[Fact]
public async Task GetToken_ShouldReturnToken_WhenCredentialsAreValid()
{
// ✅ Arrange: Ensure client credentials match expected values
var clientCredentials = new ClientCredentials
{
ClientKey = "expected-client-key", // Replace with actual expected value
ClientSecret = "expected-client-secret" // Replace with actual expected value
};
// ✅ Act: Call the controller method
IActionResult result;
try
{
result = await _tokenController.GetToken(clientCredentials);
}
catch (Exception ex)
{
Assert.False(true, $"Exception occurred while calling GetToken: {ex.Message}");
return;
}
// ✅ Assert: Ensure response is OK
var okResult = Assert.IsType<OkObjectResult>(result);
Assert.NotNull(okResult.Value);
// ✅ Extract token from response
var tokenString = okResult.Value.ToString();
Assert.False(string.IsNullOrEmpty(tokenString), "Token should not be null or empty");
// ✅ Validate JWT token
var tokenHandler = new JwtSecurityTokenHandler();
JwtSecurityToken token;
try
{
token = tokenHandler.ReadJwtToken(tokenString);
Assert.NotNull(token);
}
catch (SecurityTokenException ex)
{
Assert.False(true, $"Token parsing failed: {ex.Message}");
return;
}
// ✅ Ensure claims are present
Assert.Equal(_applicationConfiguration.JWT.Issuer, token.Issuer);
Assert.Equal(_applicationConfiguration.JWT.Audience, token.Audiences.FirstOrDefault());
var clientKeyClaim = token.Claims.FirstOrDefault(c => c.Type == "clientkey");
Assert.NotNull(clientKeyClaim);
Assert.Equal(clientCredentials.ClientKey, clientKeyClaim.Value);
var clientSecretClaim = token.Claims.FirstOrDefault(c => c.Type == "clientsecret");
Assert.NotNull(clientSecretClaim);
Assert.Equal(clientCredentials.ClientSecret, clientSecretClaim.Value);
}
ClaimTypes.Role and only using the input values (client_id, client_secret, and grant_type), follow these steps:Program.cs
using Microsoft.AspNetCore.Authentication.JwtBearer;
using Microsoft.IdentityModel.Tokens;
using System.Text;
var builder = WebApplication.CreateBuilder(args);
var key = "your_super_secret_key"; // Use a secure key in production
builder.Services.AddControllers();
builder.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options =>
{
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(key)),
ValidateIssuer = false,
ValidateAudience = false
};
});
builder.Services.AddAuthorization();
var app = builder.Build();
app.UseAuthentication();
app.UseAuthorization();
app.MapControllers();
app.Run();
Define the input model in a file, e.g.,
Models/TokenRequest.cs:public class TokenRequest
{
public string ClientId { get; set; }
public string ClientSecret { get; set; }
public string GrantType { get; set; }
}
Create a controller
AuthController.cs inside Controllers folder:using Microsoft.AspNetCore.Mvc;
using Microsoft.IdentityModel.Tokens;
using System.IdentityModel.Tokens.Jwt;
using System.Text;
[Route("api/auth")]
[ApiController]
public class AuthController : ControllerBase
{
private readonly string _key = "your_super_secret_key"; // Use a secure key in production
[HttpPost("token")]
public IActionResult GenerateToken([FromBody] TokenRequest request)
{
// Validate client credentials (You can replace this with database validation)
if (request.ClientId != "my-client-id" || request.ClientSecret != "my-secret" || request.GrantType != "client_credentials")
{
return Unauthorized(new { message = "Invalid client credentials" });
}
// Generate JWT Token
var tokenHandler = new JwtSecurityTokenHandler();
var keyBytes = Encoding.UTF8.GetBytes(_key);
var tokenDescriptor = new SecurityTokenDescriptor
{
Expires = DateTime.UtcNow.AddHours(1), // Token expires in 1 hour
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(keyBytes), SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
var jwt = tokenHandler.WriteToken(token);
return Ok(new { access_token = jwt, token_type = "Bearer", expires_in = 3600 });
}
}
