public async Task GrantCredentials_Refuses_InvalidUser()
{
string testPass = "******";
var user = CreateUser();
var userStore = new Mock <IUserStore <User> >();
var userManager = new Mock <UserManager>(userStore.Object);
userManager.Setup(m => m.FindAsync(user.UserName, testPass))
.Returns(Task.FromResult <User>(null));
var owinCotext = new OwinContext();
owinCotext.Set(userManager.Object);
var oAuthContext = new OAuthGrantResourceOwnerCredentialsContext(owinCotext,
new OAuthAuthorizationServerOptions(),
user.Id, user.UserName, testPass, new List <string>());
var provider = new ApplicationOAuthServerProvider();
// Act
await provider.GrantResourceOwnerCredentials(oAuthContext);
Assert.IsFalse(oAuthContext.IsValidated);
Assert.IsNotNull(oAuthContext.Error);
Assert.IsTrue(oAuthContext.Error == "invalid_grant");
Assert.IsNull(oAuthContext.Ticket);
userManager.Verify(m => m.FindAsync(user.UserName, testPass), Times.Once);
}
// This method is required by Katana:
public void Configuration(IAppBuilder app)
{
// todo move to IOC
var context = new UsersDbContext();
IHashProvider hashProvider = new HashProvider();
IRepository <TbaUser> repository = new EfRepository <TbaUser>(context, TimeProvider.Current);
IUsersService usersService = new UsersService(repository, TimeProvider.Current, context, hashProvider);
OAuthAuthorizationServerProvider oAuthServerProvider = new ApplicationOAuthServerProvider(usersService);
ConfigureAuth(app, oAuthServerProvider);
var webApiConfiguration = ConfigureWebApi();
//LocalOnly (default), Always, Never
webApiConfiguration.IncludeErrorDetailPolicy = IncludeErrorDetailPolicy.Never;
app.UseWebApi(webApiConfiguration);
UnityResolver.Register(webApiConfiguration);
}
