public void GenerateRefreshToken_GeneratesToken()
{
var ticks = DateTime.Now.Ticks;
var data = new TokenData {
ConsumerId = 1, ResourceOwnerId = 2, Timestamp = ticks
};
var issuer = new OAuthIssuer();
var token1 = issuer.GenerateRefreshToken(data);
var token2 = issuer.GenerateRefreshToken(data);
var token3 = issuer.GenerateRefreshToken(data);
Assert.AreNotEqual(token1, token2);
Assert.AreNotEqual(token1, token3);
Assert.AreNotEqual(token2, token3);
}
public void WhenConsumerIsNolongerApproved_ThenThrowsException()
{
var mocker = new AutoMoqer();
mocker.GetMock <IOAuthRequest>().Setup(x => x.ContentType).Returns(ContentType.FormEncoded);
mocker.GetMock <IOAuthRequest>().Setup(x => x.ClientId).Returns("clientid");
mocker.GetMock <IOAuthRequest>().Setup(x => x.GrantType).Returns(GrantType.RefreshToken);
mocker.GetMock <IConsumerRepository>().Setup(x => x.GetByClientId("clientid")).Returns(new ConsumerImpl {
ConsumerId = 12, ClientId = "clientid", Secret = "clientsecret"
});
mocker.GetMock <IResourceOwnerRepository>().Setup(x => x.IsConsumerApproved(10, 12)).Returns(false);
mocker.GetMock <IOAuthRequest>().Setup(x => x.ClientSecret).Returns("clientsecret");
mocker.SetInstance <IOAuthIssuer>(new OAuthIssuer());
var issuer = new OAuthIssuer();
var authorizer = mocker.Resolve <RefreshTokenRequestAuthorizer>();
var token = issuer.GenerateRefreshToken(new TokenData {
ConsumerId = 12, ResourceOwnerId = 10, Timestamp = 1
});
mocker.GetMock <IOAuthRequest>().Setup(x => x.RefreshToken).Returns(token);
try
{
authorizer.Authorize(mocker.GetMock <IOAuthRequest>().Object);
Assert.Fail("Exception not thrown");
}
catch (OAuthException ex)
{
Assert.AreEqual(ErrorCode.UnauthorizedClient, ex.ErrorCode);
Assert.IsTrue(!string.IsNullOrWhiteSpace(ex.ErrorDescription));
}
}
public void AccessTokenAndRefreshTokenAreNotEqual()
{
var issuer = new OAuthIssuer();
var data = new TokenData {
ConsumerId = 12345, ResourceOwnerId = 12345, Timestamp = DateTime.Now.Ticks
};
var accessToken = issuer.GenerateAccessToken(data);
var refreshToken = issuer.GenerateRefreshToken(data);
Assert.AreNotEqual(accessToken, refreshToken);
}
public void DecodeRefreshToken_DecodesToken()
{
var ticks = DateTime.Now.Ticks;
var data = new TokenData {
ConsumerId = 1, ResourceOwnerId = 2, Timestamp = ticks
};
var issuer = new OAuthIssuer();
var token1 = issuer.GenerateRefreshToken(data);
var token = issuer.DecodeRefreshToken(token1);
Assert.AreEqual(1, token.ConsumerId);
Assert.AreEqual(2, token.ResourceOwnerId);
Assert.AreEqual(ticks, token.Timestamp);
}
public void WhenDataIsValid_ThenNewTokenIsCreated()
{
var mocker = new AutoMoqer();
mocker.GetMock <IOAuthRequest>().Setup(x => x.ContentType).Returns(ContentType.FormEncoded);
mocker.GetMock <IOAuthRequest>().Setup(x => x.ClientId).Returns("clientid");
mocker.GetMock <IOAuthRequest>().Setup(x => x.GrantType).Returns(GrantType.RefreshToken);
mocker.GetMock <IConsumerRepository>().Setup(x => x.GetByClientId("clientid")).Returns(new ConsumerImpl {
ConsumerId = 12, ClientId = "clientid", Secret = "clientsecret"
});
mocker.GetMock <IResourceOwnerRepository>().Setup(x => x.IsConsumerApproved(10, 12)).Returns(true);
mocker.GetMock <IOAuthRequest>().Setup(x => x.ClientSecret).Returns("clientsecret");
mocker.SetInstance <IOAuthIssuer>(new OAuthIssuer());
var issuer = new OAuthIssuer();
var authorizer = mocker.Resolve <RefreshTokenRequestAuthorizer>();
var token = issuer.GenerateRefreshToken(new TokenData {
ConsumerId = 12, ResourceOwnerId = 10, Timestamp = 1
});
mocker.GetMock <IOAuthRequest>().Setup(x => x.RefreshToken).Returns(token);
var newToken = authorizer.Authorize(mocker.GetMock <IOAuthRequest>().Object);
Assert.IsNotNull(newToken);
var accessTokenData = issuer.DecodeAccessToken(newToken.AccessToken);
Assert.IsNotNull(accessTokenData);
Assert.AreEqual(10, accessTokenData.ResourceOwnerId);
Assert.IsTrue(accessTokenData.Timestamp > DateTimeOffset.UtcNow.AddMinutes(-5).Ticks);
var refreshTokenData = issuer.DecodeRefreshToken(newToken.RefreshToken);
Assert.IsNotNull(refreshTokenData);
Assert.AreEqual(12, refreshTokenData.ConsumerId);
Assert.AreEqual(10, refreshTokenData.ResourceOwnerId);
Assert.IsTrue(refreshTokenData.Timestamp > DateTimeOffset.UtcNow.AddMinutes(-5).Ticks);
}
public void GenerateRefreshToken_ThrowExceptionWhenDataIsNull()
{
var issuer = new OAuthIssuer();
issuer.GenerateRefreshToken(null);
}
