public async Task GetClientAccessTokenReturnsApprovedScope()
        {
            string[] approvedScopes = new[] { "Scope2", "Scope3" };
            var      authServer     = CreateAuthorizationServerMock();

            authServer.Setup(
                a => a.IsAuthorizationValid(It.Is <IAuthorizationDescription>(d => d.User == null && d.ClientIdentifier == ClientId && MessagingUtilities.AreEquivalent(d.Scope, TestScopes))))
            .Returns(true);
            authServer.Setup(
                a => a.CheckAuthorizeClientCredentialsGrant(It.Is <IAccessTokenRequest>(d => d.ClientIdentifier == ClientId && MessagingUtilities.AreEquivalent(d.Scope, TestScopes))))
            .Returns <IAccessTokenRequest>(req => {
                var response = new AutomatedAuthorizationCheckResponse(req, true);
                response.ApprovedScope.ResetContents(approvedScopes);
                return(response);
            });
            Handle(AuthorizationServerDescription.TokenEndpoint).By(
                async(req, ct) => {
                var server = new AuthorizationServer(authServer.Object);
                return(await server.HandleTokenRequestAsync(req, ct));
            });

            var client    = new WebServerClient(AuthorizationServerDescription, ClientId, ClientSecret, this.HostFactories);
            var authState = await client.GetClientAccessTokenAsync(TestScopes);

            Assert.That(authState.Scope, Is.EquivalentTo(approvedScopes));
        }
        public void ClientCredentialScopeOverride()
        {
            var clientRequestedScopes  = new[] { "scope1", "scope2" };
            var serverOverriddenScopes = new[] { "scope1", "differentScope" };
            var authServerMock         = CreateAuthorizationServerMock();

            authServerMock
            .Setup(a => a.CheckAuthorizeClientCredentialsGrant(It.IsAny <IAccessTokenRequest>()))
            .Returns <IAccessTokenRequest>(req => {
                var response = new AutomatedAuthorizationCheckResponse(req, true);
                response.ApprovedScope.Clear();
                response.ApprovedScope.UnionWith(serverOverriddenScopes);
                return(response);
            });
            var coordinator = new OAuth2Coordinator <WebServerClient>(
                AuthorizationServerDescription,
                authServerMock.Object,
                new WebServerClient(AuthorizationServerDescription),
                client => {
                var authState = new AuthorizationState(TestScopes)
                {
                    Callback = ClientCallback,
                };
                var result = client.GetClientAccessToken(clientRequestedScopes);
                Assert.That(result.Scope, Is.EquivalentTo(serverOverriddenScopes));
            },
                server => {
                server.HandleTokenRequest().Respond();
            });

            coordinator.Run();
        }
Exemplo n.º 3
0
        public async Task ClientCredentialScopeOverride()
        {
            var clientRequestedScopes  = new[] { "scope1", "scope2" };
            var serverOverriddenScopes = new[] { "scope1", "differentScope" };
            var authServerMock         = CreateAuthorizationServerMock();

            authServerMock
            .Setup(a => a.CheckAuthorizeClientCredentialsGrant(It.IsAny <IAccessTokenRequest>()))
            .Returns <IAccessTokenRequest>(req => {
                var response = new AutomatedAuthorizationCheckResponse(req, true);
                response.ApprovedScope.Clear();
                response.ApprovedScope.UnionWith(serverOverriddenScopes);
                return(response);
            });

            Handle(AuthorizationServerDescription.TokenEndpoint).By(
                async(req, ct) => {
                var server = new AuthorizationServer(authServerMock.Object);
                return(await server.HandleTokenRequestAsync(req, ct));
            });

            var client = new WebServerClient(AuthorizationServerDescription, ClientId, ClientSecret, this.HostFactories);
            var result = await client.GetClientAccessTokenAsync(clientRequestedScopes);

            Assert.That(result.AccessToken, Is.Not.Null.And.Not.Empty);
            Assert.That(result.Scope, Is.EquivalentTo(serverOverriddenScopes));
        }
Exemplo n.º 4
0
        public void GetClientAccessTokenReturnsApprovedScope()
        {
            string[] approvedScopes = new[] { "Scope2", "Scope3" };
            var      authServer     = CreateAuthorizationServerMock();

            authServer.Setup(
                a => a.IsAuthorizationValid(It.Is <IAuthorizationDescription>(d => d.User == null && d.ClientIdentifier == ClientId && MessagingUtilities.AreEquivalent(d.Scope, TestScopes))))
            .Returns(true);
            authServer.Setup(
                a => a.CheckAuthorizeClientCredentialsGrant(It.Is <IAccessTokenRequest>(d => d.ClientIdentifier == ClientId && MessagingUtilities.AreEquivalent(d.Scope, TestScopes))))
            .Returns <IAccessTokenRequest>(req => {
                var response = new AutomatedAuthorizationCheckResponse(req, true);
                response.ApprovedScope.ResetContents(approvedScopes);
                return(response);
            });
            var coordinator = new OAuth2Coordinator <WebServerClient>(
                AuthorizationServerDescription,
                authServer.Object,
                new WebServerClient(AuthorizationServerDescription),
                client => {
                var authState = client.GetClientAccessToken(TestScopes);
                Assert.That(authState.Scope, Is.EquivalentTo(approvedScopes));
            },
                server => {
                server.HandleTokenRequest().Respond();
            });

            coordinator.Run();
        }
Exemplo n.º 5
0
            public void WhenCheckAuthorizeClientCredentialsGrantWithKnownClientApp_ReturnsApprovedScopes()
            {
                var scopes = new HashSet <string>(new[]
                {
                    "foo"
                });
                var request = new Mock <IAccessTokenRequest>();

                request.Setup(r => r.Scope).Returns(scopes);
                request.Setup(r => r.ClientIdentifier).Returns("bar");
                clientStore.Setup(cs => cs.GetClient(It.IsAny <string>()))
                .Returns(new Mock <IClientDescription>().Object);

                AutomatedAuthorizationCheckResponse result = server.CheckAuthorizeClientCredentialsGrant(request.Object);

                Assert.Equal(scopes.First(), result.ApprovedScope.First());
                Assert.True(result.IsApproved);
            }