public DefaultUserConsentStore(
IPersistedGrantStore store,
PersistentGrantSerializer serializer,
ILogger <DefaultUserConsentStore> logger)
: base(Constants.PersistedGrantTypes.UserConsent, store, serializer, logger)
{
}
public async Task StoreDeviceAuthorizationAsync_WhenSuccessful_ExpectDataStored(DbContextOptions <PersistedGrantDbContext> options)
{
var deviceCode = Guid.NewGuid().ToString();
var userCode = Guid.NewGuid().ToString();
var data = new DeviceCode
{
ClientId = Guid.NewGuid().ToString(),
CreationTime = DateTime.UtcNow,
Lifetime = 300
};
using (var context = new PersistedGrantDbContext(options, StoreOptions))
{
var store = new DeviceFlowStore(context, new PersistentGrantSerializer(), FakeLogger <DeviceFlowStore> .Create());
await store.StoreDeviceAuthorizationAsync(deviceCode, userCode, data);
}
using (var context = new PersistedGrantDbContext(options, StoreOptions))
{
var foundDeviceFlowCodes = context.DeviceFlowCodes.FirstOrDefault(x => x.DeviceCode == deviceCode);
foundDeviceFlowCodes.Should().NotBeNull();
var deserializedData = new PersistentGrantSerializer().Deserialize <DeviceCode>(foundDeviceFlowCodes?.Data);
deserializedData.CreationTime.Should().BeCloseTo(data.CreationTime);
deserializedData.ClientId.Should().Be(data.ClientId);
deserializedData.Lifetime.Should().Be(data.Lifetime);
}
}
public async Task StoreDeviceAuthorizationAsync_WhenSuccessful_ExpectDataStored()
{
using var ravenStore = GetDocumentStore();
await new DeviceFlowCodeIndex().ExecuteAsync(ravenStore);
var deviceCode = Guid.NewGuid().ToString();
var userCode = Guid.NewGuid().ToString();
var data = new DeviceCode
{
ClientId = Guid.NewGuid().ToString(),
CreationTime = DateTime.UtcNow,
Lifetime = 300
};
using (var session = ravenStore.OpenAsyncSession())
{
var store = new DeviceFlowStore(session, new PersistentGrantSerializer(),
FakeLogger <DeviceFlowStore> .Create());
await store.StoreDeviceAuthorizationAsync(deviceCode, userCode, data);
}
using (var session = ravenStore.OpenSession())
{
var foundDeviceFlowCodes = session.Query <DeviceFlowCode>().FirstOrDefault(x => x.DeviceCode == deviceCode);
foundDeviceFlowCodes.Should().NotBeNull();
var deserializedData =
new PersistentGrantSerializer().Deserialize <DeviceCode>(foundDeviceFlowCodes?.Data);
deserializedData.CreationTime.Should().BeCloseTo(data.CreationTime);
deserializedData.ClientId.Should().Be(data.ClientId);
deserializedData.Lifetime.Should().Be(data.Lifetime);
}
}
public DefaultPersistedGrantService(IPersistedGrantStore store,
PersistentGrantSerializer serializer,
ILogger <DefaultPersistedGrantService> logger)
{
_store = store;
_serializer = serializer;
_logger = logger;
}
private static PersistedGrantService CreateSut()
{
var authorizationCodeStoreMock = new Mock <IAdminStore <Entity.AuthorizationCode> >();
var userConsentStoreMock = new Mock <IAdminStore <Entity.UserConsent> >();
var refreshTokenStoreMock = new Mock <IAdminStore <Entity.RefreshToken> >();
var referenceTokenStoreMock = new Mock <IAdminStore <Entity.ReferenceToken> >();
var serializer = new PersistentGrantSerializer();
var sut = new PersistedGrantService(authorizationCodeStoreMock.Object,
userConsentStoreMock.Object,
refreshTokenStoreMock.Object,
referenceTokenStoreMock.Object,
serializer);
authorizationCodeStoreMock.Setup(m => m.GetAsync(It.IsAny <PageRequest>(), default)).ReturnsAsync(new PageResponse <Entity.AuthorizationCode>
{
Items = new[] {
new Entity.AuthorizationCode
{
Data = serializer.Serialize(new AuthorizationCode {
RequestedScopes = Array.Empty <string>()
})
}
}
});
