/// <summary>
/// Initializes a new instance of the <see cref="UserInfoEndpointController"/> class.
/// </summary>
/// <param name="options">The options.</param>
/// <param name="tokenValidator">The token validator.</param>
/// <param name="generator">The generator.</param>
/// <param name="tokenUsageValidator">The token usage validator.</param>
public UserInfoEndpointController(IdentityServerOptions options, TokenValidator tokenValidator, UserInfoResponseGenerator generator, BearerTokenUsageValidator tokenUsageValidator)
{
_tokenValidator = tokenValidator;
_generator = generator;
_options = options;
_tokenUsageValidator = tokenUsageValidator;
}
public async Task No_Header_no_Body_Get()
{
var request = new HttpRequestMessage();
request.Method = HttpMethod.Get;
var validator = new BearerTokenUsageValidator();
var result = await validator.ValidateAsync(request);
result.TokenFound.Should().BeFalse();
}
public async Task Whitespaces_Bearer_Scheme_Header()
{
var request = new HttpRequestMessage();
request.Method = HttpMethod.Get;
request.Headers.Add("Authorization", "Bearer ");
var validator = new BearerTokenUsageValidator();
var result = await validator.ValidateAsync(request);
result.TokenFound.Should().BeFalse();
}
public async Task No_Header_no_Body_Post()
{
var request = new HttpRequestMessage();
request.Method = HttpMethod.Post;
request.Content = new FormUrlEncodedContent(new Dictionary<string, string>());
var validator = new BearerTokenUsageValidator();
var result = await validator.ValidateAsync(request);
result.TokenFound.Should().BeFalse();
}
public async Task Valid_Bearer_Scheme_Header()
{
var request = new HttpRequestMessage();
request.Method = HttpMethod.Get;
request.Headers.Add("Authorization", "Bearer token");
var validator = new BearerTokenUsageValidator();
var result = await validator.ValidateAsync(request);
result.TokenFound.Should().BeTrue();
result.Token.Should().Be("token");
result.UsageType.Should().Be(BearerTokenUsageType.AuthorizationHeader);
}
public async Task Body_Post_Whitespace_Token()
{
var request = new HttpRequestMessage();
request.Method = HttpMethod.Post;
request.Content = new FormUrlEncodedContent(new Dictionary<string, string>
{
{ "access_token", " " }
});
var validator = new BearerTokenUsageValidator();
var result = await validator.ValidateAsync(request);
result.TokenFound.Should().BeFalse();
}
public async Task Valid_Body_Post()
{
var request = new HttpRequestMessage();
request.Method = HttpMethod.Post;
request.Content = new FormUrlEncodedContent(new Dictionary<string, string>
{
{ "access_token", "token" }
});
var validator = new BearerTokenUsageValidator();
var result = await validator.ValidateAsync(request);
result.TokenFound.Should().BeTrue();
result.Token.Should().Be("token");
result.UsageType.Should().Be(BearerTokenUsageType.PostBody);
}
