public async Task ResourceOwnerPasswordCredentialGrant(bool anonymousClient) { var authHostMock = CreateAuthorizationServerMock(); if (anonymousClient) { authHostMock.Setup( m => m.IsAuthorizationValid( It.Is<IAuthorizationDescription>( d => d.ClientIdentifier == null && d.User == ResourceOwnerUsername && MessagingUtilities.AreEquivalent(d.Scope, TestScopes)))).Returns(true); } Handle(AuthorizationServerDescription.TokenEndpoint).By(async (req, ct) => { var server = new AuthorizationServer(authHostMock.Object); return await server.HandleTokenRequestAsync(req, ct); }); var client = new WebServerClient(AuthorizationServerDescription, ClientId, ClientSecret, this.HostFactories); if (anonymousClient) { client.ClientIdentifier = null; } var authState = await client.ExchangeUserCredentialForTokenAsync(ResourceOwnerUsername, ResourceOwnerPassword, TestScopes); Assert.That(authState.AccessToken, Is.Not.Null.And.Not.Empty); Assert.That(authState.RefreshToken, Is.Not.Null.And.Not.Empty); }
public async Task ErrorResponseTest() { Handle(AuthorizationServerDescription.TokenEndpoint).By( async (req, ct) => { var server = new AuthorizationServer(AuthorizationServerMock); return await server.HandleTokenRequestAsync(req, ct); }); var request = new AccessTokenAuthorizationCodeRequestC(AuthorizationServerDescription) { ClientIdentifier = ClientId, ClientSecret = ClientSecret, AuthorizationCode = "foo" }; var client = new UserAgentClient(AuthorizationServerDescription, hostFactories: this.HostFactories); var response = await client.Channel.RequestAsync<AccessTokenFailedResponse>(request, CancellationToken.None); Assert.That(response.Error, Is.Not.Null.And.Not.Empty); Assert.That(response.Error, Is.EqualTo(Protocol.AccessTokenRequestErrorCodes.InvalidRequest)); }
public async Task DecodeRefreshToken() { var refreshTokenSource = new TaskCompletionSource<string>(); Handle(AuthorizationServerDescription.AuthorizationEndpoint).By( async (req, ct) => { var server = new AuthorizationServer(AuthorizationServerMock); var request = await server.ReadAuthorizationRequestAsync(req, ct); Assert.That(request, Is.Not.Null); var response = server.PrepareApproveAuthorizationRequest(request, ResourceOwnerUsername); return await server.Channel.PrepareResponseAsync(response); }); Handle(AuthorizationServerDescription.TokenEndpoint).By( async (req, ct) => { var server = new AuthorizationServer(AuthorizationServerMock); var response = await server.HandleTokenRequestAsync(req, ct); var authorization = server.DecodeRefreshToken(refreshTokenSource.Task.Result); Assert.That(authorization, Is.Not.Null); Assert.That(authorization.User, Is.EqualTo(ResourceOwnerUsername)); return response; }); var client = new WebServerClient(AuthorizationServerDescription); try { var authState = new AuthorizationState(TestScopes) { Callback = ClientCallback, }; var authRedirectResponse = await client.PrepareRequestUserAuthorizationAsync(authState); this.HostFactories.CookieContainer.SetCookies(authRedirectResponse, ClientCallback); Uri authCompleteUri; using (var httpClient = this.HostFactories.CreateHttpClient()) { using (var response = await httpClient.GetAsync(authRedirectResponse.Headers.Location)) { response.EnsureSuccessStatusCode(); authCompleteUri = response.Headers.Location; } } var authCompleteRequest = new HttpRequestMessage(HttpMethod.Get, authCompleteUri); this.HostFactories.CookieContainer.ApplyCookies(authCompleteRequest); var result = await client.ProcessUserAuthorizationAsync(authCompleteRequest); Assert.That(result.AccessToken, Is.Not.Null.And.Not.Empty); Assert.That(result.RefreshToken, Is.Not.Null.And.Not.Empty); refreshTokenSource.SetResult(result.RefreshToken); } catch { refreshTokenSource.TrySetCanceled(); } }
