public async Task DontRefreshTokenWhenTokenIsInvalid() { var options = Options.Create <AuthOptions>(new AuthOptions()); var logger = new TestLogger <TokenRefreshHandler>(); var tokenRefreshAgentMock = new Mock <ITokenRefreshAgent>(); var tokenRefreshHandler = new TokenRefreshHandler(options, tokenRefreshAgentMock.Object, logger); var jwt = "abc.123.456"; await tokenRefreshHandler.HandleRefreshAsync(jwt); tokenRefreshAgentMock.Verify(a => a.RefreshTokenAsync(jwt), Times.Never); Assert.Equal(1, logger.LoggedMessages.Count); Assert.Contains("Invalid jwt refresh request. token:", logger.LoggedMessages.First()); }
public async Task DontRefreshTokenWhenAudienceDontMatch() { var options = Options.Create <AuthOptions>(new AuthOptions() { JwtAudience = "audience" }); var logger = new TestLogger <TokenRefreshHandler>(); var tokenRefreshAgentMock = new Mock <ITokenRefreshAgent>(); var tokenRefreshHandler = new TokenRefreshHandler(options, tokenRefreshAgentMock.Object, logger); var jwtHandler = new JwtSecurityTokenHandler(); var jwt = jwtHandler.CreateEncodedJwt(new SecurityTokenDescriptor() { Expires = DateTime.Now.AddMinutes(-1) }); await tokenRefreshHandler.HandleRefreshAsync(jwt); tokenRefreshAgentMock.Verify(a => a.RefreshTokenAsync(jwt), Times.Never); }