Resolve "API tokens" #41
2
.idea/.idea.HopFrame/.idea/dataSources.xml
generated
2
.idea/.idea.HopFrame/.idea/dataSources.xml
generated
@@ -5,7 +5,7 @@
|
||||
<driver-ref>sqlite.xerial</driver-ref>
|
||||
<synchronize>true</synchronize>
|
||||
<jdbc-driver>org.sqlite.JDBC</jdbc-driver>
|
||||
<jdbc-url>jdbc:sqlite:$PROJECT_DIR$/test/RestApiTest/bin/Debug/net8.0/test.db</jdbc-url>
|
||||
<jdbc-url>jdbc:sqlite:C:\Users\leon\Documents\Projekte\HopFrame\testing\HopFrame.Testing.Api\bin\Debug\net8.0\test.db</jdbc-url>
|
||||
<jdbc-additional-properties>
|
||||
<property name="com.intellij.clouds.kubernetes.db.enabled" value="false" />
|
||||
</jdbc-additional-properties>
|
||||
|
||||
@@ -69,6 +69,7 @@
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
</wpf:ResourceDictionary>
|
||||
@@ -23,18 +23,18 @@ internal class AuthLogic(IUserRepository users, ITokenRepository tokens, ITokenC
|
||||
var refreshToken = await tokens.CreateToken(Token.RefreshTokenType, user);
|
||||
var accessToken = await tokens.CreateToken(Token.AccessTokenType, user);
|
||||
|
||||
accessor.HttpContext?.Response.Cookies.Append(ITokenContext.RefreshTokenType, refreshToken.Content.ToString(), new CookieOptions {
|
||||
accessor.HttpContext?.Response.Cookies.Append(ITokenContext.RefreshTokenType, refreshToken.TokenId.ToString(), new CookieOptions {
|
||||
MaxAge = options.Value.RefreshTokenTime,
|
||||
HttpOnly = true,
|
||||
Secure = true
|
||||
});
|
||||
accessor.HttpContext?.Response.Cookies.Append(ITokenContext.AccessTokenType, accessToken.Content.ToString(), new CookieOptions {
|
||||
accessor.HttpContext?.Response.Cookies.Append(ITokenContext.AccessTokenType, accessToken.TokenId.ToString(), new CookieOptions {
|
||||
MaxAge = options.Value.AccessTokenTime,
|
||||
HttpOnly = true,
|
||||
Secure = true
|
||||
});
|
||||
|
||||
return LogicResult<SingleValueResult<string>>.Ok(accessToken.Content.ToString());
|
||||
return LogicResult<SingleValueResult<string>>.Ok(accessToken.TokenId.ToString());
|
||||
}
|
||||
|
||||
public async Task<LogicResult<SingleValueResult<string>>> Register(UserRegister register) {
|
||||
@@ -54,18 +54,18 @@ internal class AuthLogic(IUserRepository users, ITokenRepository tokens, ITokenC
|
||||
var refreshToken = await tokens.CreateToken(Token.RefreshTokenType, user);
|
||||
var accessToken = await tokens.CreateToken(Token.AccessTokenType, user);
|
||||
|
||||
accessor.HttpContext?.Response.Cookies.Append(ITokenContext.RefreshTokenType, refreshToken.Content.ToString(), new CookieOptions {
|
||||
accessor.HttpContext?.Response.Cookies.Append(ITokenContext.RefreshTokenType, refreshToken.TokenId.ToString(), new CookieOptions {
|
||||
MaxAge = options.Value.RefreshTokenTime,
|
||||
HttpOnly = true,
|
||||
Secure = true
|
||||
});
|
||||
accessor.HttpContext?.Response.Cookies.Append(ITokenContext.AccessTokenType, accessToken.Content.ToString(), new CookieOptions {
|
||||
accessor.HttpContext?.Response.Cookies.Append(ITokenContext.AccessTokenType, accessToken.TokenId.ToString(), new CookieOptions {
