From fd3aab8b0b451e96c3f88bdc9e2ec62da644eda3 Mon Sep 17 00:00:00 2001 From: Damian Hickey Date: Fri, 20 Feb 2026 18:02:48 +0100 Subject: [PATCH] Add CT parameter to IRefreshTokenStore, flow through all implementations and tests --- .../TokenRevocationResponseGenerator.cs | 4 +- .../Default/DefaultRefreshTokenService.cs | 12 +-- .../Default/DefaultRefreshTokenStore.cs | 52 +++------ .../src/Storage/Stores/IRefreshTokenStore.cs | 15 ++- .../DefaultPersistedGrantServiceTests.cs | 102 +++++++++--------- .../DefaultRefreshTokenServiceTests.cs | 59 +++++----- .../DefaultPersistedGrantStoreTests.cs | 28 ++--- .../TokenRequestValidation_Invalid.cs | 2 +- ...nRequestValidation_RefreshToken_Invalid.cs | 16 +-- .../TokenRequestValidation_Valid.cs | 4 +- 10 files changed, 139 insertions(+), 155 deletions(-) diff --git a/identity-server/src/IdentityServer/ResponseHandling/Default/TokenRevocationResponseGenerator.cs b/identity-server/src/IdentityServer/ResponseHandling/Default/TokenRevocationResponseGenerator.cs index 76d892c13..f47808aab 100644 --- a/identity-server/src/IdentityServer/ResponseHandling/Default/TokenRevocationResponseGenerator.cs +++ b/identity-server/src/IdentityServer/ResponseHandling/Default/TokenRevocationResponseGenerator.cs @@ -127,14 +127,14 @@ public class TokenRevocationResponseGenerator : ITokenRevocationResponseGenerato /// protected virtual async Task RevokeRefreshTokenAsync(TokenRevocationRequestValidationResult validationResult) { - var token = await RefreshTokenStore.GetRefreshTokenAsync(validationResult.Token); + var token = await RefreshTokenStore.GetRefreshTokenAsync(validationResult.Token, default); if (token != null) { if (token.ClientId == validationResult.Client.ClientId) { Logger.LogDebug("Refresh token revoked"); - await RefreshTokenStore.RemoveRefreshTokenAsync(validationResult.Token); + await RefreshTokenStore.RemoveRefreshTokenAsync(validationResult.Token, default); await ReferenceTokenStore.RemoveReferenceTokensAsync(token.SubjectId, token.ClientId, token.SessionId, default); } else diff --git a/identity-server/src/IdentityServer/Services/Default/DefaultRefreshTokenService.cs b/identity-server/src/IdentityServer/Services/Default/DefaultRefreshTokenService.cs index 6018fd290..e994b83c7 100644 --- a/identity-server/src/IdentityServer/Services/Default/DefaultRefreshTokenService.cs +++ b/identity-server/src/IdentityServer/Services/Default/DefaultRefreshTokenService.cs @@ -87,7 +87,7 @@ public class DefaultRefreshTokenService : IRefreshTokenService ///////////////////////////////////////////// // check if refresh token is valid ///////////////////////////////////////////// - var refreshToken = await RefreshTokenStore.GetRefreshTokenAsync(tokenHandle); + var refreshToken = await RefreshTokenStore.GetRefreshTokenAsync(tokenHandle, default); if (refreshToken == null) { Logger.LogWarning("Invalid refresh token"); @@ -218,7 +218,7 @@ public class DefaultRefreshTokenService : IRefreshTokenService }; refreshToken.SetAccessToken(request.AccessToken, request.RequestedResourceIndicator); - var handle = await RefreshTokenStore.StoreRefreshTokenAsync(refreshToken); + var handle = await RefreshTokenStore.StoreRefreshTokenAsync(refreshToken, default); return handle; } @@ -245,7 +245,7 @@ public class DefaultRefreshTokenService : IRefreshTokenService { Logger.LogDebug("Token usage is one-time only and refresh behavior is delete. Deleting current handle, and generating new handle"); - await RefreshTokenStore.RemoveRefreshTokenAsync(handle); + await RefreshTokenStore.RemoveRefreshTokenAsync(handle, default); } else { @@ -255,7 +255,7 @@ public class DefaultRefreshTokenService : IRefreshTokenService if (request.RefreshToken.ConsumedTime == null) { request.RefreshToken.ConsumedTime = TimeProvider.GetUtcNow().UtcDateTime; - await RefreshTokenStore.UpdateRefreshTokenAsync(handle, request.RefreshToken); + await RefreshTokenStore.UpdateRefreshTokenAsync(handle, request.RefreshToken, default); } } @@ -292,12 +292,12 @@ public class DefaultRefreshTokenService : IRefreshTokenService { // set it to null so that we save non-consumed token request.RefreshToken.ConsumedTime = null; - handle = await RefreshTokenStore.StoreRefreshTokenAsync(request.RefreshToken); + handle = await RefreshTokenStore.StoreRefreshTokenAsync(request.RefreshToken, default); Logger.LogDebug("Created refresh token in store"); } else if (needsUpdate) { - await RefreshTokenStore.UpdateRefreshTokenAsync(handle, request.RefreshToken); + await RefreshTokenStore.UpdateRefreshTokenAsync(handle, request.RefreshToken, default); Logger.LogDebug("Updated refresh token in store"); } else diff --git a/identity-server/src/IdentityServer/Stores/Default/DefaultRefreshTokenStore.cs b/identity-server/src/IdentityServer/Stores/Default/DefaultRefreshTokenStore.cs index 298c1e0e7..b9b28434f 