public void IssueAccessTokenForClientCredentials()
{
ClientBase cl = new ClientBase { ClientId = "123", ClientSecret = "secret" };
AccessTokenBase token = new AccessTokenBase{ ExpiresIn = 120, Token = Guid.NewGuid().ToString()};
TokenContext context = new TokenContext
{
Client = new ClientBase { ClientId = "123", ClientSecret = "secret" },
GrantType = Parameters.GrantTypeValues.ClientCredentials
};
Mock<IClientService> mckClientService = new Mock<IClientService>();
mckClientService.Setup(x=>x.AuthenticateClient(context)).Returns(true);
mckClientService.Setup(x => x.FindClient("123")).Returns(cl);
Mock<ITokenService> mckTokenService = new Mock<ITokenService>();
mckTokenService.Setup(x=>x.IssueAccessToken(cl)).Returns(token);
Mock<IServiceFactory> mckServiceFactory = new Mock<IServiceFactory>();
mckServiceFactory.SetupGet(x=>x.ClientService).Returns(mckClientService.Object);
mckServiceFactory.SetupGet(x=>x.TokenService).Returns(mckTokenService.Object);
ClientCredentialsProcessor processor = new ClientCredentialsProcessor(mckServiceFactory.Object);
processor.Process(context);
mckClientService.VerifyAll();
mckServiceFactory.VerifyAll();
mckTokenService.VerifyAll();
Assert.AreEqual(token, context.Token);
}
public void TestProcessingNullInvalidAuthorizationGrantContext()
{
TokenContext context = new TokenContext()
{
Client = new ClientBase { ClientId = "321", ClientSecret = "secret" },
AuthorizationCode = "123",
GrantType = Parameters.GrantTypeValues.AuthorizationCode,
RedirectUri = new Uri("http://www.mysites.com/callback"),
Scope = new string[] { "create", "delete" }
};
Mock<IAuthorizationGrantService> mckAuthService = new Mock<IAuthorizationGrantService>();
Mock<IClientService> mckClientService = new Mock<IClientService>();
mckClientService.Setup(x => x.AuthenticateClient(context)).Returns(true);
Mock<IServiceFactory> mckFactory = new Mock<IServiceFactory>();
mckFactory.SetupGet(x => x.AuthorizationGrantService).Returns(mckAuthService.Object);
mckFactory.SetupGet(x => x.ClientService).Returns(mckClientService.Object);
AuthenticationCodeProcessor processor = new AuthenticationCodeProcessor(mckFactory.Object);
CommonProcessorErrorAssert(processor, context, Parameters.ErrorParameters.ErrorValues.InvalidGrant);
mckFactory.VerifyAll();
mckClientService.VerifyAll();
mckAuthService.VerifyAll();
}
public void TestIssueingAccessTokenInvalidResourceOwner()
{
TokenContext context = new TokenContext();
context.GrantType = Parameters.GrantTypeValues.Password;
context.Client = new ClientBase
{
ClientId = "123",
ClientSecret = "secret"
};
context.ResourceOwnerPassword = "******";
context.ResourceOwnerUsername = "******";
Mock<IResourceOwnerService> mckResourceOwnerService = new Mock<IResourceOwnerService>();
mckResourceOwnerService.Setup(x => x.CredentialsAreValid(context)).Returns(false);
Mock<IClientService> mckClientService = new Mock<IClientService>();
mckClientService.Setup(x => x.AuthenticateClient(context)).Returns(true);
Mock<IServiceFactory> mckServicFactory = new Mock<IServiceFactory>();
mckServicFactory.SetupGet(x => x.ClientService).Returns(mckClientService.Object);
mckServicFactory.SetupGet(x => x.ResourceOwnerService).Returns(mckResourceOwnerService.Object);
ResourceOwnerPasswordCredentialProcessor processor = new ResourceOwnerPasswordCredentialProcessor(mckServicFactory.Object);
AssertExceptionResponse(context, processor, Parameters.ErrorParameters.ErrorValues.InvalidRequest, 400);
mckClientService.VerifyAll();