|
||||
MaxAge = options.Value.AccessTokenTime,
|
||||
HttpOnly = false,
|
||||
Secure = true
|
||||
});
|
||||
|
||||
return LogicResult<SingleValueResult<string>>.Ok(accessToken.Content.ToString());
|
||||
return LogicResult<SingleValueResult<string>>.Ok(accessToken.TokenId.ToString());
|
||||
}
|
||||
|
||||
public async Task<LogicResult<SingleValueResult<string>>> Authenticate() {
|
||||
@@ -87,13 +87,13 @@ internal class AuthLogic(IUserRepository users, ITokenRepository tokens, ITokenC
|
||||
|
||||
var accessToken = await tokens.CreateToken(Token.AccessTokenType, token.Owner);
|
||||
|
||||
accessor.HttpContext?.Response.Cookies.Append(ITokenContext.AccessTokenType, accessToken.Content.ToString(), new CookieOptions {
|
||||
accessor.HttpContext?.Response.Cookies.Append(ITokenContext.AccessTokenType, accessToken.TokenId.ToString(), new CookieOptions {
|
||||
MaxAge = options.Value.AccessTokenTime,
|
||||
HttpOnly = false,
|
||||
Secure = true
|
||||
});
|
||||
|
||||
return LogicResult<SingleValueResult<string>>.Ok(accessToken.Content.ToString());
|
||||
return LogicResult<SingleValueResult<string>>.Ok(accessToken.TokenId.ToString());
|
||||
}
|
||||
|
||||
public async Task<LogicResult> Logout() {
|
||||
|
||||
@@ -30,5 +30,10 @@ public abstract class HopDbContextBase : DbContext {
|
||||
.HasMany(g => g.Permissions)
|
||||
.WithOne(p => p.Group)
|
||||
.OnDelete(DeleteBehavior.Cascade);
|
||||
|
||||
modelBuilder.Entity<Token>()
|
||||
.HasMany(t => t.Permissions)
|
||||
.WithOne(t => t.Token)
|
||||
.OnDelete(DeleteBehavior.Cascade);
|
||||
}
|
||||
}
|
||||
@@ -21,6 +21,9 @@ public class Permission {
|
||||
[ForeignKey("GroupName"), JsonIgnore]
|
||||
public virtual PermissionGroup Group { get; set; }
|
||||
|
||||
[ForeignKey("TokenId"), JsonIgnore]
|
||||
public virtual Token Token { get; set; }
|
||||
|
||||
}
|
||||
|
||||
public interface IPermissionOwner;
|
||||
|
||||
@@ -4,24 +4,32 @@ using System.Text.Json.Serialization;
|
||||
|
||||
namespace HopFrame.Database.Models;
|
||||
|
||||
public class Token {
|
||||
public class Token : IPermissionOwner {
|
||||
public const int RefreshTokenType = 0;
|
||||
public const int AccessTokenType = 1;
|
||||
public const int ApiTokenType = 2;
|
||||
|
||||
/// <summary>
|
||||
/// Defines the Type of the stored Token
|
||||
/// 0: Refresh token
|
||||
/// 1: Access token
|
||||
/// 2: Api token
|
||||
/// </summary>
|
||||
[Required, MinLength(1), MaxLength(1)]
|
||||
public int Type { get; set; }
|
||||
|
||||
[Key, Required, MinLength(36), MaxLength(36)]
|
||||
public Guid Content { get; set; }
|
||||
public Guid TokenId { get; set; }
|
||||
|
||||
/// <summary>
|
||||
/// Defines the creation date of the token
|
||||
/// In case of an api token it defines the date it becomes invalid
|
||||
/// </summary>
|
||||
[Required]
|
||||
public DateTime CreatedAt { get; set; }
|
||||
|
||||
[ForeignKey("UserId"), JsonIgnore]
|
||||
public virtual User Owner { get; set; }
|
||||
|
||||