100644 --- a/identity-server/src/IdentityServer/Stores/Default/DefaultRefreshTokenStore.cs +++ b/identity-server/src/IdentityServer/Stores/Default/DefaultRefreshTokenStore.cs @@ -30,65 +30,43 @@ public class DefaultRefreshTokenStore : DefaultGrantStore, IRefres { } - /// - /// Stores the refresh token. - /// - /// The refresh token. - /// - public async Task StoreRefreshTokenAsync(RefreshToken refreshToken) + /// + public async Task StoreRefreshTokenAsync(RefreshToken refreshToken, CT ct) { using var activity = Tracing.StoreActivitySource.StartActivity("DefaultRefreshTokenStore.StoreRefreshTokenAsync"); - return await CreateItemAsync(refreshToken, refreshToken.ClientId, refreshToken.SubjectId, refreshToken.SessionId, refreshToken.Description, refreshToken.CreationTime, refreshToken.Lifetime, default); + return await CreateItemAsync(refreshToken, refreshToken.ClientId, refreshToken.SubjectId, refreshToken.SessionId, refreshToken.Description, refreshToken.CreationTime, refreshToken.Lifetime, ct); } - /// - /// Updates the refresh token. - /// - /// The handle. - /// The refresh token. - /// - public Task UpdateRefreshTokenAsync(string handle, RefreshToken refreshToken) + /// + public Task UpdateRefreshTokenAsync(string handle, RefreshToken refreshToken, CT ct) { using var activity = Tracing.StoreActivitySource.StartActivity("DefaultRefreshTokenStore.UpdateRefreshToken"); - return StoreItemAsync(handle, refreshToken, refreshToken.ClientId, refreshToken.SubjectId, refreshToken.SessionId, refreshToken.Description, refreshToken.CreationTime, refreshToken.CreationTime.AddSeconds(refreshToken.Lifetime), refreshToken.ConsumedTime); + return StoreItemAsync(handle, refreshToken, refreshToken.ClientId, refreshToken.SubjectId, refreshToken.SessionId, refreshToken.Description, refreshToken.CreationTime, refreshToken.CreationTime.AddSeconds(refreshToken.Lifetime), refreshToken.ConsumedTime, ct); } - /// - /// Gets the refresh token. - /// - /// The refresh token handle. - /// - public Task GetRefreshTokenAsync(string refreshTokenHandle) + /// + public Task GetRefreshTokenAsync(string refreshTokenHandle, CT ct) { using var activity = Tracing.StoreActivitySource.StartActivity("DefaultRefreshTokenStore.GetRefreshToken"); - return GetItemAsync(refreshTokenHandle, default); + return GetItemAsync(refreshTokenHandle, ct); } - /// - /// Removes the refresh token. - /// - /// The refresh token handle. - /// - public Task RemoveRefreshTokenAsync(string refreshTokenHandle) + /// + public Task RemoveRefreshTokenAsync(string refreshTokenHandle, CT ct) { using var activity = Tracing.StoreActivitySource.StartActivity("DefaultRefreshTokenStore.RemoveRefreshToken"); - return RemoveItemAsync(refreshTokenHandle, default); + return RemoveItemAsync(refreshTokenHandle, ct); } - /// - /// Removes the refresh tokens. - /// - /// The subject identifier. - /// The client identifier. - /// - public Task RemoveRefreshTokensAsync(string subjectId, string clientId) + /// + public Task RemoveRefreshTokensAsync(string subjectId, string clientId, CT ct) { using var activity = Tracing.StoreActivitySource.StartActivity("DefaultRefreshTokenStore.RemoveRefreshTokens"); - return RemoveAllAsync(subjectId, clientId); + return RemoveAllAsync(subjectId, clientId, ct: ct); } } diff --git a/identity-server/src/Storage/Stores/IRefreshTokenStore.cs b/identity-server/src/Storage/Stores/IRefreshTokenStore.cs index a1d4a339c..a2bf67061 100644 --- a/identity-server/src/Storage/Stores/IRefreshTokenStore.cs +++ b/identity-server/src/Storage/Stores/IRefreshTokenStore.cs @@ -17,36 +17,41 @@ public interface IRefreshTokenStore /// Stores the refresh token. /// /// The refresh token. + /// The used to propagate notifications that the operation should be canceled. /// - Task StoreRefreshTokenAsync(RefreshToken refreshToken); + Task StoreRefreshTokenAsync(RefreshToken refreshToken, CT ct); /// /// Updates the refresh token. /// /// The handle. /// The refresh token. + /// The used to propagate notifications that the operation should be canceled. /// - Task UpdateRefreshTokenAsync(string handle, RefreshToken refreshToken); + Task UpdateRefreshTokenAsync(string handle, RefreshToken refreshToken, CT ct); /// /// Gets the refresh token. /// /// The refresh token handle. + /// The used to propagate notifications that the operation should be canceled. /// - Task GetRefreshTokenAsync(string refreshTokenHandle); + Task GetRefreshTokenAsync(string refreshTokenHandle, CT ct); /// /// Removes the refresh token. /// /// The refresh token handle. + /// The used to propagate notifications that the operation should be canceled. /// - Task RemoveRefreshTokenAsync(string refreshTokenHandle); + Task RemoveRefreshTokenAsync(string refreshTokenHandle, CT ct); /// /// Removes the refresh tokens. /// /// The subject identifier. /// The