public async Task AuthorizationCodeGrant() { Handle(AuthorizationServerDescription.AuthorizationEndpoint).By( async (req, ct) => { var server = new AuthorizationServer(AuthorizationServerMock); var request = await server.ReadAuthorizationRequestAsync(req, ct); Assert.That(request, Is.Not.Null); var response = server.PrepareApproveAuthorizationRequest(request, ResourceOwnerUsername); return await server.Channel.PrepareResponseAsync(response, ct); }); Handle(AuthorizationServerDescription.TokenEndpoint).By( async (req, ct) => { var server = new AuthorizationServer(AuthorizationServerMock); return await server.HandleTokenRequestAsync(req, ct); }); { var client = new UserAgentClient(AuthorizationServerDescription, ClientId, ClientSecret, this.HostFactories); var authState = new AuthorizationState(TestScopes) { Callback = ClientCallback, }; var request = client.PrepareRequestUserAuthorization(authState); Assert.AreEqual(EndUserAuthorizationResponseType.AuthorizationCode, request.ResponseType); var authRequestRedirect = await client.Channel.PrepareResponseAsync(request); Uri authRequestResponse; this.HostFactories.AllowAutoRedirects = false; using (var httpClient = this.HostFactories.CreateHttpClient()) { using (var httpResponse = await httpClient.GetAsync(authRequestRedirect.Headers.Location)) { authRequestResponse = httpResponse.Headers.Location; } } var incoming = await client.Channel.ReadFromRequestAsync( new HttpRequestMessage(HttpMethod.Get, authRequestResponse), CancellationToken.None); var result = await client.ProcessUserAuthorizationAsync(authState, incoming, CancellationToken.None); Assert.That(result.AccessToken, Is.Not.Null.And.Not.Empty); Assert.That(result.RefreshToken, Is.Not.Null.And.Not.Empty); } }
public async Task ResourceOwnerScopeOverride() { var clientRequestedScopes = new[] { "scope1", "scope2" }; var serverOverriddenScopes = new[] { "scope1", "differentScope" }; var authServerMock = CreateAuthorizationServerMock(); authServerMock .Setup(a => a.CheckAuthorizeResourceOwnerCredentialGrant(ResourceOwnerUsername, ResourceOwnerPassword, It.IsAny<IAccessTokenRequest>())) .Returns<string, string, IAccessTokenRequest>((un, pw, req) => { var response = new AutomatedUserAuthorizationCheckResponse(req, true, ResourceOwnerUsername); response.ApprovedScope.Clear(); response.ApprovedScope.UnionWith(serverOverriddenScopes); return response; }); Handle(AuthorizationServerDescription.TokenEndpoint).By( async (req, ct) => { var server = new AuthorizationServer(authServerMock.Object); return await server.HandleTokenRequestAsync(req, ct); }); var client = new WebServerClient(AuthorizationServerDescription, hostFactories: this.HostFactories); var result = await client.ExchangeUserCredentialForTokenAsync(ResourceOwnerUsername, ResourceOwnerPassword, clientRequestedScopes); Assert.That(result.Scope, Is.EquivalentTo(serverOverriddenScopes)); }