public virtual List<Permission> Permissions { get; set; }
|
||||
}
|
||||
@@ -6,4 +6,5 @@ public interface ITokenRepository {
|
||||
Task<Token> GetToken(string content);
|
||||
Task<Token> CreateToken(int type, User owner);
|
||||
Task DeleteUserTokens(User owner);
|
||||
Task<Token> CreateApiToken(User owner, DateTime expirationDate);
|
||||
}
|
||||
@@ -24,6 +24,10 @@ internal sealed class PermissionRepository<TDbContext>(TDbContext context, IGrou
|
||||
entry.User = user;
|
||||
}else if (owner is PermissionGroup group) {
|
||||
entry.Group = group;
|
||||
}else if (owner is Token token) {
|
||||
if (token.Type != Token.ApiTokenType)
|
||||
throw new ArgumentException("Only API tokens can have permissions!");
|
||||
entry.Token = token;
|
||||
}
|
||||
|
||||
await context.Permissions.AddAsync(entry);
|
||||
@@ -48,6 +52,13 @@ internal sealed class PermissionRepository<TDbContext>(TDbContext context, IGrou
|
||||
.Where(p =>p.Group.Name == group.Name)
|
||||
.Where(p => p.PermissionName == permission)
|
||||
.SingleOrDefaultAsync();
|
||||
}else if (owner is Token token) {
|
||||
entry = await context.Permissions
|
||||
.Include(p => p.Token)
|
||||
.Where(p => p.Token != null)
|
||||
.Where(p => p.Token.TokenId == token.TokenId)
|
||||
.Where(p => p.PermissionName == permission)
|
||||
.SingleOrDefaultAsync();
|
||||
}
|
||||
|
||||
if (entry is not null) {
|
||||
@@ -74,6 +85,14 @@ internal sealed class PermissionRepository<TDbContext>(TDbContext context, IGrou
|
||||
.Where(p =>p.Group.Name == group.Name)
|
||||
.ToListAsync();
|
||||
|
||||
permissions.AddRange(perms.Select(p => p.PermissionName));
|
||||
}else if (owner is Token token) {
|
||||
var perms = await context.Permissions
|
||||
.Include(p => p.Token)
|
||||
.Where(p => p.Token != null)
|
||||
.Where(p =>p.Token.TokenId == token.TokenId)
|
||||
.ToListAsync();
|
||||
|
||||
permissions.AddRange(perms.Select(p => p.PermissionName));
|
||||
}
|
||||
|
||||
|
||||
@@ -11,14 +11,14 @@ internal sealed class TokenRepository<TDbContext>(TDbContext context) : ITokenRe
|
||||
|
||||
return await context.Tokens
|
||||
.Include(t => t.Owner)
|
||||
.Where(t => t.Content == guid)
|
||||
.Where(t => t.TokenId == guid)
|
||||
.SingleOrDefaultAsync();
|
||||
}
|
||||
|
||||
public async Task<Token> CreateToken(int type, User owner) {
|
||||
var token = new Token {
|
||||
CreatedAt = DateTime.Now,
|
||||
Content = Guid.NewGuid(),
|
||||
TokenId = Guid.NewGuid(),
|
||||
Type = type,
|
||||
Owner = owner
|
||||
};
|
||||
@@ -38,4 +38,18 @@ internal sealed class TokenRepository<TDbContext>(TDbContext context) : ITokenRe
|
||||
context.Tokens.RemoveRange(tokens);
|
||||
await context.SaveChangesAsync();
|
||||
}
|
||||
|
||||
public async Task<Token> CreateApiToken(User owner, DateTime expirationDate) {
|
||||
var token = new Token {
|
||||
CreatedAt = expirationDate,
|
||||
TokenId = Guid.NewGuid(),
|
||||
Type = Token.ApiTokenType,
|
||||
Owner = owner
|
||||
};
|
||||
|
||||
await context.Tokens.AddAsync(token);
|
||||
await context.SaveChangesAsync();
