diff options
Diffstat (limited to 'src/DotNetOpenAuth.Test/OAuth2')
7 files changed, 281 insertions, 329 deletions
diff --git a/src/DotNetOpenAuth.Test/OAuth2/AuthorizationServerTests.cs b/src/DotNetOpenAuth.Test/OAuth2/AuthorizationServerTests.cs index e8f7172..8ec25b0 100644 --- a/src/DotNetOpenAuth.Test/OAuth2/AuthorizationServerTests.cs +++ b/src/DotNetOpenAuth.Test/OAuth2/AuthorizationServerTests.cs @@ -8,7 +8,10 @@ namespace DotNetOpenAuth.Test.OAuth2 { using System; using System.Collections.Generic; using System.Linq; + using System.Net; + using System.Net.Http; using System.Text; + using System.Threading; using System.Threading.Tasks; using DotNetOpenAuth.OAuth2; using DotNetOpenAuth.OAuth2.ChannelElements; @@ -25,59 +28,66 @@ namespace DotNetOpenAuth.Test.OAuth2 { /// Verifies that authorization server responds with an appropriate error response. /// </summary> [Test] - public void ErrorResponseTest() { - var coordinator = new OAuth2Coordinator<UserAgentClient>( - AuthorizationServerDescription, - AuthorizationServerMock, - new UserAgentClient(AuthorizationServerDescription), - client => { - var request = new AccessTokenAuthorizationCodeRequestC(AuthorizationServerDescription) { ClientIdentifier = ClientId, ClientSecret = ClientSecret, AuthorizationCode = "foo" }; - - var response = client.Channel.Request<AccessTokenFailedResponse>(request); - Assert.That(response.Error, Is.Not.Null.And.Not.Empty); - Assert.That(response.Error, Is.EqualTo(Protocol.AccessTokenRequestErrorCodes.InvalidRequest)); - }, - server => { - server.HandleTokenRequest().Respond(); + public async Task ErrorResponseTest() { + Handle(AuthorizationServerDescription.TokenEndpoint).By( + async (req, ct) => { + var server = new AuthorizationServer(AuthorizationServerMock); + return await server.HandleTokenRequestAsync(req, ct); }); - coordinator.Run(); + var request = new AccessTokenAuthorizationCodeRequestC(AuthorizationServerDescription) { ClientIdentifier = ClientId, ClientSecret = ClientSecret, AuthorizationCode = "foo" }; + var client = new UserAgentClient(AuthorizationServerDescription, hostFactories: this.HostFactories); + var response = await client.Channel.RequestAsync<AccessTokenFailedResponse>(request, CancellationToken.None); + Assert.That(response.Error, Is.Not.Null.And.Not.Empty); + Assert.That(response.Error, Is.EqualTo(Protocol.AccessTokenRequestErrorCodes.InvalidRequest)); } [Test] - public void DecodeRefreshToken() { + public async Task DecodeRefreshToken() { var refreshTokenSource = new TaskCompletionSource<string>(); - var coordinator = new OAuth2Coordinator<WebServerClient>( - AuthorizationServerDescription, - AuthorizationServerMock, - new WebServerClient(AuthorizationServerDescription), - client => { - try { - var authState = new AuthorizationState(TestScopes) { - Callback = ClientCallback, - }; - client.PrepareRequestUserAuthorization(authState).Respond(); - var result = client.ProcessUserAuthorization(); - Assert.That(result.AccessToken, Is.Not.Null.And.Not.Empty); - Assert.That(result.RefreshToken, Is.Not.Null.And.Not.Empty); - refreshTokenSource.SetResult(result.RefreshToken); - } catch { - refreshTokenSource.TrySetCanceled(); - } - }, - server => { - var request = server.ReadAuthorizationRequest(); + Handle(AuthorizationServerDescription.AuthorizationEndpoint).By( + async (req, ct) => { + var server = new AuthorizationServer(AuthorizationServerMock); + var request = await server.ReadAuthorizationRequestAsync(req, ct); Assert.That(request, Is.Not.Null); - server.ApproveAuthorizationRequest(request, ResourceOwnerUsername); - server.HandleTokenRequest().Respond(); + var response = server.PrepareApproveAuthorizationRequest(request, ResourceOwnerUsername); + return await server.Channel.PrepareResponseAsync(response); + }); + Handle(AuthorizationServerDescription.TokenEndpoint).By( + async (req, ct) => { + var server = new AuthorizationServer(AuthorizationServerMock); + var response = await server.HandleTokenRequestAsync(req, ct); var authorization = server.DecodeRefreshToken(refreshTokenSource.Task.Result); Assert.That(authorization, Is.Not.Null); Assert.That(authorization.User, Is.EqualTo(ResourceOwnerUsername)); + return response; }); - coordinator.Run(); + + var client = new WebServerClient(AuthorizationServerDescription); + try { + var authState = new AuthorizationState(TestScopes) { Callback = ClientCallback, }; + var authRedirectResponse = await client.PrepareRequestUserAuthorizationAsync(authState); + this.HostFactories.CookieContainer.SetCookies(authRedirectResponse, ClientCallback); + Uri authCompleteUri; + using (var httpClient = this.HostFactories.CreateHttpClient()) { + using (var response = await httpClient.GetAsync(authRedirectResponse.Headers.Location)) { + response.EnsureSuccessStatusCode(); + authCompleteUri = response.Headers.Location; + } + } + + var authCompleteRequest = new HttpRequestMessage(HttpMethod.Get, authCompleteUri); + this.HostFactories.CookieContainer.ApplyCookies(authCompleteRequest); + var result = await client.ProcessUserAuthorizationAsync(authCompleteRequest); + Assert.That(result.AccessToken, Is.Not.Null.And.Not.Empty); + Assert.That(result.RefreshToken, Is.Not.Null.And.Not.Empty); + refreshTokenSource.SetResult(result.RefreshToken); + } catch { + refreshTokenSource.TrySetCanceled(); + } } [Test] - public void ResourceOwnerScopeOverride() { + public async Task ResourceOwnerScopeOverride() { var clientRequestedScopes = new[] { "scope1", "scope2" }; var serverOverriddenScopes = new[] { "scope1", "differentScope" }; var authServerMock = CreateAuthorizationServerMock(); @@ -89,25 +99,20 @@ namespace DotNetOpenAuth.Test.OAuth2 { response.ApprovedScope.UnionWith(serverOverriddenScopes); return response; }); - var coordinator = new OAuth2Coordinator<WebServerClient>( - AuthorizationServerDescription, - authServerMock.Object, - new WebServerClient(AuthorizationServerDescription), - client => { - var authState = new AuthorizationState(TestScopes) { - Callback = ClientCallback, - }; - var result = client.ExchangeUserCredentialForToken(ResourceOwnerUsername, ResourceOwnerPassword, clientRequestedScopes); - Assert.That(result.Scope, Is.EquivalentTo(serverOverriddenScopes)); - }, - server => { - server.HandleTokenRequest().Respond(); + + Handle(AuthorizationServerDescription.TokenEndpoint).By( + async (req, ct) => { + var server = new AuthorizationServer(authServerMock.Object); + return await server.HandleTokenRequestAsync(req, ct); }); - coordinator.Run(); + + var client = new WebServerClient(AuthorizationServerDescription, hostFactories: this.HostFactories); + var result = await client.ExchangeUserCredentialForTokenAsync(ResourceOwnerUsername, ResourceOwnerPassword, clientRequestedScopes); + Assert.That(result.Scope, Is.EquivalentTo(serverOverriddenScopes)); } [Test] - public void CreateAccessTokenSeesAuthorizingUserResourceOwnerGrant() { + public async Task CreateAccessTokenSeesAuthorizingUserResourceOwnerGrant() { var authServerMock = CreateAuthorizationServerMock(); authServerMock .Setup(a => a.CheckAuthorizeResourceOwnerCredentialGrant(ResourceOwnerUsername, ResourceOwnerPassword, It.IsAny<IAccessTokenRequest>())) @@ -116,25 +121,20 @@ namespace DotNetOpenAuth.Test.OAuth2 { Assert.That(req.UserName, Is.EqualTo(ResourceOwnerUsername)); return response; }); - var coordinator = new OAuth2Coordinator<WebServerClient>( - AuthorizationServerDescription, - authServerMock.Object, - new WebServerClient(AuthorizationServerDescription), - client => { - var authState = new AuthorizationState(TestScopes) { - Callback = ClientCallback, - }; - var result = client.ExchangeUserCredentialForToken(ResourceOwnerUsername, ResourceOwnerPassword, TestScopes); - Assert.That(result.AccessToken, Is.Not.Null); - }, - server => { - server.HandleTokenRequest().Respond(); + + Handle(AuthorizationServerDescription.TokenEndpoint).By( + async (req, ct) => { + var server = new AuthorizationServer(authServerMock.Object); + return await server.HandleTokenRequestAsync(req, ct); }); - coordinator.Run(); + + var client = new WebServerClient(AuthorizationServerDescription, hostFactories: this.HostFactories); + var result = await client.ExchangeUserCredentialForTokenAsync(ResourceOwnerUsername, ResourceOwnerPassword, TestScopes); + Assert.That(result.AccessToken, Is.Not.Null); } [Test] - public void CreateAccessTokenSeesAuthorizingUserClientCredentialGrant() { + public async Task CreateAccessTokenSeesAuthorizingUserClientCredentialGrant() { var authServerMock = CreateAuthorizationServerMock(); authServerMock .Setup(a => a.CheckAuthorizeClientCredentialsGrant(It.IsAny<IAccessTokenRequest>())) @@ -142,25 +142,20 @@ namespace DotNetOpenAuth.Test.OAuth2 { Assert.That(req.UserName, Is.Null); return new AutomatedAuthorizationCheckResponse(req, true); }); - var coordinator = new OAuth2Coordinator<WebServerClient>( - AuthorizationServerDescription, - authServerMock.Object, - new WebServerClient(AuthorizationServerDescription), - client => { - var authState = new AuthorizationState(TestScopes) { - Callback = ClientCallback, - }; - var result = client.GetClientAccessToken(TestScopes); - Assert.That(result.AccessToken, Is.Not.Null); - }, - server => { - server.HandleTokenRequest().Respond(); + + Handle(AuthorizationServerDescription.TokenEndpoint).By( + async (req, ct) => { + var server = new AuthorizationServer(authServerMock.Object); + return await server.HandleTokenRequestAsync(req, ct); }); - coordinator.Run(); + + var client = new