azzlack
diff --git a/‎src/Sentinel.Tests/Facade/BaseAuthorizationServerTests.cs
Lines changed: 15 additions & 12 deletions b/‎src/Sentinel.Tests/Facade/BaseAuthorizationServerTests.cs
Lines changed: 15 additions & 12 deletions
@@ -32,12 +32,15 @@ public abstract class BaseAuthorizationServerTests
 
         protected IAsymmetricCryptoProvider AsymmetricCryptoProvider;
 
+        protected ICryptoProvider PasswordCryptoProvider;
+
         protected EventHandler<Tuple<AccessTokenResponse, IdentityResponse>> ValidateTokenEventHandler;
 
         [TestFixtureSetUp]
         public virtual void TestFixtureSetUp()
         {
             this.AsymmetricCryptoProvider = new AsymmetricCryptoProvider();
+            this.PasswordCryptoProvider = new PBKDF2CryptoProvider();
         }
 
         [TestFixtureTearDown]
@@ -58,7 +61,7 @@ public virtual void SetUp()
         public async void AuthenticateResourceOwner_WhenGivenValidClientAndUserAndPassword_ShouldReturnAccessToken(string username, string password)
         {
             var request = new HttpRequestMessage(HttpMethod.Post, "oauth/token");
-            request.Headers.Authorization = new BasicAuthenticationHeaderValue("NUnit", "aabbccddee");
+            request.Headers.Authorization = new BasicAuthenticationHeaderValue("NUnit", "PFJTQUtleVZhbHVlPjxNb2R1bHVzPnFKMEtXaXZWSjUxUWtKWGdIU1hidkxOTEJsa09rOE9uSWtvRTljU1FrRzhOZm5VYXBrWHpkTlEvb3FLZE9BSWxYK1hFMnNwN0xFcS9KRnJMaDRNblhRPT08L01vZHVsdXM+PEV4cG9uZW50PkFRQUI8L0V4cG9uZW50PjxQPnljRXBJUDJseG1oa0hRMGRrKzRBVk1lZDhWRUFFVHN5TXgvL3NaNS9TbFU9PC9QPjxRPjFmTEVGWU1JMk1TMUJQbzYwcnYyQmhkYWNBaTI2d2Z0V1N2OVl0aUdnT2s9PC9RPjxEUD5uZ0dYTW0wejdXVklNckJZMzhmZm5vWVBIalR2dG84RHk2SmQ0RDlmTlZrPTwvRFA+PERRPk5FZEQzclhNSFp2RFY5b0ZNYVU0TXJqV0luWWVyRU9kbmFLQUlmMGlzTEU9PC9EUT48SW52ZXJzZVE+ZGQzNVh6T0RvUlZQaXQxb2REL0lKRHpXdUtYMXZrb2NjcXQ4REZGVTlwVT08L0ludmVyc2VRPjxEPkFBcC80VW1oSmFJcm9DcWJ5eXdRbDViY0xFMXNSSkwxek50dllkdGxNTCsxWVFRdWx6YzVPRkh1WUcxQW56OE8vbXU2MXNDN0dNVm04ZTVqSUp6SldRPT08L0Q+PC9SU0FLZXlWYWx1ZT4=");
             request.Content = new FormUrlEncodedContent(new Dictionary<string, string>()
                                                         {
                                                             { "grant_type", GrantType.Password },
@@ -103,7 +106,7 @@ public async void AuthenticateResourceOwner_WhenGivenValidClientAndUserAndPasswo
         public async void AuthenticateResourceOwner_WhenGivenInvalidClientAndUserAndPassword_ShouldReturnInvalidGrant(string username, string password)
         {
             var request = new HttpRequestMessage(HttpMethod.Post, "oauth/token");
-            request.Headers.Authorization = new BasicAuthenticationHeaderValue("NUnit", "aabbccddee");
