public TokenEndpointController(CoreSettings settings, TokenRequestValidator requestValidator, ClientValidator clientValidator, TokenResponseGenerator generator)
{
_requestValidator = requestValidator;
_clientValidator = clientValidator;
_generator = generator;
_settings = settings;
}
public TokenEndpointController(IdentityServerOptions options, TokenRequestValidator requestValidator, ClientValidator clientValidator, TokenResponseGenerator generator)
{
_requestValidator = requestValidator;
_clientValidator = clientValidator;
_generator = generator;
_options = options;
}
public TokenEndpointController(IdentityServerOptions options, TokenRequestValidator requestValidator, ClientValidator clientValidator, TokenResponseGenerator generator)
{
_requestValidator = requestValidator;
_clientValidator = clientValidator;
_generator = generator;
_options = options;
}
public async Task Null_ClientId()
{
var credential = new ClientCredential();
var validator = new ClientValidator(_settings, _logger);
var client = await validator.ValidateClientCredentialsAsync(credential);
}
public TokenEndpointController(CoreSettings settings, TokenRequestValidator requestValidator, ClientValidator clientValidator, TokenResponseGenerator generator)
{
_requestValidator = requestValidator;
_clientValidator = clientValidator;
_generator = generator;
_settings = settings;
}
public void No_Client_Credentials()
{
var validator = new ClientValidator(null, _logger);
var credential = validator.ValidateHttpRequest(null, null);
Assert.IsFalse(credential.IsMalformed);
Assert.IsFalse(credential.IsPresent);
}
public TokenEndpointController(TokenRequestValidator requestValidator, ClientValidator clientValidator, TokenResponseGenerator generator, ILogger logger)
{
_logger = logger;
_requestValidator = requestValidator;
_clientValidator = clientValidator;
_generator = generator;
}
public TokenEndpointController(TokenRequestValidator requestValidator, ClientValidator clientValidator, TokenResponseGenerator generator)
{
_logger = LogProvider.GetCurrentClassLogger();
_requestValidator = requestValidator;
_clientValidator = clientValidator;
_generator = generator;
}
public async Task Disabled_Client()
{
var credential = new ClientCredential
{
ClientId = "disabled",
Secret = "invalid"
};
var validator = new ClientValidator(_settings, _logger);
var client = await validator.ValidateClientCredentialsAsync(credential);
Assert.IsNull(client);
}
public void Valid_BasicAuthentication_Request()
{
var validator = new ClientValidator(null, _logger);
var header = new BasicAuthenticationHeaderValue("client", "secret");
var credential = validator.ValidateHttpRequest(header, null);
Assert.IsFalse(credential.IsMalformed);
Assert.IsTrue(credential.IsPresent);
Assert.AreEqual(Constants.ClientAuthenticationMethods.Basic, credential.Type);
Assert.AreEqual("client", credential.ClientId);
Assert.AreEqual("secret", credential.Secret);
}
public async Task Valid_Client_Credentials()
{
var credential = new ClientCredential
{
ClientId = "codeclient",
Secret = "secret"
};
var validator = new ClientValidator(_settings, _logger);
var client = await validator.ValidateClientCredentialsAsync(credential);
Assert.IsNotNull(client);
Assert.AreEqual("codeclient", client.ClientId);
}
public void Valid_FormPost_Request()
{
var validator = new ClientValidator(null, _logger);
var body = new NameValueCollection();
body.Add("client_id", "client");
body.Add("client_secret", "secret");
var credential = validator.ValidateHttpRequest(null, body);
Assert.IsFalse(credential.IsMalformed);
Assert.IsTrue(credential.IsPresent);
Assert.AreEqual(Constants.ClientAuthenticationMethods.FormPost, credential.Type);
Assert.AreEqual("client", credential.ClientId);
Assert.AreEqual("secret", credential.Secret);
}
public void BasicAuthentication_Request_With_Empty_Basic_Header()
{
var validator = new ClientValidator(null, _logger);
var header = new AuthenticationHeaderValue("Basic");
var credential = validator.ValidateHttpRequest(header, null);
Assert.IsTrue(credential.IsMalformed);
Assert.IsFalse(credential.IsPresent);
}
public async Task Empty_Client_Credentials()
{
var credential = new ClientCredential
{
ClientId = "",
Secret = ""
};
var validator = new ClientValidator(_settings, _logger);
var client = await validator.ValidateClientCredentialsAsync(credential);
Assert.IsNull(client);
}
public void BasicAuthentication_Request_With_Malformed_Credentials_Base64_Encoding_UserName_Only_With_Colon()
{
var validator = new ClientValidator(null, _logger);
var invalidCred = "username:"******"Basic", encoded);
var credential = validator.ValidateHttpRequest(header, null);
Assert.IsTrue(credential.IsMalformed);
Assert.IsFalse(credential.IsPresent);
}
public void BasicAuthentication_Request_With_Malformed_Credentials_NoBase64_Encoding()
{
var validator = new ClientValidator(null, _logger);
var header = new AuthenticationHeaderValue("Basic", "somerandomdata");
var credential = validator.ValidateHttpRequest(header, null);
Assert.IsTrue(credential.IsMalformed);
Assert.IsFalse(credential.IsPresent);
}
public void BasicAuthentication_Request_With_Unknown_Scheme()
{
var validator = new ClientValidator(null, _logger);
var header = new AuthenticationHeaderValue("Unkown", "data");
var credential = validator.ValidateHttpRequest(header, null);
Assert.IsFalse(credential.IsMalformed);
Assert.IsFalse(credential.IsPresent);
}
