summaryrefslogtreecommitdiffstats
path: root/src/DotNetOpenAuth.Test/OAuth2
diff options
context:
space:
mode:
Diffstat (limited to 'src/DotNetOpenAuth.Test/OAuth2')
-rw-r--r--src/DotNetOpenAuth.Test/OAuth2/OAuth2TestBase.cs5
-rw-r--r--src/DotNetOpenAuth.Test/OAuth2/ResourceServerTests.cs110
2 files changed, 114 insertions, 1 deletions
diff --git a/src/DotNetOpenAuth.Test/OAuth2/OAuth2TestBase.cs b/src/DotNetOpenAuth.Test/OAuth2/OAuth2TestBase.cs
index f43a349..b9e32fe 100644
--- a/src/DotNetOpenAuth.Test/OAuth2/OAuth2TestBase.cs
+++ b/src/DotNetOpenAuth.Test/OAuth2/OAuth2TestBase.cs
@@ -8,6 +8,7 @@ namespace DotNetOpenAuth.Test.OAuth2 {
using System;
using System.Collections.Generic;
using System.Linq;
+ using System.Security.Cryptography;
using System.Text;
using DotNetOpenAuth.Messaging;
using DotNetOpenAuth.Messaging.Bindings;
@@ -29,6 +30,8 @@ namespace DotNetOpenAuth.Test.OAuth2 {
protected static readonly Uri ClientCallback = new Uri("http://client/callback");
+ protected static readonly RSACryptoServiceProvider AsymmetricKey = new RSACryptoServiceProvider(512);
+
protected static readonly AuthorizationServerDescription AuthorizationServerDescription = new AuthorizationServerDescription {
AuthorizationEndpoint = new Uri("https://authserver/authorize"),
TokenEndpoint = new Uri("https://authserver/token"),
@@ -55,7 +58,7 @@ namespace DotNetOpenAuth.Test.OAuth2 {
MessagingUtilities.AreEquivalent(d.Scope, TestScopes)))).Returns(true);
string canonicalUserName = ResourceOwnerUsername;
authHostMock.Setup(m => m.TryAuthorizeResourceOwnerCredentialGrant(ResourceOwnerUsername, ResourceOwnerPassword, It.IsAny<IAccessTokenRequest>(), out canonicalUserName)).Returns(true);
- authHostMock.Setup(m => m.CreateAccessToken(It.IsAny<IAccessTokenRequest>())).Returns(new AccessTokenResult(new AuthorizationServerAccessToken()));
+ authHostMock.Setup(m => m.CreateAccessToken(It.IsAny<IAccessTokenRequest>())).Returns(new AccessTokenResult(new AuthorizationServerAccessToken() { AccessTokenSigningKey = AsymmetricKey }));
return authHostMock;
}
}
diff --git a/src/DotNetOpenAuth.Test/OAuth2/ResourceServerTests.cs b/src/DotNetOpenAuth.Test/OAuth2/ResourceServerTests.cs
new file mode 100644
index 0000000..a4d09de
--- /dev/null
+++ b/src/DotNetOpenAuth.Test/OAuth2/ResourceServerTests.cs
@@ -0,0 +1,110 @@
+//-----------------------------------------------------------------------
+// <copyright file="ResourceServerTests.cs" company="Andrew Arnott">
+// Copyright (c) Andrew Arnott. All rights reserved.