userConsentStoreMock.Setup(m => m.GetAsync(It.IsAny <PageRequest>(), default)).ReturnsAsync(new PageResponse <Entity.UserConsent>
{
Items = new[] { new Entity.UserConsent
{
Data = serializer.Serialize(new Consent {
Scopes = Array.Empty <string>()
})
} }
});
refreshTokenStoreMock.Setup(m => m.GetAsync(It.IsAny <PageRequest>(), default)).ReturnsAsync(new PageResponse <Entity.RefreshToken>
{
Items = new[] { new Entity.RefreshToken()
{
Data = serializer.Serialize(new RefreshToken {
AccessToken = new Token
{
Claims = Array.Empty <Claim>()
}
})
} }
});
referenceTokenStoreMock.Setup(m => m.GetAsync(It.IsAny <PageRequest>(), default)).ReturnsAsync(new PageResponse <Entity.ReferenceToken>
{
Items = new[] { new Entity.ReferenceToken()
{
Data = serializer.Serialize(new Token {
Claims = Array.Empty <Claim>()
})
} }
});
return(sut);
}
public async Task Should_Retrieve_Data_By_DeviceCode(TestDatabase testDb)
{
var loggerMock = new Mock <ILogger <DeviceFlowStore> >();
var serializer = new PersistentGrantSerializer();
var testDeviceCode = $"device_{Guid.NewGuid()}";
var testUserCode = $"user_{Guid.NewGuid()}";
var expectedSubject = $"sub_{Guid.NewGuid()}";
var expectedDeviceCodeData = new DeviceCode()
{
ClientId = "device_flow",
RequestedScopes = new[] { "openid", "api1" },
CreationTime = new DateTime(2018, 12, 7, 14, 15, 16),
Lifetime = 300,
IsOpenId = true,
Subject = new ClaimsPrincipal(
new ClaimsIdentity(
new List <Claim> {
new Claim(JwtClaimTypes.Subject, expectedSubject)
}
)
)
};
using (var session = testDb.SessionFactory.OpenSession())
{
using (var tx = session.BeginTransaction())
{
await session.SaveAsync(new DeviceFlowCodes
{
DeviceCode = testDeviceCode,
ID = testUserCode,
ClientId = expectedDeviceCodeData.ClientId,
SubjectId = expectedDeviceCodeData.Subject.FindFirst(JwtClaimTypes.Subject).Value,
CreationTime = expectedDeviceCodeData.CreationTime,
Expiration = expectedDeviceCodeData.CreationTime.AddSeconds(expectedDeviceCodeData.Lifetime),
Data = serializer.Serialize(expectedDeviceCodeData)
});
await tx.CommitAsync();
}
}
DeviceCode code;
using (var session = testDb.SessionFactory.OpenSession())
{
var store = new DeviceFlowStore(session, serializer, loggerMock.Object);
code = await store.FindByDeviceCodeAsync(testDeviceCode);
}
code.Should().BeEquivalentTo(expectedDeviceCodeData, assertionOptions => assertionOptions.Excluding(x => x.Subject));
code.Subject.Claims.FirstOrDefault(x => x.Type == JwtClaimTypes.Subject && x.Value == expectedSubject).Should().NotBeNull();
await CleanupTestDataAsync(testDb);
}
public async Task FindByUserCodeAsync_should_throw_when_code_is_null()
{
using var store = new RavenDbTestDriverWrapper().GetDocumentStore();
var serializer = new PersistentGrantSerializer();
var loggerMock = new Mock <ILogger <DeviceFlowStore> >();
var sut = new DeviceFlowStore(new ScopedAsynDocumentcSession(store.OpenAsyncSession()), serializer, loggerMock.Object);
await Assert.ThrowsAsync <ArgumentNullException>(() => sut.FindByUserCodeAsync(null));
}
public async Task UpdateByUserCodeAsync_should_throw_when_handle_not_found()
{
using var store = new RavenDbTestDriverWrapper().GetDocumentStore();
var serializer = new PersistentGrantSerializer();
var loggerMock = new Mock <ILogger <RefreshTokenStore> >();
var sut = new RefreshTokenStore(new ScopedAsynDocumentcSession(store.OpenAsyncSession()), serializer, loggerMock.Object);
await Assert.ThrowsAsync <InvalidOperationException>(() => sut.UpdateRefreshTokenAsync("handle", new RefreshToken()));
}
public async Task StoreAuthorizationCodeAsync_should_throw_when_subject_is_null()
