未验证 提交 d9d7f5ed 编写于 作者: C Charlie Barto 提交者: GitHub

Merge pull request #1496 from icherniukh/oauth2_client_credentials

Support for oauth2 with "client_credentials" grant type 
......@@ -190,6 +190,7 @@ DAT(expires_in, "expires_in")
DAT(grant_type, "grant_type")
DAT(redirect_uri, "redirect_uri")
DAT(refresh_token, "refresh_token")
DAT(client_credentials, "client_credentials")
DAT(response_type, "response_type")
DAT(scope, "scope")
DAT(state, "state")
......
......@@ -284,6 +284,21 @@ public:
return _request_token(ub);
}
/// <summary>
/// Fetches an access token from the token endpoint using client credentials grant type.
/// The task creates an HTTP request to the token_endpoint() using
/// client authentication as the authorization grant.
/// See: http://tools.ietf.org/html/rfc6749#section-4.4
/// </summary>
/// <returns>Task that fetches token(s) using client credentials.</returns>
pplx::task<void> token_from_client_credentials()
{
uri_builder ub;
ub.append_query(
details::oauth2_strings::grant_type, details::oauth2_strings::client_credentials, false);
return _request_token(ub);
}
/// <summary>
/// Returns enabled state of the configuration.
/// The oauth2_handler will perform OAuth 2.0 authentication only if
......
......@@ -291,6 +291,74 @@ SUITE(oauth2_tests)
VERIFY_ARE_EQUAL(U("done"), m_oauth2_config.token().access_token());
}
TEST_FIXTURE(oauth2_test_setup, oauth2_token_from_client_credentials)
{
VERIFY_IS_FALSE(m_oauth2_config.is_enabled());
m_oauth2_config.set_user_agent(U("test_user_agent"));
// Fetch using HTTP Basic authentication.
{
m_scoped.server()->next_request().then([](test_request* request) {
VERIFY_ARE_EQUAL(request->m_method, methods::POST);
VERIFY_IS_TRUE(is_application_x_www_form_urlencoded(request));
VERIFY_ARE_EQUAL(
U("Basic MTIzQUJDOjQ1NkRFRg=="),
request->m_headers[header_names::authorization]);
VERIFY_ARE_EQUAL(
to_body_data(U("grant_type=client_credentials")),
request->m_body);
VERIFY_ARE_EQUAL(
U("test_user_agent"),
get_request_user_agent(request));
std::map<utility::string_t, utility::string_t> headers;
headers[header_names::content_type] = mime_types::application_json;
request->reply(
status_codes::OK, U(""), headers, "{\"access_token\":\"xyzzy123\",\"token_type\":\"bearer\"}");
});
m_oauth2_config.token_from_client_credentials().wait();
VERIFY_ARE_EQUAL(U("xyzzy123"), m_oauth2_config.token().access_token());
VERIFY_IS_TRUE(m_oauth2_config.is_enabled());
}
// Fetch using client key & secret in request body (x-www-form-urlencoded).
{
m_scoped.server()->next_request().then([](test_request* request) {
VERIFY_IS_TRUE(is_application_x_www_form_urlencoded(request));
VERIFY_ARE_EQUAL(U(""), request->m_headers[header_names::authorization]);
VERIFY_ARE_EQUAL(
to_body_data(U("grant_type=client_credentials&client_id=123ABC&client_secret=456DEF")),
request->m_body);
VERIFY_ARE_EQUAL(U("test_user_agent"), get_request_user_agent(request));
std::map<utility::string_t, utility::string_t> headers;
headers[header_names::content_type] = mime_types::application_json;
request->reply(
status_codes::OK, U(""), headers, "{\"access_token\":\"xyzzy123\",\"token_type\":\"bearer\"}");
});
m_oauth2_config.set_token(oauth2_token()); // Clear token.
VERIFY_IS_FALSE(m_oauth2_config.is_enabled());
m_oauth2_config.set_http_basic_auth(false);
m_oauth2_config.token_from_client_credentials().wait();
VERIFY_ARE_EQUAL(
U("xyzzy123"),
m_oauth2_config.token().access_token());
VERIFY_IS_TRUE(m_oauth2_config.is_enabled());
}
}
TEST_FIXTURE(oauth2_test_setup, oauth2_bearer_token)
{
m_oauth2_config.set_token(oauth2_token(U("12345678")));
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册