+            request.Headers.Authorization = new BasicAuthenticationHeaderValue("NUnit", "PFJTQUtleVZhbHVlPjxNb2R1bHVzPnFKMEtXaXZWSjUxUWtKWGdIU1hidkxOTEJsa09rOE9uSWtvRTljU1FrRzhOZm5VYXBrWHpkTlEvb3FLZE9BSWxYK1hFMnNwN0xFcS9KRnJMaDRNblhRPT08L01vZHVsdXM+PEV4cG9uZW50PkFRQUI8L0V4cG9uZW50PjxQPnljRXBJUDJseG1oa0hRMGRrKzRBVk1lZDhWRUFFVHN5TXgvL3NaNS9TbFU9PC9QPjxRPjFmTEVGWU1JMk1TMUJQbzYwcnYyQmhkYWNBaTI2d2Z0V1N2OVl0aUdnT2s9PC9RPjxEUD5uZ0dYTW0wejdXVklNckJZMzhmZm5vWVBIalR2dG84RHk2SmQ0RDlmTlZrPTwvRFA+PERRPk5FZEQzclhNSFp2RFY5b0ZNYVU0TXJqV0luWWVyRU9kbmFLQUlmMGlzTEU9PC9EUT48SW52ZXJzZVE+ZGQzNVh6T0RvUlZQaXQxb2REL0lKRHpXdUtYMXZrb2NjcXQ4REZGVTlwVT08L0ludmVyc2VRPjxEPkFBcC80VW1oSmFJcm9DcWJ5eXdRbDViY0xFMXNSSkwxek50dllkdGxNTCsxWVFRdWx6YzVPRkh1WUcxQW56OE8vbXU2MXNDN0dNVm04ZTVqSUp6SldRPT08L0Q+PC9SU0FLZXlWYWx1ZT4=");
             request.Content = new FormUrlEncodedContent(new Dictionary<string, string>()
                                                         {
                                                             { "grant_type", GrantType.Password },
@@ -127,7 +130,7 @@ public async void AuthenticateResourceOwner_WhenGivenInvalidClientAndUserAndPass
         public async void AuthenticateResourceOwner_WhenGivenValidRefreshToken_ShouldReturnNewAccessToken(string username, string password)
         {
             var request1 = new HttpRequestMessage(HttpMethod.Post, "oauth/token");
-            request1.Headers.Authorization = new BasicAuthenticationHeaderValue("NUnit", "aabbccddee");
+            request1.Headers.Authorization = new BasicAuthenticationHeaderValue("NUnit", "PFJTQUtleVZhbHVlPjxNb2R1bHVzPnFKMEtXaXZWSjUxUWtKWGdIU1hidkxOTEJsa09rOE9uSWtvRTljU1FrRzhOZm5VYXBrWHpkTlEvb3FLZE9BSWxYK1hFMnNwN0xFcS9KRnJMaDRNblhRPT08L01vZHVsdXM+PEV4cG9uZW50PkFRQUI8L0V4cG9uZW50PjxQPnljRXBJUDJseG1oa0hRMGRrKzRBVk1lZDhWRUFFVHN5TXgvL3NaNS9TbFU9PC9QPjxRPjFmTEVGWU1JMk1TMUJQbzYwcnYyQmhkYWNBaTI2d2Z0V1N2OVl0aUdnT2s9PC9RPjxEUD5uZ0dYTW0wejdXVklNckJZMzhmZm5vWVBIalR2dG84RHk2SmQ0RDlmTlZrPTwvRFA+PERRPk5FZEQzclhNSFp2RFY5b0ZNYVU0TXJqV0luWWVyRU9kbmFLQUlmMGlzTEU9PC9EUT48SW52ZXJzZVE+ZGQzNVh6T0RvUlZQaXQxb2REL0lKRHpXdUtYMXZrb2NjcXQ4REZGVTlwVT08L0ludmVyc2VRPjxEPkFBcC80VW1oSmFJcm9DcWJ5eXdRbDViY0xFMXNSSkwxek50dllkdGxNTCsxWVFRdWx6YzVPRkh1WUcxQW56OE8vbXU2MXNDN0dNVm04ZTVqSUp6SldRPT08L0Q+PC9SU0FLZXlWYWx1ZT4=");
             request1.Content = new FormUrlEncodedContent(new Dictionary<string, string>()
                                                         {
                                                             { "grant_type", GrantType.Password },
@@ -150,7 +153,7 @@ public async void AuthenticateResourceOwner_WhenGivenValidRefreshToken_ShouldRet
             Assert.IsNotNullOrEmpty(content1.RefreshToken, "No refresh token returned");
 
