private AccessGrant AuthenticateClient(bool expectParamBasedClientAuthentication, string responseFile)
{
OAuth2Template testedOAuth2Template = expectParamBasedClientAuthentication ? oAuth2TemplateParamBasedClientAuthentication : oAuth2Template;
HttpHeaders responseHeaders = new HttpHeaders();
responseHeaders.ContentType = MediaType.APPLICATION_JSON;
MockRestServiceServer mockServer = MockRestServiceServer.CreateServer(testedOAuth2Template.RestTemplate);
IRequestActions requestActions = mockServer.ExpectNewRequest()
.AndExpectUri(ACCESS_TOKEN_URL)
.AndExpectMethod(HttpMethod.POST)
.AndExpectBody((expectParamBasedClientAuthentication ? "client_id=client_id&client_secret=client_secret&" : "") + "grant_type=client_credentials&scope=read%2Cwrite");
if (!expectParamBasedClientAuthentication)
{
requestActions.AndExpectHeader("Authorization", "Basic Y2xpZW50X2lkOmNsaWVudF9zZWNyZXQ=");
}
requestActions.AndRespondWith(new AssemblyResource(responseFile, typeof(OAuth2TemplateTests)), responseHeaders);
OAuth2Parameters parameters = new OAuth2Parameters();
parameters.Scope = "read,write";
#if NET_4_0 || SILVERLIGHT_5
AccessGrant accessGrant = testedOAuth2Template.AuthenticateClientAsync("read,write").Result;
#else
AccessGrant accessGrant = testedOAuth2Template.AuthenticateClient("read,write");
#endif
return(accessGrant);
}
// private helpers
private AccessGrant ExchangeForAccess(bool expectParamBasedClientAuthentication, string responseFile)
{
OAuth2Template testedOAuth2Template = expectParamBasedClientAuthentication ? oAuth2TemplateParamBasedClientAuthentication : oAuth2Template;
HttpHeaders responseHeaders = new HttpHeaders();
responseHeaders.ContentType = MediaType.APPLICATION_JSON;
MockRestServiceServer mockServer = MockRestServiceServer.CreateServer(testedOAuth2Template.RestTemplate);
IRequestActions requestActions = mockServer.ExpectNewRequest()
.AndExpectUri(ACCESS_TOKEN_URL)
.AndExpectMethod(HttpMethod.POST)
.AndExpectBody((expectParamBasedClientAuthentication ? "client_id=client_id&client_secret=client_secret&" : "") + "code=code&redirect_uri=http%3A%2F%2Fwww.someclient.com%2Fcallback&grant_type=authorization_code");
if (!expectParamBasedClientAuthentication)
{
requestActions.AndExpectHeader("Authorization", "Basic Y2xpZW50X2lkOmNsaWVudF9zZWNyZXQ=");
}
requestActions.AndRespondWith(new AssemblyResource(responseFile, typeof(OAuth2TemplateTests)), responseHeaders);
#if NET_4_0 || SILVERLIGHT_5
AccessGrant accessGrant = testedOAuth2Template.ExchangeForAccessAsync("code", "http://www.someclient.com/callback", null).Result;
#else
AccessGrant accessGrant = testedOAuth2Template.ExchangeForAccess("code", "http://www.someclient.com/callback", null);
#endif
return(accessGrant);
}
public void RefreshAccessToken_JsonResponse_NoExpiresIn()
{
AccessGrant accessGrant = this.RefreshAcces(false, "RefreshToken_NoExpiresIn.json");
Assert.AreEqual("8d0a88a5c4f1ae4937ad864cafa8e857", accessGrant.AccessToken);
Assert.AreEqual("6b0411401bf8751e34f57feb29fb8e32", accessGrant.RefreshToken);
Assert.IsNull(accessGrant.ExpireTime);
Assert.IsNull(accessGrant.Scope);
}
public void ExchangeForAccess_JsonResponse_ExpiresInAsNonNumericString()
{
AccessGrant accessGrant = this.ExchangeForAccess(false, "AccessToken_ExpiresInAsNonNumericString.json");
Assert.AreEqual("8d0a88a5c4f1ae4937ad864cafa8e857", accessGrant.AccessToken);
Assert.AreEqual("6b0411401bf8751e34f57feb29fb8e32", accessGrant.RefreshToken);
Assert.IsNull(accessGrant.ExpireTime);
Assert.AreEqual("read", accessGrant.Scope);
}
public void AuthenticateClient_ParamBasedClientAuthentication_JsonResponse()
{
AccessGrant accessGrant = this.AuthenticateClient(true, "AccessToken_NoUser.json");
Assert.AreEqual("8d0a88a5c4f1ae4937ad864cafa8e857", accessGrant.AccessToken);
DateTime approximateExpirationTime = DateTime.UtcNow.AddMilliseconds(40735000);
DateTime actualExpirationTime = accessGrant.ExpireTime.Value;
//allow for 1 second of wiggle room on expiration time.
