public void IssueAccessTokenForClientCredentials()
{
ClientBase cl = new ClientBase { ClientId = "123", ClientSecret = "secret" };
AccessTokenBase token = new AccessTokenBase{ ExpiresIn = 120, Token = Guid.NewGuid().ToString()};
TokenContext context = new TokenContext
{
Client = new ClientBase { ClientId = "123", ClientSecret = "secret" },
GrantType = Parameters.GrantTypeValues.ClientCredentials
};
Mock<IClientService> mckClientService = new Mock<IClientService>();
mckClientService.Setup(x=>x.AuthenticateClient(context)).Returns(true);
mckClientService.Setup(x => x.FindClient("123")).Returns(cl);
Mock<ITokenService> mckTokenService = new Mock<ITokenService>();
mckTokenService.Setup(x=>x.IssueAccessToken(cl)).Returns(token);
Mock<IServiceFactory> mckServiceFactory = new Mock<IServiceFactory>();
mckServiceFactory.SetupGet(x=>x.ClientService).Returns(mckClientService.Object);
mckServiceFactory.SetupGet(x=>x.TokenService).Returns(mckTokenService.Object);
ClientCredentialsProcessor processor = new ClientCredentialsProcessor(mckServiceFactory.Object);
processor.Process(context);
mckClientService.VerifyAll();
mckServiceFactory.VerifyAll();
mckTokenService.VerifyAll();
Assert.AreEqual(token, context.Token);
}
public void TestProcessTokenRequest()
{
AccessTokenBase token = new AccessTokenBase
{
Scope = new string[] { "create", "delete" },
ExpiresIn = 120,
RefreshToken = "refresh",
Token = "token",
TokenType = "bearer"
};
ClientBase client = new ClientBase
{
ClientId = "123",
ClientSecret = "secret"
};
IAuthorizationGrant grant = new AuthorizationGrantBase
{
Code = "123"
};
AuthorizationContext context = new AuthorizationContext
{
Client = new ClientBase { ClientId = "123" },
IsApproved = true,
RedirectUri = new Uri("http://www.mysite.com/callback"),
Scope = new string[] { "create", "delete" },
ResourceOwnerUsername = "******"
};
Mock<IClientService> mckClientService = new Mock<IClientService>();
mckClientService.Setup(x => x.FindClient("123")).Returns(client);
Mock<IAuthorizationGrantService> mckGrantService = new Mock<IAuthorizationGrantService>();
mckGrantService.Setup(x => x.IssueAuthorizationGrant(context)).Returns(grant);
Mock<ITokenService> mckTokenService = new Mock<ITokenService>();
mckTokenService.Setup(x => x.IssueAccessToken(grant)).Returns(token);
Mock<IServiceFactory> mckFactory = new Mock<IServiceFactory>();
mckFactory.SetupGet(x => x.TokenService).Returns(mckTokenService.Object);
mckFactory.SetupGet(x => x.ClientService).Returns(mckClientService.Object);
mckFactory.SetupGet(x => x.AuthorizationGrantService).Returns(mckGrantService.Object);
ImplicitFlowProcessor processor = new ImplicitFlowProcessor(mckFactory.Object);
processor.Process(context);
Assert.AreEqual(token, context.Token);
mckClientService.VerifyAll();
mckFactory.VerifyAll();
mckTokenService.VerifyAll();
}
public IToken IssueAccessToken(ClientBase client)
{
AccessToken token = new AccessToken
{
ExpiresIn = 120,
Token = Guid.NewGuid().ToString(),
Scope = new string[] { "create-member" },
Client = (Client)client
};
TokenRepo.AddAccessToken(token);
return token;
}
public void TestExchangingRefreshTokenForWrongClient()
{
ClientBase client = new ClientBase { ClientId = "id", ClientSecret = "secret" };
TokenContext context = new TokenContext
{
RefreshToken = "refresh_token",
Client = new ClientBase { ClientId = "id" },
ResourceOwnerUsername = "******"
};
RefreshTokenBase refreshToken = new RefreshTokenBase
{
ClientId = "123",
Scope = new string[] { "create", "delete" },
Token = "refresh_token"
};
Mock<IClientService> mckClientService = new Mock<IClientService>();
mckClientService.Setup(x => x.AuthenticateClient(context)).Returns(true);
mckClientService.Setup(x => x.FindClient("id")).Returns(client);
Mock<ITokenService> mckTokenService = new Mock<ITokenService>();
mckTokenService.Setup(x => x.FindRefreshToken("refresh_token")).Returns(refreshToken);
Mock<IServiceFactory> mckFactory = new Mock<IServiceFactory>();
mckFactory.SetupGet(x => x.ClientService).Returns(mckClientService.Object);
mckFactory.SetupGet(x => x.TokenService).Returns(mckTokenService.Object);
RefreshTokenProcessor processor = new RefreshTokenProcessor(mckFactory.Object);
try
{
processor.Process(context);
Assert.Fail("no exception trhown");
}
catch (OAuthErrorResponseException<IOAuthContext> x)
{
Assert.AreEqual(Parameters.ErrorParameters.ErrorValues.InvalidClient, x.Error);
}
catch (Exception x)
{
Assert.Fail("unexpected exception: " + x.Message);
}
mckFactory.VerifyAll();