mckResourceOwnerService.VerifyAll();
mckServicFactory.VerifyAll();
}
public void TestUnhandledGrantTypeContext()
{
TokenContext context = new TokenContext
{
AuthorizationCode = "auth-code",
Client = new ClientBase { ClientId = "client-id", ClientSecret = "secret" },
GrantType = Parameters.GrantTypeValues.AuthorizationCode,
RedirectUri = new Uri("http://www.mysite.com/callback")
};
Mock<IServiceFactory> mckServiceFactory = new Mock<IServiceFactory>();
Mock<IContextInspector<ITokenContext>> mckInspector = new Mock<IContextInspector<ITokenContext>>();
Mock<ContextProcessor<ITokenContext>> mckUnsupportedProcessor = new Mock<ContextProcessor<ITokenContext>>(mckServiceFactory.Object);
mckUnsupportedProcessor.Setup(x => x.IsSatisfiedBy(context)).Returns(false);
SimpleServiceLocator locator = new SimpleServiceLocator();
locator.RegisterAll<ContextProcessor<ITokenContext>>(mckUnsupportedProcessor.Object);
locator.RegisterAll<IContextInspector<ITokenContext>>(mckInspector.Object);
ServiceLocator.SetLocatorProvider(() => locator);
TokenProvider provider = new TokenProvider();
provider.GrantAccessToken(context);
}
public void TestNullClientContext()
{
TokenContext context = new TokenContext();
context.GrantType = Parameters.GrantTypeValues.AuthorizationCode;
SpecificationInspector inspector = new SpecificationInspector();
inspector.Inspect(context);
}
public void TestSatisfiedByMethod()
{
TokenContext context = new TokenContext();
context.GrantType = Parameters.GrantTypeValues.AuthorizationCode;
AuthenticationCodeProcessor processor = new AuthenticationCodeProcessor(new Mock<IServiceFactory>().Object);
Assert.IsTrue(processor.IsSatisfiedBy(context));
}
public void TestProcessorSatisfiedBy()
{
TokenContext context = new TokenContext { GrantType = Parameters.GrantTypeValues.AuthorizationCode };
RefreshTokenProcessor processor = new RefreshTokenProcessor(new Mock<IServiceFactory>().Object);
Assert.IsFalse(processor.IsSatisfiedBy(context));
context.GrantType = Parameters.GrantTypeValues.RefreshToken;
Assert.IsTrue(processor.IsSatisfiedBy(context));
}
public void TestProcessorIsNotSatisified()
{
TokenContext context = new TokenContext();
context.GrantType = Parameters.GrantTypeValues.AuthorizationCode;
ResourceOwnerPasswordCredentialProcessor processor = new ResourceOwnerPasswordCredentialProcessor(new Mock<IServiceFactory>().Object);
Assert.IsFalse(processor.IsSatisfiedBy(context));
}
public void TestIsSatisfiedByClientCredentialsGrant()
{
TokenContext context = new TokenContext();
context.GrantType = Parameters.GrantTypeValues.ClientCredentials;
ClientCredentialsProcessor processor = new ClientCredentialsProcessor(new Mock<IServiceFactory>().Object);
Assert.IsTrue(processor.IsSatisfiedBy(context));
}
public void TestIsNotSatisfiedByAuthorizationCodeGrant()
{
TokenContext context = new TokenContext();
context.GrantType = Parameters.GrantTypeValues.AuthorizationCode;
ClientCredentialsProcessor processor = new ClientCredentialsProcessor(new Mock<IServiceFactory>().Object);
Assert.IsFalse(processor.IsSatisfiedBy(context));
}
public void TestWrongGrantType()
{
TokenContext context = new TokenContext
{
GrantType = Parameters.GrantTypeValues.ClientCredentials,
};
RefreshAccessTokenInspector inspector = new RefreshAccessTokenInspector();
inspector.Inspect(context);
}
public void TestWronGrantType()
{
TokenContext ctx = new TokenContext
{
GrantType = Parameters.GrantTypeValues.AuthorizationCode
};