Assert.IsTrue((approximateExpirationTime - actualExpirationTime).Milliseconds < 1000);
Assert.AreEqual("read,write", accessGrant.Scope);
}
public void RefreshAccessToken_ParamBasedClientAuthentication_JsonResponse()
{
AccessGrant accessGrant = this.RefreshAcces(true, "RefreshToken.json");
Assert.AreEqual("8d0a88a5c4f1ae4937ad864cafa8e857", accessGrant.AccessToken);
Assert.AreEqual("6b0411401bf8751e34f57feb29fb8e32", accessGrant.RefreshToken);
DateTime approximateExpirationTime = DateTime.UtcNow.AddMilliseconds(40735000);
DateTime actualExpirationTime = accessGrant.ExpireTime.Value;
//allow for 1 second of wiggle room on expiration time.
Assert.IsTrue((approximateExpirationTime - actualExpirationTime).Milliseconds < 1000);
Assert.IsNull(accessGrant.Scope);
}
public void ExchangeCredentialsForAccess_JsonResponse()
{
AccessGrant accessGrant = this.ExchangeCredentialsForAccess(false, "AccessToken.json");
Assert.AreEqual("8d0a88a5c4f1ae4937ad864cafa8e857", accessGrant.AccessToken);
Assert.AreEqual("6b0411401bf8751e34f57feb29fb8e32", accessGrant.RefreshToken);
DateTime approximateExpirationTime = DateTime.UtcNow.AddMilliseconds(40735000);
DateTime actualExpirationTime = accessGrant.ExpireTime.Value;
//allow for 1 second of wiggle room on expiration time.
Assert.IsTrue((approximateExpirationTime - actualExpirationTime).Milliseconds < 1000);
Assert.AreEqual("read", accessGrant.Scope);
}
/// <summary>
/// Asynchronously posts the request for an access grant to the provider.
/// </summary>
/// <remarks>
/// The default implementation uses RestTemplate to request the access token and expects a JSON response to be bound to a dictionary.
/// The information in the dictionary will be used to create an <see cref="AccessGrant"/>.
/// Since the OAuth 2 specification indicates that an access token response should be in JSON format, there's often no need to override this method.
/// If all you need to do is capture provider-specific data in the response, you should override CreateAccessGrant() instead.
/// However, in the event of a provider whose access token response is non-JSON,
/// you may need to override this method to request that the response be bound to something other than a dictionary.
/// For example, if the access token response is given as form-encoded, this method should be overridden to call RestTemplate.PostForObject()
/// asking for the response to be bound to a NameValueCollection (whose contents can then be used to create an <see cref="AccessGrant"/>).
/// </remarks>
/// <param name="accessTokenUrl">The URL of the provider's access token endpoint.</param>
/// <param name="request">The request data to post to the access token endpoint.</param>
/// <param name="operationCompleted">
/// The <code>Action<T></code> to perform when the asynchronous request completes.
/// Provides the OAuth2 access token.
/// </param>
/// <returns>
/// A <see cref="RestOperationCanceler"/> instance that allows to cancel the asynchronous operation.
/// </returns>
protected virtual RestOperationCanceler PostForAccessGrantAsync(string accessTokenUrl, NameValueCollection request, Action <RestOperationCompletedEventArgs <AccessGrant> > operationCompleted)
{
return(this.restTemplate.PostForObjectAsync <JsonValue>(accessTokenUrl, request,
r =>
{
if (r.Error == null)
{
AccessGrant token = this.ExtractAccessGrant(r.Response);
operationCompleted(new RestOperationCompletedEventArgs <AccessGrant>(token, null, false, r.UserState));
}
else
{
operationCompleted(new RestOperationCompletedEventArgs <AccessGrant>(null, r.Error, r.Cancelled, r.UserState));
}
}));
}
protected override RestOperationCanceler PostForAccessGrantAsync(string accessTokenUrl, NameValueCollection request, Action<RestOperationCompletedEventArgs<AccessGrant>> operationCompleted)
{
return this.RestTemplate.PostForObjectAsync<NameValueCollection>(accessTokenUrl, request,
r =>
{
if (r.Error == null)
{
string expires = r.Response["expires"];
AccessGrant token = new AccessGrant(r.Response["access_token"], null, null, expires != null ? new Nullable<int>(Int32.Parse(expires)) : null);
operationCompleted(new RestOperationCompletedEventArgs<AccessGrant>(token, null, false, r.UserState));
}
else
{
operationCompleted(new RestOperationCompletedEventArgs<AccessGrant>(null, r.Error, r.Cancelled, r.UserState));
}
});
}
