public void ReturnsAuthorizedToken()
{
var mocker = new AutoMoqer();
mocker.MockServiceLocator();
mocker.GetMock <IOAuthRequest>().Setup(x => x.ContentType).Returns(ContentType.FormEncoded);
mocker.GetMock <IOAuthRequest>().Setup(x => x.ClientId).Returns("clientid");
mocker.GetMock <IOAuthRequest>().Setup(x => x.ClientSecret).Returns("clientsecret");
mocker.GetMock <IOAuthRequest>().Setup(x => x.Username).Returns("username");
mocker.GetMock <IOAuthRequest>().Setup(x => x.GrantType).Returns(GrantType.Password);
mocker.GetMock <IConsumerRepository>().Setup(x => x.GetByClientId("clientid")).Returns(new ConsumerImpl {
ConsumerId = 1, ClientId = "clientid", Secret = "clientsecret"
});
mocker.GetMock <IResourceOwnerRepository>().Setup(x => x.GetByUsername(1, "username")).Returns(new ResourceOwnerImpl {
ResourceOwnerId = 2, Username = "******", Password = "******".ToHash()
});
mocker.GetMock <IPasswordHasher>().Setup(x => x.CheckPassword("password", "password".ToHash())).Returns(true);
mocker.GetMock <IOAuthRequest>().Setup(x => x.Password).Returns("password");
mocker.GetMock <IConfiguration>().Setup(x => x.AccessTokenExpirationLength).Returns(3600);
mocker.GetMock <IOAuthServiceLocator>().Setup(x => x.Issuer).Returns(new OAuthIssuer());
var authorizer = mocker.Resolve <PasswordTokenRequestAuthorizer>();
var token = authorizer.Authorize(mocker.GetMock <IOAuthRequest>().Object);
mocker.GetMock <IResourceOwnerRepository>().Verify(x => x.ApproveConsumer(2, 1), Times.Once());
Assert.IsNotNull(token);
Assert.IsNotNull(token.AccessToken);
Assert.AreEqual(3600, token.ExpiresIn);
Assert.IsNotNull(token.RefreshToken);
}
public void WhenUsernameIsInvalid_ThenThrowsException()
{
var mocker = new AutoMoqer();
mocker.MockServiceLocator();
mocker.GetMock <IOAuthRequest>().Setup(x => x.ContentType).Returns(ContentType.FormEncoded);
mocker.GetMock <IOAuthRequest>().Setup(x => x.ClientId).Returns("clientid");
mocker.GetMock <IOAuthRequest>().Setup(x => x.ClientSecret).Returns("clientsecret");
mocker.GetMock <IOAuthRequest>().Setup(x => x.Password).Returns("password");
mocker.GetMock <IOAuthRequest>().Setup(x => x.GrantType).Returns(GrantType.Password);
mocker.GetMock <IConsumerRepository>().Setup(x => x.GetByClientId("clientid")).Returns(new ConsumerImpl {
ClientId = "clientid", Secret = "clientsecret"
});
mocker.GetMock <IOAuthRequest>().Setup(x => x.Username).Returns("username");
mocker.GetMock <IResourceOwnerRepository>().Setup(x => x.GetByUsername(1, "user")).Returns <ResourceOwnerImpl>(null);
var authorizer = mocker.Resolve <PasswordTokenRequestAuthorizer>();
try
{
authorizer.Authorize(mocker.GetMock <IOAuthRequest>().Object);
Assert.Fail("Exception not thrown");
}
catch (OAuthException ex)
{
Assert.AreEqual(ErrorCode.InvalidClient, ex.ErrorCode);
Assert.IsTrue(!string.IsNullOrWhiteSpace(ex.ErrorDescription));
}
}
public void WhenAccessTokenIsValid_ThenReturnTrue()
{
var mocker = new AutoMoqer();
mocker.MockServiceLocator();
var issuer = new OAuthIssuer();
mocker.GetMock <IOAuthServiceLocator>().Setup(x => x.Issuer).Returns(issuer);
mocker.GetMock <IConfiguration>().Setup(x => x.AccessTokenExpirationLength).Returns(3600);
var validator = mocker.Resolve <ResourceRequestAuthorizer>();
var token =
issuer.GenerateAccessToken(new TokenData
{
ConsumerId = 1,
ResourceOwnerId = 5,
Timestamp = DateTimeOffset.UtcNow.AddMinutes(-5).Ticks
});
mocker.GetMock <IOAuthRequest>().Setup(x => x.AccessToken).Returns(token);
var result = validator.Authorize(mocker.GetMock <IOAuthRequest>().Object);
Assert.IsTrue(result);
}
public void EnsureApplicationIsApproved()
{
var mocker = new AutoMoqer();
mocker.MockServiceLocator();