mckClientService.VerifyAll();
mckTokenService.VerifyAll();
}
public void TestExchangingRefreshTokenForAccessToken()
{
ClientBase client = new ClientBase{ ClientId = "id", ClientSecret = "secret" };
AccessTokenBase token = new AccessTokenBase{
ExpiresIn = 120,
RefreshToken = "refresh_token",
Token = "new-token",
TokenType = Parameters.AccessTokenTypeValues.Bearer
};
TokenContext context = new TokenContext
{
RefreshToken = "refresh_token",
Client = client,
ResourceOwnerUsername = "******"
};
RefreshTokenBase refreshToken = new RefreshTokenBase
{
ClientId = "id",
Scope = new string[] { "create", "delete" },
Token = "refresh_token"
};
Mock<IClientService> mckClientService = new Mock<IClientService>();
mckClientService.Setup(x => x.AuthenticateClient(context)).Returns(true);
mckClientService.Setup(x => x.FindClient("id")).Returns(client);
Mock<ITokenService> mckTokenService = new Mock<ITokenService>();
mckTokenService.Setup(x => x.FindRefreshToken("refresh_token")).Returns(refreshToken);
mckTokenService.Setup(x => x.IssueAccessToken(refreshToken)).Returns(token);
Mock<IServiceFactory> mckFactory = new Mock<IServiceFactory>();
mckFactory.SetupGet(x => x.ClientService).Returns(mckClientService.Object);
mckFactory.SetupGet(x => x.TokenService).Returns(mckTokenService.Object);
RefreshTokenProcessor processor = new RefreshTokenProcessor(mckFactory.Object);
processor.Process(context);
Assert.AreEqual(token, context.Token);
mckFactory.VerifyAll();
mckClientService.VerifyAll();
mckTokenService.VerifyAll();
}
public void IssueAccessTokenForInvalidClientCredentials()
{
ClientBase cl = new ClientBase { ClientId = "123", ClientSecret = "secret" };
AccessTokenBase token = new AccessTokenBase { ExpiresIn = 120, Token = Guid.NewGuid().ToString() };
TokenContext context = new TokenContext
{
Client = cl,
GrantType = Parameters.GrantTypeValues.ClientCredentials
};
Mock<IClientService> mckClientService = new Mock<IClientService>();
mckClientService.Setup(x => x.AuthenticateClient(context)).Returns(false);
Mock<IServiceFactory> mckServiceFactory = new Mock<IServiceFactory>();
mckServiceFactory.SetupGet(x => x.ClientService).Returns(mckClientService.Object);
ClientCredentialsProcessor processor = new ClientCredentialsProcessor(mckServiceFactory.Object);
try
{
processor.Process(context);
Assert.Fail("no exception thrown");
}
catch (OAuthErrorResponseException<ITokenContext> x)
{
Assert.AreEqual(Parameters.ErrorParameters.ErrorValues.UnauthorizedClient, x.Error);
Assert.AreEqual(401, x.HttpStatusCode);
}
catch (Exception x)
{
Assert.Fail("unexpected exception was thrown: " + x.Message);
}
mckClientService.VerifyAll();
mckServiceFactory.VerifyAll();
}
public void TestInvalidClientExchangingRefreshToken()
{
ClientBase client = new ClientBase { ClientId = "id", ClientSecret = "secret" };
TokenContext context = new TokenContext
{
RefreshToken = "refresh_token",
Client = client
};
Mock<IClientService> mckClientService = new Mock<IClientService>();
mckClientService.Setup(x => x.AuthenticateClient(context)).Returns(false);
Mock<IServiceFactory> mckFactory = new Mock<IServiceFactory>();
mckFactory.SetupGet(x => x.ClientService).Returns(mckClientService.Object);
RefreshTokenProcessor processor = new RefreshTokenProcessor(mckFactory.Object);
AssertExceptionResponse(context, processor, Parameters.ErrorParameters.ErrorValues.UnauthorizedClient, 401);
mckFactory.VerifyAll();
mckClientService.VerifyAll();
}
public void TestInvalidRefreshTokenForClient()
{
ClientBase client = new ClientBase { ClientId = "id", ClientSecret = "secret" };
TokenContext context = new TokenContext
{
RefreshToken = "refresh_token",
Client = client
};
Mock<IClientService> mckClientService = new Mock<IClientService>();
mckClientService.Setup(x => x.AuthenticateClient(context)).Returns(true);
mckClientService.Setup(x => x.FindClient("id")).Returns(client);
Mock<ITokenService> mckTokenService = new Mock<ITokenService>();
mckTokenService.Setup(x => x.FindRefreshToken("refresh_token")).Returns((RefreshTokenBase)null);
Mock<IServiceFactory> mckFactory = new Mock<IServiceFactory>();
mckFactory.SetupGet(x => x.ClientService).Returns(mckClientService.Object);
mckFactory.SetupGet(x => x.TokenService).Returns(mckTokenService.Object);
RefreshTokenProcessor processor = new RefreshTokenProcessor(mckFactory.Object);
AssertExceptionResponse(context, processor, Parameters.ErrorParameters.ErrorValues.InvalidRequest, 400);
mckFactory.VerifyAll();
mckClientService.VerifyAll();
mckTokenService.VerifyAll();
}