|
||||
|
||||
return token;
|
||||
}
|
||||
}
|
||||
@@ -1,5 +1,6 @@
|
||||
using System.Security.Claims;
|
||||
using System.Text.Encodings.Web;
|
||||
using HopFrame.Database.Models;
|
||||
using HopFrame.Database.Repositories;
|
||||
using HopFrame.Security.Claims;
|
||||
using Microsoft.AspNetCore.Authentication;
|
||||
@@ -33,7 +34,10 @@ public class HopFrameAuthentication(
|
||||
var tokenEntry = await tokens.GetToken(accessToken);
|
||||
|
||||
if (tokenEntry is null) return AuthenticateResult.Fail("The provided Access Token does not exist");
|
||||
if (tokenEntry.CreatedAt + tokenOptions.Value.AccessTokenTime < DateTime.Now) return AuthenticateResult.Fail("The provided Access Token is expired");
|
||||
|
||||
if (tokenEntry.Type == Token.ApiTokenType) {
|
||||
if (tokenEntry.CreatedAt < DateTime.Now) return AuthenticateResult.Fail("The provided API Token is expired");
|
||||
}else if (tokenEntry.CreatedAt + tokenOptions.Value.AccessTokenTime < DateTime.Now) return AuthenticateResult.Fail("The provided Access Token is expired");
|
||||
|
||||
if (tokenEntry.Owner is null)
|
||||
return AuthenticateResult.Fail("The provided Access Token does not match any user");
|
||||
@@ -43,7 +47,15 @@ public class HopFrameAuthentication(
|
||||
new(HopFrameClaimTypes.UserId, tokenEntry.Owner.Id.ToString())
|
||||
};
|
||||
|
||||
var permissions = await perms.GetFullPermissions(tokenEntry.Owner);
|
||||
IList<string> permissions;
|
||||
|
||||
if (tokenEntry.Type == Token.ApiTokenType) {
|
||||
permissions = await perms.GetFullPermissions(tokenEntry);
|
||||
}
|
||||
else {
|
||||
permissions = await perms.GetFullPermissions(tokenEntry.Owner);
|
||||
}
|
||||
|
||||
claims.AddRange(permissions.Select(perm => new Claim(HopFrameClaimTypes.Permission, perm)));
|
||||
|
||||
var principal = new ClaimsPrincipal();
|
||||
|
||||
@@ -22,7 +22,7 @@ public sealed class AuthMiddleware(IAuthService auth, IPermissionRepository perm
|
||||
}
|
||||
|
||||
var claims = new List<Claim> {
|
||||
new(HopFrameClaimTypes.AccessTokenId, token.Content.ToString()),
|
||||
new(HopFrameClaimTypes.AccessTokenId, token.TokenId.ToString()),
|
||||
new(HopFrameClaimTypes.UserId, token.Owner.Id.ToString())
|
||||
};
|
||||
|
||||
|
||||
@@ -28,12 +28,12 @@ internal class AuthService(
|
||||
var refreshToken = await tokens.CreateToken(Token.RefreshTokenType, user);
|
||||
var accessToken = await tokens.CreateToken(Token.AccessTokenType, user);
|
||||
|
||||
httpAccessor.HttpContext?.Response.Cookies.Append(ITokenContext.RefreshTokenType, refreshToken.Content.ToString(), new CookieOptions {
|
||||
httpAccessor.HttpContext?.Response.Cookies.Append(ITokenContext.RefreshTokenType, refreshToken.TokenId.ToString(), new CookieOptions {
|
||||
MaxAge = options.Value.RefreshTokenTime,
|
||||
HttpOnly = true,
|
||||
Secure = true
|
||||
});
|
||||
httpAccessor.HttpContext?.Response.Cookies.Append(ITokenContext.AccessTokenType, accessToken.Content.ToString(), new CookieOptions {
|
||||
