public void OldAccessTokenTokenShouldNotPingSuccessfully() { // Authenticate and get an access token var proxy1 = new AuthorisationProxy(); var scope = new AuthorisationScope[] { new AuthorisationScope { ScopeType = AuthorisationScopeType.Full } }.ToTextValues(); var response = proxy1.PasswordCredentialsGrantRequest(TestConfig.TestUser, TestConfig.TestUserPassword, scope); Assert.IsTrue(response.IsSuccessfull); Assert.IsNotNull(response.DataObject); Assert.IsTrue(response.DataObject.IsSuccessfull); var originalAccessToken = response.DataObject.AccessGrant.access_token; // Refresh the access token so the old one becomes invalid response = proxy1.RefreshAccessToken(response.DataObject.AccessGrant.refresh_token, scope); Assert.IsTrue(response.IsSuccessfull); Assert.IsNotNull(response.DataObject); Assert.IsTrue(response.DataObject.IsSuccessfull); // Now try and authenicate and access a resource with the invalidated original access token which should fail. var proxy2 = new AuthorisationProxy(originalAccessToken); var pingResult = proxy2.AuthorisationPing(); Assert.IsNotNull(pingResult); Assert.IsFalse(pingResult.IsSuccessfull); //Assert.AreEqual<HttpStatusCode>(HttpStatusCode.Unauthorized, pingResult.StatusCode); Assert.AreEqual(HttpStatusCode.Unauthorized, pingResult.StatusCode); }
public static string SignInAndGetAccessToken() { var authProxy = new AuthorisationProxy(); var scope = new AuthorisationScope[] { new AuthorisationScope { ScopeType = AuthorisationScopeType.Full } }.ToTextValues(); var authResponse = authProxy.PasswordCredentialsGrantRequest(TestConfig.TestUser, TestConfig.TestUserPassword, scope); Assert.IsTrue(authResponse.IsSuccessfull); Assert.IsTrue(authResponse.DataObject.IsSuccessfull); return authResponse.DataObject.AccessGrant.access_token; }
public static string ToTextValue(this AuthorisationScope authScope) { if (authScope.ScopeType == AuthorisationScopeType.None) { return(string.Empty); } var scopeText = authScope.ScopeType.ToString().ToLowerInvariant(); if (!string.IsNullOrWhiteSpace(authScope.ScopeContext)) { return(string.Format("{0}:{1}", scopeText, authScope.ScopeContext)); } return(scopeText); }
public static AuthorisationScope ToAuthorisationScope(this string scopeValue) { if (!string.IsNullOrWhiteSpace(scopeValue)) { var lowerValue = scopeValue.ToLowerInvariant(); if (lowerValue == AuthorisationScopeValue.View) { return(new AuthorisationScope { ScopeType = AuthorisationScopeType.View }); } if (lowerValue == AuthorisationScopeValue.Delete) { return(new AuthorisationScope { ScopeType = AuthorisationScopeType.Delete }); } if (lowerValue == AuthorisationScopeValue.Modify) { return(new AuthorisationScope { ScopeType = AuthorisationScopeType.Modify }); } if (lowerValue == AuthorisationScopeValue.Full) { return(new AuthorisationScope { ScopeType = AuthorisationScopeType.Full }); } if (lowerValue.StartsWith(AuthorisationScopeValue.FileId)) { var scope = new AuthorisationScope { ScopeType = AuthorisationScopeType.FileId }; int index = lowerValue.IndexOf(':'); if (index >= 0) { var scopeContext = lowerValue.Substring(index + 1, lowerValue.Length - (index + 1)); scope.ScopeContext = scopeContext; } return(scope); } } return(new AuthorisationScope { ScopeType = AuthorisationScopeType.None }); }