             var request2 = new HttpRequestMessage(HttpMethod.Post, "oauth/token");
-            request2.Headers.Authorization = new BasicAuthenticationHeaderValue("NUnit", "aabbccddee");
+            request2.Headers.Authorization = new BasicAuthenticationHeaderValue("NUnit", "PFJTQUtleVZhbHVlPjxNb2R1bHVzPnFKMEtXaXZWSjUxUWtKWGdIU1hidkxOTEJsa09rOE9uSWtvRTljU1FrRzhOZm5VYXBrWHpkTlEvb3FLZE9BSWxYK1hFMnNwN0xFcS9KRnJMaDRNblhRPT08L01vZHVsdXM+PEV4cG9uZW50PkFRQUI8L0V4cG9uZW50PjxQPnljRXBJUDJseG1oa0hRMGRrKzRBVk1lZDhWRUFFVHN5TXgvL3NaNS9TbFU9PC9QPjxRPjFmTEVGWU1JMk1TMUJQbzYwcnYyQmhkYWNBaTI2d2Z0V1N2OVl0aUdnT2s9PC9RPjxEUD5uZ0dYTW0wejdXVklNckJZMzhmZm5vWVBIalR2dG84RHk2SmQ0RDlmTlZrPTwvRFA+PERRPk5FZEQzclhNSFp2RFY5b0ZNYVU0TXJqV0luWWVyRU9kbmFLQUlmMGlzTEU9PC9EUT48SW52ZXJzZVE+ZGQzNVh6T0RvUlZQaXQxb2REL0lKRHpXdUtYMXZrb2NjcXQ4REZGVTlwVT08L0ludmVyc2VRPjxEPkFBcC80VW1oSmFJcm9DcWJ5eXdRbDViY0xFMXNSSkwxek50dllkdGxNTCsxWVFRdWx6YzVPRkh1WUcxQW56OE8vbXU2MXNDN0dNVm04ZTVqSUp6SldRPT08L0Q+PC9SU0FLZXlWYWx1ZT4=");
             request2.Content = new FormUrlEncodedContent(new Dictionary<string, string>()
                                                         {
                                                             { "grant_type", GrantType.RefreshToken },
@@ -176,7 +179,7 @@ public async void AuthenticateResourceOwner_WhenGivenValidRefreshToken_ShouldRet
         public async void AuthenticateResourceOwner_WhenGivenValidClientAndInvalidRedirectUri_ShouldReturnInvalidRequest(string username, string password)
         {
             var request = new HttpRequestMessage(HttpMethod.Post, "oauth/token");
-            request.Headers.Authorization = new BasicAuthenticationHeaderValue("NUnit", "aabbccddee");
+            request.Headers.Authorization = new BasicAuthenticationHeaderValue("NUnit", "PFJTQUtleVZhbHVlPjxNb2R1bHVzPnFKMEtXaXZWSjUxUWtKWGdIU1hidkxOTEJsa09rOE9uSWtvRTljU1FrRzhOZm5VYXBrWHpkTlEvb3FLZE9BSWxYK1hFMnNwN0xFcS9KRnJMaDRNblhRPT08L01vZHVsdXM+PEV4cG9uZW50PkFRQUI8L0V4cG9uZW50PjxQPnljRXBJUDJseG1oa0hRMGRrKzRBVk1lZDhWRUFFVHN5TXgvL3NaNS9TbFU9PC9QPjxRPjFmTEVGWU1JMk1TMUJQbzYwcnYyQmhkYWNBaTI2d2Z0V1N2OVl0aUdnT2s9PC9RPjxEUD5uZ0dYTW0wejdXVklNckJZMzhmZm5vWVBIalR2dG84RHk2SmQ0RDlmTlZrPTwvRFA+PERRPk5FZEQzclhNSFp2RFY5b0ZNYVU0TXJqV0luWWVyRU9kbmFLQUlmMGlzTEU9PC9EUT48SW52ZXJzZVE+ZGQzNVh6T0RvUlZQaXQxb2REL0lKRHpXdUtYMXZrb2NjcXQ4REZGVTlwVT08L0ludmVyc2VRPjxEPkFBcC80VW1oSmFJcm9DcWJ5eXdRbDViY0xFMXNSSkwxek50dllkdGxNTCsxWVFRdWx6YzVPRkh1WUcxQW56OE8vbXU2MXNDN0dNVm04ZTVqSUp6SldRPT08L0Q+PC9SU0FLZXlWYWx1ZT4=");
             request.Content = new FormUrlEncodedContent(new Dictionary<string, string>()
                                                         {
                                                             { "grant_type", GrantType.Password },