httpAccessor.HttpContext?.Response.Cookies.Append(ITokenContext.AccessTokenType, accessToken.TokenId.ToString(), new CookieOptions {
|
||||
MaxAge = options.Value.AccessTokenTime,
|
||||
HttpOnly = false,
|
||||
Secure = true
|
||||
@@ -49,12 +49,12 @@ internal class AuthService(
|
||||
var refreshToken = await tokens.CreateToken(Token.RefreshTokenType, user);
|
||||
var accessToken = await tokens.CreateToken(Token.AccessTokenType, user);
|
||||
|
||||
httpAccessor.HttpContext?.Response.Cookies.Append(ITokenContext.RefreshTokenType, refreshToken.Content.ToString(), new CookieOptions {
|
||||
httpAccessor.HttpContext?.Response.Cookies.Append(ITokenContext.RefreshTokenType, refreshToken.TokenId.ToString(), new CookieOptions {
|
||||
MaxAge = options.Value.RefreshTokenTime,
|
||||
HttpOnly = true,
|
||||
Secure = true
|
||||
});
|
||||
httpAccessor.HttpContext?.Response.Cookies.Append(ITokenContext.AccessTokenType, accessToken.Content.ToString(), new CookieOptions {
|
||||
httpAccessor.HttpContext?.Response.Cookies.Append(ITokenContext.AccessTokenType, accessToken.TokenId.ToString(), new CookieOptions {
|
||||
MaxAge = options.Value.AccessTokenTime,
|
||||
HttpOnly = false,
|
||||
Secure = true
|
||||
@@ -83,7 +83,7 @@ internal class AuthService(
|
||||
|
||||
var accessToken = await tokens.CreateToken(Token.AccessTokenType, token.Owner);
|
||||
|
||||
httpAccessor.HttpContext?.Response.Cookies.Append(ITokenContext.AccessTokenType, accessToken.Content.ToString(), new CookieOptions {
|
||||
httpAccessor.HttpContext?.Response.Cookies.Append(ITokenContext.AccessTokenType, accessToken.TokenId.ToString(), new CookieOptions {
|
||||
MaxAge = options.Value.AccessTokenTime,
|
||||
HttpOnly = false,
|
||||
Secure = true
|
||||
|
||||
@@ -58,13 +58,13 @@ public class AuthLogicTests {
|
||||
tokens
|
||||
.Setup(t => t.CreateToken(It.Is<int>(t => t == Token.RefreshTokenType), It.IsAny<User>()))
|
||||
.ReturnsAsync(new Token {
|
||||
Content = _refreshToken,
|
||||
TokenId = _refreshToken,
|
||||
Type = Token.RefreshTokenType
|
||||
});
|
||||
tokens
|
||||
.Setup(t => t.CreateToken(It.Is<int>(t => t == Token.AccessTokenType), It.IsAny<User>()))
|
||||
.ReturnsAsync(new Token {
|
||||
Content = _accessToken,
|
||||
TokenId = _accessToken,
|
||||
Type = Token.AccessTokenType
|
||||
});
|
||||
tokens
|
||||
@@ -229,11 +229,11 @@ public class AuthLogicTests {
|
||||
// Arrange
|
||||
var token = new Token {
|
||||
Type = Token.RefreshTokenType,
|
||||
Content = _refreshToken,
|
||||
TokenId = _refreshToken,
|
||||
CreatedAt = DateTime.Now,
|
||||
Owner = CreateDummyUser()
|
||||
};
|
||||
var (auth, context) = SetupEnvironment(true, token, token.Content.ToString());
|
||||
var (auth, context) = SetupEnvironment(true, token, token.TokenId.ToString());
|
||||
|
||||
// Act
|
||||
var result = await auth.Authenticate();
|
||||
@@ -277,11 +277,11 @@ public class AuthLogicTests {
|
||||
// Arrange
|
||||
var token = new Token {
|
||||
Type = Token.AccessTokenType,
|
||||
Content = _refreshToken,
|
||||
TokenId = _refreshToken,