{
using var store = new RavenDbTestDriverWrapper().GetDocumentStore();
var serializer = new PersistentGrantSerializer();
var loggerMock = new Mock <ILogger <AuthorizationCodeStore> >();
using var session = store.OpenAsyncSession();
var sut = new AuthorizationCodeStore(new ScopedAsynDocumentcSession(session), serializer, loggerMock.Object);
await Assert.ThrowsAsync <InvalidOperationException>(() => sut.StoreAuthorizationCodeAsync(new AuthorizationCode()));
}
public static void Tests(string name, string connectionString) => Describe($"{nameof(DeviceFlowStore)} using {name}", () =>
{
var dataLayer = XpoDefault.GetDataLayer(connectionString, DevExpress.Xpo.DB.AutoCreateOption.DatabaseAndSchema);
var serializer = new PersistentGrantSerializer();
using var unitOfWork = new UnitOfWork(dataLayer);
unitOfWork.UpdateSchema();
(DeviceFlowStore, UnitOfWork)CreateStore()
{
var uow = new UnitOfWork(dataLayer);
return(new DeviceFlowStore(uow, new PersistentGrantSerializer(), new FakeLogger <DeviceFlowStore>()), uow);
public async Task Should_Throw_Exception_If_DeviceCode_Already_Exists(TestDatabase testDb)
{
var loggerMock = new Mock <ILogger <DeviceFlowStore> >();
var serializer = new PersistentGrantSerializer();
var existingUserCode = $"user_{Guid.NewGuid()}";
var deviceCodeData = new DeviceCode()
{
ClientId = "device_flow",
RequestedScopes = new[] { "openid", "api1" },
CreationTime = new DateTime(2018, 12, 07, 8, 00, 00),
Lifetime = 300,
IsOpenId = true,
Subject = new ClaimsPrincipal(
new ClaimsIdentity(
new List <Claim> {
new Claim(JwtClaimTypes.Subject, $"sub_{Guid.NewGuid()}")
}
)
)
};
using (var session = testDb.SessionFactory.OpenSession())
{
using (var tx = session.BeginTransaction())
{
await session.SaveAsync(new DeviceFlowCodes()
{
DeviceCode = $"device_{Guid.NewGuid()}",
ID = existingUserCode,
ClientId = deviceCodeData.ClientId,
SubjectId = deviceCodeData.Subject.FindFirst(JwtClaimTypes.Subject).Value,
CreationTime = deviceCodeData.CreationTime,
Expiration = deviceCodeData.CreationTime.AddSeconds(deviceCodeData.Lifetime),
Data = serializer.Serialize(deviceCodeData)
});
await tx.CommitAsync();
}
}
using (var session = testDb.SessionFactory.OpenSession())
{
var store = new DeviceFlowStore(session, new PersistentGrantSerializer(), loggerMock.Object);
Func <Task> act = async() => await store.StoreDeviceAuthorizationAsync($"device_{Guid.NewGuid()}", existingUserCode, deviceCodeData);
await act.Should().ThrowAsync <HibernateException>();
}
await CleanupTestDataAsync(testDb);
}
public async Task StoreAuthorizationCodeAsync_should_throw_when_subject_claim_is_not_found()
{
using var store = new RavenDbTestDriverWrapper().GetDocumentStore();
var serializer = new PersistentGrantSerializer();
var loggerMock = new Mock <ILogger <AuthorizationCodeStore> >();
using var session = store.OpenAsyncSession();
var sut = new AuthorizationCodeStore(new ScopedAsynDocumentcSession(session), serializer, loggerMock.Object);
await Assert.ThrowsAsync <Exception>(() => sut.StoreAuthorizationCodeAsync(new AuthorizationCode
{
Subject = new ClaimsPrincipal(new ClaimsIdentity())
}));
}
public async Task StoreDeviceAuthorizationAsync_should_check_parameters()
{
using var store = new RavenDbTestDriverWrapper().GetDocumentStore();
var serializer = new PersistentGrantSerializer();
var loggerMock = new Mock <ILogger <DeviceFlowStore> >();
var sut = new DeviceFlowStore(new ScopedAsynDocumentcSession(store.OpenAsyncSession()), serializer, loggerMock.Object);