@@ -198,7 +201,7 @@ public async void AuthenticateResourceOwner_WhenGivenValidClientAndInvalidRedire
         public async void AuthenticateClientCredentials_WhenGivenValidClientIdAndSecret_ShouldReturnAccessToken()
         {
             var request = new HttpRequestMessage(HttpMethod.Post, "oauth/token");
-            request.Headers.Authorization = new BasicAuthenticationHeaderValue("NUnit", "aabbccddee");
+            request.Headers.Authorization = new BasicAuthenticationHeaderValue("NUnit", "PFJTQUtleVZhbHVlPjxNb2R1bHVzPnFKMEtXaXZWSjUxUWtKWGdIU1hidkxOTEJsa09rOE9uSWtvRTljU1FrRzhOZm5VYXBrWHpkTlEvb3FLZE9BSWxYK1hFMnNwN0xFcS9KRnJMaDRNblhRPT08L01vZHVsdXM+PEV4cG9uZW50PkFRQUI8L0V4cG9uZW50PjxQPnljRXBJUDJseG1oa0hRMGRrKzRBVk1lZDhWRUFFVHN5TXgvL3NaNS9TbFU9PC9QPjxRPjFmTEVGWU1JMk1TMUJQbzYwcnYyQmhkYWNBaTI2d2Z0V1N2OVl0aUdnT2s9PC9RPjxEUD5uZ0dYTW0wejdXVklNckJZMzhmZm5vWVBIalR2dG84RHk2SmQ0RDlmTlZrPTwvRFA+PERRPk5FZEQzclhNSFp2RFY5b0ZNYVU0TXJqV0luWWVyRU9kbmFLQUlmMGlzTEU9PC9EUT48SW52ZXJzZVE+ZGQzNVh6T0RvUlZQaXQxb2REL0lKRHpXdUtYMXZrb2NjcXQ4REZGVTlwVT08L0ludmVyc2VRPjxEPkFBcC80VW1oSmFJcm9DcWJ5eXdRbDViY0xFMXNSSkwxek50dllkdGxNTCsxWVFRdWx6YzVPRkh1WUcxQW56OE8vbXU2MXNDN0dNVm04ZTVqSUp6SldRPT08L0Q+PC9SU0FLZXlWYWx1ZT4=");
             request.Content = new FormUrlEncodedContent(new Dictionary<string, string>()
                                                         {
                                                             { "grant_type", GrantType.ClientCredentials },
@@ -234,7 +237,7 @@ public async void AuthenticateClientCredentials_WhenGivenValidClientIdAndSecret_
         public async void AuthenticateClientCredentials_WhenGivenInvalidClientIdAndSecret_ShouldReturnInvalidGrant()
         {
             var request = new HttpRequestMessage(HttpMethod.Post, "oauth/token");
-            request.Headers.Authorization = new BasicAuthenticationHeaderValue("NUnit66", "aabbccddee");
+            request.Headers.Authorization = new BasicAuthenticationHeaderValue("NUnit66", "PFJTQUtleVZhbHVlPjxNb2R1bHVzPnFKMEtXaXZWSjUxUWtKWGdIU1hidkxOTEJsa09rOE9uSWtvRTljU1FrRzhOZm5VYXBrWHpkTlEvb3FLZE9BSWxYK1hFMnNwN0xFcS9KRnJMaDRNblhRPT08L01vZHVsdXM+PEV4cG9uZW50PkFRQUI8L0V4cG9uZW50PjxQPnljRXBJUDJseG1oa0hRMGRrKzRBVk1lZDhWRUFFVHN5TXgvL3NaNS9TbFU9PC9QPjxRPjFmTEVGWU1JMk1TMUJQbzYwcnYyQmhkYWNBaTI2d2Z0V1N2OVl0aUdnT2s9PC9RPjxEUD5uZ0dYTW0wejdXVklNckJZMzhmZm5vWVBIalR2dG84RHk2SmQ0RDlmTlZrPTwvRFA+PERRPk5FZEQzclhNSFp2RFY5b0ZNYVU0TXJqV0luWWVyRU9kbmFLQUlmMGlzTEU9PC9EUT48SW52ZXJzZVE+ZGQzNVh6T0RvUlZQaXQxb2REL0lKRHpXdUtYMXZrb2NjcXQ4REZGVTlwVT08L0ludmVyc2VRPjxEPkFBcC80VW1oSmFJcm9DcWJ5eXdRbDViY0xFMXNSSkwxek50dllkdGxNTCsxWVFRdWx6YzVPRkh1WUcxQW56OE8vbXU2MXNDN0dNVm04ZTVqSUp6SldRPT08L0Q+PC9SU0FLZXlWYWx1ZT4=");
             request.Content = new FormUrlEncodedContent(new Dictionary<string, string>()