mocker.GetMock <IOAuthRequest>().Setup(x => x.ContentType).Returns(ContentType.FormEncoded);
mocker.GetMock <IOAuthRequest>().Setup(x => x.ClientId).Returns("clientid");
mocker.GetMock <IOAuthRequest>().Setup(x => x.ClientSecret).Returns("clientsecret");
mocker.GetMock <IOAuthRequest>().Setup(x => x.Username).Returns("username");
mocker.GetMock <IOAuthRequest>().Setup(x => x.GrantType).Returns(GrantType.Password);
mocker.GetMock <IConsumerRepository>().Setup(x => x.GetByClientId("clientid")).Returns(new ConsumerImpl {
ConsumerId = 1, ClientId = "clientid", Secret = "clientsecret"
});
mocker.GetMock <IResourceOwnerRepository>().Setup(x => x.GetByUsername(1, "username")).Returns(new ResourceOwnerImpl {
ResourceOwnerId = 2, Username = "******", Password = "******".ToHash()
});
mocker.GetMock <IPasswordHasher>().Setup(x => x.CheckPassword("password", "password".ToHash())).Returns(true);
mocker.GetMock <IOAuthRequest>().Setup(x => x.Password).Returns("password");
mocker.SetInstance <IOAuthIssuer>(new OAuthIssuer());
var authorizer = mocker.Resolve <PasswordTokenRequestAuthorizer>();
var token = authorizer.Authorize(mocker.GetMock <IOAuthRequest>().Object);
mocker.GetMock <IResourceOwnerRepository>().Verify(x => x.ApproveConsumer(2, 1), Times.Once());
}
public void ReturnsAuthorizedToken()
{
var mocker = new AutoMoqer();
mocker.MockServiceLocator();
mocker.GetMock<IOAuthRequest>().Setup(x => x.ContentType).Returns(ContentType.FormEncoded);
mocker.GetMock<IOAuthRequest>().Setup(x => x.ClientId).Returns("clientid");
mocker.GetMock<IOAuthRequest>().Setup(x => x.ClientSecret).Returns("clientsecret");
mocker.GetMock<IOAuthRequest>().Setup(x => x.Username).Returns("username");
mocker.GetMock<IOAuthRequest>().Setup(x => x.GrantType).Returns(GrantType.Password);
mocker.GetMock<IConsumerRepository>().Setup(x => x.GetByClientId("clientid")).Returns(new ConsumerImpl { ConsumerId = 1, ClientId = "clientid", Secret = "clientsecret" });
mocker.GetMock<IResourceOwnerRepository>().Setup(x => x.GetByUsername(1, "username")).Returns(new ResourceOwnerImpl { ResourceOwnerId = 2, Username = "******", Password = "******".ToHash() });
mocker.GetMock<IPasswordHasher>().Setup(x => x.CheckPassword("password", "password".ToHash())).Returns(true);
mocker.GetMock<IOAuthRequest>().Setup(x => x.Password).Returns("password");
mocker.GetMock<IConfiguration>().Setup(x => x.AccessTokenExpirationLength).Returns(3600);
mocker.GetMock<IOAuthServiceLocator>().Setup(x => x.Issuer).Returns(new OAuthIssuer());
var authorizer = mocker.Resolve<PasswordTokenRequestAuthorizer>();
var token = authorizer.Authorize(mocker.GetMock<IOAuthRequest>().Object);
mocker.GetMock<IResourceOwnerRepository>().Verify(x => x.ApproveConsumer(2, 1), Times.Once());
Assert.IsNotNull(token);
Assert.IsNotNull(token.AccessToken);
Assert.AreEqual(3600, token.ExpiresIn);
Assert.IsNotNull(token.RefreshToken);
}
public void WhenClientIdIsInvalid_ThenThrowsException()
{
var mocker = new AutoMoqer();
mocker.MockServiceLocator();
mocker.GetMock<IOAuthRequest>().Setup(x => x.ContentType).Returns(ContentType.FormEncoded);
mocker.GetMock<IOAuthRequest>().Setup(x => x.ClientId).Returns("");
mocker.GetMock<IOAuthRequest>().Setup(x => x.ClientSecret).Returns("clientsecret");
mocker.GetMock<IOAuthRequest>().Setup(x => x.Username).Returns("username");
mocker.GetMock<IOAuthRequest>().Setup(x => x.Password).Returns("password");
mocker.GetMock<IOAuthRequest>().Setup(x => x.GrantType).Returns(GrantType.Password);
mocker.GetMock<IOAuthRequest>().Setup(x => x.ClientId).Returns("clientid");
mocker.GetMock<IConsumerRepository>().Setup(x => x.GetByClientId("clientid")).Returns<ConsumerImpl>(null);