await Assert.ThrowsAsync <ArgumentNullException>(() => sut.StoreDeviceAuthorizationAsync(null, null, null));
await Assert.ThrowsAsync <ArgumentNullException>(() => sut.StoreDeviceAuthorizationAsync("code", null, null));
await Assert.ThrowsAsync <ArgumentNullException>(() => sut.StoreDeviceAuthorizationAsync("code", "userCode", null));
}
protected DefaultGrantStore(string grantType,
IPersistedGrantStore store,
PersistentGrantSerializer serializer,
ILogger logger)
{
if (grantType.IsMissing())
{
throw new ArgumentNullException(nameof(grantType));
}
_grantType = grantType;
_store = store;
_serializer = serializer;
_logger = logger;
}
public async Task Should_Remove_Existing_DeviceCode(TestDatabase testDb)
{
var loggerMock = new Mock <ILogger <DeviceFlowStore> >();
var serializer = new PersistentGrantSerializer();
var testDeviceCode = $"device_{Guid.NewGuid()}";
var testUserCode = $"user_{Guid.NewGuid()}";
var existingDeviceCode = new DeviceCode
{
ClientId = "device_flow",
RequestedScopes = new[] { "openid", "api1" },
CreationTime = new DateTime(2018, 12, 7, 14, 15, 16),
Lifetime = 42,
IsOpenId = true
};
using (var session = testDb.SessionFactory.OpenSession())
{
using (var tx = session.BeginTransaction())
{
await session.SaveAsync(new DeviceFlowCodes
{
DeviceCode = testDeviceCode,
ID = testUserCode,
ClientId = existingDeviceCode.ClientId,
CreationTime = existingDeviceCode.CreationTime,
Expiration = existingDeviceCode.CreationTime.AddSeconds(existingDeviceCode.Lifetime),
Data = serializer.Serialize(existingDeviceCode)
});
await tx.CommitAsync();
}
}
using (var session = testDb.SessionFactory.OpenSession())
{
var store = new DeviceFlowStore(session, serializer, loggerMock.Object);
await store.RemoveByDeviceCodeAsync(testDeviceCode);
}
using (var session = testDb.SessionFactory.OpenSession())
{
(await session.GetAsync <DeviceFlowCodes>(testUserCode)).Should().BeNull();
}
await CleanupTestDataAsync(testDb);
}
public async Task Removing_An_Unexisting_DeviceCode_Does_Not_Throw_Exception(TestDatabase testDb)
{
var loggerMock = new Mock <ILogger <DeviceFlowStore> >();
var serializer = new PersistentGrantSerializer();
using (var session = testDb.SessionFactory.OpenSession())
{
var store = new DeviceFlowStore(session, serializer, loggerMock.Object);
Func <Task> act = async() => await store.RemoveByDeviceCodeAsync($"device_{Guid.NewGuid()}");
await act.Should().NotThrowAsync();
}
await CleanupTestDataAsync(testDb);
}
public async Task RemoveReferenceTokenAsync_should_not_throw_when_entity_not_exist()
{
using var store = new RavenDbTestDriverWrapper().GetDocumentStore();
var serializer = new PersistentGrantSerializer();
var loggerMock = new Mock <ILogger <ReferenceTokenStore> >();
using var session = store.OpenAsyncSession();
var sut = new ReferenceTokenStore(new ScopedAsynDocumentcSession(session), serializer, loggerMock.Object);
await sut.RemoveReferenceTokenAsync("test");
using var s2 = store.OpenAsyncSession();
var result = await s2.LoadAsync <Entity.ReferenceToken>($"{nameof(Entity.ReferenceToken)}/test");
Assert.Null(result);
}
public async Task StoreDeviceAuthorizationAsync_should_create_device_code()
{
using var store = new RavenDbTestDriverWrapper().GetDocumentStore();
var serializer = new PersistentGrantSerializer();
var loggerMock = new Mock <ILogger <DeviceFlowStore> >();
var sut = new DeviceFlowStore(new ScopedAsynDocumentcSession(store.OpenAsyncSession()), serializer, loggerMock.Object);
var code = Guid.NewGuid().ToString();
await sut.StoreDeviceAuthorizationAsync(code, "usercode", new DeviceCode
{
AuthorizedScopes = new [] { "authorization_code" }