ResourceOwnerPasswordCredentialInspector inspector = new ResourceOwnerPasswordCredentialInspector();
inspector.Inspect(ctx);
}
public void TestMissingRefreshTokenContext()
{
TokenContext context = new TokenContext
{
GrantType = Parameters.GrantTypeValues.RefreshToken,
Scope = new string[] { "create", "delete" }
};
RefreshAccessTokenInspector inspector = new RefreshAccessTokenInspector();
CommonAssertInspector(inspector, context);
}
public void TestContextMissingClientSecret()
{
TokenContext context = new TokenContext();
context.GrantType = Parameters.GrantTypeValues.AuthorizationCode;
context.Client = new ClientBase
{
ClientId = "123"
};
SpecificationInspector inspector = new SpecificationInspector();
CommonAssertInspector(inspector, context);
}
public void TestValidContext()
{
TokenContext context = new TokenContext
{
GrantType = Parameters.GrantTypeValues.RefreshToken,
RefreshToken = "refresh",
Scope = new string[] { "create", "delete" }
};
RefreshAccessTokenInspector inspector = new RefreshAccessTokenInspector();
inspector.Inspect(context);
}
public void TestContextMissingPassword()
{
TokenContext ctx = new TokenContext
{
GrantType = Parameters.GrantTypeValues.Password,
ResourceOwnerUsername = "******",
Scope = new string[] { "create", "delete" }
};
ResourceOwnerPasswordCredentialInspector inspector = new ResourceOwnerPasswordCredentialInspector();
CommonAssertInspector(inspector, ctx);
}
public void TestValidContext()
{
TokenContext context = new TokenContext();
context.GrantType = Parameters.GrantTypeValues.AuthorizationCode;
context.Client = new ClientBase
{
ClientId = "123",
ClientSecret = "secret"
};
SpecificationInspector inspector = new SpecificationInspector();
inspector.Inspect(context);
}
public void TestValidContext()
{
TokenContext ctx = new TokenContext
{
GrantType = Parameters.GrantTypeValues.Password,
ResourceOwnerUsername = "******",
ResourceOwnerPassword = "******",
Scope = new string[] { "create", "delete" }
};
ResourceOwnerPasswordCredentialInspector inspector = new ResourceOwnerPasswordCredentialInspector();
inspector.Inspect(ctx);
}
public void TestExchangingRefreshTokenForWrongClient()
{
ClientBase client = new ClientBase { ClientId = "id", ClientSecret = "secret" };
TokenContext context = new TokenContext
{
RefreshToken = "refresh_token",
Client = new ClientBase { ClientId = "id" },
ResourceOwnerUsername = "******"
};
RefreshTokenBase refreshToken = new RefreshTokenBase
{
ClientId = "123",
Scope = new string[] { "create", "delete" },
Token = "refresh_token"
};
Mock<IClientService> mckClientService = new Mock<IClientService>();
mckClientService.Setup(x => x.AuthenticateClient(context)).Returns(true);
mckClientService.Setup(x => x.FindClient("id")).Returns(client);
Mock<ITokenService> mckTokenService = new Mock<ITokenService>();
mckTokenService.Setup(x => x.FindRefreshToken("refresh_token")).Returns(refreshToken);
Mock<IServiceFactory> mckFactory = new Mock<IServiceFactory>();
mckFactory.SetupGet(x => x.ClientService).Returns(mckClientService.Object);
mckFactory.SetupGet(x => x.TokenService).Returns(mckTokenService.Object);
RefreshTokenProcessor processor = new RefreshTokenProcessor(mckFactory.Object);
try
{
processor.Process(context);
Assert.Fail("no exception trhown");
}
catch (OAuthErrorResponseException<IOAuthContext> x)
{
Assert.AreEqual(Parameters.ErrorParameters.ErrorValues.InvalidClient, x.Error);
}
catch (Exception x)
{
Assert.Fail("unexpected exception: " + x.Message);
}
mckFactory.VerifyAll();
