreamApi); client.SetBearerToken("upstream-token"); await client.GetAsync("https://default"); Check.That(tokenEndpoint.LastRequestToken).IsEqualTo("upstream-token"); Check.That(downstreamApi.LastRequestToken).IsEqualTo("downstream-token"); }
public void No_Authority_but_TokenEndpoint_should_not_throw() { Task Act() => HostFactory .CreateClient( b => b.AddOidcPassword(o => { o.TokenEndpoint = "https://authority/connect/token"; o.ClientId = "test-client"; o.ClientSecret = "test-client secret key"; o.Scope = "downstream-api"; o.UserCredentialsRetriever = (_) => ("some-username", "some-password"); }), TokenEndpointHandler.ValidBearerToken("some-token", TimeSpan.MaxValue)) .GetAsync("https://default"); Check.ThatAsyncCode(Act).Not.ThrowsAny(); }
public void EnabledCaching_with_caching_service_should_not_throw() { Task Act() => HostFactory .CreateClient( b => b.AddOidcClientCredentials(o => { o.TokenEndpoint = "https://authority/connect/token"; o.ClientId = "test-client"; o.ClientSecret = "test-client secret key"; o.Scope = "downstream-api"; }), TokenEndpointHandler.ValidBearerToken("some-token", TimeSpan.MaxValue), addCaching: true) .GetAsync("https://default"); Check.ThatAsyncCode(Act).Not.ThrowsAny(); }