var authorizer = mocker.Resolve<PasswordTokenRequestAuthorizer>();
try
{
authorizer.Authorize(mocker.GetMock<IOAuthRequest>().Object);
Assert.Fail("Exception not thrown");
}
catch (OAuthException ex)
{
Assert.AreEqual(ErrorCode.InvalidClient, ex.ErrorCode);
Assert.IsTrue(!string.IsNullOrWhiteSpace(ex.ErrorDescription));
}
}
public void WhenAccessTokenIsExpired_ThenReturnFalse()
{
var mocker = new AutoMoqer();
mocker.MockServiceLocator();
var issuer = new OAuthIssuer();
mocker.GetMock<IOAuthServiceLocator>().Setup(x => x.Issuer).Returns(issuer);
mocker.GetMock<IConfiguration>().Setup(x => x.AccessTokenExpirationLength).Returns(3600);
var validator = mocker.Resolve<ResourceRequestAuthorizer>();
var token =
issuer.GenerateAccessToken(new TokenData
{
ConsumerId = 1,
ResourceOwnerId = 5,
Timestamp = DateTimeOffset.UtcNow.AddMinutes(-65).Ticks
});
mocker.GetMock<IOAuthRequest>().Setup(x => x.AccessToken).Returns(token);
var result = validator.Authorize(mocker.GetMock<IOAuthRequest>().Object);
Assert.IsFalse(result);
}
public void ReturnsAuthorizedToken()
{
var mocker = new AutoMoqer();
mocker.MockServiceLocator();
mocker.GetMock<IOAuthRequest>().Setup(x => x.ClientId).Returns("clientid");
mocker.GetMock<IOAuthRequest>().Setup(x => x.ClientSecret).Returns("clientsecret");
mocker.GetMock<IConsumerRepository>().Setup(x => x.GetByClientId("clientid")).Returns(new ConsumerImpl { ConsumerId = 1, ClientId = "clientid", Secret = "clientsecret" });
mocker.GetMock<IConfiguration>().Setup(x => x.AccessTokenExpirationLength).Returns(3600);
mocker.GetMock<IOAuthServiceLocator>().Setup(x => x.Issuer).Returns(new OAuthIssuer());
var authorizer = mocker.Resolve<ClientCredentialsTokenRequestAuthorizer>();
var token = authorizer.Authorize(mocker.GetMock<IOAuthRequest>().Object);
Assert.IsNotNull(token);
Assert.IsNotNull(token.AccessToken);
Assert.AreEqual(3600, token.ExpiresIn);
Assert.IsNotNull(token.RefreshToken);
}
public void GetAuthorizationToken()
{
var mocker = new AutoMoqer();
mocker.MockServiceLocator();
var properties = new Dictionary<string, IList<string>>
{
{OAuthTokens.ResponseType, new[]{ResponseType.Code}},
{OAuthTokens.ClientId, new[]{"1"}},
{OAuthTokens.RedirectUri, new[]{"http://mydomain.com"}}
};
mocker.GetMock<IRequest>().Setup(x => x.Values).Returns(properties);
mocker.GetMock<IConfiguration>().Setup(x => x.AuthorizationTokenExpirationLength).Returns(500);
mocker.GetMock<IOAuthServiceLocator>().Setup(x => x.Issuer).Returns(new OAuthIssuer());
var request = new AuthorizationRequest(mocker.GetMock<IRequest>().Object,mocker.GetMock<IOAuthServiceLocator>().Object);
var token = request.GetAuthorizationToken(1, 5, null);
Assert.AreEqual(500, token.ExpiresIn);
Assert.IsTrue(token.AuthorizationToken.HasValue());
}
public void WhenClientSecretIsInvalid_ThenThrowsException()
{
var mocker = new AutoMoqer();
mocker.MockServiceLocator();
mocker.GetMock<IOAuthRequest>().Setup(x => x.ClientId).Returns("clientid");
mocker.GetMock<IOAuthRequest>().Setup(x => x.ClientSecret).Returns("clientsecret");
mocker.GetMock<IConsumerRepository>().Setup(x => x.GetByClientId("clientid")).Returns(new ConsumerImpl { ClientId = "clientid", Secret = "secret" });
var authorizer = mocker.Resolve<ClientCredentialsTokenRequestAuthorizer>();
try
{
authorizer.Authorize(mocker.GetMock<IOAuthRequest>().Object);
Assert.Fail("Exception not thrown");
}
catch (OAuthException ex)
{
Assert.AreEqual(ErrorCode.InvalidClient, ex.ErrorCode);
Assert.IsTrue(!string.IsNullOrWhiteSpace(ex.ErrorDescription));
}
}
public void EnsureApplicationIsApproved()
{
var mocker = new AutoMoqer();
mocker.MockServiceLocator();
mocker.GetMock<IOAuthRequest>().Setup(x => x.ContentType).Returns(ContentType.FormEncoded);