mckClientService.VerifyAll();
mckTokenService.VerifyAll();
}
public void TestExchangingRefreshTokenForAccessToken()
{
ClientBase client = new ClientBase{ ClientId = "id", ClientSecret = "secret" };
AccessTokenBase token = new AccessTokenBase{
ExpiresIn = 120,
RefreshToken = "refresh_token",
Token = "new-token",
TokenType = Parameters.AccessTokenTypeValues.Bearer
};
TokenContext context = new TokenContext
{
RefreshToken = "refresh_token",
Client = client,
ResourceOwnerUsername = "******"
};
RefreshTokenBase refreshToken = new RefreshTokenBase
{
ClientId = "id",
Scope = new string[] { "create", "delete" },
Token = "refresh_token"
};
Mock<IClientService> mckClientService = new Mock<IClientService>();
mckClientService.Setup(x => x.AuthenticateClient(context)).Returns(true);
mckClientService.Setup(x => x.FindClient("id")).Returns(client);
Mock<ITokenService> mckTokenService = new Mock<ITokenService>();
mckTokenService.Setup(x => x.FindRefreshToken("refresh_token")).Returns(refreshToken);
mckTokenService.Setup(x => x.IssueAccessToken(refreshToken)).Returns(token);
Mock<IServiceFactory> mckFactory = new Mock<IServiceFactory>();
mckFactory.SetupGet(x => x.ClientService).Returns(mckClientService.Object);
mckFactory.SetupGet(x => x.TokenService).Returns(mckTokenService.Object);
RefreshTokenProcessor processor = new RefreshTokenProcessor(mckFactory.Object);
processor.Process(context);
Assert.AreEqual(token, context.Token);
mckFactory.VerifyAll();
mckClientService.VerifyAll();
mckTokenService.VerifyAll();
}
public void TestIssueingAccessToken()
{
TokenContext context = new TokenContext();
context.GrantType = Parameters.GrantTypeValues.Password;
context.Client = new ClientBase
{
ClientId = "123",
ClientSecret = "secret"
};
context.ResourceOwnerPassword = "******";
context.ResourceOwnerUsername = "******";
AccessTokenBase token = new AccessTokenBase();
Mock<IResourceOwnerService> mckResourceOwnerService = new Mock<IResourceOwnerService>();
mckResourceOwnerService.Setup(x => x.CredentialsAreValid(context)).Returns(true);
Mock<IClientService> mckClientService = new Mock<IClientService>();
mckClientService.Setup(x => x.AuthenticateClient(context)).Returns(true);
Mock<ITokenService> mckTokenService = new Mock<ITokenService>();
mckTokenService.Setup(x => x.IssueAccessTokenForResourceOwner(context)).Returns(token);
Mock<IServiceFactory> mckServicFactory = new Mock<IServiceFactory>();
mckServicFactory.SetupGet(x => x.ClientService).Returns(mckClientService.Object);
mckServicFactory.SetupGet(x => x.TokenService).Returns(mckTokenService.Object);
mckServicFactory.SetupGet(x => x.ResourceOwnerService).Returns(mckResourceOwnerService.Object);
ResourceOwnerPasswordCredentialProcessor processor = new ResourceOwnerPasswordCredentialProcessor(mckServicFactory.Object);
processor.Process(context);
Assert.AreEqual(token, context.Token);
mckClientService.VerifyAll();
mckResourceOwnerService.VerifyAll();
mckServicFactory.VerifyAll();
mckTokenService.VerifyAll();
}
public void TestProcessingValidContext()
{
TokenContext context = new TokenContext()
{
Client = new ClientBase { ClientId = "321", ClientSecret = "secret" },
AuthorizationCode = "123",
GrantType = Parameters.GrantTypeValues.AuthorizationCode,
RedirectUri = new Uri("http://www.mysites.com/callback"),
Scope = new string[] { "create", "delete" }
};
IAuthorizationGrant authorizationGrant = new AuthorizationGrantBase { Code = "123" };
Mock<IAuthorizationGrantService> mckAuthService = new Mock<IAuthorizationGrantService>();
