我想为WebApi和IdentityServer编写验收测试.为了使事情尽可能简单,我从这里,但添加了另一个项目,该项目与控制台客户端的功能基本上相同,但只是验收测试.
I wanted to write acceptance tests for my WebApi and IdentityServer. To keep things as simple as possible I copied the whole sample project from here but added another project, that essentially makes the same as the console client would but as a acceptance test.
我现在唯一的情况是:
namespace SpecTesting { using System; using System.Net; using System.Net.Http; using System.Threading; using FluentAssertions; using IdentityModel.Client; using Xbehave; public class JustLikeConsole { private static readonly string ServerUrl = "localhost:11111"; private static readonly string IdentityServerUrl = "localhost:5000"; private IDisposable webApp; private IDisposable identityServer; private HttpClient appClient; private HttpClient identityServerClient; [Background] public void Background() { "establish server"._(() => { this.identityServer = Microsoft.Owin.Hosting.WebApp.Start<IdSrv.Startup>(IdentityServerUrl); this.webApp = Microsoft.Owin.Hosting.WebApp.Start<Apis.Startup>(ServerUrl); this.appClient = new HttpClient { BaseAddress = new Uri(ServerUrl) }; this.identityServerClient = new HttpClient { BaseAddress = new Uri(IdentityServerUrl) }; }).Teardown(() => { this.identityServerClient.Dispose(); this.appClient.Dispose(); this.webApp.Dispose(); this.identityServer.Dispose(); }); } [Scenario] public void SimplestScenario(HttpResponseMessage response) { var clientId = "silicon"; var clientSecret = "F621F470-9731-4A25-80EF-67A6F7C5F4B8"; var expectedJson = $"{{ client: '{clientId}' }}"; "get token"._(() => { var client = new TokenClient( $"{IdentityServerUrl}/connect/token", clientId, clientSecret); var token = client.RequestClientCredentialsAsync("api1").Result; this.appClient.SetBearerToken(token.AccessToken); }); "when calling the service"._(() => response = this.appClient.SendAsync(new HttpRequestMessage(HttpMethod.Get, "/test"), CancellationToken.None).Result); "it should return status code 'OK'"._(() => response.StatusCode.Should().Be(HttpStatusCode.OK)); "it should equal expected json"._(() => response.Content.ReadAsStringAsync().Result.Should().Be(expectedJson)); } } }我现在总是得到状态代码未经授权"而不是确定".当我通过控制台客户端调用两个服务器时,它可以正常工作.非常令人沮丧.
I now always get the status code 'unauthorized' instead of 'ok'. When I call the two servers via the console client, it works as expected. Very frustrating.
更新 我将在调用服务时"步骤替换为以下几行,以增强简单性:
Update I replaced the "when calling a service" step with the following lines just to enhance the simplicity:
var client = new HttpClient(); client.SetBearerToken(token.AccessToken); var result = client.GetStringAsync($"{ServerUrl}/test").Result;问题仍然存在:现在抛出HttpRequestException(未经授权的401).
The problem is still the same: Now an HttpRequestException gets thrown (401 unauthorized).
推荐答案与此同时,我发现了它不起作用的原因:
In the meantime I found the reason why it wasn't working:
原来,我必须在WebApi上使用IdentityServer3.AccessTokenValidation的2.6.0版本或更早的版本.一旦我更新到2.7.0或更高版本,它将停止工作.我没有时间找出这两个版本之间到底发生了什么变化,以及是什么导致了问题.但是我可以将其隔离到IdentityServer3.AccessTokenValidation
Turned out I have to use version 2.6.0 of IdentityServer3.AccessTokenValidation or earlier on the WebApi. As soon as I update to 2.7.0 or later it stops working. I didn't have time to find out what exactly has changed between the two releases and therefore what causes the problem. But I could isolate it to IdentityServer3.AccessTokenValidation
更多推荐
IdentityServer3 xBehave测试
发布评论