public void GenerateRefreshToken_GeneratesToken() { var ticks = DateTime.Now.Ticks; var data = new TokenData { ConsumerId = 1, ResourceOwnerId = 2, Timestamp = ticks }; var issuer = new OAuthIssuer(); var token1 = issuer.GenerateRefreshToken(data); var token2 = issuer.GenerateRefreshToken(data); var token3 = issuer.GenerateRefreshToken(data); Assert.AreNotEqual(token1, token2); Assert.AreNotEqual(token1, token3); Assert.AreNotEqual(token2, token3); }
public void WhenConsumerIsNolongerApproved_ThenThrowsException() { var mocker = new AutoMoqer(); mocker.GetMock <IOAuthRequest>().Setup(x => x.ContentType).Returns(ContentType.FormEncoded); mocker.GetMock <IOAuthRequest>().Setup(x => x.ClientId).Returns("clientid"); mocker.GetMock <IOAuthRequest>().Setup(x => x.GrantType).Returns(GrantType.RefreshToken); mocker.GetMock <IConsumerRepository>().Setup(x => x.GetByClientId("clientid")).Returns(new ConsumerImpl { ConsumerId = 12, ClientId = "clientid", Secret = "clientsecret" }); mocker.GetMock <IResourceOwnerRepository>().Setup(x => x.IsConsumerApproved(10, 12)).Returns(false); mocker.GetMock <IOAuthRequest>().Setup(x => x.ClientSecret).Returns("clientsecret"); mocker.SetInstance <IOAuthIssuer>(new OAuthIssuer()); var issuer = new OAuthIssuer(); var authorizer = mocker.Resolve <RefreshTokenRequestAuthorizer>(); var token = issuer.GenerateRefreshToken(new TokenData { ConsumerId = 12, ResourceOwnerId = 10, Timestamp = 1 }); mocker.GetMock <IOAuthRequest>().Setup(x => x.RefreshToken).Returns(token); try { authorizer.Authorize(mocker.GetMock <IOAuthRequest>().Object); Assert.Fail("Exception not thrown"); } catch (OAuthException ex) { Assert.AreEqual(ErrorCode.UnauthorizedClient, ex.ErrorCode); Assert.IsTrue(!string.IsNullOrWhiteSpace(ex.ErrorDescription)); } }
public void AccessTokenAndRefreshTokenAreNotEqual() { var issuer = new OAuthIssuer(); var data = new TokenData { ConsumerId = 12345, ResourceOwnerId = 12345, Timestamp = DateTime.Now.Ticks }; var accessToken = issuer.GenerateAccessToken(data); var refreshToken = issuer.GenerateRefreshToken(data); Assert.AreNotEqual(accessToken, refreshToken); }
public void DecodeRefreshToken_DecodesToken() { var ticks = DateTime.Now.Ticks; var data = new TokenData { ConsumerId = 1, ResourceOwnerId = 2, Timestamp = ticks }; var issuer = new OAuthIssuer(); var token1 = issuer.GenerateRefreshToken(data); var token = issuer.DecodeRefreshToken(token1); Assert.AreEqual(1, token.ConsumerId); Assert.AreEqual(2, token.ResourceOwnerId); Assert.AreEqual(ticks, token.Timestamp); }
public void WhenDataIsValid_ThenNewTokenIsCreated() { var mocker = new AutoMoqer(); mocker.GetMock <IOAuthRequest>().Setup(x => x.ContentType).Returns(ContentType.FormEncoded); mocker.GetMock <IOAuthRequest>().Setup(x => x.ClientId).Returns("clientid"); mocker.GetMock <IOAuthRequest>().Setup(x => x.GrantType).Returns(GrantType.RefreshToken); mocker.GetMock <IConsumerRepository>().Setup(x => x.GetByClientId("clientid")).Returns(new ConsumerImpl { ConsumerId = 12, ClientId = "clientid", Secret = "clientsecret" }); mocker.GetMock <IResourceOwnerRepository>().Setup(x => x.IsConsumerApproved(10, 12)).Returns(true); mocker.GetMock <IOAuthRequest>().Setup(x => x.ClientSecret).Returns("clientsecret"); mocker.SetInstance <IOAuthIssuer>(new OAuthIssuer()); var issuer = new OAuthIssuer(); var authorizer = mocker.Resolve <RefreshTokenRequestAuthorizer>(); var token = issuer.GenerateRefreshToken(new TokenData { ConsumerId = 12, ResourceOwnerId = 10, Timestamp = 1 }); mocker.GetMock <IOAuthRequest>().Setup(x => x.RefreshToken).Returns(token); var newToken = authorizer.Authorize(mocker.GetMock <IOAuthRequest>().Object); Assert.IsNotNull(newToken); var accessTokenData = issuer.DecodeAccessToken(newToken.AccessToken); Assert.IsNotNull(accessTokenData); Assert.AreEqual(10, accessTokenData.ResourceOwnerId); Assert.IsTrue(accessTokenData.Timestamp > DateTimeOffset.UtcNow.AddMinutes(-5).Ticks); var refreshTokenData = issuer.DecodeRefreshToken(newToken.RefreshToken); Assert.IsNotNull(refreshTokenData); Assert.AreEqual(12, refreshTokenData.ConsumerId); Assert.AreEqual(10, refreshTokenData.ResourceOwnerId); Assert.IsTrue(refreshTokenData.Timestamp > DateTimeOffset.UtcNow.AddMinutes(-5).Ticks); }
public void GenerateRefreshToken_ThrowExceptionWhenDataIsNull() { var issuer = new OAuthIssuer(); issuer.GenerateRefreshToken(null); }