mckAuthService.Setup(x => x.FindAuthorizationGrant("123")).Returns(authorizationGrant);
mckAuthService.Setup(x => x.ConsumeGrant(It.IsAny<IAuthorizationGrant>()));
mckAuthService.Setup(x => x.ValidateGrant(context, authorizationGrant)).Returns(true);
Mock<ITokenService> mckTokenService = new Mock<ITokenService>();
mckTokenService.Setup(x => x.IssueAccessToken(authorizationGrant)).Returns(new AccessTokenBase { TokenType = "bearer", RefreshToken = "refresh_token", Token = "token", ExpiresIn = 120 });
Mock<IClientService> mckClientService = new Mock<IClientService>();
mckClientService.Setup(x => x.AuthenticateClient(context)).Returns(true);
Mock<IServiceFactory> mckFactory = new Mock<IServiceFactory>();
mckFactory.SetupGet(x => x.ClientService).Returns(mckClientService.Object);
mckFactory.SetupGet(x => x.TokenService).Returns(mckTokenService.Object);
mckFactory.SetupGet(x => x.AuthorizationGrantService).Returns(mckAuthService.Object);
AuthenticationCodeProcessor processor = new AuthenticationCodeProcessor(mckFactory.Object);
processor.Process(context);
Assert.IsNotNull(context.Token);
Assert.AreEqual(120, context.Token.ExpiresIn);
Assert.AreEqual("refresh_token", context.Token.RefreshToken);
Assert.AreEqual("token", context.Token.Token);
mckFactory.VerifyAll();
mckClientService.VerifyAll();
mckTokenService.VerifyAll();
}
public void TestInvalidValidContext()
{
TokenContext context = new TokenContext();
context.GrantType = "";
SpecificationInspector inspector = new SpecificationInspector();
try
{
inspector.Inspect(context);
Assert.Fail("Did not throw an exception");
}
catch (OAuthErrorResponseException<ITokenContext> x)
{
Assert.AreEqual(Parameters.ErrorParameters.ErrorValues.InvalidRequest, x.Error);
}
catch (Exception)
{
Assert.Fail("Unexpected exception was thrown");
}
}
public void IssueAccessTokenForInvalidClientCredentials()
{
ClientBase cl = new ClientBase { ClientId = "123", ClientSecret = "secret" };
AccessTokenBase token = new AccessTokenBase { ExpiresIn = 120, Token = Guid.NewGuid().ToString() };
TokenContext context = new TokenContext
{
Client = cl,
GrantType = Parameters.GrantTypeValues.ClientCredentials
};
Mock<IClientService> mckClientService = new Mock<IClientService>();
mckClientService.Setup(x => x.AuthenticateClient(context)).Returns(false);
Mock<IServiceFactory> mckServiceFactory = new Mock<IServiceFactory>();
mckServiceFactory.SetupGet(x => x.ClientService).Returns(mckClientService.Object);
ClientCredentialsProcessor processor = new ClientCredentialsProcessor(mckServiceFactory.Object);
try
{
processor.Process(context);
Assert.Fail("no exception thrown");
}
catch (OAuthErrorResponseException<ITokenContext> x)
{
Assert.AreEqual(Parameters.ErrorParameters.ErrorValues.UnauthorizedClient, x.Error);
Assert.AreEqual(401, x.HttpStatusCode);
}
catch (Exception x)
{
Assert.Fail("unexpected exception was thrown: " + x.Message);
}
mckClientService.VerifyAll();
mckServiceFactory.VerifyAll();
}
public void TestInvalidRefreshTokenForClient()
{
ClientBase client = new ClientBase { ClientId = "id", ClientSecret = "secret" };
TokenContext context = new TokenContext
{
RefreshToken = "refresh_token",
Client = client
};
Mock<IClientService> mckClientService = new Mock<IClientService>();
mckClientService.Setup(x => x.AuthenticateClient(context)).Returns(true);
mckClientService.Setup(x => x.FindClient("id")).Returns(client);
Mock<ITokenService> mckTokenService = new Mock<ITokenService>();