WebServerClient(AuthorizationServerDescription, ClientId, ClientSecret, this.HostFactories); + var result = await client.GetClientAccessTokenAsync(TestScopes); + Assert.That(result.AccessToken, Is.Not.Null); } [Test] - public void CreateAccessTokenSeesAuthorizingUserAuthorizationCodeGrant() { + public async Task CreateAccessTokenSeesAuthorizingUserAuthorizationCodeGrant() { var authServerMock = CreateAuthorizationServerMock(); authServerMock .Setup(a => a.IsAuthorizationValid(It.IsAny<IAuthorizationDescription>())) @@ -168,30 +163,45 @@ namespace DotNetOpenAuth.Test.OAuth2 { Assert.That(req.User, Is.EqualTo(ResourceOwnerUsername)); return true; }); - var coordinator = new OAuth2Coordinator<WebServerClient>( - AuthorizationServerDescription, - authServerMock.Object, - new WebServerClient(AuthorizationServerDescription), - client => { - var authState = new AuthorizationState(TestScopes) { - Callback = ClientCallback, - }; - client.PrepareRequestUserAuthorization(authState).Respond(); - var result = client.ProcessUserAuthorization(); - Assert.That(result.AccessToken, Is.Not.Null.And.Not.Empty); - Assert.That(result.RefreshToken, Is.Not.Null.And.Not.Empty); - }, - server => { - var request = server.ReadAuthorizationRequest(); + + Handle(AuthorizationServerDescription.AuthorizationEndpoint).By( + async (req, ct) => { + var server = new AuthorizationServer(authServerMock.Object); + var request = await server.ReadAuthorizationRequestAsync(req, ct); Assert.That(request, Is.Not.Null); - server.ApproveAuthorizationRequest(request, ResourceOwnerUsername); - server.HandleTokenRequest().Respond(); + var response = server.PrepareApproveAuthorizationRequest(request, ResourceOwnerUsername); + return await server.Channel.PrepareResponseAsync(response); + }); + Handle(AuthorizationServerDescription.TokenEndpoint).By( + async (req, ct) => { + var server = new AuthorizationServer(authServerMock.Object); + return await server.HandleTokenRequestAsync(req, ct); }); - coordinator.Run(); + + var client = new WebServerClient(AuthorizationServerDescription, ClientId, ClientSecret, this.HostFactories); + var authState = new AuthorizationState(TestScopes) { + Callback = ClientCallback, + }; + var authRedirectResponse = await client.PrepareRequestUserAuthorizationAsync(authState); + this.HostFactories.CookieContainer.SetCookies(authRedirectResponse, ClientCallback); + Uri authCompleteUri; + this.HostFactories.AllowAutoRedirects = false; + using (var httpClient = this.HostFactories.CreateHttpClient()) { + using (var response = await httpClient.GetAsync(authRedirectResponse.Headers.Location)) { + Assert.That(response.StatusCode, Is.EqualTo(HttpStatusCode.Redirect)); + authCompleteUri = response.Headers.Location; + } + } + + var authCompleteRequest = new HttpRequestMessage(HttpMethod.Get, authCompleteUri); + this.HostFactories.CookieContainer.ApplyCookies(authCompleteRequest); + var result = await client.ProcessUserAuthorizationAsync(authCompleteRequest); + Assert.That(result.AccessToken, Is.Not.Null.And.Not.Empty); + Assert.That(result.RefreshToken, Is.Not.Null.And.Not.Empty); } [Test] - public void ClientCredentialScopeOverride() { + public async Task ClientCredentialScopeOverride() { var clientRequestedScopes = new[] { "scope1", "scope2" }; var serverOverriddenScopes = new[] { "scope1", "differentScope" }; var authServerMock = CreateAuthorizationServerMock(); @@ -203,21 +213,17 @@ namespace DotNetOpenAuth.Test.OAuth2 { response.ApprovedScope.UnionWith(serverOverriddenScopes); return response; }); - var coordinator = new OAuth2Coordinator<WebServerClient>( - AuthorizationServerDescription, - authServerMock.Object, - new WebServerClient(AuthorizationServerDescription), - client => { - var authState = new AuthorizationState(TestScopes) { - Callback = ClientCallback, - }; - var result = client.GetClientAccessToken(clientRequestedScopes); - Assert.That(result.Scope, Is.EquivalentTo(serverOverriddenScopes)); - }, - server => { - server.HandleTokenRequest().Respond(); + + Handle(AuthorizationServerDescription.TokenEndpoint).By( + async (req, ct) => { + var server = new AuthorizationServer(authServerMock.Object); + return await server.HandleTokenRequestAsync(req, ct); }); - coordinator.Run(); + + var client = new WebServerClient(AuthorizationServerDescription, ClientId, ClientSecret, this.HostFactories); + var result = await client.GetClientAccessTokenAsync(clientRequestedScopes); + Assert.That(result.AccessToken, Is.Not.Null.And.Not.Empty); + Assert.That(result.Scope, Is.EquivalentTo(serverOverriddenScopes)); } } } diff --git a/src/DotNetOpenAuth.Test/OAuth2/MessageFactoryTests.cs b/src/DotNetOpenAuth.Test/OAuth2/MessageFactoryTests.cs index 52b5371..810d830 100644 --- a/src/DotNetOpenAuth.Test/OAuth2/MessageFactoryTests.cs +++ b/src/DotNetOpenAuth.Test/OAuth2/MessageFactoryTests.cs @@ -31,7 +31,7 @@ namespace DotNetOpenAuth.Test.OAuth2 { var authServerChannel = new OAuth2AuthorizationServerChannel(new Mock<IAuthorizationServerHost>().Object, new Mock<ClientAuthenticationModule>().Object); this.authServerMessageFactory = authServerChannel.MessageFactoryTestHook; - var clientChannel = new OAuth2ClientChannel(); + var clientChannel = new OAuth2ClientChannel(null); this.clientMessageFactory = clientChannel.MessageFactoryTestHook; } diff --git a/src/DotNetOpenAuth.Test/OAuth2/OAuth2Coordinator.cs b/src/DotNetOpenAuth.Test/OAuth2/OAuth2Coordinator.cs deleted file mode 100644 index eeda125..0000000 --- a/src/DotNetOpenAuth.Test/OAuth2/OAuth2Coordinator.cs +++ /dev/null @@ -1,74 +0,0 @@ -//----------------------------------------------------------------------- -// <copyright file="OAuth2Coordinator.cs" company="Outercurve Foundation"> -// Copyright (c) Outercurve Foundation. All rights reserved. -// </copyright> -//----------------------------------------------------------------------- - -namespace DotNetOpenAuth.Test.OAuth2 { - using System; - using System.Collections.Generic; - using System.Linq; - using System.Net; - using System.Text; - using DotNetOpenAuth.OAuth2; - using DotNetOpenAuth.Test.Mocks; - using Validation; - - internal class OAuth2Coordinator<TClient> : CoordinatorBase<TClient, AuthorizationServer> - where TClient : ClientBase { - private readonly AuthorizationServerDescription serverDescription; - private readonly IAuthorizationServerHost authServerHost; - private readonly TClient client; - - internal OAuth2Coordinator( - AuthorizationServerDescription serverDescription, - IAuthorizationServerHost authServerHost, - TClient client, - Action<TClient> clientAction, - Action<AuthorizationServer> authServerAction) - : base(clientAction, authServerAction) { - Requires.NotNull(serverDescription, "serverDescription"); - Requires.NotNull(authServerHost, "authServerHost"); - Requires.NotNull(client, "client"); - - this.serverDescription = serverDescription; - this.authServerHost = authServerHost; - this.client = client; - - this.client.ClientIdentifier = OAuth2TestBase.ClientId; - this.client.ClientCredentialApplicator = ClientCredentialApplicator.PostParameter(OAuth2TestBase.ClientSecret); - } - - internal override void Run() { - var authServer = new AuthorizationServer(this.authServerHost); - - var rpCoordinatingChannel = new CoordinatingOAuth2ClientChannel(this.client.Channel, this.IncomingMessageFilter, this.OutgoingMessageFilter); - var opCoordinatingChannel = new CoordinatingOAuth2AuthServerChannel(authServer.Channel, this.IncomingMessageFilter, this.OutgoingMessageFilter); - rpCoordinatingChannel.RemoteChannel = opCoordinatingChannel; - opCoordinatingChannel.RemoteChannel = rpCoordinatingChannel; - - this.client.Channel = rpCoordinatingChannel; - authServer.Channel = opCoordinatingChannel; - - this.RunCore(this.client, authServer); - } - - private static Action<WebServerClient> WrapAction(Action<WebServerClient> action) { - Requires.NotNull(action, "action"); - - return client => { - action(client); - ((CoordinatingChannel)client.Channel).Close(); - }; - } - - private static Action<AuthorizationServer> WrapAction(Action<AuthorizationServer> action) { - Requires.NotNull(action, "action"); - - return authServer => { - action(authServer); - ((CoordinatingChannel)authServer.Channel).Close(); - }; - } - } -} diff --git a/src/DotNetOpenAuth.Test/OAuth2/OAuth2TestBase.cs b/src/DotNetOpenAuth.Test/OAuth2/OAuth2TestBase.cs index 395b18c..f01b5b7 100644 --- a/src/DotNetOpenAuth.Test/OAuth2/OAuth2TestBase.cs +++ b/src/DotNetOpenAuth.Test/OAuth2/OAuth2TestBase.cs @@ -37,10 +37,7 @@ namespace DotNetOpenAuth.Test.OAuth2 { TokenEndpoint = new Uri("https://authserver/token"), }; - protected static readonly IClientDescription ClientDescription = new ClientDescription( - ClientSecret, - ClientCallback, - ClientType.Confidential); + protected static readonly IClientDescription ClientDescription = new ClientDescription(ClientSecret, ClientCallback); protected static readonly IAuthorizationServerHost AuthorizationServerMock = CreateAuthorizationServerMock().Object; diff --git a/src/DotNetOpenAuth.Test/OAuth2/ResourceServerTests.cs b/src/DotNetOpenAuth.Test/OAuth2/ResourceServerTests.cs index 80a8392..c232450 100644 --- a/src/DotNetOpenAuth.Test/OAuth2/ResourceServerTests.cs +++ b/src/DotNetOpenAuth.Test/OAuth2/ResourceServerTests.cs @@ -11,6 +11,8 @@ namespace DotNetOpenAuth.Test.OAuth2 { using System.Linq; using System.Security.Cryptography; using System.Text; + using System.Threading.Tasks; + using DotNetOpenAuth.Messaging; using DotNetOpenAuth.OAuth2; using DotNetOpenAuth.OAuth2.ChannelElements; @@ -28,7 +30,7 @@ namespace DotNetOpenAuth.Test.OAuth2 { { "Authorization", "Bearer " }, }; var request = new HttpRequestInfo("GET", new Uri("http://localhost/resource"), headers: requestHeaders); - Assert.That(() => resourceServer.GetAccessToken(request), Throws.InstanceOf<ProtocolException>()); + Assert.That(() => resourceServer.GetAccessTokenAsync(request).GetAwaiter().GetResult(), Throws.InstanceOf<ProtocolException>()); } [Test] @@ -39,7 +41,7 @@ namespace DotNetOpenAuth.Test.OAuth2 { { "Authorization", "Bearer " }, }; var request = new HttpRequestInfo("GET", new Uri("http://localhost/resource"), headers: requestHeaders); - Assert.That(() => resourceServer.GetPrincipal(request), Throws.InstanceOf<ProtocolException>()); + Assert.That(() => resourceServer.GetPrincipalAsync(request).GetAwaiter().GetResult(), Throws.InstanceOf<ProtocolException>()); } [Test] @@ -50,12 +52,12 @@ namespace DotNetOpenAuth.Test.OAuth2 { { "Authorization", "Bearer foobar" }, }; var request = new HttpRequestInfo("GET", new Uri("http://localhost/resource"), headers: requestHeaders); - Assert.That(() => resourceServer.GetAccessToken(request), Throws.InstanceOf<ProtocolException>()); + Assert.That(() => resourceServer.GetAccessTokenAsync(request).GetAwaiter().GetResult(), Throws.InstanceOf<ProtocolException>()); } [Test] - public void GetAccessTokenWithCorruptedToken() { - var accessToken = this.ObtainValidAccessToken(); + public async Task GetAccessTokenWithCorruptedToken() { + var accessToken = await this.ObtainValidAccessTokenAsync(); var resourceServer = new ResourceServer(new StandardAccessTokenAnalyzer(AsymmetricKey, null)); @@ -63,12 +65,12 @@ namespace DotNetOpenAuth.Test.OAuth2 { { "Authorization", "Bearer " + accessToken.Substring(0, accessToken.Length - 1) + "zzz" }, }; var request = new HttpRequestInfo("GET", new Uri("http://localhost/resource"), headers: requestHeaders); - Assert.That(() => resourceServer.GetAccessToken(request), Throws.InstanceOf<ProtocolException>()); + Assert.That(() => resourceServer.GetAccessTokenAsync(request).GetAwaiter().GetResult(), Throws.InstanceOf<ProtocolException>()); } [Test] - public void GetAccessTokenWithValidToken() { - var accessToken = this.ObtainValidAccessToken(); + public async Task GetAccessTokenWithValidToken() { + var accessToken = await this.ObtainValidAccessTokenAsync(); var resourceServer = new ResourceServer(new StandardAccessTokenAnalyzer(AsymmetricKey, null)); @@ -76,11 +78,11 @@ namespace DotNetOpenAuth.Test.OAuth2 { { "Authorization", "Bearer " + accessToken }, }; var request = new HttpRequestInfo("GET", new Uri("http://localhost/resource"), headers: requestHeaders); - var resourceServerDecodedToken = resourceServer.GetAccessToken(request); + var resourceServerDecodedToken = await resourceServer.GetAccessTokenAsync(request); Assert.That(resourceServerDecodedToken, Is.Not.Null); } - private string ObtainValidAccessToken() { + private async Task<string> ObtainValidAccessTokenAsync() { string accessToken = null; var authServer = CreateAuthorizationServerMock(); authServer.Setup( @@ -89,20 +91,18 @@ namespace DotNetOpenAuth.Test.OAuth2 { authServer.Setup( a => a.CheckAuthorizeClientCredentialsGrant(It.Is<IAccessTokenRequest>(d => d.ClientIdentifier == ClientId && MessagingUtilities.AreEquivalent(d.Scope, TestScopes)))) .Returns<IAccessTokenRequest>(req => new AutomatedAuthorizationCheckResponse(req, true)); - var coordinator = new OAuth2Coordinator<WebServerClient>( - AuthorizationServerDescription, - authServer.Object, - new WebServerClient(AuthorizationServerDescription), - client => { - var authState = client.GetClientAccessToken(TestScopes); - Assert.That(authState.AccessToken, Is.Not.Null.And.Not.Empty); - Assert.That(authState.RefreshToken, Is.Null); - accessToken = authState.AccessToken; - }, - server => { - server.HandleTokenRequest().Respond(); + + Handle(AuthorizationServerDescription.TokenEndpoint).By( + async (req, ct) => { + var server = new AuthorizationServer(authServer.Object); + return await server.HandleTokenRequestAsync(req, ct); }); - coordinator.Run(); + + var client = new WebServerClient(AuthorizationServerDescription, ClientId, ClientSecret, this.HostFactories); + var authState = await client.GetClientAccessTokenAsync(TestScopes); + Assert.That(authState.AccessToken, Is.Not.Null.And.Not.Empty); + Assert.That(authState.RefreshToken, Is.Null); + accessToken = authState.AccessToken; return accessToken; } diff --git a/src/DotNetOpenAuth.Test/OAuth2/UserAgentClientAuthorizeTests.cs b/src/DotNetOpenAuth.Test/OAuth2/UserAgentClientAuthorizeTests.cs index ae03b0c..d0e9617 100644 --- a/src/DotNetOpenAuth.Test/OAuth2/UserAgentClientAuthorizeTests.cs +++ b/src/DotNetOpenAuth.Test/OAuth2/UserAgentClientAuthorizeTests.cs @@ -8,7 +8,10 @@ namespace DotNetOpenAuth.Test.OAuth2 { using System; using System.Collections.Generic; using System.Linq; + using System.Net.Http; using System.Text; + using System.Threading; + using System.Threading.Tasks; using DotNetOpenAuth.Messaging; using DotNetOpenAuth.Messaging.Bindings; using DotNetOpenAuth.OAuth2; @@ -20,61 +23,77 @@ namespace DotNetOpenAuth.Test.OAuth2 { [TestFixture] public class UserAgentClientAuthorizeTests : OAuth2TestBase { [Test] - public void AuthorizationCodeGrant() { - var coordinator = new OAuth2Coordinator<UserAgentClient>( - AuthorizationServerDescription, - AuthorizationServerMock, - new UserAgentClient(AuthorizationServerDescription), - client => { - var authState = new AuthorizationState(TestScopes) { - Callback = ClientCallback, - }; - var request = client.PrepareRequestUserAuthorization(authState); - Assert.AreEqual(EndUserAuthorizationResponseType.AuthorizationCode, request.ResponseType); - client.Channel.Respond(request); - var incoming = client.Channel.ReadFromRequest(); - var result = client.ProcessUserAuthorization(authState, incoming); - Assert.That(result.AccessToken, Is.Not.Null.And.Not.Empty); - Assert.That(result.RefreshToken, Is.Not.Null.And.Not.Empty); - }, - server => { - var request = server.ReadAuthorizationRequest(); + public async Task AuthorizationCodeGrant() { + Handle(AuthorizationServerDescription.AuthorizationEndpoint).By( + async (req, ct) => { + var server = new AuthorizationServer(AuthorizationServerMock); + var request = await server.ReadAuthorizationRequestAsync(req, ct); Assert.That(request, Is.Not.Null); - server.ApproveAuthorizationRequest(request, ResourceOwnerUsername); - server.HandleTokenRequest().Respond(); + var response = server.PrepareApproveAuthorizationRequest(request, ResourceOwnerUsername); + return await server.Channel.PrepareResponseAsync(response, ct); }); - coordinator.Run(); + Handle(AuthorizationServerDescription.TokenEndpoint).By( + async (req, ct) => { + var server = new AuthorizationServer(AuthorizationServerMock); + return await server.HandleTokenRequestAsync(req, ct); + }); + { + var client = new UserAgentClient(AuthorizationServerDescription, ClientId, ClientSecret, this.HostFactories); + var authState = new AuthorizationState(TestScopes) { Callback = ClientCallback, }; + var request = client.PrepareRequestUserAuthorization(authState); + Assert.AreEqual(EndUserAuthorizationResponseType.AuthorizationCode, request.ResponseType); + var authRequestRedirect = await client.Channel.PrepareResponseAsync(request); + Uri authRequestResponse; + this.HostFactories.AllowAutoRedirects = false; + using (var httpClient = this.HostFactories.CreateHttpClient()) { + using (var httpResponse = await httpClient.GetAsync(authRequestRedirect.Headers.Location)) { + authRequestResponse = httpResponse.Headers.Location; + } + } + var incoming = + await + client.Channel.ReadFromRequestAsync( + new HttpRequestMessage(HttpMethod.Get, authRequestResponse), CancellationToken.None); + var result = await client.ProcessUserAuthorizationAsync(authState, incoming, CancellationToken.None); + Assert.That(result.AccessToken, Is.Not.Null.And.Not.Empty); + Assert.That(result.RefreshToken, Is.Not.Null.And.Not.Empty); + } } [Test] - public void ImplicitGrant() { + public async Task ImplicitGrant() { var coordinatorClient = new UserAgentClient(AuthorizationServerDescription); - var coordinator = new OAuth2Coordinator<UserAgentClient>( - AuthorizationServerDescription, - AuthorizationServerMock, - coordinatorClient, - client => { - var authState = new AuthorizationState(TestScopes) { - Callback = ClientCallback, - }; - var request = client.PrepareRequestUserAuthorization(authState, implicitResponseType: true); - Assert.That(request.ResponseType, Is.EqualTo(EndUserAuthorizationResponseType.AccessToken)); - client.Channel.Respond(request); - var incoming = client.Channel.ReadFromRequest(); - var result = client.ProcessUserAuthorization(authState, incoming); - Assert.That(result.AccessToken, Is.Not.Null.And.Not.Empty); - Assert.That(result.RefreshToken, Is.Null); - }, - server => { - var request = server.ReadAuthorizationRequest(); + coordinatorClient.ClientCredentialApplicator = null; // implicit grant clients don't need a secret. + Handle(AuthorizationServerDescription.AuthorizationEndpoint).By( + async (req, ct) => { + var server = new AuthorizationServer(AuthorizationServerMock); + var request = await server.ReadAuthorizationRequestAsync(req, ct); Assert.That(request, Is.Not.Null); IAccessTokenRequest accessTokenRequest = (EndUserAuthorizationImplicitRequest)request; Assert.That(accessTokenRequest.ClientAuthenticated, Is.False); - server.ApproveAuthorizationRequest(request, ResourceOwnerUsername); + var response = server.PrepareApproveAuthorizationRequest(request, ResourceOwnerUsername); + return