public async Task CreateTokenRequestAsyncFails_IfProvidedGrantIsNotValid() { // Arrange var requestParameters = new Dictionary <string, string[]> { [OpenIdConnectParameterNames.ClientId] = new[] { "clientId" }, [OpenIdConnectParameterNames.GrantType] = new[] { "authorization_code" }, [OpenIdConnectParameterNames.Code] = new[] { "invalid" } }; var tokenRequestFactory = new TokenRequestFactory( GetClientIdValidator(isClientIdValid: true, areClientCredentialsValid: true), Mock.Of <IRedirectUriResolver>(), Mock.Of <IScopeResolver>(), Enumerable.Empty <ITokenRequestValidator>(), GetTestTokenManager(), Mock.Of <ITimeStampManager>(), new ProtocolErrorProvider()); var expectedError = ProtocolErrorProvider.InvalidGrant(); // Act var tokenRequest = await tokenRequestFactory.CreateTokenRequestAsync(requestParameters); // Assert Assert.NotNull(tokenRequest); Assert.False(tokenRequest.IsValid); Assert.Equal(expectedError, tokenRequest.Error, IdentityServiceErrorComparer.Instance); }
public async Task CreateTokenRequestAsyncFails_IfCodeVerifierDoesNotMatchChallenge() { // Arrange var requestParameters = new Dictionary <string, string[]> { [OpenIdConnectParameterNames.GrantType] = new[] { "authorization_code" }, [OpenIdConnectParameterNames.Code] = new[] { "valid" }, [OpenIdConnectParameterNames.ClientId] = new[] { "clientId" }, [OpenIdConnectParameterNames.RedirectUri] = new[] { "https://www.example.com" }, [ProofOfKeyForCodeExchangeParameterNames.CodeVerifier] = new[] { "0123456789012345678901234567890123456789012" } }; var tokenRequestFactory = new TokenRequestFactory( GetClientIdValidator(isClientIdValid: true, areClientCredentialsValid: true), GetRedirectUriValidator(isRedirectUriValid: true), Mock.Of <IScopeResolver>(), Enumerable.Empty <ITokenRequestValidator>(), GetTestTokenManager(GetValidAuthorizationCode(new[] { new Claim(IdentityServiceClaimTypes.CodeChallenge, "challenge"), new Claim(IdentityServiceClaimTypes.CodeChallengeMethod, ProofOfKeyForCodeExchangeChallengeMethods.SHA256), })), new TimeStampManager(), new ProtocolErrorProvider()); var expectedError = ProtocolErrorProvider.InvalidCodeVerifier(); // Act var tokenRequest = await tokenRequestFactory.CreateTokenRequestAsync(requestParameters); // Assert Assert.NotNull(tokenRequest); Assert.False(tokenRequest.IsValid); Assert.Equal(expectedError, tokenRequest.Error, IdentityServiceErrorComparer.Instance); }
public async Task CreateTokenRequestSucceeds_IfCodeVerifier_MatchesChallenge() { // Arrange var requestParameters = new Dictionary <string, string[]> { [OpenIdConnectParameterNames.GrantType] = new[] { "authorization_code" }, [OpenIdConnectParameterNames.Code] = new[] { "valid" }, [OpenIdConnectParameterNames.ClientId] = new[] { "clientId" }, [OpenIdConnectParameterNames.RedirectUri] = new[] { "https://www.example.com" }, [ProofOfKeyForCodeExchangeParameterNames.CodeVerifier] = new[] { "0123456789012345678901234567890123456789012" } }; var tokenRequestFactory = new TokenRequestFactory( GetClientIdValidator(isClientIdValid: true, areClientCredentialsValid: true), GetRedirectUriValidator(isRedirectUriValid: true), Mock.Of <IScopeResolver>(), Enumerable.Empty <ITokenRequestValidator>(), GetTestTokenManager(GetValidAuthorizationCode(new[] { new Claim(IdentityServiceClaimTypes.CodeChallenge, "_RpfHqw8pAZIomzVUE7sjRmHSM543WVdC4o-Kc4_3C0"), new Claim(IdentityServiceClaimTypes.CodeChallengeMethod, ProofOfKeyForCodeExchangeChallengeMethods.SHA256), })), new TimeStampManager(), new ProtocolErrorProvider()); // Act var tokenRequest = await tokenRequestFactory.CreateTokenRequestAsync(requestParameters); // Assert Assert.NotNull(tokenRequest); Assert.True(tokenRequest.IsValid); }
public async Task CreateTokenRequestAsyncFails_IfClientIdIsMissing() { // Arrange var requestParameters = new Dictionary <string, string[]> { }; var tokenRequestFactory = new TokenRequestFactory( Mock.Of <IClientIdValidator>(), Mock.Of <IRedirectUriResolver>(), Mock.Of <IScopeResolver>(), Enumerable.Empty <ITokenRequestValidator>(), GetTestTokenManager(GetValidAuthorizationCode()), new TimeStampManager(), new ProtocolErrorProvider()); var expectedError = ProtocolErrorProvider.MissingRequiredParameter(OpenIdConnectParameterNames.ClientId); // Act var tokenRequest = await tokenRequestFactory.CreateTokenRequestAsync(requestParameters); // Assert Assert.NotNull(tokenRequest); Assert.False(tokenRequest.IsValid); Assert.Equal(expectedError, tokenRequest.Error, IdentityServiceErrorComparer.Instance); }