client identifier. + /// The used to propagate notifications that the operation should be canceled. /// - Task RemoveRefreshTokensAsync(string subjectId, string clientId); + Task RemoveRefreshTokensAsync(string subjectId, string clientId, CT ct); } diff --git a/identity-server/test/IdentityServer.UnitTests/Services/Default/DefaultPersistedGrantServiceTests.cs b/identity-server/test/IdentityServer.UnitTests/Services/Default/DefaultPersistedGrantServiceTests.cs index 59bd89b97..feea569a0 100644 --- a/identity-server/test/IdentityServer.UnitTests/Services/Default/DefaultPersistedGrantServiceTests.cs +++ b/identity-server/test/IdentityServer.UnitTests/Services/Default/DefaultPersistedGrantServiceTests.cs @@ -120,7 +120,7 @@ public class DefaultPersistedGrantServiceTests AuthorizedScopes = new[] { "baz1", "baz2" }, CreationTime = DateTime.UtcNow, Lifetime = 10, - }); + }, _ct); var handle5 = await _refreshTokens.StoreRefreshTokenAsync(new RefreshToken() { ClientId = "client1", @@ -128,7 +128,7 @@ public class DefaultPersistedGrantServiceTests AuthorizedScopes = new[] { "baz3" }, CreationTime = DateTime.UtcNow, Lifetime = 10, - }); + }, _ct); var handle6 = await _refreshTokens.StoreRefreshTokenAsync(new RefreshToken() { ClientId = "client2", @@ -136,7 +136,7 @@ public class DefaultPersistedGrantServiceTests AuthorizedScopes = new[] { "baz3" }, CreationTime = DateTime.UtcNow, Lifetime = 10, - }); + }, _ct); var handle7 = await _codes.StoreAuthorizationCodeAsync(new AuthorizationCode() { @@ -260,7 +260,7 @@ public class DefaultPersistedGrantServiceTests AuthorizedScopes = new[] { "baz1", "baz2" }, CreationTime = DateTime.UtcNow, Lifetime = 10, - }); + }, _ct); var handle5 = await _refreshTokens.StoreRefreshTokenAsync(new RefreshToken() { ClientId = "client1", @@ -268,7 +268,7 @@ public class DefaultPersistedGrantServiceTests AuthorizedScopes = new[] { "baz3" }, CreationTime = DateTime.UtcNow, Lifetime = 10, - }); + }, _ct); var handle6 = await _refreshTokens.StoreRefreshTokenAsync(new RefreshToken() { ClientId = "client2", @@ -276,7 +276,7 @@ public class DefaultPersistedGrantServiceTests AuthorizedScopes = new[] { "baz3" }, CreationTime = DateTime.UtcNow, Lifetime = 10, - }); + }, _ct); var handle7 = await _codes.StoreAuthorizationCodeAsync(new AuthorizationCode() { @@ -319,9 +319,9 @@ public class DefaultPersistedGrantServiceTests (await _referenceTokens.GetReferenceTokenAsync(handle1, _ct)).ShouldBeNull(); (await _referenceTokens.GetReferenceTokenAsync(handle2, _ct)).ShouldNotBeNull(); (await _referenceTokens.GetReferenceTokenAsync(handle3, _ct)).ShouldNotBeNull(); - (await _refreshTokens.GetRefreshTokenAsync(handle4)).ShouldBeNull(); - (await _refreshTokens.GetRefreshTokenAsync(handle5)).ShouldNotBeNull(); - (await _refreshTokens.GetRefreshTokenAsync(handle6)).ShouldNotBeNull(); + (await _refreshTokens.GetRefreshTokenAsync(handle4, _ct)).ShouldBeNull(); + (await _refreshTokens.GetRefreshTokenAsync(handle5, _ct)).ShouldNotBeNull(); + (await _refreshTokens.GetRefreshTokenAsync(handle6, _ct)).ShouldNotBeNull(); (await _codes.GetAuthorizationCodeAsync(handle7, _ct)).ShouldBeNull(); (await _codes.GetAuthorizationCodeAsync(handle8, _ct)).ShouldNotBeNull(); (await _codes.GetAuthorizationCodeAsync(handle9, _ct)).ShouldNotBeNull(); @@ -338,7 +338,7 @@ public class DefaultPersistedGrantServiceTests AuthorizedScopes = new[] { "baz" }, CreationTime = DateTime.UtcNow, Lifetime = 10, - }); + }, _ct); var handle2 = await _refreshTokens.StoreRefreshTokenAsync(new RefreshToken() { ClientId = "client2", @@ -347,7 +347,7 @@ public class DefaultPersistedGrantServiceTests AuthorizedScopes = new[] { "baz" }, CreationTime = DateTime.UtcNow, Lifetime = 10, - }); + }, _ct); var handle3 = await _refreshTokens.StoreRefreshTokenAsync(new RefreshToken() { ClientId = "client3", @@ -356,16 +356,16 @@ public class DefaultPersistedGrantServiceTests AuthorizedScopes = new[] { "baz" }, CreationTime = DateTime.UtcNow, Lifetime = 10, - }); + }, _ct); await _subject.RemoveAllGrantsAsync("123"); - (await _refreshTokens.GetRefreshTokenAsync(handle1)).ShouldBeNull(); - (await _refreshTokens.GetRefreshTokenAsync(handle2)).ShouldBeNull(); - (await _refreshTokens.GetRefreshTokenAsync(handle3)).ShouldBeNull(); - await _refreshTokens.RemoveRefreshTokenAsync(handle1); - await _refreshTokens.RemoveRefreshTokenAsync(handle2); - await _refreshTokens.RemoveRefreshTokenAsync(handle3); + (await _refreshTokens.GetRefreshTokenAsync(handle1, _ct)).ShouldBeNull(); + (await _refreshTokens.GetRefreshTokenAsync(handle2, _ct)).ShouldBeNull(); + (await _refreshTokens.GetRefreshTokenAsync(handle3, _ct)).ShouldBeNull(); + await _refreshTokens.RemoveRefreshTokenAsync(handle1, _ct); + await _refreshTokens.RemoveRefreshTokenAsync(handle2, _ct); + await _refreshTokens.RemoveRefreshTokenAsync(handle3, _ct); } { var