public async Task <IActionResult> SetResourceSetPolicy(
EditPolicyResponse viewModel,
CancellationToken cancellationToken)
{
if (viewModel == null)
{
return(BadRequest(
new ErrorDetails
{
Detail = Strings.InputMissing,
Title = Strings.InputMissing,
Status = HttpStatusCode.BadRequest
}));
}
var result = await SetResourceSetPolicy(
viewModel.Id,
viewModel.Rules.Select(ToModel).ToArray(),
cancellationToken)
.ConfigureAwait(false);
return(result is OkResult?Ok(new object()) : result);
}
public void CanRegisterAResourceForUserAndManagePolicies()
{
TokenClient client = null !;
UmaClient umaClient = null !;
GrantedTokenResponse token = null !;
AddResourceSetResponse resourceSetResponse = null !;
EditPolicyResponse policyRules = null !;
"Given a token client".x(
() =>
{
client = new TokenClient(
TokenCredentials.FromClientCredentials("clientCredentials", "clientCredentials"),
_fixture.Client,
new Uri(WellKnownOpenidConfiguration));
});
"And a UMA client".x(() => { umaClient = new UmaClient(_fixture.Client, new Uri(BaseUrl)); });
"When getting a PAT token".x(
async() =>
{
var response = await client.GetToken(
TokenRequest.FromPassword("administrator", "password", new[] { "uma_protection" }))
.ConfigureAwait(false) as Option <GrantedTokenResponse> .Result;
token = response.Item;
Assert.NotNull(token);
});
"Then can register a resource".x(
async() =>
{
var resource = new ResourceSet
{
AuthorizationPolicies = new[]
{
new PolicyRule
{
ClientIdsAllowed = new[] { "clientCredentials" },
IsResourceOwnerConsentNeeded = true,
Scopes = new[] { "read" }
}
},
Name = "test resource",
Scopes = new[] { "read" },
Type = "test"
};
var response = await umaClient.AddResource(resource, token.AccessToken).ConfigureAwait(false) as Option <AddResourceSetResponse> .Result;
Assert.NotNull(response);
resourceSetResponse = response.Item;
});
"And can view resource policies".x(
async() =>
{
var msg = new HttpRequestMessage
{
Method = HttpMethod.Get,
RequestUri = new Uri(resourceSetResponse.UserAccessPolicyUri)
};
msg.Headers.Accept.Add(new MediaTypeWithQualityHeaderValue("application/json"));
msg.Headers.Authorization = new AuthenticationHeaderValue("Bearer", token.AccessToken);
var policyResponse = await _fixture.Client().SendAsync(msg).ConfigureAwait(false);
Assert.True(policyResponse.IsSuccessStatusCode);
var content = await policyResponse.Content.ReadAsStringAsync().ConfigureAwait(false);
policyRules = JsonConvert.DeserializeObject <EditPolicyResponse>(content);
Assert.Single(policyRules !.Rules);
});
"And can update resource policies".x(
async() =>
{
policyRules.Rules[0] = policyRules.Rules[0] with {
IsResourceOwnerConsentNeeded = false
};
var msg = new HttpRequestMessage
{
Method = HttpMethod.Put,
RequestUri = new Uri(resourceSetResponse.UserAccessPolicyUri),
Content = new StringContent(JsonConvert.SerializeObject(policyRules))
};
msg.Headers.Authorization = new AuthenticationHeaderValue("Bearer", token.AccessToken);
var policyResponse = await _fixture.Client().SendAsync(msg).ConfigureAwait(false);
Assert.True(policyResponse.IsSuccessStatusCode);
});
}
