如何使用DotNetOpenAuth 4以编程方式生成访问令牌,以便可以使用它来测试资源服务器?
我有一个Web应用程序暴露一些REST服务,而这些服务又有几百个测试。
I have a web application that exposes some REST services which are in turn have several hundred tests.
我已使用OAuth 2.0和使用DotNetOpenAuth 4保护了其余的服务。手动测试显示了这一点。
I have secured the rest servcies using OAuth 2.0 and using DotNetOpenAuth 4. Manual testing shows this works.
这打破了我的测试,因为我没有访问令牌传递给REST服务。测试使用完全相同的数据(包括用户和客户端)为数据库创建种子,以便确定性。测试无人值守运行。
This breaks my tests because I do not have access tokens to pass to the REST services. The tests seed the database with the exact same data (incl. users and clients) in order to be deterministic. The tests run unattended.
如何使用DotNetOpenAuth 4生成访问令牌,这样我就可以无人值守地测试不同虚拟用户和客户端(也称为应用程序)的交互,以便与测试结合使用? / p>
How can I generate access tokens using DotNetOpenAuth 4 so I can test interaction for different fictitious users and clients (aka applications) in an unattended fashion to be used with tests?
DotNetOpenAuth 4的最新版本允许客户端凭证授予类型。这意味着您的测试可以通过提供仅测试的客户端ID和密钥直接请求授权服务器的访问令牌。它还支持资源所有者密码授予类型,因此您的测试可以模拟特定用户。
The latest builds of DotNetOpenAuth 4 allow for the client credential grant type. This should mean that your tests can directly request an access token of your authorization server by supplying a test-only client id and secret. It also supports the resource owner password grant type, so your test can impersonate a particular user.
NuGet上的最新版本可从此渠道获得:
http://teamcity.dotnetopenauth.net:82/guestAuth/app/ nuget / v1 / FeedService.svc
The latest builds are available on NuGet from this channel: http://teamcity.dotnetopenauth.net:82/guestAuth/app/nuget/v1/FeedService.svc