public async Task FromResponse_TokenResponse()
{
TokenResponse sentToken = new TokenResponse
{
IdToken = "IdToken",
AccessToken = "AccessToken",
RefreshToken = "RefreshToken",
Scope = "Scope",
TokenType = "TokenType",
ExpiresInSeconds = 100,
// It really doesn't matter, we always set it to now when the token is received
// because that's the recommendation.
IssuedUtc = new DateTime(2000, 01, 01, 0, 0, 0, DateTimeKind.Utc),
};
var serializedToken = NewtonsoftJsonSerializer.Instance.Serialize(sentToken);
HttpResponseMessage response = new HttpResponseMessage(HttpStatusCode.OK)
{
Content = new StringContent(serializedToken)
};
MockClock clock = new MockClock(new DateTime(2020, 02, 02, 2, 20, 20, DateTimeKind.Utc));
TokenResponse token = await TokenResponse.FromHttpResponseAsync(response, clock, new NullLogger());
Assert.Equal("IdToken", token.IdToken);
Assert.Equal("AccessToken", token.AccessToken);
Assert.Equal("RefreshToken", token.RefreshToken);
Assert.Equal("Scope", token.Scope);
Assert.Equal("TokenType", token.TokenType);
Assert.Equal(100, token.ExpiresInSeconds);
// The date should be our mock now, not the one set on the sent token.
Assert.Equal(new DateTime(2020, 02, 02, 2, 20, 20, DateTimeKind.Utc), token.IssuedUtc);
}
internal static async Task <TokenResponse> ExecuteAsync(
this ImpersonationRequest request, HttpClient httpClient, string url,
IClock clock, ILogger logger, CancellationToken cancellationToken)
{
var response = await request.ExecuteAsync(httpClient, url, cancellationToken).ConfigureAwait(false);
return(await TokenResponse.FromHttpResponseAsync(response, clock, logger).ConfigureAwait(false));
}
public override async Task <bool> RequestAccessTokenAsync(CancellationToken taskCancellationToken)
{
// Create and send the HTTP request to compute server token URL.
var httpRequest = new HttpRequestMessage(HttpMethod.Get, TokenServerUrl);
httpRequest.Headers.Add(MetadataFlavor, GoogleMetadataHeader);
var response = await HttpClient.SendAsync(httpRequest, taskCancellationToken).ConfigureAwait(false);
Token = await TokenResponse.FromHttpResponseAsync(response, Clock, Logger);
return(true);
}
internal static async Task <TokenResponse> ExecuteAsync(this TokenRequest request, HttpClient httpClient,
string tokenServerUrl, CancellationToken taskCancellationToken, IClock clock, ILogger logger)
{
var httpRequest = new HttpRequestMessage(HttpMethod.Post, tokenServerUrl)
{
Content = ParameterUtils.CreateFormUrlEncodedContent(request)
};
var response = await httpClient.SendAsync(httpRequest, taskCancellationToken).ConfigureAwait(false);
return(await TokenResponse.FromHttpResponseAsync(response, clock, logger).ConfigureAwait(false));
}
private async Task <bool> RefreshOidcTokenAsync(TokenRefreshManager caller, OidcTokenOptions oidcTokenOptions, CancellationToken cancellationToken)
{
var request = new ImpersonationOIdCTokenRequest
{
DelegateAccounts = Options.DelegateAccounts,
Audience = oidcTokenOptions.TargetAudience,
IncludeEmail = true
};
var body = NewtonsoftJsonSerializer.Instance.Serialize(request);
var content = new StringContent(body, Encoding.UTF8, "application/json");
var oidcTokenUrl = String.Format(GoogleAuthConsts.IamIdTokenEndpointFormatString, Options.TargetPrincipal);
var response = await HttpClient.PostAsync(oidcTokenUrl, content, cancellationToken).ConfigureAwait(false);
caller.Token = await TokenResponse.FromHttpResponseAsync(response, Clock, Logger).ConfigureAwait(false);
return(true);
}
/// <inheritdoc/>