+// </copyright>
+//-----------------------------------------------------------------------
+
+namespace DotNetOpenAuth.Test.OAuth2 {
+ using System;
+ using System.Collections.Generic;
+ using System.Collections.Specialized;
+ using System.Linq;
+ using System.Security.Cryptography;
+ using System.Text;
+ using DotNetOpenAuth.Messaging;
+ using DotNetOpenAuth.OAuth2;
+ using DotNetOpenAuth.OAuth2.ChannelElements;
+ using DotNetOpenAuth.OAuth2.Messages;
+ using Moq;
+ using NUnit.Framework;
+
+ [TestFixture]
+ public class ResourceServerTests : OAuth2TestBase {
+ [Test]
+ public void GetAccessTokenWithMissingAccessToken() {
+ var resourceServer = new ResourceServer(new StandardAccessTokenAnalyzer(AsymmetricKey, null));
+
+ var requestHeaders = new NameValueCollection {
+ { "Authorization", "Bearer " },
+ };
+ var request = new HttpRequestInfo("GET", new Uri("http://localhost/resource"), headers: requestHeaders);
+ Assert.That(() => resourceServer.GetAccessToken(request), Throws.InstanceOf<ProtocolException>());
+ }
+
+ [Test]
+ public void GetPrincipalWithMissingAccessToken() {
+ var resourceServer = new ResourceServer(new StandardAccessTokenAnalyzer(AsymmetricKey, null));
+
+ var requestHeaders = new NameValueCollection {
+ { "Authorization", "Bearer " },
+ };
+ var request = new HttpRequestInfo("GET", new Uri("http://localhost/resource"), headers: requestHeaders);
+ Assert.That(() => resourceServer.GetPrincipal(request), Throws.InstanceOf<ProtocolException>());
+ }
+
+ [Test]
+ public void GetAccessTokenWithTotallyFakeToken() {
+ var resourceServer = new ResourceServer(new StandardAccessTokenAnalyzer(AsymmetricKey, null));
+
+ var requestHeaders = new NameValueCollection {
+ { "Authorization", "Bearer foobar" },
+ };
+ var request = new HttpRequestInfo("GET", new Uri("http://localhost/resource"), headers: requestHeaders);
+ Assert.That(() => resourceServer.GetAccessToken(request), Throws.InstanceOf<ProtocolException>());
+ }
+
+ [Test]
+ public void GetAccessTokenWithCorruptedToken() {
+ var accessToken = this.ObtainValidAccessToken();
+
+ var resourceServer = new ResourceServer(new StandardAccessTokenAnalyzer(AsymmetricKey, null));
+
+ var requestHeaders = new NameValueCollection {
+ { "Authorization", "Bearer " + accessToken.Substring(0, accessToken.Length - 1) + "zzz" },
+ };
+ var request = new HttpRequestInfo("GET", new Uri("http://localhost/resource"), headers: requestHeaders);
+ Assert.That(() => resourceServer.GetAccessToken(request), Throws.InstanceOf<ProtocolException>());
+ }
+
+ [Test]
+ public void GetAccessTokenWithValidToken() {
+ var accessToken = this.ObtainValidAccessToken();
+
+ var resourceServer = new ResourceServer(new StandardAccessTokenAnalyzer(AsymmetricKey, null));
+
+ var requestHeaders = new NameValueCollection {
+ { "Authorization", "Bearer " + accessToken },
+ };
+ var request = new HttpRequestInfo("GET", new Uri("http://localhost/resource"), headers: requestHeaders);
+ var resourceServerDecodedToken = resourceServer.GetAccessToken(request);
+ Assert.That(resourceServerDecodedToken, Is.Not.Null);
+ }
+
+ private string ObtainValidAccessToken() {
+ string accessToken = null;
+ var authServer = CreateAuthorizationServerMock();
+ authServer.Setup(
+ a => a.IsAuthorizationValid(It.Is<IAuthorizationDescription>(d => d.User == null && d.ClientIdentifier == ClientId && MessagingUtilities.AreEquivalent(d.Scope, TestScopes))))
+ .Returns(true);
+ authServer.Setup(
+ a => a.TryAuthorizeClientCredentialsGrant(It.Is<IAccessTokenRequest>(d => d.ClientIdentifier == ClientId && MessagingUtilities.AreEquivalent(d.Scope, TestScopes))))
+ .Returns(true);
+ var coordinator = new OAuth2Coordinator<WebServerClient>(
+ AuthorizationServerDescription,
+ authServer.Object,
+ new WebServerClient(AuthorizationServerDescription),
+ client => {
+ var authState = client.GetClientAccessToken(TestScopes);
+ Assert.That(authState.AccessToken, Is.Not.Null.And.Not.Empty);
+ Assert.That(authState.RefreshToken, Is.Null);
+ accessToken = authState.AccessToken;
+ },
+ server => {
+ server.HandleTokenRequest().Respond();
+ });
+ coordinator.Run();
+
+ return accessToken;
+ }
+ }
+}
generated by cgit v1.1 at 2025-05-31 00:15:36 +0000