await server.Channel.PrepareResponseAsync(response, ct); }); + { + var client = new UserAgentClient(AuthorizationServerDescription, ClientId, ClientSecret, this.HostFactories); + var authState = new AuthorizationState(TestScopes) { Callback = ClientCallback, }; + var request = client.PrepareRequestUserAuthorization(authState, implicitResponseType: true); + Assert.That(request.ResponseType, Is.EqualTo(EndUserAuthorizationResponseType.AccessToken)); + var authRequestRedirect = await client.Channel.PrepareResponseAsync(request); + Uri authRequestResponse; + this.HostFactories.AllowAutoRedirects = false; + using (var httpClient = this.HostFactories.CreateHttpClient()) { + using (var httpResponse = await httpClient.GetAsync(authRequestRedirect.Headers.Location)) { + authRequestResponse = httpResponse.Headers.Location; + } + } - coordinatorClient.ClientCredentialApplicator = null; // implicit grant clients don't need a secret. - coordinator.Run(); + var incoming = + await client.Channel.ReadFromRequestAsync(new HttpRequestMessage(HttpMethod.Get, authRequestResponse), CancellationToken.None); + var result = await client.ProcessUserAuthorizationAsync(authState, incoming, CancellationToken.None); + Assert.That(result.AccessToken, Is.Not.Null.And.Not.Empty); + Assert.That(result.RefreshToken, Is.Null); + } } } } diff --git a/src/DotNetOpenAuth.Test/OAuth2/WebServerClientAuthorizeTests.cs b/src/DotNetOpenAuth.Test/OAuth2/WebServerClientAuthorizeTests.cs index 2a4241e..433cbf3 100644 --- a/src/DotNetOpenAuth.Test/OAuth2/WebServerClientAuthorizeTests.cs +++ b/src/DotNetOpenAuth.Test/OAuth2/WebServerClientAuthorizeTests.cs @@ -11,6 +11,7 @@ namespace DotNetOpenAuth.Test.OAuth2 { using System.Net; using System.Net.Http; using System.Text; + using System.Threading; using System.Threading.Tasks; using DotNetOpenAuth.Messaging; using DotNetOpenAuth.OAuth2; @@ -22,31 +23,45 @@ namespace DotNetOpenAuth.Test.OAuth2 { [TestFixture] public class WebServerClientAuthorizeTests : OAuth2TestBase { [Test] - public void AuthorizationCodeGrant() { - var coordinator = new OAuth2Coordinator<WebServerClient>( - AuthorizationServerDescription, - AuthorizationServerMock, - new WebServerClient(AuthorizationServerDescription), - client => { - var authState = new AuthorizationState(TestScopes) { - Callback = ClientCallback, - }; - client.PrepareRequestUserAuthorization(authState).Respond(); - var result = client.ProcessUserAuthorization(); - Assert.That(result.AccessToken, Is.Not.Null.And.Not.Empty); - Assert.That(result.RefreshToken, Is.Not.Null.And.Not.Empty); - }, - server => { - var request = server.ReadAuthorizationRequest(); + public async Task AuthorizationCodeGrant() { + Handle(AuthorizationServerDescription.AuthorizationEndpoint).By( + async (req, ct) => { + var server = new AuthorizationServer(AuthorizationServerMock); + var request = await server.ReadAuthorizationRequestAsync(req, ct); Assert.That(request, Is.Not.Null); - server.ApproveAuthorizationRequest(request, ResourceOwnerUsername); - server.HandleTokenRequest().Respond(); + var response = server.PrepareApproveAuthorizationRequest(request, ResourceOwnerUsername); + return await server.Channel.PrepareResponseAsync(response, ct); }); - coordinator.Run(); + Handle(AuthorizationServerDescription.TokenEndpoint).By( + async (req, ct) => { + var server = new AuthorizationServer(AuthorizationServerMock); + return await server.HandleTokenRequestAsync(req, ct); + }); + + var client = new WebServerClient(AuthorizationServerDescription, ClientId, ClientSecret, this.HostFactories); + var authState = new AuthorizationState(TestScopes) { + Callback = ClientCallback, + }; + var authRequestRedirect = await client.PrepareRequestUserAuthorizationAsync(authState); + this.HostFactories.CookieContainer.SetCookies(authRequestRedirect, ClientCallback); + Uri authRequestResponse; + this.HostFactories.AllowAutoRedirects = false; + using (var httpClient = this.HostFactories.CreateHttpClient()) { + using (var httpResponse = await httpClient.GetAsync(authRequestRedirect.Headers.Location)) { + Assert.That(httpResponse.StatusCode, Is.EqualTo(HttpStatusCode.Redirect)); + authRequestResponse = httpResponse.Headers.Location; + } + } + + var authorizationResponse = new HttpRequestMessage(HttpMethod.Get, authRequestResponse); + this.HostFactories.CookieContainer.ApplyCookies(authorizationResponse); + var result = await client.ProcessUserAuthorizationAsync(authorizationResponse, CancellationToken.None); + Assert.That(result.AccessToken, Is.Not.Null.And.Not.Empty); + Assert.That(result.RefreshToken, Is.Not.Null.And.Not.Empty); } [Theory] - public void ResourceOwnerPasswordCredentialGrant(bool anonymousClient) { + public async Task ResourceOwnerPasswordCredentialGrant(bool