diff options
Diffstat (limited to 'src')
4 files changed, 64 insertions, 8 deletions
diff --git a/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientBase.cs b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientBase.cs index 8a681be..b8cfbe3 100644 --- a/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientBase.cs +++ b/src/DotNetOpenAuth.OAuth2.Client/OAuth2/ClientBase.cs @@ -11,6 +11,7 @@ namespace DotNetOpenAuth.OAuth2 { using System.Globalization; using System.Linq; using System.Net; + using System.Security; using System.Text; using DotNetOpenAuth.Messaging; using DotNetOpenAuth.OAuth2.ChannelElements; @@ -156,6 +157,40 @@ namespace DotNetOpenAuth.OAuth2 { } /// <summary> + /// Exchanges a resource owner's password credential for OAuth 2.0 refresh and access tokens. + /// </summary> + /// <param name="userName">The resource owner's username, as it is known by the authorization server.</param> + /// <param name="password">The resource owner's account password.</param> + /// <param name="scopes">The desired scope of access.</param> + /// <returns>The result, containing the tokens if successful.</returns> + public IAuthorizationState ExchangeUserCredentialForToken(string userName, string password, IEnumerable<string> scopes = null) { + Requires.NotNullOrEmpty(userName, "userName"); + Requires.NotNull(password, "password"); + + var authorizationState = new AuthorizationState(scopes); + + var request = new AccessTokenResourceOwnerPasswordCredentialsRequest(this.AuthorizationServer.TokenEndpoint, this.AuthorizationServer.Version) { + ClientIdentifier = this.ClientIdentifier, + ClientSecret = this.ClientSecret, + UserName = userName, + Password = password, + }; + + var response = this.Channel.Request(request); + var success = response as AccessTokenSuccessResponse; + var failure = response as AccessTokenFailedResponse; + ErrorUtilities.VerifyProtocol(success != null || failure != null, MessagingStrings.UnexpectedMessageReceivedOfMany); + if (success != null) { + UpdateAuthorizationWithResponse(authorizationState, success); + } else { // failure + Logger.OAuth.Info("Resource Owner credentials rejected by the Authorization Server."); + authorizationState.Delete(); + } + + return authorizationState; + } + + /// <summary> /// Updates the authorization state maintained by the client with the content of an outgoing response. /// </summary> /// <param name="authorizationState">The authorization state maintained by the client.</param> diff --git a/src/DotNetOpenAuth.Test/OAuth2/OAuth2TestBase.cs b/src/DotNetOpenAuth.Test/OAuth2/OAuth2TestBase.cs index cefab0f..ee35b24 100644 --- a/src/DotNetOpenAuth.Test/OAuth2/OAuth2TestBase.cs +++ b/src/DotNetOpenAuth.Test/OAuth2/OAuth2TestBase.cs @@ -19,7 +19,9 @@ namespace DotNetOpenAuth.Test.OAuth2 { protected internal const string ClientSecret = "TestClientSecret"; - protected const string Username = "TestUser"; + protected const string ResourceOwnerUsername = "TestUser"; + + protected const string ResourceOwnerPassword = "TestUserPassword"; protected static readonly Uri ClientCallback = new Uri("http://client/callback"); @@ -40,7 +42,7 @@ namespace DotNetOpenAuth.Test.OAuth2 { var cryptoStore = new MemoryCryptoKeyStore(); authHostMock.Setup(m => m.GetClient(ClientId)).Returns(ClientDescription); authHostMock.SetupGet(m => m.CryptoKeyStore).Returns(cryptoStore); - authHostMock.Setup(m => m.IsAuthorizationValid(It.Is<IAuthorizationDescription>(d => d.ClientIdentifier == ClientId && d.User == Username))).Returns(true); + authHostMock.Setup(m => m.IsAuthorizationValid(It.Is<IAuthorizationDescription>(d => d.ClientIdentifier == ClientId && d.User == ResourceOwnerUsername))).Returns(true); return authHostMock; } } diff --git a/src/DotNetOpenAuth.Test/OAuth2/UserAgentClientAuthorizeTests.cs b/src/DotNetOpenAuth.Test/OAuth2/UserAgentClientAuthorizeTests.cs index c91049f..3a8944f 100644 --- a/src/DotNetOpenAuth.Test/OAuth2/UserAgentClientAuthorizeTests.cs +++ b/src/DotNetOpenAuth.Test/OAuth2/UserAgentClientAuthorizeTests.cs @@ -20,7 +20,7 @@ namespace DotNetOpenAuth.Test.OAuth2 { [TestFixture] public class UserAgentClientAuthorizeTests : OAuth2TestBase { [TestCase] - public void AuthorizationCodeGrantAuthorization() { + public void AuthorizationCodeGrant() { var coordinator = new OAuth2Coordinator<UserAgentClient>( AuthorizationServerDescription, AuthorizationServerMock, @@ -39,7 +39,7 @@ namespace DotNetOpenAuth.Test.OAuth2 { }, server => { var request = server.ReadAuthorizationRequest(); - server.ApproveAuthorizationRequest(request, Username); + server.ApproveAuthorizationRequest(request, ResourceOwnerUsername); var tokenRequest = server.ReadAccessTokenRequest(); IAccessTokenRequest accessTokenRequest = tokenRequest; Assert.IsTrue(accessTokenRequest.ClientAuthenticated); @@ -50,7 +50,7 @@ namespace DotNetOpenAuth.Test.OAuth2 { } [TestCase] - public void ImplicitGrantAuthorization() { + public void ImplicitGrant() { var coordinatorClient = new UserAgentClient(AuthorizationServerDescription); var coordinator = new OAuth2Coordinator<UserAgentClient>( AuthorizationServerDescription, @@ -72,7 +72,7 @@ namespace DotNetOpenAuth.Test.OAuth2 { var request = server.ReadAuthorizationRequest(); IAccessTokenRequest accessTokenRequest = (EndUserAuthorizationImplicitRequest)request; Assert.IsFalse(accessTokenRequest.ClientAuthenticated); - server.ApproveAuthorizationRequest(request, Username); + server.ApproveAuthorizationRequest(request, ResourceOwnerUsername); }); coordinatorClient.ClientSecret = null; // implicit grant clients don't need a secret. diff --git a/src/DotNetOpenAuth.Test/OAuth2/WebServerClientAuthorizeTests.cs b/src/DotNetOpenAuth.Test/OAuth2/WebServerClientAuthorizeTests.cs index 02fc25b..faf50bd 100644 --- a/src/DotNetOpenAuth.Test/OAuth2/WebServerClientAuthorizeTests.cs +++ b/src/DotNetOpenAuth.Test/OAuth2/WebServerClientAuthorizeTests.cs @@ -16,7 +16,7 @@ namespace DotNetOpenAuth.Test.OAuth2 { [TestFixture] public class WebServerClientAuthorizeTests : OAuth2TestBase { [TestCase] - public void AuthorizationCodeGrantAuthorization() { + public void AuthorizationCodeGrant() { var coordinator = new OAuth2Coordinator<WebServerClient>( AuthorizationServerDescription, AuthorizationServerMock, @@ -32,7 +32,7 @@ namespace DotNetOpenAuth.Test.OAuth2 { }, server => { var request = server.ReadAuthorizationRequest(); - server.ApproveAuthorizationRequest(request, Username); + server.ApproveAuthorizationRequest(request, ResourceOwnerUsername); var tokenRequest = server.ReadAccessTokenRequest(); IAccessTokenRequest accessTokenRequest = tokenRequest; Assert.IsTrue(accessTokenRequest.ClientAuthenticated); @@ -41,5 +41,24 @@ namespace DotNetOpenAuth.Test.OAuth2 { }); coordinator.Run(); } + + [TestCase, Ignore("Not yet passing")] + public void ResourceOwnerPasswordCredentialGrant() { + var coordinator = new OAuth2Coordinator<WebServerClient>( + AuthorizationServerDescription, + AuthorizationServerMock, + new WebServerClient(AuthorizationServerDescription), + client => { + var authState = client.ExchangeUserCredentialForToken(ResourceOwnerUsername, ResourceOwnerPassword); + Assert.IsNotNullOrEmpty(authState.AccessToken); + Assert.IsNotNullOrEmpty(authState.RefreshToken); + }, + server => { + var request = server.ReadAccessTokenRequest(); + var response = server.PrepareAccessTokenResponse(request); + server.Channel.Respond(response); + }); + coordinator.Run(); + } } } |