public async Task ClientCredentialScopeOverride() { var clientRequestedScopes = new[] { "scope1", "scope2" }; var serverOverriddenScopes = new[] { "scope1", "differentScope" }; var authServerMock = CreateAuthorizationServerMock(); authServerMock .Setup(a => a.CheckAuthorizeClientCredentialsGrant(It.IsAny<IAccessTokenRequest>())) .Returns<IAccessTokenRequest>(req => { var response = new AutomatedAuthorizationCheckResponse(req, true); response.ApprovedScope.Clear(); response.ApprovedScope.UnionWith(serverOverriddenScopes); return response; }); Handle(AuthorizationServerDescription.TokenEndpoint).By( async (req, ct) => { var server = new AuthorizationServer(authServerMock.Object); return await server.HandleTokenRequestAsync(req, ct); }); var client = new WebServerClient(AuthorizationServerDescription, ClientId, ClientSecret, this.HostFactories); var result = await client.GetClientAccessTokenAsync(clientRequestedScopes); Assert.That(result.AccessToken, Is.Not.Null.And.Not.Empty); Assert.That(result.Scope, Is.EquivalentTo(serverOverriddenScopes)); }
public async Task CreateAccessTokenSeesAuthorizingUserAuthorizationCodeGrant() { var authServerMock = CreateAuthorizationServerMock(); authServerMock .Setup(a => a.IsAuthorizationValid(It.IsAny<IAuthorizationDescription>())) .Returns<IAuthorizationDescription>(req => { Assert.That(req.User, Is.EqualTo(ResourceOwnerUsername)); return true; }); Handle(AuthorizationServerDescription.AuthorizationEndpoint).By( async (req, ct) => { var server = new AuthorizationServer(authServerMock.Object); var request = await server.ReadAuthorizationRequestAsync(req, ct); Assert.That(request, Is.Not.Null); var response = server.PrepareApproveAuthorizationRequest(request, ResourceOwnerUsername); return await server.Channel.PrepareResponseAsync(response); }); Handle(AuthorizationServerDescription.TokenEndpoint).By( async (req, ct) => { var server = new AuthorizationServer(authServerMock.Object); return await server.HandleTokenRequestAsync(req, ct); }); var client = new WebServerClient(AuthorizationServerDescription, ClientId, ClientSecret, this.HostFactories); var authState = new AuthorizationState(TestScopes) { Callback = ClientCallback, }; var authRedirectResponse = await client.PrepareRequestUserAuthorizationAsync(authState); this.HostFactories.CookieContainer.SetCookies(authRedirectResponse, ClientCallback); Uri authCompleteUri; this.HostFactories.AllowAutoRedirects = false; using (var httpClient = this.HostFactories.CreateHttpClient()) { using (var response = await httpClient.GetAsync(authRedirectResponse.Headers.Location)) { Assert.That(response.StatusCode, Is.EqualTo(HttpStatusCode.Redirect)); authCompleteUri = response.Headers.Location; } } var authCompleteRequest = new HttpRequestMessage(HttpMethod.Get, authCompleteUri); this.HostFactories.CookieContainer.ApplyCookies(authCompleteRequest); var result = await client.ProcessUserAuthorizationAsync(authCompleteRequest); Assert.That(result.AccessToken, Is.Not.Null.And.Not.Empty); Assert.That(result.RefreshToken, Is.Not.Null.And.Not.Empty); }
public async Task CreateAccessTokenSeesAuthorizingUserClientCredentialGrant() { var authServerMock = CreateAuthorizationServerMock(); authServerMock .Setup(a => a.CheckAuthorizeClientCredentialsGrant(It.IsAny<IAccessTokenRequest>())) .Returns<IAccessTokenRequest>(req => { Assert.That(req.UserName, Is.Null); return new AutomatedAuthorizationCheckResponse(req, true); }); Handle(AuthorizationServerDescription.TokenEndpoint).By( async (req, ct) => { var server = new AuthorizationServer(authServerMock.Object); return await server.HandleTokenRequestAsync(req, ct); }); var client = new WebServerClient(AuthorizationServerDescription, ClientId, ClientSecret, this.HostFactories); var result = await client.GetClientAccessTokenAsync(TestScopes); Assert.That(result.AccessToken, Is.Not.Null); }
