summaryrefslogtreecommitdiffstats
path: root/src/DotNetOpenAuth.Test/OAuth2/AuthorizationServerTests.cs
diff options
context:
space:
mode:
Diffstat (limited to 'src/DotNetOpenAuth.Test/OAuth2/AuthorizationServerTests.cs')
-rw-r--r--src/DotNetOpenAuth.Test/OAuth2/AuthorizationServerTests.cs61
1 files changed, 61 insertions, 0 deletions
diff --git a/src/DotNetOpenAuth.Test/OAuth2/AuthorizationServerTests.cs b/src/DotNetOpenAuth.Test/OAuth2/AuthorizationServerTests.cs
index 251cd67..3dc3839 100644
--- a/src/DotNetOpenAuth.Test/OAuth2/AuthorizationServerTests.cs
+++ b/src/DotNetOpenAuth.Test/OAuth2/AuthorizationServerTests.cs
@@ -12,6 +12,7 @@ namespace DotNetOpenAuth.Test.OAuth2 {
using System.Threading.Tasks;
using DotNetOpenAuth.OAuth2;
using DotNetOpenAuth.OAuth2.Messages;
+ using Moq;
using NUnit.Framework;
/// <summary>
@@ -73,5 +74,65 @@ namespace DotNetOpenAuth.Test.OAuth2 {
});
coordinator.Run();
}
+
+ [Test]
+ public void ResourceOwnerScopeOverride() {
+ var clientRequestedScopes = new[] { "scope1", "scope2" };
+ var serverOverriddenScopes = new[] { "scope1", "differentScope" };
+ var authServerMock = CreateAuthorizationServerMock();
+ authServerMock
+ .Setup(a => a.CheckAuthorizeResourceOwnerCredentialGrant(ResourceOwnerUsername, ResourceOwnerPassword, It.IsAny<IAccessTokenRequest>()))
+ .Returns<string, string, IAccessTokenRequest>((un, pw, req) => {
+ var response = new AutomatedUserAuthorizationCheckResponse(req, true, ResourceOwnerUsername);
+ response.ApprovedScope.Clear();
+ response.ApprovedScope.UnionWith(serverOverriddenScopes);
+ return response;
+ });
+ var coordinator = new OAuth2Coordinator<WebServerClient>(
+ AuthorizationServerDescription,
+ authServerMock.Object,
+ new WebServerClient(AuthorizationServerDescription),
+ client => {
+ var authState = new AuthorizationState(TestScopes) {
+ Callback = ClientCallback,
+ };
+ var result = client.ExchangeUserCredentialForToken(ResourceOwnerUsername, ResourceOwnerPassword, clientRequestedScopes);
+ Assert.That(result.Scope, Is.EquivalentTo(serverOverriddenScopes));
+ },
+ server => {
+ server.HandleTokenRequest().Respond();
+ });
+ coordinator.Run();
+ }
+
+ [Test]
+ public void ClientCredentialScopeOverride() {
+ var clientRequestedScopes = new[] { "scope1", "scope2" };
+ var serverOverriddenScopes = new[] { "scope1", "differentScope" };
+ var authServerMock = CreateAuthorizationServerMock();
+ authServerMock
+ .Setup(a => a.CheckAuthorizeClientCredentialsGrant(It.IsAny<IAccessTokenRequest>()))
+ .Returns<IAccessTokenRequest>(req => {
+ var response = new AutomatedAuthorizationCheckResponse(req, true);
+ response.ApprovedScope.Clear();
+ response.ApprovedScope.UnionWith(serverOverriddenScopes);
+ return response;
+ });
+ var coordinator = new OAuth2Coordinator<WebServerClient>(
+ AuthorizationServerDescription,
+ authServerMock.Object,
+ new WebServerClient(AuthorizationServerDescription),
+ client => {
+ var authState = new AuthorizationState(TestScopes) {
+ Callback = ClientCallback,
+ };
+ var result = client.GetClientAccessToken(clientRequestedScopes);
+ Assert.That(result.Scope, Is.EquivalentTo(serverOverriddenScopes));
+ },
+ server => {
+ server.HandleTokenRequest().Respond();
+ });
+ coordinator.Run();
+ }
}
}
generated by cgit v1.1 at 2025-05-17 18:02:47 +0000