public async Task WhenCorsHeadersAreAlreadySetOnTheResponse_LeavesThemAsIs()
{
var client = PipelineFactory.CreateHttpClient(_options, x =>
{
x.Use(async(context, next) =>
{
var hdr = context.Response.Headers;
//hdr.Remove("Access-Control-Allow-Origin");
//hdr.Remove("Access-Control-Allow-Method");
//hdr.Remove("Access-Control-Allow-Headers");
hdr.Add("Access-Control-Allow-Origin", new[] { "ACAO Value" });
hdr.Add("Access-Control-Allow-Method", new[] { "ACAM Value" });
hdr.Add("Access-Control-Allow-Headers", new[] { "ACAH Value" });
await next();
});
});
var token = TokenFactory.CreateTokenString(TokenFactory.CreateToken(scope: new string[] { TokenFactory.Api1Scope }));
client.SetBearerToken(token);
var result = await client.GetAsync("http://test");
var responseHeaders = result.Headers;
responseHeaders.GetValues("Access-Control-Allow-Origin").Should().BeEquivalentTo("ACAO Value");
responseHeaders.GetValues("Access-Control-Allow-Method").Should().BeEquivalentTo("ACAM Value");
responseHeaders.GetValues("Access-Control-Allow-Headers").Should().BeEquivalentTo("ACAH Value");
}
public async Task WhenNoCorsHeadersAreAlreadySetOnTheResponse_SetsThemFromRequestSpecificHeaders()
{
var client = PipelineFactory.CreateHttpClient(_options, x =>
{
x.Use(async(context, next) =>
{
context.Request.Headers.Add("Origin", new[] { "Origin Value" });
context.Request.Headers.Add("Access-Control-Request-Method", new[] { "ACRM Value" });
context.Request.Headers.Add("Access-Control-Request-Headers", new[] { "ACRH Value" });
await next()
.ConfigureAwait(true);
});
});
var token = TokenFactory.CreateTokenString(TokenFactory.CreateToken(scope: new string[] { TokenFactory.Api1Scope }));
client.SetBearerToken(token);
var result = await client.GetAsync("http://test")
.ConfigureAwait(false);
var responseHeaders = result.Headers;
responseHeaders.GetValues("Access-Control-Allow-Origin").Should().BeEquivalentTo("Origin Value");
responseHeaders.GetValues("Access-Control-Expose-Headers").Should().BeEquivalentTo("WWW-Authenticate");
responseHeaders.GetValues("Access-Control-Allow-Method").Should().BeEquivalentTo("ACRM Value");
responseHeaders.GetValues("Access-Control-Allow-Headers").Should().BeEquivalentTo("ACRH Value");
}
public async Task Token_Sent_No_Scope_No_ScopeRequirements()
{
var client = PipelineFactory.CreateHttpClient(_options);
var token = TokenFactory.CreateTokenString(TokenFactory.CreateToken());
client.SetBearerToken(token);
var result = await client.GetAsync("http://test");
result.StatusCode.Should().Be(HttpStatusCode.OK);
}
public async Task Token_Sent_With_Unexpected_Audience_And_Audience_Validation_Is_On()
{
var client = PipelineFactory.CreateHttpClient(_options);
var token = TokenFactory.CreateTokenString(TokenFactory.CreateToken(audience: "UNEXPECTED_AUDIENCE"));
client.SetBearerToken(token);
var result = await client.GetAsync("http://test");
result.StatusCode.Should().Be(HttpStatusCode.Unauthorized);
}
public async Task JWT_Sent_No_Scope_No_ScopeRequirements()
{
_options.BackchannelHttpHandler = new DiscoveryEndpointHandler();
var client = PipelineFactory.CreateHttpClient(_options);
var token = TokenFactory.CreateTokenString(TokenFactory.CreateToken());
client.SetBearerToken(token);
var result = await client.GetAsync("http://test");
result.StatusCode.Should().Be(HttpStatusCode.OK);
}
public async Task Token_Sent_No_Scope_Api1_Api2_ScopeRequirements()
{
_options.RequiredScopes = new[] { TokenFactory.Api1Scope, TokenFactory.Api2Scope };
var client = PipelineFactory.CreateHttpClient(_options);
var token = TokenFactory.CreateTokenString(TokenFactory.CreateToken());
client.SetBearerToken(token);
var result = await client.GetAsync("http://test");
result.StatusCode.Should().Be(HttpStatusCode.Forbidden);
}
public async Task Token_Sent_Api1_Scope_Api1_ScopeRequirements()
{
_options.RequiredScopes = new[] { TokenFactory.Api1Scope };
var client = PipelineFactory.CreateHttpClient(_options);
var token = TokenFactory.CreateTokenString(
TokenFactory.CreateToken(scope: new[] { TokenFactory.Api1Scope }));
client.SetBearerToken(token);
var result = await client.GetAsync("http://test")
.ConfigureAwait(false);
result.StatusCode.Should().Be(HttpStatusCode.OK);
}
public async Task JWT_Sent_No_Scope_Api1_ScopeRequirements()
{
_options.BackchannelHttpHandler = new DiscoveryEndpointHandler();
_options.RequiredScopes = new[] { TokenFactory.Api1Scope };
var client = PipelineFactory.CreateHttpClient(_options);
var token = TokenFactory.CreateTokenString(TokenFactory.CreateToken());
client.SetBearerToken(token);
var result = await client.GetAsync("http://test")
.ConfigureAwait(false);
result.StatusCode.Should().Be(HttpStatusCode.Forbidden);
}
public async Task WhenDelayLoadMetadataIsTrue_MetadataRetrievalIsRetriedAfterFailure()
{
_options.BackchannelHttpHandler = new FailureDiscoveryEndpointHandler();
var client = PipelineFactory.CreateHttpClient(_options);
var token = TokenFactory.CreateTokenString(TokenFactory.CreateToken());
client.SetBearerToken(token);
Func <Task> action = async() => await client.GetAsync("http://test");
action.
ShouldThrow <InvalidOperationException>().
And.
Message.Should().Contain("IDX10803"); // IDX10803: Unable to create to obtain configuration from: https://discodoc
_options.BackchannelHttpHandler = new DiscoveryEndpointHandler();
var result = await client.GetAsync("http://test");
result.StatusCode.Should().Be(HttpStatusCode.OK);
}
public async Task Token_From_QueryString()
{
var provider = new OAuthBearerAuthenticationProvider
{
OnRequestToken = c =>
{
var qs = c.OwinContext.Request.Query;
c.Token = qs.Get("access_token");
return(Task.FromResult(0));
}
};
_options.TokenProvider = provider;
var client = PipelineFactory.CreateHttpClient(_options);
var token = TokenFactory.CreateTokenString(TokenFactory.CreateToken());
var result = await client.GetAsync("http://test?access_token=" + token);
result.StatusCode.Should().Be(HttpStatusCode.OK);
}
public async Task Valid_Token_With_ValidatingIdentity_Deny_Access()
{
var provider = new OAuthBearerAuthenticationProvider
{
OnValidateIdentity = c =>
{
c.Rejected();
return(Task.FromResult(0));
}
};
_options.TokenProvider = provider;
var client = PipelineFactory.CreateHttpClient(_options);
var token = TokenFactory.CreateTokenString(TokenFactory.CreateToken());
client.SetBearerToken(token);
var result = await client.GetAsync("http://test");
result.StatusCode.Should().Be(HttpStatusCode.Unauthorized);
}