});
using var s2 = store.OpenAsyncSession();
Assert.NotEmpty(await s2.Query <Entity.DeviceCode>().Where(d => d.Code == code).ToListAsync());
}
public async Task UpdateByUserCodeAsync_should_update_token()
{
using var store = new RavenDbTestDriverWrapper().GetDocumentStore();
var serializer = new PersistentGrantSerializer();
var loggerMock = new Mock <ILogger <RefreshTokenStore> >();
var token = new RefreshToken
{
AccessToken = new Token
{
ClientId = "test"
}
};
using var s1 = store.OpenAsyncSession();
await s1.StoreAsync(new Entity.RefreshToken
{
Id = "test",
ClientId = "test",
Data = serializer.Serialize(token)
}, $"{nameof(Entity.RefreshToken)}/test");
await s1.SaveChangesAsync();
var sut = new RefreshTokenStore(new ScopedAsynDocumentcSession(store.OpenAsyncSession()), serializer, loggerMock.Object);
await sut.UpdateRefreshTokenAsync("test", new RefreshToken
{
AccessToken = new Token
{
ClientId = "test",
Description = "test"
}
});
using var s2 = store.OpenAsyncSession();
var updated = await s2.LoadAsync <Entity.RefreshToken>($"{nameof(Entity.RefreshToken)}/test");
var data = serializer.Deserialize <RefreshToken>(updated.Data);
Assert.Equal("test", data.AccessToken.Description);
}
public async Task StoreReferenceTokenAsync_should_create_entity()
{
using var store = new RavenDbTestDriverWrapper().GetDocumentStore();
var serializer = new PersistentGrantSerializer();
var loggerMock = new Mock <ILogger <ReferenceTokenStore> >();
using var session = store.OpenAsyncSession();
var sut = new ReferenceTokenStore(new ScopedAsynDocumentcSession(session), serializer, loggerMock.Object);
var code = await sut.StoreReferenceTokenAsync(new Token
{
ClientId = "test"
});
using var s2 = store.OpenAsyncSession();
var result = await s2.LoadAsync <Entity.ReferenceToken>($"{nameof(Entity.ReferenceToken)}/{code}");
Assert.NotNull(result);
}
public async Task StoreAuthorizationCodeAsync_should_create_entity()
{
using var store = new RavenDbTestDriverWrapper().GetDocumentStore();
var serializer = new PersistentGrantSerializer();
var loggerMock = new Mock <ILogger <AuthorizationCodeStore> >();
using var session = store.OpenAsyncSession();
var sut = new AuthorizationCodeStore(new ScopedAsynDocumentcSession(session), serializer, loggerMock.Object);
var code = await sut.StoreAuthorizationCodeAsync(new AuthorizationCode
{
ClientId = "test",
Subject = new ClaimsPrincipal(new ClaimsIdentity(new[] { new Claim(JwtClaimTypes.Subject, "test") }))
});
using var s2 = store.OpenAsyncSession();
var result = await s2.LoadAsync <Entity.AuthorizationCode>($"{nameof(Entity.AuthorizationCode)}/{code}");
Assert.NotNull(result);
}
public async Task StoreUserConsentAsync_should_create_entity()
{
using var store = new RavenDbTestDriverWrapper().GetDocumentStore();
var serializer = new PersistentGrantSerializer();
var loggerMock = new Mock <ILogger <UserConsentStore> >();
using var session = store.OpenAsyncSession();
var sut = new UserConsentStore(new ScopedAsynDocumentcSession(session), serializer, loggerMock.Object);
await sut.StoreUserConsentAsync(new Consent
{
ClientId = "test",
SubjectId = "test"
});
using var s2 = store.OpenAsyncSession();
var result = await s2.Advanced.LoadStartingWithAsync <Entity.UserConsent>($"{nameof(Entity.UserConsent).ToLowerInvariant()}/");
Assert.NotEmpty(result);
}
public async Task StoreDeviceAuthorizationAsync_WhenSuccessful_ExpectDataStored()
{
var deviceCode = Guid.NewGuid().ToString();
var userCode = Guid.NewGuid().ToString();
var data = new DeviceCode
{
ClientId = Guid.NewGuid().ToString(),