handle1 = await _refreshTokens.StoreRefreshTokenAsync(new RefreshToken() @@ -376,7 +376,7 @@ public class DefaultPersistedGrantServiceTests AuthorizedScopes = new[] { "baz" }, CreationTime = DateTime.UtcNow, Lifetime = 10, - }); + }, _ct); var handle2 = await _refreshTokens.StoreRefreshTokenAsync(new RefreshToken() { ClientId = "client2", @@ -385,7 +385,7 @@ public class DefaultPersistedGrantServiceTests AuthorizedScopes = new[] { "baz" }, CreationTime = DateTime.UtcNow, Lifetime = 10, - }); + }, _ct); var handle3 = await _refreshTokens.StoreRefreshTokenAsync(new RefreshToken() { ClientId = "client3", @@ -394,16 +394,16 @@ public class DefaultPersistedGrantServiceTests AuthorizedScopes = new[] { "baz" }, CreationTime = DateTime.UtcNow, Lifetime = 10, - }); + }, _ct); await _subject.RemoveAllGrantsAsync("123", "client1"); - (await _refreshTokens.GetRefreshTokenAsync(handle1)).ShouldBeNull(); - (await _refreshTokens.GetRefreshTokenAsync(handle2)).ShouldNotBeNull(); - (await _refreshTokens.GetRefreshTokenAsync(handle3)).ShouldNotBeNull(); - await _refreshTokens.RemoveRefreshTokenAsync(handle1); - await _refreshTokens.RemoveRefreshTokenAsync(handle2); - await _refreshTokens.RemoveRefreshTokenAsync(handle3); + (await _refreshTokens.GetRefreshTokenAsync(handle1, _ct)).ShouldBeNull(); + (await _refreshTokens.GetRefreshTokenAsync(handle2, _ct)).ShouldNotBeNull(); + (await _refreshTokens.GetRefreshTokenAsync(handle3, _ct)).ShouldNotBeNull(); + await _refreshTokens.RemoveRefreshTokenAsync(handle1, _ct); + await _refreshTokens.RemoveRefreshTokenAsync(handle2, _ct); + await _refreshTokens.RemoveRefreshTokenAsync(handle3, _ct); } { var handle1 = await _refreshTokens.StoreRefreshTokenAsync(new RefreshToken() @@ -414,7 +414,7 @@ public class DefaultPersistedGrantServiceTests AuthorizedScopes = new[] { "baz" }, CreationTime = DateTime.UtcNow, Lifetime = 10, - }); + }, _ct); var handle2 = await _refreshTokens.StoreRefreshTokenAsync(new RefreshToken() { ClientId = "client2", @@ -423,7 +423,7 @@ public class DefaultPersistedGrantServiceTests AuthorizedScopes = new[] { "baz" }, CreationTime = DateTime.UtcNow, Lifetime = 10, - }); + }, _ct); var handle3 = await _refreshTokens.StoreRefreshTokenAsync(new RefreshToken() { ClientId = "client3", @@ -432,7 +432,7 @@ public class DefaultPersistedGrantServiceTests AuthorizedScopes = new[] { "baz" }, CreationTime = DateTime.UtcNow, Lifetime = 10, - }); + }, _ct); var handle4 = await _refreshTokens.StoreRefreshTokenAsync(new RefreshToken() { ClientId = "client1", @@ -441,17 +441,17 @@ public class DefaultPersistedGrantServiceTests AuthorizedScopes = new[] { "baz" }, CreationTime = DateTime.UtcNow, Lifetime = 10, - }); + }, _ct); await _subject.RemoveAllGrantsAsync("123", "client1", "session1"); - (await _refreshTokens.GetRefreshTokenAsync(handle1)).ShouldBeNull(); - (await _refreshTokens.GetRefreshTokenAsync(handle2)).ShouldNotBeNull(); - (await _refreshTokens.GetRefreshTokenAsync(handle3)).ShouldNotBeNull(); - (await _refreshTokens.GetRefreshTokenAsync(handle4)).ShouldNotBeNull(); - await _refreshTokens.RemoveRefreshTokenAsync(handle1); - await _refreshTokens.RemoveRefreshTokenAsync(handle2); - await _refreshTokens.RemoveRefreshTokenAsync(handle3); - await _refreshTokens.RemoveRefreshTokenAsync(handle4); + (await _refreshTokens.GetRefreshTokenAsync(handle1, _ct)).ShouldBeNull(); + (await _refreshTokens.GetRefreshTokenAsync(handle2, _ct)).ShouldNotBeNull(); + (await _refreshTokens.GetRefreshTokenAsync(handle3, _ct)).ShouldNotBeNull(); + (await _refreshTokens.GetRefreshTokenAsync(handle4, _ct)).ShouldNotBeNull(); + await _refreshTokens.RemoveRefreshTokenAsync(handle1, _ct); + await _refreshTokens.RemoveRefreshTokenAsync(handle2, _ct); + await _refreshTokens.RemoveRefreshTokenAsync(handle3, _ct); + await _refreshTokens.RemoveRefreshTokenAsync(handle4, _ct); } { var handle1 = await _refreshTokens.StoreRefreshTokenAsync(new RefreshToken() @@ -462,7 +462,7 @@ public class DefaultPersistedGrantServiceTests AuthorizedScopes = new[] { "baz" }, CreationTime = DateTime.UtcNow, Lifetime = 10, - }); + }, _ct); var handle2 = await _refreshTokens.StoreRefreshTokenAsync(new RefreshToken() { ClientId = "client2", @@ -471,7 +471,7 @@ public class DefaultPersistedGrantServiceTests AuthorizedScopes = new[] { "baz" }, CreationTime = DateTime.UtcNow, Lifetime = 10, - }); + }, _ct); var handle3 = await _refreshTokens.StoreRefreshTokenAsync(new RefreshToken() { ClientId = "client3", @@ -480,7 +480,7 @@ public class DefaultPersistedGrantServiceTests AuthorizedScopes = new[] { "baz" }, CreationTime = DateTime.UtcNow, Lifetime = 10, - }); + }, _ct); var handle4 = await _refreshTokens.StoreRefreshTokenAsync(new RefreshToken() { ClientId = "client1", @@ -489,17 +489,17 @@ public class DefaultPersistedGrantServiceTests AuthorizedScopes = new[] { "baz" }, CreationTime = DateTime.UtcNow, Lifetime = 10, - }); + }, _ct); await _subject.RemoveAllGrantsAsync("123", sessionId: "session1"); - (await _refreshTokens.GetRefreshTokenAsync(handle1)).ShouldBeNull(); - (await _refreshTokens.GetRefreshTokenAsync(handle2)).ShouldBeNull(); - (await _refreshTokens.GetRefreshTokenAsync(handle3)).ShouldBeNull(); - (await _refreshTokens.GetRefreshTokenAsync(handle4)).ShouldNotBeNull(); - await _refreshTokens.RemoveRefreshTokenAsync(handle1); - await _refreshTokens.RemoveRefreshTokenAsync(handle2); - await _refreshTokens.RemoveRefreshTokenAsync(handle3); - await _refreshTokens.RemoveRefreshTokenAsync(handle4); + (await _refreshTokens.GetRefreshTokenAsync(handle1, _ct)).ShouldBeNull(); + (await _refreshTokens.GetRefreshTokenAsync(handle2, _ct)).ShouldBeNull(); + (await _refreshTokens.GetRefreshTokenAsync(handle3, _ct)).ShouldBeNull(); + (await _refreshTokens.GetRefreshTokenAsync(handle4, _ct)).ShouldNotBeNull(); + await _refreshTokens.RemoveRefreshTokenAsync(handle1, _ct); + await _refreshTokens.RemoveRefreshTokenAsync(handle2, _ct); + await _refreshTokens.RemoveRefreshTokenAsync(handle3, _ct); + await _refreshTokens.RemoveRefreshTokenAsync(handle4, _ct); } } diff --git a/identity-server/test/IdentityServer.UnitTests/Services/Default/DefaultRefreshTokenServiceTests.cs b/identity-server/test/IdentityServer.UnitTests/Services/Default/DefaultRefreshTokenServiceTests.cs index 22177d25b..8318cdc80 100644 --- a/identity-server/test/IdentityServer.UnitTests/Services/Default/DefaultRefreshTokenServiceTests.cs +++ b/identity-server/test/IdentityServer.UnitTests/Services/Default/DefaultRefreshTokenServiceTests.cs @@ -21,6 +21,7 @@ public class DefaultRefreshTokenServiceTests private ClaimsPrincipal _user = new IdentityServerUser("123").CreatePrincipal(); private FakeTimeProvider _timeProvider = new FakeTimeProvider(); + private readonly CT _ct = TestContext.Current.CancellationToken; public DefaultRefreshTokenServiceTests() { @@ -48,7 +49,7 @@ public class DefaultRefreshTokenServiceTests var handle = await _subject.CreateRefreshTokenAsync(new RefreshTokenCreationRequest { Subject = _user, AccessToken = accessToken, Client = client }); - (await _store.GetRefreshTokenAsync(handle)).ShouldNotBeNull(); + (await _store.GetRefreshTokenAsync(handle, _ct)).ShouldNotBeNull(); } [Fact] @@ -64,7 +65,7 @@ public class DefaultRefreshTokenServiceTests var handle = await _subject.CreateRefreshTokenAsync(new RefreshTokenCreationRequest { Subject = _user, AccessToken = new Token(), Client = client }); - var refreshToken = (await _store.GetRefreshTokenAsync(handle)); + var refreshToken = (await _store.GetRefreshTokenAsync(handle, _ct)); refreshToken.ShouldNotBeNull(); refreshToken.Lifetime.ShouldBe(client.AbsoluteRefreshTokenLifetime); @@ -84,7 +85,7 @@ public class DefaultRefreshTokenServiceTests var handle = await _subject.CreateRefreshTokenAsync(new RefreshTokenCreationRequest { Subject = _user, AccessToken = new Token(), Client = client }); - var refreshToken = (await _store.GetRefreshTokenAsync(handle)); + var refreshToken = (await _store.GetRefreshTokenAsync(handle, _ct)); refreshToken.ShouldNotBeNull(); refreshToken.Lifetime.ShouldBe(client.AbsoluteRefreshTokenLifetime); @@ -103,7 +104,7 @@ public class DefaultRefreshTokenServiceTests var handle = await _subject.CreateRefreshTokenAsync(new RefreshTokenCreationRequest { Subject = _user, AccessToken = new Token(), Client = client }); - var refreshToken = (await _store.GetRefreshTokenAsync(handle)); + var refreshToken = (await _store.GetRefreshTokenAsync(handle, _ct)); refreshToken.ShouldNotBeNull(); refreshToken.Lifetime.ShouldBe(client.SlidingRefreshTokenLifetime); @@ -124,7 +125,7 @@ public class DefaultRefreshTokenServiceTests Lifetime = 10, }; - var handle = await _store.StoreRefreshTokenAsync(refreshToken); + var handle = await _store.StoreRefreshTokenAsync(refreshToken, _ct); (await _subject.UpdateRefreshTokenAsync(new RefreshTokenUpdateRequest { Handle = handle, RefreshToken = refreshToken, Client = client })) .ShouldNotBeNull() @@ -149,14 +150,14 @@ public class DefaultRefreshTokenServiceTests var handle = await _store.StoreRefreshTokenAsync(new RefreshToken { CreationTime = now.AddSeconds(-10), - }); + }, _ct); - var refreshToken = await _store.GetRefreshTokenAsync(handle); + var refreshToken = await _store.GetRefreshTokenAsync(handle, _ct); var newHandle = await _subject.UpdateRefreshTokenAsync(new RefreshTokenUpdateRequest { Handle = handle, RefreshToken = refreshToken, Client = client }); newHandle.ShouldBe(handle); - var newRefreshToken = await _store.GetRefreshTokenAsync(newHandle); + var newRefreshToken = await _store.GetRefreshTokenAsync(newHandle, _ct); newRefreshToken.ShouldNotBeNull(); newRefreshToken.Lifetime.ShouldBe((int)(now - newRefreshToken.CreationTime).TotalSeconds + client.SlidingRefreshTokenLifetime); @@ -180,14 +181,14 @@ public class DefaultRefreshTokenServiceTests var handle = await _store.StoreRefreshTokenAsync(new RefreshToken { CreationTime = now.AddSeconds(-1000), - }); + }, _ct); - var refreshToken = await _store.GetRefreshTokenAsync(handle); + var refreshToken = await _store.GetRefreshTokenAsync(handle, _ct); var newHandle = await _subject.UpdateRefreshTokenAsync(new RefreshTokenUpdateRequest { Handle = handle, RefreshToken = refreshToken, Client = client }); newHandle.ShouldBe(handle); - var newRefreshToken = await _store.GetRefreshTokenAsync(newHandle); + var newRefreshToken = await _store.GetRefreshTokenAsync(newHandle, _ct); newRefreshToken.ShouldNotBeNull(); newRefreshToken.Lifetime.ShouldBe(client.AbsoluteRefreshTokenLifetime); @@ -211,14 +212,14 @@ public class DefaultRefreshTokenServiceTests var handle = await _store.StoreRefreshTokenAsync(new RefreshToken { CreationTime = now.AddSeconds(-1000), - }); + }, _ct); - var refreshToken = await _store.GetRefreshTokenAsync(handle); + var refreshToken = await _store.GetRefreshTokenAsync(handle, _ct); var newHandle = await _subject.UpdateRefreshTokenAsync(new RefreshTokenUpdateRequest { Handle = handle, RefreshToken = refreshToken, Client = client }); newHandle.ShouldBe(handle); - var newRefreshToken = await _store.GetRefreshTokenAsync(newHandle); + var newRefreshToken = await _store.GetRefreshTokenAsync(newHandle, _ct); newRefreshToken.ShouldNotBeNull(); newRefreshToken.Lifetime.ShouldBe((int)(now - newRefreshToken.CreationTime).TotalSeconds + client.SlidingRefreshTokenLifetime); @@ -244,14 +245,14 @@ public class DefaultRefreshTokenServiceTests ClientId = client.ClientId, Subject = _user, CreationTime = now.AddSeconds(-1000), - }); + }, _ct); - var refreshToken = await _store.GetRefreshTokenAsync(handle); + var refreshToken = await _store.GetRefreshTokenAsync(handle, _ct); var newHandle = await _subject.UpdateRefreshTokenAsync(new RefreshTokenUpdateRequest { Handle = handle, RefreshToken = refreshToken, Client = client }); newHandle.ShouldNotBeNull().ShouldNotBe(handle); - var newRefreshToken = await _store.GetRefreshTokenAsync(newHandle); + var newRefreshToken = await _store.GetRefreshTokenAsync(newHandle, _ct); newRefreshToken.ShouldNotBeNull(); newRefreshToken.Lifetime.ShouldBe((int)(now - newRefreshToken.CreationTime).TotalSeconds + client.SlidingRefreshTokenLifetime); @@ -275,15 +276,15 @@ public class DefaultRefreshTokenServiceTests Lifetime = 10, }; - var handle = await _store.StoreRefreshTokenAsync(refreshToken); + var handle = await _store.StoreRefreshTokenAsync(refreshToken, _ct); var now = DateTime.UtcNow; _timeProvider.SetUtcNow(now); var newHandle = await _subject.UpdateRefreshTokenAsync(new RefreshTokenUpdateRequest { Handle = handle, RefreshToken = refreshToken, Client = client }); - var oldToken = await _store.GetRefreshTokenAsync(handle); - var newToken = await _store.GetRefreshTokenAsync(newHandle); + var oldToken = await _store.GetRefreshTokenAsync(handle, _ct); + var newToken = await _store.GetRefreshTokenAsync(newHandle, _ct); oldToken.ConsumedTime.ShouldBe(now); newToken.ConsumedTime.ShouldBeNull(); @@ -310,15 +311,15 @@ public class DefaultRefreshTokenServiceTests Lifetime = 10, }; - var handle = await _store.StoreRefreshTokenAsync(refreshToken); + var handle = await _store.StoreRefreshTokenAsync(refreshToken, _ct); var now = DateTime.UtcNow; _timeProvider.SetUtcNow(now); var newHandle = await _subject.UpdateRefreshTokenAsync(new RefreshTokenUpdateRequest { Handle = handle, RefreshToken = refreshToken, Client = client }); - var oldToken = await _store.GetRefreshTokenAsync(handle); - var newToken = await _store.GetRefreshTokenAsync(newHandle); + var oldToken = await _store.GetRefreshTokenAsync(handle, _ct); + var newToken = await _store.GetRefreshTokenAsync(newHandle, _ct); oldToken.ShouldBeNull(); newToken.ConsumedTime.ShouldBeNull(); @@ -358,7 +359,7 @@ public class DefaultRefreshTokenServiceTests Lifetime = 10, }; - var handle = await _store.StoreRefreshTokenAsync(refreshToken); + var handle = await _store.StoreRefreshTokenAsync(refreshToken, _ct); var now = DateTime.UtcNow; _timeProvider.SetUtcNow(now); @@ -386,7 +387,7 @@ public class DefaultRefreshTokenServiceTests Lifetime = 10, }; - var handle = await _store.StoreRefreshTokenAsync(refreshToken); + var handle = await _store.StoreRefreshTokenAsync(refreshToken, _ct); var now = DateTime.UtcNow; _timeProvider.SetUtcNow(now); @@ -414,7 +415,7 @@ public class DefaultRefreshTokenServiceTests Lifetime = 10, }; - var handle = await _store.StoreRefreshTokenAsync(refreshToken); + var handle = await _store.StoreRefreshTokenAsync(refreshToken, _ct); var now = DateTime.UtcNow.AddSeconds(20); _timeProvider.SetUtcNow(now); @@ -443,7 +444,7 @@ public