public async Task GetClientAccessTokenReturnsApprovedScope() { string[] approvedScopes = new[] { "Scope2", "Scope3" }; var authServer = CreateAuthorizationServerMock(); authServer.Setup( a => a.IsAuthorizationValid(It.Is <IAuthorizationDescription>(d => d.User == null && d.ClientIdentifier == ClientId && MessagingUtilities.AreEquivalent(d.Scope, TestScopes)))) .Returns(true); authServer.Setup( a => a.CheckAuthorizeClientCredentialsGrant(It.Is <IAccessTokenRequest>(d => d.ClientIdentifier == ClientId && MessagingUtilities.AreEquivalent(d.Scope, TestScopes)))) .Returns <IAccessTokenRequest>(req => { var response = new AutomatedAuthorizationCheckResponse(req, true); response.ApprovedScope.ResetContents(approvedScopes); return(response); }); Handle(AuthorizationServerDescription.TokenEndpoint).By( async(req, ct) => { var server = new AuthorizationServer(authServer.Object); return(await server.HandleTokenRequestAsync(req, ct)); }); var client = new WebServerClient(AuthorizationServerDescription, ClientId, ClientSecret, this.HostFactories); var authState = await client.GetClientAccessTokenAsync(TestScopes); Assert.That(authState.Scope, Is.EquivalentTo(approvedScopes)); }
public void ClientCredentialScopeOverride() { var clientRequestedScopes = new[] { "scope1", "scope2" }; var serverOverriddenScopes = new[] { "scope1", "differentScope" }; var authServerMock = CreateAuthorizationServerMock(); authServerMock .Setup(a => a.CheckAuthorizeClientCredentialsGrant(It.IsAny <IAccessTokenRequest>())) .Returns <IAccessTokenRequest>(req => { var response = new AutomatedAuthorizationCheckResponse(req, true); response.ApprovedScope.Clear(); response.ApprovedScope.UnionWith(serverOverriddenScopes); return(response); }); var coordinator = new OAuth2Coordinator <WebServerClient>( AuthorizationServerDescription, authServerMock.Object, new WebServerClient(AuthorizationServerDescription), client => { var authState = new AuthorizationState(TestScopes) { Callback = ClientCallback, }; var result = client.GetClientAccessToken(clientRequestedScopes); Assert.That(result.Scope, Is.EquivalentTo(serverOverriddenScopes)); }, server => { server.HandleTokenRequest().Respond(); }); coordinator.Run(); }
public async Task ClientCredentialScopeOverride() { var clientRequestedScopes = new[] { "scope1", "scope2" }; var serverOverriddenScopes = new[] { "scope1", "differentScope" }; var authServerMock = CreateAuthorizationServerMock(); authServerMock .Setup(a => a.CheckAuthorizeClientCredentialsGrant(It.IsAny <IAccessTokenRequest>())) .Returns <IAccessTokenRequest>(req => { var response = new AutomatedAuthorizationCheckResponse(req, true); response.ApprovedScope.Clear(); response.ApprovedScope.UnionWith(serverOverriddenScopes); return(response); }); Handle(AuthorizationServerDescription.TokenEndpoint).By( async(req, ct) => { var server = new AuthorizationServer(authServerMock.Object); return(await server.HandleTokenRequestAsync(req, ct)); }); var client = new WebServerClient(AuthorizationServerDescription, ClientId, ClientSecret, this.HostFactories); var result = await client.GetClientAccessTokenAsync(clientRequestedScopes); Assert.That(result.AccessToken, Is.Not.Null.And.Not.Empty); Assert.That(result.Scope, Is.EquivalentTo(serverOverriddenScopes)); }
public void GetClientAccessTokenReturnsApprovedScope() { string[] approvedScopes = new[] { "Scope2", "Scope3" }; var authServer = CreateAuthorizationServerMock(); authServer.Setup( a => a.IsAuthorizationValid(It.Is <IAuthorizationDescription>(d => d.User == null && d.ClientIdentifier == ClientId && MessagingUtilities.AreEquivalent(d.Scope, TestScopes)))) .Returns(true); authServer.Setup( a => a.CheckAuthorizeClientCredentialsGrant(It.Is <IAccessTokenRequest>(d => d.ClientIdentifier == ClientId && MessagingUtilities.AreEquivalent(d.Scope, TestScopes)))) .Returns <IAccessTokenRequest>(req => { var response = new AutomatedAuthorizationCheckResponse(req, true); response.ApprovedScope.ResetContents(approvedScopes); return(response); }); var coordinator = new OAuth2Coordinator <WebServerClient>( AuthorizationServerDescription, authServer.Object, new WebServerClient(AuthorizationServerDescription), client => { var authState = client.GetClientAccessToken(TestScopes); Assert.That(authState.Scope, Is.EquivalentTo(approvedScopes)); }, server => { server.HandleTokenRequest().Respond(); }); coordinator.Run(); }
public void WhenCheckAuthorizeClientCredentialsGrantWithKnownClientApp_ReturnsApprovedScopes() { var scopes = new HashSet <string>(new[] { "foo" }); var request = new Mock <IAccessTokenRequest>(); request.Setup(r => r.Scope).Returns(scopes); request.Setup(r => r.ClientIdentifier).Returns("bar"); clientStore.Setup(cs => cs.GetClient(It.IsAny <string>())) .Returns(new Mock <IClientDescription>().Object); AutomatedAuthorizationCheckResponse result = server.CheckAuthorizeClientCredentialsGrant(request.Object); Assert.Equal(scopes.First(), result.ApprovedScope.First()); Assert.True(result.IsApproved); }