anonymousClient) { var authHostMock = CreateAuthorizationServerMock(); if (anonymousClient) { authHostMock.Setup( @@ -58,27 +73,23 @@ namespace DotNetOpenAuth.Test.OAuth2 { MessagingUtilities.AreEquivalent(d.Scope, TestScopes)))).Returns(true); } - var coordinator = new OAuth2Coordinator<WebServerClient>( - AuthorizationServerDescription, - authHostMock.Object, - new WebServerClient(AuthorizationServerDescription), - client => { - if (anonymousClient) { - client.ClientIdentifier = null; - } + Handle(AuthorizationServerDescription.TokenEndpoint).By(async (req, ct) => { + var server = new AuthorizationServer(authHostMock.Object); + return await server.HandleTokenRequestAsync(req, ct); + }); + + var client = new WebServerClient(AuthorizationServerDescription, ClientId, ClientSecret, this.HostFactories); + if (anonymousClient) { + client.ClientIdentifier = null; + } - var authState = client.ExchangeUserCredentialForToken(ResourceOwnerUsername, ResourceOwnerPassword, TestScopes); - Assert.That(authState.AccessToken, Is.Not.Null.And.Not.Empty); - Assert.That(authState.RefreshToken, Is.Not.Null.And.Not.Empty); - }, - server => { - server.HandleTokenRequest().Respond(); - }); - coordinator.Run(); + var authState = await client.ExchangeUserCredentialForTokenAsync(ResourceOwnerUsername, ResourceOwnerPassword, TestScopes); + Assert.That(authState.AccessToken, Is.Not.Null.And.Not.Empty); + Assert.That(authState.RefreshToken, Is.Not.Null.And.Not.Empty); } [Test] - public void ClientCredentialGrant() { + public async Task ClientCredentialGrant() { var authServer = CreateAuthorizationServerMock(); authServer.Setup( a => a.IsAuthorizationValid(It.Is<IAuthorizationDescription>(d => d.User == null && d.ClientIdentifier == ClientId && MessagingUtilities.AreEquivalent(d.Scope, TestScopes)))) @@ -86,23 +97,19 @@ namespace DotNetOpenAuth.Test.OAuth2 { authServer.Setup( a => a.CheckAuthorizeClientCredentialsGrant(It.Is<IAccessTokenRequest>(d => d.ClientIdentifier == ClientId && MessagingUtilities.AreEquivalent(d.Scope, TestScopes)))) .Returns<IAccessTokenRequest>(req => new AutomatedAuthorizationCheckResponse(req, true)); - var coordinator = new OAuth2Coordinator<WebServerClient>( - AuthorizationServerDescription, - authServer.Object, - new WebServerClient(AuthorizationServerDescription), - client => { - var authState = client.GetClientAccessToken(TestScopes); - Assert.That(authState.AccessToken, Is.Not.Null.And.Not.Empty); - Assert.That(authState.RefreshToken, Is.Null); - }, - server => { - server.HandleTokenRequest().Respond(); + Handle(AuthorizationServerDescription.TokenEndpoint).By( + async (req, ct) => { + var server = new AuthorizationServer(authServer.Object); + return await server.HandleTokenRequestAsync(req, ct); }); - coordinator.Run(); + var client = new WebServerClient(AuthorizationServerDescription, ClientId, ClientSecret, this.HostFactories); + var authState = await client.GetClientAccessTokenAsync(TestScopes); + Assert.That(authState.AccessToken, Is.Not.Null.And.Not.Empty); + Assert.That(authState.RefreshToken, Is.Null); } [Test] - public void GetClientAccessTokenReturnsApprovedScope() { + public async Task GetClientAccessTokenReturnsApprovedScope() { string[] approvedScopes = new[] { "Scope2", "Scope3" }; var authServer = CreateAuthorizationServerMock(); authServer.Setup( @@ -111,22 +118,19 @@ namespace DotNetOpenAuth.Test.OAuth2 { authServer.Setup( a => a.CheckAuthorizeClientCredentialsGrant(It.Is<IAccessTokenRequest>(d => d.ClientIdentifier == ClientId && MessagingUtilities.AreEquivalent(d.Scope, TestScopes)))) .Returns<IAccessTokenRequest>(req => { - var response = new AutomatedAuthorizationCheckResponse(req, true); - response.ApprovedScope.ResetContents(approvedScopes); - return response; - }); - var coordinator = new OAuth2Coordinator<WebServerClient>( - AuthorizationServerDescription, - authServer.Object, - new WebServerClient(AuthorizationServerDescription), - client => { - var authState = client.GetClientAccessToken(TestScopes); - Assert.That(authState.Scope, Is.EquivalentTo(approvedScopes)); - }, - server => { - server.HandleTokenRequest().Respond(); + var response = new AutomatedAuthorizationCheckResponse(req, true); + response.ApprovedScope.ResetContents(approvedScopes); + return response; + }); + Handle(AuthorizationServerDescription.TokenEndpoint).By( + async (req, ct) => { + var server = new AuthorizationServer(authServer.Object); + return await server.HandleTokenRequestAsync(req, ct); }); - coordinator.Run(); + + var client = new WebServerClient(AuthorizationServerDescription, ClientId, ClientSecret, this.HostFactories); + var authState = await client.GetClientAccessTokenAsync(TestScopes); + Assert.That(authState.Scope, Is.EquivalentTo(approvedScopes)); } [Test] |