|
||||
CreatedAt = DateTime.Now,
|
||||
Owner = CreateDummyUser()
|
||||
};
|
||||
var (auth, context) = SetupEnvironment(true, token, token.Content.ToString());
|
||||
var (auth, context) = SetupEnvironment(true, token, token.TokenId.ToString());
|
||||
|
||||
// Act
|
||||
var result = await auth.Authenticate();
|
||||
@@ -297,11 +297,11 @@ public class AuthLogicTests {
|
||||
// Arrange
|
||||
var token = new Token {
|
||||
Type = Token.RefreshTokenType,
|
||||
Content = _refreshToken,
|
||||
TokenId = _refreshToken,
|
||||
CreatedAt = DateTime.MinValue,
|
||||
Owner = CreateDummyUser()
|
||||
};
|
||||
var (auth, context) = SetupEnvironment(true, token, token.Content.ToString());
|
||||
var (auth, context) = SetupEnvironment(true, token, token.TokenId.ToString());
|
||||
|
||||
// Act
|
||||
var result = await auth.Authenticate();
|
||||
|
||||
@@ -14,7 +14,7 @@ public class TokenRepositoryTests {
|
||||
|
||||
for (int i = 0; i < count; i++) {
|
||||
await context.Tokens.AddAsync(new() {
|
||||
Content = Guid.NewGuid(),
|
||||
TokenId = Guid.NewGuid(),
|
||||
Owner = CreateTestUser(),
|
||||
Type = Token.AccessTokenType
|
||||
});
|
||||
@@ -37,7 +37,7 @@ public class TokenRepositoryTests {
|
||||
var token = context.Tokens.First();
|
||||
|
||||
// Act
|
||||
var result = await repo.GetToken(token.Content.ToString());
|
||||
var result = await repo.GetToken(token.TokenId.ToString());
|
||||
|
||||
// Assert
|
||||
Assert.Equal(token, result);
|
||||
@@ -64,12 +64,12 @@ public class TokenRepositoryTests {
|
||||
var user = CreateTestUser();
|
||||
await context.Tokens.AddRangeAsync(new List<Token> {
|
||||
new() {
|
||||
Content = Guid.NewGuid(),
|
||||
TokenId = Guid.NewGuid(),
|
||||
Owner = user,
|
||||
Type = Token.AccessTokenType
|
||||
},
|
||||
new() {
|
||||
Content = Guid.NewGuid(),
|
||||
TokenId = Guid.NewGuid(),
|
||||
Owner = user,
|
||||
Type = Token.RefreshTokenType
|
||||
}
|
||||
|
||||
@@ -30,7 +30,7 @@ public class AuthenticationTests {
|
||||
|
||||
var provideCorrectToken = correctToken is null;
|
||||
correctToken ??= new Token {
|
||||
Content = Guid.NewGuid(),
|
||||
TokenId = Guid.NewGuid(),
|
||||
CreatedAt = DateTime.Now,
|
||||
Type = Token.AccessTokenType,
|
||||
Owner = new User {
|
||||
@@ -39,7 +39,7 @@ public class AuthenticationTests {
|
||||
};
|
||||
|
||||
tokens
|
||||
.Setup(x => x.GetToken(It.Is<string>(t => t == correctToken.Content.ToString())))
|
||||
.Setup(x => x.GetToken(It.Is<string>(t => t == correctToken.TokenId.ToString())))
|
||||
.ReturnsAsync(correctToken);
|
||||
|
||||
perms
|
||||
@@ -49,7 +49,7 @@ public class AuthenticationTests {
|
||||
var auth = new HopFrameAuthentication(options.Object, logger.Object, encoder.Object, clock.Object, tokens.Object, perms.Object, new OptionsWrapper<HopFrameAuthenticationOptions>(new HopFrameAuthenticationOptions()));
|
||||
var context = new DefaultHttpContext();
|
||||
if (provideCorrectToken)
|
||||
context.HttpContext.Request.Headers.Append(HopFrameAuthentication.SchemeName, correctToken.Content.ToString());