public void PasswordCredentialsGrantShouldSucceed() { var proxy = new AuthorisationProxy(); var scope = new AuthorisationScope[] { new AuthorisationScope { ScopeType= AuthorisationScopeType.Full} }.ToTextValues(); var response = proxy.PasswordCredentialsGrantRequest(TestConfig.TestUser, TestConfig.TestUserPassword,scope); Assert.IsTrue(response.IsSuccessfull); Assert.IsNotNull(response.DataObject); Assert.IsTrue(response.DataObject.IsSuccessfull); Assert.IsNotNull(response.DataObject.AccessGrant); Assert.IsNotNull(response.DataObject.AccessGrant.access_token); Assert.IsNotNull(response.DataObject.AccessGrant.refresh_token); Assert.IsNotNull(response.DataObject.AccessGrant.token_type); Assert.IsNotNull(response.DataObject.AccessGrant.scope); Assert.IsTrue(response.DataObject.AccessGrant.scope.Contains(AuthorisationScopeValue.FileId)); var returnedScope = response.DataObject.AccessGrant.scope.ToScopeArray(); Assert.IsNotNull(returnedScope); Assert.IsTrue(returnedScope.Length > 0); Assert.IsTrue(returnedScope.Count(s => s.ScopeType == AuthorisationScopeType.FileId) > 0, "Access response should contain at least 1 valid FileId applicable to user in the scope"); }
public static AuthorisationScope ToAuthorisationScope(this string scopeValue) { if (!string.IsNullOrWhiteSpace(scopeValue)) { var lowerValue = scopeValue.ToLowerInvariant(); if (lowerValue == AuthorisationScopeValue.View) { return new AuthorisationScope { ScopeType = AuthorisationScopeType.View }; } if (lowerValue == AuthorisationScopeValue.Delete) { return new AuthorisationScope { ScopeType = AuthorisationScopeType.Delete}; } if (lowerValue == AuthorisationScopeValue.Modify) { return new AuthorisationScope { ScopeType = AuthorisationScopeType.Modify}; } if (lowerValue == AuthorisationScopeValue.Full) { return new AuthorisationScope { ScopeType = AuthorisationScopeType.Full}; } if (lowerValue.StartsWith(AuthorisationScopeValue.FileId)) { var scope = new AuthorisationScope { ScopeType = AuthorisationScopeType.FileId }; int index = lowerValue.IndexOf(':'); if (index >= 0) { var scopeContext = lowerValue.Substring(index + 1, lowerValue.Length - (index + 1)); scope.ScopeContext = scopeContext; } return scope; } } return new AuthorisationScope { ScopeType = AuthorisationScopeType.None}; }
public void ShouldBeAbleToRefreshValidAccessToken() { var proxy = new AuthorisationProxy(); var scope = new AuthorisationScope[] { new AuthorisationScope { ScopeType = AuthorisationScopeType.Full } }.ToTextValues(); var response = proxy.PasswordCredentialsGrantRequest(TestConfig.TestUser, TestConfig.TestUserPassword,scope); Assert.IsTrue(response.IsSuccessfull); Assert.IsTrue(response.DataObject.IsSuccessfull); proxy.BearerToken = response.DataObject.AccessGrant.access_token; var pingResult = proxy.AuthorisationPing(); Assert.IsNotNull(pingResult); Assert.IsTrue(pingResult.IsSuccessfull); // Now ask for a refresh token var proxy2 = new AuthorisationProxy(); var refreshResponse = proxy2.RefreshAccessToken(response.DataObject.AccessGrant.refresh_token, scope); Assert.IsNotNull(refreshResponse); Assert.IsTrue(refreshResponse.IsSuccessfull); //Assert.AreNotEqual<string>(response.DataObject.AccessGrant.access_token, refreshResponse.DataObject.AccessGrant.access_token); //Assert.AreEqual<string>(response.DataObject.AccessGrant.refresh_token, refreshResponse.DataObject.AccessGrant.refresh_token); Assert.AreNotEqual(response.DataObject.AccessGrant.access_token, refreshResponse.DataObject.AccessGrant.access_token); Assert.AreEqual(response.DataObject.AccessGrant.refresh_token, refreshResponse.DataObject.AccessGrant.refresh_token); // Now check the access token after refresh works var proxy3 = new AuthorisationProxy(refreshResponse.DataObject.AccessGrant.access_token); var