CreationTime = DateTime.UtcNow,
Lifetime = 300
};
var store = new DeviceFlowStore(_context, new PersistentGrantSerializer(), FakeLogger <DeviceFlowStore> .Create());
await store.StoreDeviceAuthorizationAsync(deviceCode, userCode, data);
var foundDeviceFlowCodes = (await _context.DeviceFlowCodes.WhereEqualTo("DeviceCode", deviceCode).GetSnapshotAsync())[0].ConvertTo <DeviceFlowCodes>();
foundDeviceFlowCodes.Should().NotBeNull();
var deserializedData = new PersistentGrantSerializer().Deserialize <DeviceCode>(foundDeviceFlowCodes?.Data);
deserializedData.CreationTime.Should().BeCloseTo(data.CreationTime);
deserializedData.ClientId.Should().Be(data.ClientId);
deserializedData.Lifetime.Should().Be(data.Lifetime);
}
public async Task Should_Find_Stored_Data(TestDatabase testDb)
{
var loggerMock = new Mock <ILogger <DeviceFlowStore> >();
var serializer = new PersistentGrantSerializer();
var deviceCode = Guid.NewGuid().ToString();
var userCode = Guid.NewGuid().ToString();
var data = new DeviceCode()
{
ClientId = Guid.NewGuid().ToString(),
CreationTime = DateTime.UtcNow,
Lifetime = 300
};
using (var session = testDb.SessionFactory.OpenSession())
{
var store = new DeviceFlowStore(session, new PersistentGrantSerializer(), loggerMock.Object);
await store.StoreDeviceAuthorizationAsync(deviceCode, userCode, data);
}
using (var session = testDb.SessionFactory.OpenSession())
{
var foundDeviceFlowCodes = await session.QueryOver <DeviceFlowCodes>()
.Where(c => c.DeviceCode == deviceCode)
.SingleOrDefaultAsync();
foundDeviceFlowCodes.Should().NotBeNull();
var deserializedData = serializer.Deserialize <DeviceCode>(foundDeviceFlowCodes?.Data);
deserializedData.CreationTime.Should().BeCloseTo(data.CreationTime);
deserializedData.ClientId.Should().Be(data.ClientId);
deserializedData.Lifetime.Should().Be(data.Lifetime);
}
await CleanupTestDataAsync(testDb);
}
private static PersistedGrantService CreateSut(out Mock <IDataProtector> mock)
{
var authorizationCodeStoreMock = new Mock <IAdminStore <Entity.AuthorizationCode> >();
var userConsentStoreMock = new Mock <IAdminStore <Entity.UserConsent> >();
var refreshTokenStoreMock = new Mock <IAdminStore <Entity.RefreshToken> >();
var referenceTokenStoreMock = new Mock <IAdminStore <Entity.ReferenceToken> >();
var dataProtectorProviderMock = new Mock <IDataProtectionProvider>();
var dataProtectorMock = new Mock <IDataProtector>();
dataProtectorMock.Setup(m => m.Protect(It.IsAny <byte[]>())).Returns <byte[]>(b => b);
dataProtectorMock.Setup(m => m.Unprotect(It.IsAny <byte[]>())).Returns <byte[]>(b => b);
dataProtectorProviderMock.Setup(m => m.CreateProtector(It.IsAny <string>())).Returns(dataProtectorMock.Object);
#if DUENDE
var serializer = new PersistentGrantSerializer(new PersistentGrantOptions
{
DataProtectData = true
}, dataProtectorProviderMock.Object);
#else
var serializer = new PersistentGrantSerializer();
#endif
var localizerMock = new Mock <IStringLocalizer <PersistedGrantService> >();
var loggerMock = new Mock <ILogger <PersistedGrantService> >();
var sut = new PersistedGrantService(authorizationCodeStoreMock.Object,
userConsentStoreMock.Object,
refreshTokenStoreMock.Object,
referenceTokenStoreMock.Object,
serializer,
localizerMock.Object,
loggerMock.Object);
authorizationCodeStoreMock.Setup(m => m.GetAsync(It.IsAny <PageRequest>(), default)).ReturnsAsync(new PageResponse <Entity.AuthorizationCode>
{
Items = new[] {
new Entity.AuthorizationCode
{
Data = serializer.Serialize(new AuthorizationCode {
RequestedScopes = Array.Empty <string>()
})
}
}
});
