public async Task ResourceOwnerPasswordCredentialGrant(bool anonymousClient) {
var authHostMock = CreateAuthorizationServerMock();
if (anonymousClient) {
authHostMock.Setup(
m =>
m.IsAuthorizationValid(
It.Is<IAuthorizationDescription>(
d =>
d.ClientIdentifier == null && d.User == ResourceOwnerUsername &&
MessagingUtilities.AreEquivalent(d.Scope, TestScopes)))).Returns(true);
}
Handle(AuthorizationServerDescription.TokenEndpoint).By(async (req, ct) => {
var server = new AuthorizationServer(authHostMock.Object);
return await server.HandleTokenRequestAsync(req, ct);
});
var client = new WebServerClient(AuthorizationServerDescription, ClientId, ClientSecret, this.HostFactories);
if (anonymousClient) {
client.ClientIdentifier = null;
}
var authState = await client.ExchangeUserCredentialForTokenAsync(ResourceOwnerUsername, ResourceOwnerPassword, TestScopes);
Assert.That(authState.AccessToken, Is.Not.Null.And.Not.Empty);
Assert.That(authState.RefreshToken, Is.Not.Null.And.Not.Empty);
}
public async Task ResourceOwnerScopeOverride() {
var clientRequestedScopes = new[] { "scope1", "scope2" };
var serverOverriddenScopes = new[] { "scope1", "differentScope" };
var authServerMock = CreateAuthorizationServerMock();
authServerMock
.Setup(a => a.CheckAuthorizeResourceOwnerCredentialGrant(ResourceOwnerUsername, ResourceOwnerPassword, It.IsAny<IAccessTokenRequest>()))
.Returns<string, string, IAccessTokenRequest>((un, pw, req) => {
var response = new AutomatedUserAuthorizationCheckResponse(req, true, ResourceOwnerUsername);
response.ApprovedScope.Clear();
response.ApprovedScope.UnionWith(serverOverriddenScopes);
return response;
});
Handle(AuthorizationServerDescription.TokenEndpoint).By(
async (req, ct) => {
var server = new AuthorizationServer(authServerMock.Object);
return await server.HandleTokenRequestAsync(req, ct);
});
var client = new WebServerClient(AuthorizationServerDescription, hostFactories: this.HostFactories);
var result = await client.ExchangeUserCredentialForTokenAsync(ResourceOwnerUsername, ResourceOwnerPassword, clientRequestedScopes);
Assert.That(result.Scope, Is.EquivalentTo(serverOverriddenScopes));
}
public async Task CreateAccessTokenSeesAuthorizingUserResourceOwnerGrant() {
var authServerMock = CreateAuthorizationServerMock();
authServerMock
.Setup(a => a.CheckAuthorizeResourceOwnerCredentialGrant(ResourceOwnerUsername, ResourceOwnerPassword, It.IsAny<IAccessTokenRequest>()))
.Returns<string, string, IAccessTokenRequest>((un, pw, req) => {
var response = new AutomatedUserAuthorizationCheckResponse(req, true, ResourceOwnerUsername);
Assert.That(req.UserName, Is.EqualTo(ResourceOwnerUsername));
return response;
});
Handle(AuthorizationServerDescription.TokenEndpoint).By(
async (req, ct) => {
var server = new AuthorizationServer(authServerMock.Object);
return await server.HandleTokenRequestAsync(req, ct);
});
var client = new WebServerClient(AuthorizationServerDescription, hostFactories: this.HostFactories);
var result = await client.ExchangeUserCredentialForTokenAsync(ResourceOwnerUsername, ResourceOwnerPassword, TestScopes);
Assert.That(result.AccessToken, Is.Not.Null);
}