|
||||
context.HttpContext.Request.Headers.Append(HopFrameAuthentication.SchemeName, correctToken.TokenId.ToString());
|
||||
if (providedToken is not null)
|
||||
context.HttpContext.Request.Headers.Append(HopFrameAuthentication.SchemeName, providedToken);
|
||||
|
||||
@@ -101,12 +101,12 @@ public class AuthenticationTests {
|
||||
public async Task Authentication_With_ExpiredToken_Should_Fail() {
|
||||
// Arrange
|
||||
var token = new Token {
|
||||
Content = Guid.NewGuid(),
|
||||
TokenId = Guid.NewGuid(),
|
||||
CreatedAt = DateTime.MinValue,
|
||||
Type = Token.AccessTokenType,
|
||||
Owner = new User()
|
||||
};
|
||||
var auth = await SetupEnvironment(token, token.Content.ToString());
|
||||
var auth = await SetupEnvironment(token, token.TokenId.ToString());
|
||||
|
||||
// Act
|
||||
var result = await auth.AuthenticateAsync();
|
||||
@@ -121,12 +121,12 @@ public class AuthenticationTests {
|
||||
public async Task Authentication_With_UnownedToken_Should_Fail() {
|
||||
// Arrange
|
||||
var token = new Token {
|
||||
Content = Guid.NewGuid(),
|
||||
TokenId = Guid.NewGuid(),
|
||||
CreatedAt = DateTime.Now,
|
||||
Type = Token.AccessTokenType,
|
||||
Owner = null
|
||||
};
|
||||
var auth = await SetupEnvironment(token, token.Content.ToString());
|
||||
var auth = await SetupEnvironment(token, token.TokenId.ToString());
|
||||
|
||||
// Act
|
||||
var result = await auth.AuthenticateAsync();
|
||||
|
||||
@@ -61,7 +61,7 @@ public class AuthMiddlewareTests {
|
||||
public async Task InvokeAsync_With_InvalidLoginValidToken_Should_Succeed() {
|
||||
// Arrange
|
||||
var token = new Token {
|
||||
Content = Guid.NewGuid(),
|
||||
TokenId = Guid.NewGuid(),
|
||||
CreatedAt = DateTime.Now,
|
||||
Type = Token.AccessTokenType,
|
||||
Owner = CreateDummyUser()
|
||||
@@ -74,7 +74,7 @@ public class AuthMiddlewareTests {
|
||||
|
||||
// Assert
|
||||
Assert.Equal(token.Owner.Id.ToString(), context.User.FindFirstValue(HopFrameClaimTypes.UserId));
|
||||
Assert.Equal(token.Content.ToString(), context.User.FindFirstValue(HopFrameClaimTypes.AccessTokenId));
|
||||
Assert.Equal(token.TokenId.ToString(), context.User.FindFirstValue(HopFrameClaimTypes.AccessTokenId));
|
||||
Assert.Equal(token.Owner.Permissions.First().PermissionName, context.User.FindFirstValue(HopFrameClaimTypes.Permission));
|
||||
}
|
||||
|
||||
|
||||
@@ -47,13 +47,13 @@ public class AuthServiceTests {
|
||||
tokens
|
||||
.Setup(t => t.CreateToken(It.Is<int>(t => t == Token.RefreshTokenType), It.IsAny<User>()))
|
||||
.ReturnsAsync(new Token {
|
||||
Content = _refreshToken,
|
||||
TokenId = _refreshToken,
|
||||
Type = Token.RefreshTokenType
|
||||
});
|
||||
tokens
|
||||
.Setup(t => t.CreateToken(It.Is<int>(t => t == Token.AccessTokenType), It.IsAny<User>()))
|
||||
.ReturnsAsync(new Token {
|
||||
Content = _accessToken,
|
||||
TokenId = _accessToken,
|
||||
Type = Token.AccessTokenType
|
||||
});
|
||||
tokens
|
||||
@@ -171,18 +171,18 @@ public class AuthServiceTests {