public async Task CreateAccessTokenSeesAuthorizingUserResourceOwnerGrant() { var authServerMock = CreateAuthorizationServerMock(); authServerMock .Setup(a => a.CheckAuthorizeResourceOwnerCredentialGrant(ResourceOwnerUsername, ResourceOwnerPassword, It.IsAny<IAccessTokenRequest>())) .Returns<string, string, IAccessTokenRequest>((un, pw, req) => { var response = new AutomatedUserAuthorizationCheckResponse(req, true, ResourceOwnerUsername); Assert.That(req.UserName, Is.EqualTo(ResourceOwnerUsername)); return response; }); Handle(AuthorizationServerDescription.TokenEndpoint).By( async (req, ct) => { var server = new AuthorizationServer(authServerMock.Object); return await server.HandleTokenRequestAsync(req, ct); }); var client = new WebServerClient(AuthorizationServerDescription, hostFactories: this.HostFactories); var result = await client.ExchangeUserCredentialForTokenAsync(ResourceOwnerUsername, ResourceOwnerPassword, TestScopes); Assert.That(result.AccessToken, Is.Not.Null); }
public Task<HttpResponseMessage> Post(HttpRequestMessage request) { var authServer = new AuthorizationServer(new AuthorizationServerHost()); return authServer.HandleTokenRequestAsync(request); }
public async Task ClientCredentialGrant() { var authServer = CreateAuthorizationServerMock(); authServer.Setup( a => a.IsAuthorizationValid(It.Is<IAuthorizationDescription>(d => d.User == null && d.ClientIdentifier == ClientId && MessagingUtilities.AreEquivalent(d.Scope, TestScopes)))) .Returns(true); authServer.Setup( a => a.CheckAuthorizeClientCredentialsGrant(It.Is<IAccessTokenRequest>(d => d.ClientIdentifier == ClientId && MessagingUtilities.AreEquivalent(d.Scope, TestScopes)))) .Returns<IAccessTokenRequest>(req => new AutomatedAuthorizationCheckResponse(req, true)); Handle(AuthorizationServerDescription.TokenEndpoint).By( async (req, ct) => { var server = new AuthorizationServer(authServer.Object); return await server.HandleTokenRequestAsync(req, ct); }); var client = new WebServerClient(AuthorizationServerDescription, ClientId, ClientSecret, this.HostFactories); var authState = await client.GetClientAccessTokenAsync(TestScopes); Assert.That(authState.AccessToken, Is.Not.Null.And.Not.Empty); Assert.That(authState.RefreshToken, Is.Null); }
public async Task GetClientAccessTokenReturnsApprovedScope() { string[] approvedScopes = new[] { "Scope2", "Scope3" }; var authServer = CreateAuthorizationServerMock(); authServer.Setup( a => a.IsAuthorizationValid(It.Is<IAuthorizationDescription>(d => d.User == null && d.ClientIdentifier == ClientId && MessagingUtilities.AreEquivalent(d.Scope, TestScopes)))) .Returns(true); authServer.Setup( a => a.CheckAuthorizeClientCredentialsGrant(It.Is<IAccessTokenRequest>(d => d.ClientIdentifier == ClientId && MessagingUtilities.AreEquivalent(d.Scope, TestScopes)))) .Returns<IAccessTokenRequest>(req => { var response = new AutomatedAuthorizationCheckResponse(req, true); response.ApprovedScope.ResetContents(approvedScopes); return response; }); Handle(AuthorizationServerDescription.TokenEndpoint).By( async (req, ct) => { var server = new AuthorizationServer(authServer.Object); return await server.HandleTokenRequestAsync(req, ct); }); var client = new WebServerClient(AuthorizationServerDescription, ClientId, ClientSecret, this.HostFactories); var authState = await client.GetClientAccessTokenAsync(TestScopes); Assert.That(authState.Scope, Is.EquivalentTo(approvedScopes)); }
public async Task<ActionResult> Token() { var authServer = new AuthorizationServer(new AuthorizationServerHost()); var t = await authServer.HandleTokenRequestAsync(Request); return t.AsActionResult(); }