public void StartAuthorizationShouldReturnStatusWithUrl()
{
var state = "state123";
var nonce = "nonce123";
var authorizeUrl = "http://www.authorize.com/authorize";
var encryptedMSISDN = "abcdef123452452";
var discoveryResponse = new DiscoveryResponse(new RestResponse(System.Net.HttpStatusCode.OK, responseJson));
discoveryResponse.OperatorUrls.AuthorizationUrl = authorizeUrl;
var response = _mobileConnect.StartAuthorization(discoveryResponse, encryptedMSISDN, state, nonce, new MobileConnectRequestOptions());
Assert.IsNotNull(response);
Assert.That(response.Url.StartsWith(authorizeUrl));
}
private async Task StartAuthorization(MobileConnectStatus response)
{
_state = Guid.NewGuid().ToString("N");
_nonce = Guid.NewGuid().ToString("N");
var newResponse = _mobileConnect.StartAuthorization(_discoveryResponse,
response.DiscoveryResponse.ResponseData.subscriber_id, _state, _nonce, new MobileConnectRequestOptions());
await HandleResponse(newResponse);
}
//[TestCase("r2-ref")]
public async Task MobileConnectInterfaceShouldRejectIncorrectState(string configKey)
{
RestClient restClient = new RestClient();
IDiscoveryCache cache = null;
IDiscovery discovery = new GSMA.MobileConnect.Discovery.Discovery(cache, restClient);
IAuthentication authentication = new GSMA.MobileConnect.Authentication.Authentication(restClient);
var testConfig = TestConfig.GetConfig(configKey);
MobileConnectConfig config = new MobileConnectConfig()
{
DiscoveryUrl = testConfig.DiscoveryUrl,
ClientId = testConfig.ClientId,
ClientSecret = testConfig.ClientSecret,
RedirectUrl = testConfig.RedirectUrl
};
MobileConnectRequestOptions blankOptions = new MobileConnectRequestOptions();
MobileConnectInterface mobileConnect = new MobileConnectInterface(discovery, authentication, config);
//Attempt discovery
var status = await mobileConnect.AttemptDiscoveryAsync(testConfig.ValidMSISDN, null, null, blankOptions);
Assert.AreEqual(MobileConnectResponseType.StartAuthorization, status.ResponseType);
var discoveryResponse = status.DiscoveryResponse;
var encryptedMsisdn = status.DiscoveryResponse.ResponseData.subscriber_id;
var state = "zmxncbvalskdjfhgqpwoeiruty";
var nonce = "qpwoeirutyalskdjfhgzmxncbv";
//Start Authorization
status = mobileConnect.StartAuthorization(discoveryResponse, encryptedMsisdn, state, nonce, blankOptions);
Assert.AreEqual(MobileConnectResponseType.Authorization, status.ResponseType);
//Inconclusive at this point because the sandbox no longer allows us to follow redirects easily
Assert.Inconclusive("Can't follow redirects in sandbox");
//Authorization
var redirectedUrl = await FollowRedirects(status.Url, _basicRequestHeaders, testConfig.RedirectUrl);
Assert.That(() => redirectedUrl.AbsoluteUri.StartsWith(testConfig.RedirectUrl));
Assert.AreEqual(state, HttpUtils.ExtractQueryValue(redirectedUrl.Query, "state"));
//Handle auth redirect and request token
status = await mobileConnect.HandleUrlRedirectAsync(redirectedUrl, discoveryResponse, "incorrectstate", nonce);
Assert.AreEqual(MobileConnectResponseType.Error, status.ResponseType);
Assert.AreEqual("invalid_state", status.ErrorCode);
Assert.IsNotEmpty(status.ErrorMessage);
}