|
||||
// Arrange
|
||||
var token = new Token {
|
||||
Type = Token.RefreshTokenType,
|
||||
Content = _refreshToken,
|
||||
TokenId = _refreshToken,
|
||||
CreatedAt = DateTime.Now,
|
||||
Owner = CreateDummyUser()
|
||||
};
|
||||
var (service, context) = SetupEnvironment(true, token, token.Content.ToString());
|
||||
var (service, context) = SetupEnvironment(true, token, token.TokenId.ToString());
|
||||
|
||||
// Act
|
||||
var result = await service.RefreshLogin();
|
||||
|
||||
// Assert
|
||||
Assert.NotNull(result);
|
||||
Assert.Equal(_accessToken, result.Content);
|
||||
Assert.Equal(_accessToken, result.TokenId);
|
||||
Assert.Equal(_accessToken.ToString(), context.Response.Headers.FindCookie(ITokenContext.AccessTokenType));
|
||||
}
|
||||
|
||||
@@ -217,11 +217,11 @@ public class AuthServiceTests {
|
||||
// Arrange
|
||||
var token = new Token {
|
||||
Type = Token.AccessTokenType,
|
||||
Content = _refreshToken,
|
||||
TokenId = _refreshToken,
|
||||
CreatedAt = DateTime.Now,
|
||||
Owner = CreateDummyUser()
|
||||
};
|
||||
var (service, context) = SetupEnvironment(true, token, token.Content.ToString());
|
||||
var (service, context) = SetupEnvironment(true, token, token.TokenId.ToString());
|
||||
|
||||
// Act
|
||||
var result = await service.RefreshLogin();
|
||||
@@ -236,11 +236,11 @@ public class AuthServiceTests {
|
||||
// Arrange
|
||||
var token = new Token {
|
||||
Type = Token.RefreshTokenType,
|
||||
Content = _refreshToken,
|
||||
TokenId = _refreshToken,
|
||||
CreatedAt = DateTime.MinValue,
|
||||
Owner = CreateDummyUser()
|
||||
};
|
||||
var (service, context) = SetupEnvironment(true, token, token.Content.ToString());
|
||||
var (service, context) = SetupEnvironment(true, token, token.TokenId.ToString());
|
||||
|
||||
// Act
|
||||
var result = await service.RefreshLogin();
|
||||
@@ -255,7 +255,7 @@ public class AuthServiceTests {
|
||||
// Arrange
|
||||
var token = new Token {
|
||||
Type = Token.AccessTokenType,
|
||||
Content = _accessToken,
|
||||
TokenId = _accessToken,
|
||||
CreatedAt = DateTime.Now,
|
||||
Owner = CreateDummyUser()
|
||||
};
|
||||
@@ -285,7 +285,7 @@ public class AuthServiceTests {
|
||||
// Arrange
|
||||
var token = new Token {
|
||||
Type = Token.RefreshTokenType,
|
||||
Content = _accessToken,
|
||||
TokenId = _accessToken,
|
||||
CreatedAt = DateTime.Now,
|
||||
Owner = CreateDummyUser()
|
||||
};
|
||||
@@ -303,7 +303,7 @@ public class AuthServiceTests {
|
||||
// Arrange
|
||||
var token = new Token {
|
||||
Type = Token.AccessTokenType,
|
||||
Content = _accessToken,
|
||||
TokenId = _accessToken,
|
||||
CreatedAt = DateTime.MinValue,
|
||||
Owner = CreateDummyUser()
|
||||
};
|
||||
@@ -321,7 +321,7 @@ public class AuthServiceTests {
|
||||
// Arrange
|
||||
var token = new Token {
|
||||
Type = Token.AccessTokenType,
|
||||
Content = _accessToken,
|
||||
TokenId = _accessToken,
|
||||
CreatedAt = DateTime.Now,
|
||||
Owner = null
|
||||
};
|
||||
|
||||
Reference in New Issue
Block a user