public void CreateAccessTokenSeesAuthorizingUserResourceOwnerGrant()
        {
            var authServerMock = CreateAuthorizationServerMock();

            authServerMock
            .Setup(a => a.CheckAuthorizeResourceOwnerCredentialGrant(ResourceOwnerUsername, ResourceOwnerPassword, It.IsAny <IAccessTokenRequest>()))
            .Returns <string, string, IAccessTokenRequest>((un, pw, req) => {
                var response = new AutomatedUserAuthorizationCheckResponse(req, true, ResourceOwnerUsername);
                Assert.That(req.UserName, Is.EqualTo(ResourceOwnerUsername));
                return(response);
            });
            var coordinator = new OAuth2Coordinator <WebServerClient>(
                AuthorizationServerDescription,
                authServerMock.Object,
                new WebServerClient(AuthorizationServerDescription),
                client => {
                var authState = new AuthorizationState(TestScopes)
                {
                    Callback = ClientCallback,
                };
                var result = client.ExchangeUserCredentialForToken(ResourceOwnerUsername, ResourceOwnerPassword, TestScopes);
                Assert.That(result.AccessToken, Is.Not.Null);
            },
                server => {
                server.HandleTokenRequest().Respond();
            });

            coordinator.Run();
        }
        public void ResourceOwnerScopeOverride()
        {
            var clientRequestedScopes  = new[] { "scope1", "scope2" };
            var serverOverriddenScopes = new[] { "scope1", "differentScope" };
            var authServerMock         = CreateAuthorizationServerMock();

            authServerMock
            .Setup(a => a.CheckAuthorizeResourceOwnerCredentialGrant(ResourceOwnerUsername, ResourceOwnerPassword, It.IsAny <IAccessTokenRequest>()))
            .Returns <string, string, IAccessTokenRequest>((un, pw, req) => {
                var response = new AutomatedUserAuthorizationCheckResponse(req, true, ResourceOwnerUsername);
                response.ApprovedScope.Clear();
                response.ApprovedScope.UnionWith(serverOverriddenScopes);
                return(response);
            });
            var coordinator = new OAuth2Coordinator <WebServerClient>(
                AuthorizationServerDescription,
                authServerMock.Object,
                new WebServerClient(AuthorizationServerDescription),
                client => {
                var authState = new AuthorizationState(TestScopes)
                {
                    Callback = ClientCallback,
                };
                var result = client.ExchangeUserCredentialForToken(ResourceOwnerUsername, ResourceOwnerPassword, clientRequestedScopes);
                Assert.That(result.Scope, Is.EquivalentTo(serverOverriddenScopes));
            },
                server => {
                server.HandleTokenRequest().Respond();
            });

            coordinator.Run();
        }
Пример #3
0
        public async Task ResourceOwnerScopeOverride()
        {
            var clientRequestedScopes  = new[] { "scope1", "scope2" };
            var serverOverriddenScopes = new[] { "scope1", "differentScope" };
            var authServerMock         = CreateAuthorizationServerMock();

            authServerMock
            .Setup(a => a.CheckAuthorizeResourceOwnerCredentialGrant(ResourceOwnerUsername, ResourceOwnerPassword, It.IsAny <IAccessTokenRequest>()))
            .Returns <string, string, IAccessTokenRequest>((un, pw, req) => {
                var response = new AutomatedUserAuthorizationCheckResponse(req, true, ResourceOwnerUsername);
                response.ApprovedScope.Clear();
                response.ApprovedScope.UnionWith(serverOverriddenScopes);
                return(response);
            });

            Handle(AuthorizationServerDescription.TokenEndpoint).By(
                async(req, ct) => {
                var server = new AuthorizationServer(authServerMock.Object);
                return(await server.HandleTokenRequestAsync(req, ct));
            });

            var client = new WebServerClient(AuthorizationServerDescription, hostFactories: this.HostFactories);
            var result = await client.ExchangeUserCredentialForTokenAsync(ResourceOwnerUsername, ResourceOwnerPassword, clientRequestedScopes);

            Assert.That(result.Scope, Is.EquivalentTo(serverOverriddenScopes));
        }
        public AutomatedAuthorizationCheckResponse CheckAuthorizeClientCredentialsGrant(IAccessTokenRequest accessRequest)
        {
            var userName = accessRequest.ClientIdentifier;
            var response = new AutomatedUserAuthorizationCheckResponse(accessRequest, true, userName);

            return(response);
        }
Пример #5
0
            WhenCheckAuthorizeResourceOwnerCredentialGrantForUserAccountWithValidCredentialsAndScope_ThenReturnsTrue
                ()
            {
                var userAccount = new UserAuthInfo
                {
                    Roles = new[]
                    {
                        AuthorizationRoles.NormalUser
                    },
                    PasswordHash = @"sha1:1000:eVtc5YWo+HlEziLNmLoMDrdY8tNr71CG:iZN6EMU5uX1aF70dfFgTGA+wNToqUsnG",
                };

                userStore.Setup(us => us.GetUserAuthInfo(It.IsAny <string>()))
                .Returns(userAccount);
                var request = new Mock <IAccessTokenRequest>();

                request.Setup(r => r.Scope).Returns(new HashSet <string>(new[]
                {
                    AccessScope.Profile
                }));
                request.Setup(r => r.ClientIdentifier).Returns("foo");
                clientStore.Setup(cs => cs.GetClient(It.IsAny <string>()))
                .Returns(new Mock <IClientDescription>().Object);