class DefaultRefreshTokenServiceTests Subject = _user, }; - var handle = await _store.StoreRefreshTokenAsync(refreshToken); + var handle = await _store.StoreRefreshTokenAsync(refreshToken, _ct); var now = DateTime.UtcNow; _timeProvider.SetUtcNow(now); @@ -471,7 +472,7 @@ public class DefaultRefreshTokenServiceTests Lifetime = 10, }; - var handle = await _store.StoreRefreshTokenAsync(refreshToken); + var handle = await _store.StoreRefreshTokenAsync(refreshToken, _ct); var now = DateTime.UtcNow; _timeProvider.SetUtcNow(now); @@ -500,7 +501,7 @@ public class DefaultRefreshTokenServiceTests }; // force create in DB with this key value (pre-v6 format) - await _store.UpdateRefreshTokenAsync("key", refreshToken); + await _store.UpdateRefreshTokenAsync("key", refreshToken, _ct); var now = DateTime.UtcNow; _timeProvider.SetUtcNow(now); diff --git a/identity-server/test/IdentityServer.UnitTests/Stores/Default/DefaultPersistedGrantStoreTests.cs b/identity-server/test/IdentityServer.UnitTests/Stores/Default/DefaultPersistedGrantStoreTests.cs index 657cc044d..726eede3e 100644 --- a/identity-server/test/IdentityServer.UnitTests/Stores/Default/DefaultPersistedGrantStoreTests.cs +++ b/identity-server/test/IdentityServer.UnitTests/Stores/Default/DefaultPersistedGrantStoreTests.cs @@ -120,8 +120,8 @@ public class DefaultPersistedGrantStoreTests Version = 4 }; - var handle = await _refreshTokens.StoreRefreshTokenAsync(token1); - var token2 = await _refreshTokens.GetRefreshTokenAsync(handle); + var handle = await _refreshTokens.StoreRefreshTokenAsync(token1, _ct); + var token2 = await _refreshTokens.GetRefreshTokenAsync(handle, _ct); token2.Version.ShouldBe(5); @@ -161,8 +161,8 @@ public class DefaultPersistedGrantStoreTests } }); - var handle = await _refreshTokens.StoreRefreshTokenAsync(token1); - var token2 = await _refreshTokens.GetRefreshTokenAsync(handle); + var handle = await _refreshTokens.StoreRefreshTokenAsync(token1, _ct); + var token2 = await _refreshTokens.GetRefreshTokenAsync(handle, _ct); token1.ClientId.ShouldBe(token2.ClientId); token1.CreationTime.ShouldBe(token2.CreationTime); @@ -187,9 +187,9 @@ public class DefaultPersistedGrantStoreTests }; - var handle = await _refreshTokens.StoreRefreshTokenAsync(token1); - await _refreshTokens.RemoveRefreshTokenAsync(handle); - var token2 = await _refreshTokens.GetRefreshTokenAsync(handle); + var handle = await _refreshTokens.StoreRefreshTokenAsync(token1, _ct); + await _refreshTokens.RemoveRefreshTokenAsync(handle, _ct); + var token2 = await _refreshTokens.GetRefreshTokenAsync(handle, _ct); token2.ShouldBeNull(); } @@ -205,13 +205,13 @@ public class DefaultPersistedGrantStoreTests Lifetime = 10, }; - var handle1 = await _refreshTokens.StoreRefreshTokenAsync(token1); - var handle2 = await _refreshTokens.StoreRefreshTokenAsync(token1); - await _refreshTokens.RemoveRefreshTokensAsync("123", "client"); + var handle1 = await _refreshTokens.StoreRefreshTokenAsync(token1, _ct); + var handle2 = await _refreshTokens.StoreRefreshTokenAsync(token1, _ct); + await _refreshTokens.RemoveRefreshTokensAsync("123", "client", _ct); - var token2 = await _refreshTokens.GetRefreshTokenAsync(handle1); + var token2 = await _refreshTokens.GetRefreshTokenAsync(handle1, _ct); token2.ShouldBeNull(); - token2 = await _refreshTokens.GetRefreshTokenAsync(handle2); + token2 = await _refreshTokens.GetRefreshTokenAsync(handle2, _ct); token2.ShouldBeNull(); } @@ -357,7 +357,7 @@ public class DefaultPersistedGrantStoreTests Subject = _user, CreationTime = DateTime.UtcNow, Lifetime = 20, - }); + }, _ct); await _codes.StoreAuthorizationCodeAsync(new AuthorizationCode() { @@ -373,7 +373,7 @@ public class DefaultPersistedGrantStoreTests // the -1 is needed because internally we append a version/suffix the handle for encoding (await _codes.GetAuthorizationCodeAsync("key-1", _ct)).Lifetime.ShouldBe(30); - (await _refreshTokens.GetRefreshTokenAsync("key-1")).Lifetime.ShouldBe(20); + (await _refreshTokens.GetRefreshTokenAsync("key-1", _ct)).Lifetime.ShouldBe(20); (await _referenceTokens.GetReferenceTokenAsync("key-1", _ct)).Lifetime.ShouldBe(10); } } diff --git a/identity-server/test/IdentityServer.UnitTests/Validation/TokenRequest Validation/TokenRequestValidation_Invalid.cs b/identity-server/test/IdentityServer.UnitTests/Validation/TokenRequest Validation/TokenRequestValidation_Invalid.cs index aba4aeb70..a073cc8d0 100644 --- a/identity-server/test/IdentityServer.UnitTests/Validation/TokenRequest Validation/TokenRequestValidation_Invalid.cs +++ b/identity-server/test/IdentityServer.UnitTests/Validation/TokenRequest Validation/TokenRequestValidation_Invalid.cs @@ -40,7 +40,7 @@ public class TokenRequestValidation_Invalid }); var grants = Factory.CreateRefreshTokenStore(); - var handle = await grants.StoreRefreshTokenAsync(refreshToken); + var