CreateAccessToken reveals username to host

IAuthorizationServerHost.CreateAccessToken now has access to authoring
usernames.

Fixes #219

1 files changed, 94 insertions, 0 deletions

diff --git a/src/DotNetOpenAuth.Test/OAuth2/AuthorizationServerTests.cs b/src/DotNetOpenAuth.Test/OAuth2/AuthorizationServerTests.cs
index 3dc3839..e1af8a5 100644
--- a/src/DotNetOpenAuth.Test/OAuth2/AuthorizationServerTests.cs
+++ b/src/DotNetOpenAuth.Test/OAuth2/AuthorizationServerTests.cs
@@ -11,6 +11,7 @@ namespace DotNetOpenAuth.Test.OAuth2 {
 	using System.Text;
 	using System.Threading.Tasks;
 	using DotNetOpenAuth.OAuth2;
+	using DotNetOpenAuth.OAuth2.ChannelElements;
 	using DotNetOpenAuth.OAuth2.Messages;
 	using Moq;
 	using NUnit.Framework;
@@ -106,6 +107,99 @@ namespace DotNetOpenAuth.Test.OAuth2 {
 		}
 
 		[Test]
+		public void CreateAccessTokenSeesAuthorizingUserResourceOwnerGrant() {
+			var authServerMock = CreateAuthorizationServerMock();
+			authServerMock
+				.Setup(a => a.CheckAuthorizeResourceOwnerCredentialGrant(ResourceOwnerUsername, ResourceOwnerPassword, It.IsAny<IAccessTokenRequest>()))
+				.Returns<string, string, IAccessTokenRequest>((un, pw, req) => {
+					var response = new AutomatedUserAuthorizationCheckResponse(req, true, ResourceOwnerUsername);
+					Assert.That(req.UserName, Is.EqualTo(ResourceOwnerUsername));
+					return response;
+				});
+			var coordinator = new OAuth2Coordinator<WebServerClient>(
+				AuthorizationServerDescription,
+				authServerMock.Object,
+				new WebServerClient(AuthorizationServerDescription),
+				client => {
+					var authState = new AuthorizationState(TestScopes) {
+						Callback = ClientCallback,
+					};
+					var result = client.ExchangeUserCredentialForToken(ResourceOwnerUsername, ResourceOwnerPassword, TestScopes);
+					Assert.That(result.AccessToken, Is.Not.Null);
+				},
+				server => {
+					server.HandleTokenRequest().Respond();
+				});
+			coordinator.Run();
+		}
+
+		[Test]
+		public void CreateAccessTokenSeesAuthorizingUserClientCredentialGrant() {
+			var authServerMock = CreateAuthorizationServerMock();
+			authServerMock
+				.Setup(a => a.CheckAuthorizeClientCredentialsGrant(It.IsAny<IAccessTokenRequest>()))
+				.Returns<IAccessTokenRequest>(req => {
+					Assert.That(req.UserName, Is.Null);
+					return new AutomatedAuthorizationCheckResponse(req, true);
+				});
+			var coordinator = new OAuth2Coordinator<WebServerClient>(
+				AuthorizationServerDescription,
+				authServerMock.Object,
+				new WebServerClient(AuthorizationServerDescription),
+				client => {
+					var authState = new AuthorizationState(TestScopes) {
+						Callback = ClientCallback,
+					};
+					var result = client.GetClientAccessToken(TestScopes);
+					Assert.That(result.AccessToken, Is.Not.Null);
+				},
+				server => {
+					server.HandleTokenRequest().Respond();
+				});
+			coordinator.Run();
+		}
+
+		[Test]
+		public void CreateAccessTokenSeesAuthorizingUserAuthorizationCodeGrant() {
+			var authServerMock = CreateAuthorizationServerMock();
+			authServerMock
+				.Setup(a => a.IsAuthorizationValid(It.IsAny<IAuthorizationDescription>()))
+				.Returns<IAuthorizationDescription>(req => {
+					Assert.That(req.User, Is.EqualTo(ResourceOwnerUsername));
+					return true;
+				});
+			var refreshTokenSource = new TaskCompletionSource<string>();
+			var coordinator = new OAuth2Coordinator<WebServerClient>(
+				AuthorizationServerDescription,
+				authServerMock.Object,
+				new WebServerClient(AuthorizationServerDescription),
+				client => {
+					try {
+						var authState = new AuthorizationState(TestScopes) {
+							Callback = ClientCallback,
+						};
+						client.PrepareRequestUserAuthorization(authState).Respond();
+						var result = client.ProcessUserAuthorization();
+						Assert.That(result.AccessToken, Is.Not.Null.And.Not.Empty);
+						Assert.That(result.RefreshToken, Is.Not.Null.And.Not.Empty);
+						refreshTokenSource.SetResult(result.RefreshToken);
+					} catch {
+						refreshTokenSource.TrySetCanceled();
+					}
+				},
+				server => {
+					var request = server.ReadAuthorizationRequest();
+					Assert.That(request, Is.Not.Null);
+					server.ApproveAuthorizationRequest(request, ResourceOwnerUsername);
+					server.HandleTokenRequest().Respond();
+					var authorization = server.DecodeRefreshToken(refreshTokenSource.Task.Result);
+					Assert.That(authorization, Is.Not.Null);
+					Assert.That(authorization.User, Is.EqualTo(ResourceOwnerUsername));
+				});
+			coordinator.Run();
+		}
+
+		[Test]
 		public void ClientCredentialScopeOverride() {
 			var clientRequestedScopes = new[] { "scope1", "scope2" };
 			var serverOverriddenScopes = new[] { "scope1", "differentScope" };