userConsentStoreMock.Setup(m => m.GetAsync(It.IsAny <PageRequest>(), default)).ReturnsAsync(new PageResponse <Entity.UserConsent>
{
Items = new[] { new Entity.UserConsent
{
Data = serializer.Serialize(new Consent {
Scopes = Array.Empty <string>()
})
} }
});
#if DUENDE
var refreshToken = new RefreshToken();
refreshToken.SetAccessToken(new Token
{
Claims = Array.Empty <Claim>()
});
#else
var refreshToken = new RefreshToken
{
AccessToken = new Token
{
Claims = Array.Empty <Claim>()
}
};
#endif
refreshTokenStoreMock.Setup(m => m.GetAsync(It.IsAny <PageRequest>(), default)).ReturnsAsync(new PageResponse <Entity.RefreshToken>
{
Items = new[] { new Entity.RefreshToken()
{
Data = serializer.Serialize(refreshToken)
} }
});
referenceTokenStoreMock.Setup(m => m.GetAsync(It.IsAny <PageRequest>(), default)).ReturnsAsync(new PageResponse <Entity.ReferenceToken>
{
Items = new[] { new Entity.ReferenceToken()
{
Data = serializer.Serialize(new Token {
Claims = Array.Empty <Claim>()
})
} }
});
mock = dataProtectorMock;
return(sut);
}
public async Task Should_Update_Authorized_Device_Code(TestDatabase testDb)
{
var loggerMock = new Mock <ILogger <DeviceFlowStore> >();
var serializer = new PersistentGrantSerializer();
var testDeviceCode = $"device_{Guid.NewGuid()}";
var testUserCode = $"user_{Guid.NewGuid()}";
var expectedSubject = $"sub_{Guid.NewGuid()}";
var unauthorizedDeviceCode = new DeviceCode()
{
ClientId = "device_flow",
RequestedScopes = new[] { "openid", "api1" },
CreationTime = new DateTime(2018, 12, 7, 14, 15, 16),
Lifetime = 42,
IsOpenId = true
};
using (var session = testDb.SessionFactory.OpenSession())
{
using (var tx = session.BeginTransaction())
{
await session.SaveAsync(new DeviceFlowCodes
{
DeviceCode = testDeviceCode,
ID = testUserCode,
ClientId = unauthorizedDeviceCode.ClientId,
CreationTime = unauthorizedDeviceCode.CreationTime,
Expiration = unauthorizedDeviceCode.CreationTime.AddSeconds(unauthorizedDeviceCode.Lifetime),
Data = serializer.Serialize(unauthorizedDeviceCode)
});
await tx.CommitAsync();
}
}
var authorizedDeviceCode = new DeviceCode
{
ClientId = unauthorizedDeviceCode.ClientId,
RequestedScopes = unauthorizedDeviceCode.RequestedScopes,
AuthorizedScopes = unauthorizedDeviceCode.RequestedScopes,
Subject = new ClaimsPrincipal(
new ClaimsIdentity(
new List <Claim> {
new Claim(JwtClaimTypes.Subject, expectedSubject)
}
)
),
IsAuthorized = true,
IsOpenId = true,
CreationTime = new DateTime(2018, 12, 7, 14, 15, 16),
Lifetime = 42
};
using (var session = testDb.SessionFactory.OpenSession())
{
var store = new DeviceFlowStore(session, serializer, loggerMock.Object);
await store.UpdateByUserCodeAsync(testUserCode, authorizedDeviceCode);
}
DeviceFlowCodes updatedCodes;
using (var session = testDb.SessionFactory.OpenSession())
{
updatedCodes = await session.GetAsync <DeviceFlowCodes>(testUserCode);
}
// Unchanged
updatedCodes.DeviceCode.Should().Be(testDeviceCode);
updatedCodes.ClientId.Should().Be(unauthorizedDeviceCode.ClientId);
updatedCodes.CreationTime.Should().Be(unauthorizedDeviceCode.CreationTime);
updatedCodes.Expiration.Should().Be(unauthorizedDeviceCode.CreationTime.AddSeconds(unauthorizedDeviceCode.Lifetime));
// Updated
var parsedCode = serializer.Deserialize <DeviceCode>(updatedCodes.Data);
parsedCode.Should().BeEquivalentTo(authorizedDeviceCode, assertionOptions => assertionOptions.Excluding(x => x.Subject));
parsedCode.Subject.Claims.FirstOrDefault(x => x.Type == JwtClaimTypes.Subject && x.Value == expectedSubject).Should().NotBeNull();
await CleanupTestDataAsync(testDb);
}