                AutomatedUserAuthorizationCheckResponse result =
                    server.CheckAuthorizeResourceOwnerCredentialGrant("username", "password",
                                                                      request.Object);

                Assert.True(result.IsApproved);
            }
Пример #6
0
            public void WhenCheckAuthorizeResourceOwnerCredentialGrantWithUnknownUserName_ThenReturnsFalse()
            {
                userStore.Setup(us => us.GetUserAuthInfo(It.IsAny <string>()))
                .Returns((UserAuthInfo)null);
                var request = new Mock <IAccessTokenRequest>();

                request.Setup(r => r.Scope).Returns(new HashSet <string>(new[]
                {
                    "ascope"
                }));

                AutomatedUserAuthorizationCheckResponse result =
                    server.CheckAuthorizeResourceOwnerCredentialGrant("username", "password",
                                                                      request.Object);

                Assert.False(result.IsApproved);
            }
Пример #7
0
            public void WhenCheckAuthorizeResourceOwnerCredentialGrantWithNullClientIdentifier_ThenReturnsFalse()
            {
                var userAccount = new UserAuthInfo
                {
                    PasswordHash = @"sha1:1000:eVtc5YWo+HlEziLNmLoMDrdY8tNr71CG:iZN6EMU5uX1aF70dfFgTGA+wNToqUsnG",
                };

                userStore.Setup(us => us.GetUserAuthInfo(It.IsAny <string>()))
                .Returns(userAccount);
                var request = new Mock <IAccessTokenRequest>();

                request.Setup(r => r.Scope).Returns(new HashSet <string>(new[]
                {
                    "ascope"
                }));

                AutomatedUserAuthorizationCheckResponse result =
                    server.CheckAuthorizeResourceOwnerCredentialGrant("username", "password",
                                                                      request.Object);

                Assert.False(result.IsApproved);
            }
Пример #8
0
            WhenCheckAuthorizeResourceOwnerCredentialGrantWithForUserAccountWithInvalidPassword_ThenReturnsFalse()
            {
                var userAccount = new UserAuthInfo
                {
                    PasswordHash = "",
                };

                userStore.Setup(us => us.GetUserAuthInfo(It.IsAny <string>()))
                .Returns(userAccount);
                var request = new Mock <IAccessTokenRequest>();

                request.Setup(r => r.Scope).Returns(new HashSet <string>(new[]
                {
                    "ascope"
                }));

                AutomatedUserAuthorizationCheckResponse result =
                    server.CheckAuthorizeResourceOwnerCredentialGrant("username", "password",
                                                                      request.Object);

                Assert.False(result.IsApproved);
            }
Пример #9
0
        public async Task CreateAccessTokenSeesAuthorizingUserResourceOwnerGrant()
        {
            var authServerMock = CreateAuthorizationServerMock();

            authServerMock
            .Setup(a => a.CheckAuthorizeResourceOwnerCredentialGrant(ResourceOwnerUsername, ResourceOwnerPassword, It.IsAny <IAccessTokenRequest>()))
            .Returns <string, string, IAccessTokenRequest>((un, pw, req) => {
                var response = new AutomatedUserAuthorizationCheckResponse(req, true, ResourceOwnerUsername);
                Assert.That(req.UserName, Is.EqualTo(ResourceOwnerUsername));
                return(response);
            });

            Handle(AuthorizationServerDescription.TokenEndpoint).By(
                async(req, ct) => {
                var server = new AuthorizationServer(authServerMock.Object);
                return(await server.HandleTokenRequestAsync(req, ct));
            });

            var client = new WebServerClient(AuthorizationServerDescription, hostFactories: this.HostFactories);
            var result = await client.ExchangeUserCredentialForTokenAsync(ResourceOwnerUsername, ResourceOwnerPassword, TestScopes);

            Assert.That(result.AccessToken, Is.Not.Null);
        }
Пример #10
0
        public AutomatedAuthorizationCheckResponse CheckAuthorizeClientCredentialsGrant(IAccessTokenRequest accessRequest)
        {
            AutomatedUserAuthorizationCheckResponse response = new AutomatedUserAuthorizationCheckResponse(accessRequest, true, "test");

            return(response);
        }