public async Task CreateTokenAsync_When_Credentials_Not_Valid_Returns_Null()
{
// Arrange
var createTokenOptions = new CreateTokenOptions
{
Audience = "aud",
Username = "******",
Password = "******"
};
var tokenServiceSettings = new TokenServiceSettings {
Issuer = "issuer"
};
var mockSecretsProvider = new Mock <ISecretsProvider>();
var mockUserRepository = new Mock <IClaimsProvider>();
var mockJwtTokenProvider = new Mock <IJwtTokenProvider>();
var mockSecurityKeyProvider = new Mock <ISecurityKeyProvider>();
var service = new JwtTokenService(
mockSecretsProvider.Object,
mockUserRepository.Object,
mockJwtTokenProvider.Object,
mockSecurityKeyProvider.Object,
tokenServiceSettings);
// Act
var createTokenResult = await service.CreateTokenAsync(createTokenOptions);
// Assert
createTokenResult.Should().BeNull();
}
public async Task CreateTokenAsync_Creates_Token()
{
// Arrange
var createTokenOptions = new CreateTokenOptions
{
Audience = "aud",
Username = "******",
Password = "******"
};
var tokenServiceSettings = new TokenServiceSettings {
Issuer = "issuer"
};
var mockSecretsProvider = new Mock <ISecretsProvider>();
var mockUserRepository = new Mock <IClaimsProvider>();
var mockJwtTokenProvider = new Mock <IJwtTokenProvider>();
var mockSecurityKeyProvider = new Mock <ISecurityKeyProvider>();
var service = new JwtTokenService(
mockSecretsProvider.Object,
mockUserRepository.Object,
mockJwtTokenProvider.Object,
mockSecurityKeyProvider.Object,
tokenServiceSettings);
// Act
await service.CreateTokenAsync(createTokenOptions);
// Assert
mockJwtTokenProvider.Verify(
m => m.CreateTokenAsync(It.IsAny <IEnumerable <Claim> >(), It.IsAny <SecurityKey>(),
tokenServiceSettings.Issuer, createTokenOptions.Audience), Times.Exactly(1));
}
public async Task <CreateTokenResult> CreateTokenAsync(CreateTokenOptions options)
{
var serverSecret = await _secretsProvider.GetSecretAsync();
var secretKey = await _securityKeyProvider.CreateSecurityKeyAsync(serverSecret);
var claims = await _claimsProvider.GetUserClaimsAsync(options.Username);
var createTokenResult = await _jwtTokenProvider.CreateTokenAsync(claims, secretKey, _tokenServiceSettings.Issuer, options.Audience);
return(createTokenResult);
}
public async Task <IActionResult> CreateToken()
{
var createTokenOptions = new CreateTokenOptions
{
Username = User.FindFirst(JwtRegisteredClaimNames.UniqueName).Value,
Audience = User.FindFirst(JwtRegisteredClaimNames.Aud).Value
};
var createTokenResult = await _tokenService.CreateTokenAsync(createTokenOptions);
if (createTokenResult == null)
{
return(BadRequest(new ApiErrors {
Operation = "CreateToken", Errors = new[] { ApiError.CreateTokenAuthFailure.WithData(createTokenOptions) }
}));
}
var responseModel = _mapper.Map <PostTokenResponseModel>(createTokenResult);
return(new OkObjectResult(responseModel));
}
public async Task CanCreateATokenTest()
{
//GIVEN A valid specifcation for an Okta token
var mockClient = new Mock <IOktaClient>();
var client = mockClient.Object;
mockClient.Setup(x => x.Configuration)
.Returns(new OktaClientConfiguration()
{
OktaDomain = ExampleOktaDomain
});
var createOptions = new CreateTokenOptions()
{
Name = "testTokenName"
};
mockClient.Setup(x => x.PostAsync <PopulatedToken>($"{ExampleOktaDomain}/api/internal/tokens?expand=user", It.IsAny <object>(),
It.IsAny <CancellationToken>()))
.Returns(Task.FromResult(new PopulatedToken()
{
Token = "Example Returned token"
}));
//WHEN A request is made to create a token
var result = await client.Tokens().CreateToken(createOptions, CancellationToken.None);
//THEN The okta client is invoked with the correct parameters
Assert.That(result.Token, Is.EqualTo("Example Returned token"),
"The returned object should be the mock expectation");
mockClient.VerifyAll();
}
/// <inheritdoc />
public async Task <IPopulatedToken> CreateToken(CreateTokenOptions options, CancellationToken cancellationToken = default(CancellationToken))
{
var requestUrl = _client.Configuration.BuildUrl("/api/internal/tokens?expand=user");
return(await _client.PostAsync <PopulatedToken>(requestUrl.AbsoluteUri, options, cancellationToken));
}
