问题
I have a web application that exposes some REST services which are in turn have several hundred tests.
I have secured the rest servcies using OAuth 2.0 and using DotNetOpenAuth 4. Manual testing shows this works.
This breaks my tests because I do not have access tokens to pass to the REST services. The tests seed the database with the exact same data (incl. users and clients) in order to be deterministic. The tests run unattended.
How can I generate access tokens using DotNetOpenAuth 4 so I can test interaction for different fictitious users and clients (aka applications) in an unattended fashion to be used with tests?
回答1:
The latest builds of DotNetOpenAuth 4 allow for the client credential grant type. This should mean that your tests can directly request an access token of your authorization server by supplying a test-only client id and secret. It also supports the resource owner password grant type, so your test can impersonate a particular user.
The latest builds are available on NuGet from this channel: http://teamcity.dotnetopenauth.net:82/guestAuth/app/nuget/v1/FeedService.svc
来源:https://stackoverflow.com/questions/9676911/how-does-one-generate-access-tokens-programmatically-with-dotnetopenauth-4-so-th