public async Task DontRefreshTokenWhenTokenIsInvalid()
{
var options = Options.Create <AuthOptions>(new AuthOptions());
var logger = new TestLogger <TokenRefreshHandler>();
var tokenRefreshAgentMock = new Mock <ITokenRefreshAgent>();
var tokenRefreshHandler = new TokenRefreshHandler(options, tokenRefreshAgentMock.Object, logger);
var jwt = "abc.123.456";
await tokenRefreshHandler.HandleRefreshAsync(jwt);
tokenRefreshAgentMock.Verify(a => a.RefreshTokenAsync(jwt), Times.Never);
Assert.Equal(1, logger.LoggedMessages.Count);
Assert.Contains("Invalid jwt refresh request. token:", logger.LoggedMessages.First());
}
public async Task DontRefreshTokenWhenAudienceDontMatch()
{
var options = Options.Create <AuthOptions>(new AuthOptions()
{
JwtAudience = "audience"
});
var logger = new TestLogger <TokenRefreshHandler>();
var tokenRefreshAgentMock = new Mock <ITokenRefreshAgent>();
var tokenRefreshHandler = new TokenRefreshHandler(options, tokenRefreshAgentMock.Object, logger);
var jwtHandler = new JwtSecurityTokenHandler();
var jwt = jwtHandler.CreateEncodedJwt(new SecurityTokenDescriptor()
{
Expires = DateTime.Now.AddMinutes(-1)
});
await tokenRefreshHandler.HandleRefreshAsync(jwt);
tokenRefreshAgentMock.Verify(a => a.RefreshTokenAsync(jwt), Times.Never);
}