mckTokenService.Setup(x => x.FindRefreshToken("refresh_token")).Returns((RefreshTokenBase)null);
Mock<IServiceFactory> mckFactory = new Mock<IServiceFactory>();
mckFactory.SetupGet(x => x.ClientService).Returns(mckClientService.Object);
mckFactory.SetupGet(x => x.TokenService).Returns(mckTokenService.Object);
RefreshTokenProcessor processor = new RefreshTokenProcessor(mckFactory.Object);
AssertExceptionResponse(context, processor, Parameters.ErrorParameters.ErrorValues.InvalidRequest, 400);
mckFactory.VerifyAll();
mckClientService.VerifyAll();
mckTokenService.VerifyAll();
}
public void TestInvalidClientExchangingRefreshToken()
{
ClientBase client = new ClientBase { ClientId = "id", ClientSecret = "secret" };
TokenContext context = new TokenContext
{
RefreshToken = "refresh_token",
Client = client
};
Mock<IClientService> mckClientService = new Mock<IClientService>();
mckClientService.Setup(x => x.AuthenticateClient(context)).Returns(false);
Mock<IServiceFactory> mckFactory = new Mock<IServiceFactory>();
mckFactory.SetupGet(x => x.ClientService).Returns(mckClientService.Object);
RefreshTokenProcessor processor = new RefreshTokenProcessor(mckFactory.Object);
AssertExceptionResponse(context, processor, Parameters.ErrorParameters.ErrorValues.UnauthorizedClient, 401);
mckFactory.VerifyAll();
mckClientService.VerifyAll();
}
private static void AssertExceptionResponse(TokenContext context, RefreshTokenProcessor processor, string parameter, int httpStatusCode)
{
try
{
processor.Process(context);
Assert.Fail("no exception thrown");
}
catch (OAuthErrorResponseException<ITokenContext> x)
{
Assert.AreEqual(parameter, x.Error);
Assert.AreEqual(httpStatusCode, x.HttpStatusCode);
}
catch (Exception x)
{
Assert.Fail("Unexpected exception: " + x.Message);
}
}
private static void AssertExceptionResponse(TokenContext context, ResourceOwnerPasswordCredentialProcessor processor, string parameter, int httpStatusCode)
{
try
{
processor.Process(context);
Assert.Fail("No exception was thrown");
}
catch (OAuthErrorResponseException<ITokenContext> x)
{
Assert.AreEqual(parameter, x.Error);
Assert.AreEqual(httpStatusCode, x.HttpStatusCode);
}
catch (OAuthErrorResponseException<IOAuthContext> x)
{
Assert.AreEqual(parameter, x.Error);
Assert.AreEqual(httpStatusCode, x.HttpStatusCode);
}
catch (Exception x)
{
Assert.Fail("Unexpected exception was thrown: " + x.Message);
}
}
public void TestProcessingMismatchedRedirectUri()
{
TokenContext context = new TokenContext()
{
AuthorizationCode = "123",
RedirectUri = new Uri("http://www.mysites.com/callback"),
Client = new ClientBase { ClientId = "client", ClientSecret = "secret" }
};
Mock<IAuthorizationGrantService> mckAuthService = new Mock<IAuthorizationGrantService>();
mckAuthService.Setup(x => x.FindAuthorizationGrant("123")).Returns(new AuthorizationGrantBase());
Mock<IClientService> mckClientService = new Mock<IClientService>();
mckClientService.Setup(x => x.AuthenticateClient(context)).Returns(true);
Mock<IServiceFactory> mckFactory = new Mock<IServiceFactory>();
mckFactory.SetupGet(x => x.AuthorizationGrantService).Returns(mckAuthService.Object);
mckFactory.SetupGet(x => x.ClientService).Returns(mckClientService.Object);
AuthenticationCodeProcessor processor = new AuthenticationCodeProcessor(mckFactory.Object);
CommonProcessorErrorAssert(processor, context, Parameters.ErrorParameters.ErrorValues.InvalidGrant);
mckFactory.VerifyAll();
mckAuthService.VerifyAll();
}