mocker.GetMock<IOAuthRequest>().Setup(x => x.ClientId).Returns("clientid");
mocker.GetMock<IOAuthRequest>().Setup(x => x.ClientSecret).Returns("clientsecret");
mocker.GetMock<IOAuthRequest>().Setup(x => x.Username).Returns("username");
mocker.GetMock<IOAuthRequest>().Setup(x => x.GrantType).Returns(GrantType.Password);
mocker.GetMock<IConsumerRepository>().Setup(x => x.GetByClientId("clientid")).Returns(new ConsumerImpl { ConsumerId = 1, ClientId = "clientid", Secret = "clientsecret" });
mocker.GetMock<IResourceOwnerRepository>().Setup(x => x.GetByUsername(1, "username")).Returns(new ResourceOwnerImpl { ResourceOwnerId = 2, Username = "******", Password = "******".ToHash() });
mocker.GetMock<IPasswordHasher>().Setup(x => x.CheckPassword("password", "password".ToHash())).Returns(true);
mocker.GetMock<IOAuthRequest>().Setup(x => x.Password).Returns("password");
mocker.SetInstance<IOAuthIssuer>(new OAuthIssuer());
var authorizer = mocker.Resolve<PasswordTokenRequestAuthorizer>();
var token = authorizer.Authorize(mocker.GetMock<IOAuthRequest>().Object);
mocker.GetMock<IResourceOwnerRepository>().Verify(x => x.ApproveConsumer(2, 1), Times.Once());
}
public void ReturnsAuthorizedToken()
{
var mocker = new AutoMoqer();
mocker.MockServiceLocator();
mocker.GetMock <IOAuthRequest>().Setup(x => x.ClientId).Returns("clientid");
mocker.GetMock <IOAuthRequest>().Setup(x => x.ClientSecret).Returns("clientsecret");
mocker.GetMock <IConsumerRepository>().Setup(x => x.GetByClientId("clientid")).Returns(new ConsumerImpl {
ConsumerId = 1, ClientId = "clientid", Secret = "clientsecret"
});
mocker.GetMock <IConfiguration>().Setup(x => x.AccessTokenExpirationLength).Returns(3600);
mocker.GetMock <IOAuthServiceLocator>().Setup(x => x.Issuer).Returns(new OAuthIssuer());
var authorizer = mocker.Resolve <ClientCredentialsTokenRequestAuthorizer>();
var token = authorizer.Authorize(mocker.GetMock <IOAuthRequest>().Object);
Assert.IsNotNull(token);
Assert.IsNotNull(token.AccessToken);
Assert.AreEqual(3600, token.ExpiresIn);
Assert.IsNotNull(token.RefreshToken);
}
public void WhenClientDoesNotExist_ThenThrowsException()
{
var mocker = new AutoMoqer();
mocker.MockServiceLocator();
mocker.GetMock <IOAuthRequest>().Setup(x => x.ClientId).Returns("clientid");
mocker.GetMock <IOAuthRequest>().Setup(x => x.ClientSecret).Returns("clientsecret");
mocker.GetMock <IConsumerRepository>().Setup(x => x.GetByClientId("clientid")).Returns <IConsumer>(null);
var authorizer = mocker.Resolve <ClientCredentialsTokenRequestAuthorizer>();
try
{
authorizer.Authorize(mocker.GetMock <IOAuthRequest>().Object);
Assert.Fail("Exception not thrown");
}
catch (OAuthException ex)
{
Assert.AreEqual(ErrorCode.InvalidClient, ex.ErrorCode);
Assert.IsTrue(!string.IsNullOrWhiteSpace(ex.ErrorDescription));
}
}
public void GetAuthorizationToken()
{
var mocker = new AutoMoqer();
mocker.MockServiceLocator();
var properties = new Dictionary <string, IList <string> >
{
{ OAuthTokens.ResponseType, new[] { ResponseType.Code } },
{ OAuthTokens.ClientId, new[] { "1" } },
{ OAuthTokens.RedirectUri, new[] { "http://mydomain.com" } }
};
mocker.GetMock <IRequest>().Setup(x => x.Values).Returns(properties);
mocker.GetMock <IConfiguration>().Setup(x => x.AuthorizationTokenExpirationLength).Returns(500);
mocker.GetMock <IOAuthServiceLocator>().Setup(x => x.Issuer).Returns(new OAuthIssuer());
var request = new AuthorizationRequest(mocker.GetMock <IRequest>().Object, mocker.GetMock <IOAuthServiceLocator>().Object);
var token = request.GetAuthorizationToken(1, 5, null);
Assert.AreEqual(500, token.ExpiresIn);
Assert.IsTrue(token.AuthorizationToken.HasValue());
}