public override async Task <bool> RequestAccessTokenAsync(CancellationToken taskCancellationToken)
{
var request = new ImpersonationAccessTokenRequest
{
DelegateAccounts = Options.DelegateAccounts,
Scopes = Options.Scopes,
Lifetime = ((int)Options.Lifetime.TotalSeconds).ToString() + "s"
};
var body = NewtonsoftJsonSerializer.Instance.Serialize(request);
var content = new StringContent(body, Encoding.UTF8, "application/json");
var response = await HttpClient.PostAsync(TokenServerUrl, content, taskCancellationToken).ConfigureAwait(false);
var newToken = await TokenResponse.FromHttpResponseAsync(response, Clock, Logger).ConfigureAwait(false);
Token = newToken;
return(true);
}
public async Task FromResponse_AccessAndIdTokens(string idToken, string accessToken, string expectedIdToken, string expectedAccessToken)
{
TokenResponse sentToken = new TokenResponse
{
IdToken = idToken,
AccessToken = accessToken,
};
var serializedToken = NewtonsoftJsonSerializer.Instance.Serialize(sentToken);
HttpResponseMessage response = new HttpResponseMessage(HttpStatusCode.OK)
{
Content = new StringContent(serializedToken)
};
var clock = new MockClock(new DateTime(2020, 5, 13, 15, 0, 0, 0, DateTimeKind.Utc));
TokenResponse token = await TokenResponse.FromHttpResponseAsync(response, clock, new NullLogger());
Assert.Equal(expectedIdToken, token.IdToken);
Assert.Equal(expectedAccessToken, token.AccessToken);
}
public async Task FromResponse_Expiry()
{
// For OIDC token endpoint, we only get and IdToken.
// We get the expiry from there.
TokenResponse sentToken = new TokenResponse
{
IdToken = OidcTokenResponseSuccessMessageHandler.FirstCallToken
};
var serializedToken = NewtonsoftJsonSerializer.Instance.Serialize(sentToken);
HttpResponseMessage response = new HttpResponseMessage(HttpStatusCode.OK)
{
Content = new StringContent(serializedToken)
};
var clock = new MockClock(new DateTime(2020, 5, 13, 15, 0, 0, 0, DateTimeKind.Utc));
TokenResponse token = await TokenResponse.FromHttpResponseAsync(response, clock, new NullLogger());
Assert.Equal(OidcTokenResponseSuccessMessageHandler.FirstCallToken, token.IdToken);
Assert.NotNull(token.ExpiresInSeconds);
}
public async Task FromResponse_RawIdToken()
{
HttpResponseMessage response = new HttpResponseMessage(HttpStatusCode.OK)
{
Content = new StringContent(OidcComputeSuccessMessageHandler.FirstCallToken),
RequestMessage = new HttpRequestMessage(HttpMethod.Get, GoogleAuthConsts.EffectiveComputeOidcTokenUrl)
};
MockClock clock = new MockClock(new DateTime(2020, 02, 02, 2, 20, 20, DateTimeKind.Utc));
TokenResponse token = await TokenResponse.FromHttpResponseAsync(response, clock, new NullLogger());
Assert.Equal(OidcComputeSuccessMessageHandler.FirstCallToken, token.IdToken);
Assert.Equal(OidcComputeSuccessMessageHandler.FirstCallToken, token.AccessToken);
Assert.Null(token.RefreshToken);
Assert.Null(token.Scope);
Assert.Null(token.TokenType);
Assert.NotNull(token.ExpiresInSeconds);
// The date should be our mock now, not the one set on the sent token.
Assert.Equal(new DateTime(2020, 02, 02, 2, 20, 20, DateTimeKind.Utc), token.IssuedUtc);
}
/// <inheritdoc/>
public override async Task <TokenResponse> GetAccessTokenAsync(CancellationToken cancellationToken = default(CancellationToken))
{
var response = await RequestMetadataAsync("instance/service-accounts/default/token", cancellationToken, requireMetadataFlavorHeader : false).ConfigureAwait(false);
return(await TokenResponse.FromHttpResponseAsync(response, SystemClock.Default, Logger).ConfigureAwait(false));
}