handle = await grants.StoreRefreshTokenAsync(refreshToken, _ct); var client = await _clients.FindEnabledClientByIdAsync("roclient", _ct); diff --git a/identity-server/test/IdentityServer.UnitTests/Validation/TokenRequest Validation/TokenRequestValidation_RefreshToken_Invalid.cs b/identity-server/test/IdentityServer.UnitTests/Validation/TokenRequest Validation/TokenRequestValidation_RefreshToken_Invalid.cs index 3922ba884..5a09032df 100644 --- a/identity-server/test/IdentityServer.UnitTests/Validation/TokenRequest Validation/TokenRequestValidation_RefreshToken_Invalid.cs +++ b/identity-server/test/IdentityServer.UnitTests/Validation/TokenRequest Validation/TokenRequestValidation_RefreshToken_Invalid.cs @@ -71,7 +71,7 @@ public class TokenRequestValidation_RefreshToken_Invalid }; var grants = Factory.CreateRefreshTokenStore(); - var handle = await grants.StoreRefreshTokenAsync(refreshToken); + var handle = await grants.StoreRefreshTokenAsync(refreshToken, _ct); var client = await _clients.FindEnabledClientByIdAsync("roclient", _ct); @@ -98,7 +98,7 @@ public class TokenRequestValidation_RefreshToken_Invalid }; var grants = Factory.CreateRefreshTokenStore(); - var handle = await grants.StoreRefreshTokenAsync(refreshToken); + var handle = await grants.StoreRefreshTokenAsync(refreshToken, _ct); var client = await _clients.FindEnabledClientByIdAsync("roclient", _ct); @@ -127,7 +127,7 @@ public class TokenRequestValidation_RefreshToken_Invalid }; var grants = Factory.CreateRefreshTokenStore(); - var handle = await grants.StoreRefreshTokenAsync(refreshToken); + var handle = await grants.StoreRefreshTokenAsync(refreshToken, _ct); var client = await _clients.FindEnabledClientByIdAsync("roclient_restricted", _ct); @@ -159,7 +159,7 @@ public class TokenRequestValidation_RefreshToken_Invalid }; var grants = Factory.CreateRefreshTokenStore(); - var handle = await grants.StoreRefreshTokenAsync(refreshToken); + var handle = await grants.StoreRefreshTokenAsync(refreshToken, _ct); var client = await _clients.FindEnabledClientByIdAsync("roclient", _ct); @@ -191,7 +191,7 @@ public class TokenRequestValidation_RefreshToken_Invalid }; var grants = Factory.CreateRefreshTokenStore(); - var handle = await grants.StoreRefreshTokenAsync(refreshToken); + var handle = await grants.StoreRefreshTokenAsync(refreshToken, _ct); var client = await _clients.FindEnabledClientByIdAsync("roclient", _ct); @@ -244,7 +244,7 @@ public class TokenRequestValidation_RefreshToken_Invalid CreationTime = DateTime.UtcNow, AuthorizedScopes = new[] { "scope1" } }; - var handle = await grants.StoreRefreshTokenAsync(refreshToken); + var handle = await grants.StoreRefreshTokenAsync(refreshToken, _ct); var parameters = new NameValueCollection(); parameters.Add(OidcConstants.TokenRequest.GrantType, "refresh_token"); @@ -270,7 +270,7 @@ public class TokenRequestValidation_RefreshToken_Invalid CreationTime = DateTime.UtcNow, AuthorizedScopes = new[] { "scope1" } }; - var handle = await grants.StoreRefreshTokenAsync(refreshToken); + var handle = await grants.StoreRefreshTokenAsync(refreshToken, _ct); var parameters = new NameValueCollection(); parameters.Add(OidcConstants.TokenRequest.GrantType, "refresh_token"); @@ -306,7 +306,7 @@ public class TokenRequestValidation_RefreshToken_Invalid AuthorizedScopes = new[] { "scope1" }, AuthorizedResourceIndicators = new[] { "urn:api1", "urn:api2" } }; - var handle = await grants.StoreRefreshTokenAsync(refreshToken); + var handle = await grants.StoreRefreshTokenAsync(refreshToken, _ct); var parameters = new NameValueCollection(); parameters.Add(OidcConstants.TokenRequest.GrantType, "refresh_token"); diff --git a/identity-server/test/IdentityServer.UnitTests/Validation/TokenRequest Validation/TokenRequestValidation_Valid.cs b/identity-server/test/IdentityServer.UnitTests/Validation/TokenRequest Validation/TokenRequestValidation_Valid.cs index d3572e0cd..a14d04b00 100644 --- a/identity-server/test/IdentityServer.UnitTests/Validation/TokenRequest Validation/TokenRequestValidation_Valid.cs +++ b/identity-server/test/IdentityServer.UnitTests/Validation/TokenRequest Validation/TokenRequestValidation_Valid.cs @@ -272,7 +272,7 @@ public class TokenRequestValidation_Valid }); var grants = Factory.CreateRefreshTokenStore(); - var handle = await grants.StoreRefreshTokenAsync(refreshToken); + var handle = await grants.StoreRefreshTokenAsync(refreshToken, _ct); var client = await _clients.FindEnabledClientByIdAsync("roclient", _ct); @@ -304,7 +304,7 @@ public class TokenRequestValidation_Valid }; var grants = Factory.CreateRefreshTokenStore(); - var handle = await grants.StoreRefreshTokenAsync(refreshToken); + var handle = await grants.StoreRefreshTokenAsync(refreshToken, _ct); var client = await _clients.FindEnabledClientByIdAsync("roclient_restricted_refresh", _ct);