pingResult2 = proxy3.AuthorisationPing(); Assert.IsNotNull(pingResult2); Assert.IsTrue(pingResult2.IsSuccessfull); // And finally ensure the previous access token (before refresh is invalid) var proxy4 = new AuthorisationProxy(response.DataObject.AccessGrant.access_token); var pingResult3 = proxy4.AuthorisationPing(); Assert.IsNotNull(pingResult3); Assert.IsFalse(pingResult3.IsSuccessfull); //Assert.AreEqual<HttpStatusCode>(HttpStatusCode.Unauthorized, pingResult3.StatusCode); Assert.AreEqual(HttpStatusCode.Unauthorized, pingResult3.StatusCode); }
public void ValidBearerTokenShouldPingSuccessfully() { var proxy = new AuthorisationProxy(); var scope = new AuthorisationScope[] { new AuthorisationScope { ScopeType = AuthorisationScopeType.Full } }.ToTextValues(); var response = proxy.PasswordCredentialsGrantRequest(TestConfig.TestUser, TestConfig.TestUserPassword,scope); Assert.IsTrue(response.IsSuccessfull); Assert.IsTrue(response.DataObject.IsSuccessfull); proxy.BearerToken = response.DataObject.AccessGrant.access_token; var pingResult = proxy.AuthorisationPing(); Assert.IsNotNull(pingResult); Assert.IsTrue(pingResult.IsSuccessfull); }
public void ValidBearerTokenButNoFileIdShouldFailWhenMakingApiCall() { var proxy = new AuthorisationProxy(); var scope = new AuthorisationScope[] { new AuthorisationScope { ScopeType = AuthorisationScopeType.Full } }.ToTextValues(); var response = proxy.PasswordCredentialsGrantRequest(TestConfig.TestUser, TestConfig.TestUserPassword, scope); Assert.IsTrue(response.IsSuccessfull); Assert.IsTrue(response.DataObject.IsSuccessfull); proxy.BearerToken = response.DataObject.AccessGrant.access_token; var contactProxy = new ContactsProxy(response.DataObject.AccessGrant.access_token); contactProxy.FileId = 0; // invalid file id so it should fail. var contactResponse = contactProxy.GetContacts(); Assert.IsNotNull(contactResponse, "No response returned wwhen access contacts resource"); Assert.IsFalse(contactResponse.IsSuccessfull, "Expected GET Contacts to fail as used an invalid File Id"); Assert.AreEqual(contactResponse.StatusCode, HttpStatusCode.Unauthorized, "Expected Unauthorized status code as used an invalid FileId"); }
public void ShouldNotBeAbleToUseRefreshTokenToAccessApi() { var proxy = new AuthorisationProxy(); var scope = new AuthorisationScope[] { new AuthorisationScope { ScopeType = AuthorisationScopeType.Full } }.ToTextValues(); var response = proxy.PasswordCredentialsGrantRequest(TestConfig.TestUser, TestConfig.TestUserPassword, scope); Assert.IsTrue(response.IsSuccessfull); Assert.IsTrue(response.DataObject.IsSuccessfull); var contactProxy = new ContactsProxy(response.DataObject.AccessGrant.refresh_token); var contactResponse = contactProxy.GetContacts(); Assert.IsNotNull(contactResponse, "No response returned wwhen access contacts resource"); Assert.IsFalse(contactResponse.IsSuccessfull, "Expected GET Contacts to fail used refreshToken instead of access token to access API"); Assert.AreEqual(contactResponse.StatusCode, HttpStatusCode.Unauthorized, "Expected Unauthorised Status code as used an invalid access token"); // And now just reverify that we can access via the access token contactProxy.BearerToken = response.DataObject.AccessGrant.access_token; contactResponse = contactProxy.GetContacts(); Assert.IsNotNull(contactResponse, "No response returned wwhen access contacts resource"); Assert.IsTrue(contactResponse.IsSuccessfull, "Expected GET Contacts to succeed since we used valid accessToken to access API"); }