                                                         {
                                                             { "grant_type", GrantType.ClientCredentials },
@@ -312,7 +315,7 @@ public async void GetIdentity_WhenNotAuthorized_ShouldReturnCorrectWwwAuthentica
         public async void GetIdentity_WhenAuthenticated_ReturnsClaims()
         {
             var request = new HttpRequestMessage(HttpMethod.Post, "oauth/token");
-            request.Headers.Authorization = new BasicAuthenticationHeaderValue("NUnit", "aabbccddee");
+            request.Headers.Authorization = new BasicAuthenticationHeaderValue("NUnit", "PFJTQUtleVZhbHVlPjxNb2R1bHVzPnFKMEtXaXZWSjUxUWtKWGdIU1hidkxOTEJsa09rOE9uSWtvRTljU1FrRzhOZm5VYXBrWHpkTlEvb3FLZE9BSWxYK1hFMnNwN0xFcS9KRnJMaDRNblhRPT08L01vZHVsdXM+PEV4cG9uZW50PkFRQUI8L0V4cG9uZW50PjxQPnljRXBJUDJseG1oa0hRMGRrKzRBVk1lZDhWRUFFVHN5TXgvL3NaNS9TbFU9PC9QPjxRPjFmTEVGWU1JMk1TMUJQbzYwcnYyQmhkYWNBaTI2d2Z0V1N2OVl0aUdnT2s9PC9RPjxEUD5uZ0dYTW0wejdXVklNckJZMzhmZm5vWVBIalR2dG84RHk2SmQ0RDlmTlZrPTwvRFA+PERRPk5FZEQzclhNSFp2RFY5b0ZNYVU0TXJqV0luWWVyRU9kbmFLQUlmMGlzTEU9PC9EUT48SW52ZXJzZVE+ZGQzNVh6T0RvUlZQaXQxb2REL0lKRHpXdUtYMXZrb2NjcXQ4REZGVTlwVT08L0ludmVyc2VRPjxEPkFBcC80VW1oSmFJcm9DcWJ5eXdRbDViY0xFMXNSSkwxek50dllkdGxNTCsxWVFRdWx6YzVPRkh1WUcxQW56OE8vbXU2MXNDN0dNVm04ZTVqSUp6SldRPT08L0Q+PC9SU0FLZXlWYWx1ZT4=");
             request.Content = new FormUrlEncodedContent(new Dictionary<string, string>()
                                                         {
                                                             { "grant_type", GrantType.Password },
@@ -362,7 +365,7 @@ public async void GetIdentity_WhenAuthenticated_ReturnsClaims()
         public async void GetIdentity_WhenUsingOpenId_ReturnsValidAccessToken()
         {
             var request = new HttpRequestMessage(HttpMethod.Post, "oauth/token");
-            request.Headers.Authorization = new BasicAuthenticationHeaderValue("NUnit", "aabbccddee");
+            request.Headers.Authorization = new BasicAuthenticationHeaderValue("NUnit", "PFJTQUtleVZhbHVlPjxNb2R1bHVzPnFKMEtXaXZWSjUxUWtKWGdIU1hidkxOTEJsa09rOE9uSWtvRTljU1FrRzhOZm5VYXBrWHpkTlEvb3FLZE9BSWxYK1hFMnNwN0xFcS9KRnJMaDRNblhRPT08L01vZHVsdXM+PEV4cG9uZW50PkFRQUI8L0V4cG9uZW50PjxQPnljRXBJUDJseG1oa0hRMGRrKzRBVk1lZDhWRUFFVHN5TXgvL3NaNS9TbFU9PC9QPjxRPjFmTEVGWU1JMk1TMUJQbzYwcnYyQmhkYWNBaTI2d2Z0V1N2OVl0aUdnT2s9PC9RPjxEUD5uZ0dYTW0wejdXVklNckJZMzhmZm5vWVBIalR2dG84RHk2SmQ0RDlmTlZrPTwvRFA+PERRPk5FZEQzclhNSFp2RFY5b0ZNYVU0TXJqV0luWWVyRU9kbmFLQUlmMGlzTEU9PC9EUT48SW52ZXJzZVE+ZGQzNVh6T0RvUlZQaXQxb2REL0lKRHpXdUtYMXZrb2NjcXQ4REZGVTlwVT08L0ludmVyc2VRPjxEPkFBcC80VW1oSmFJcm9DcWJ5eXdRbDViY0xFMXNSSkwxek50dllkdGxNTCsxWVFRdWx6YzVPRkh1WUcxQW56OE8vbXU2MXNDN0dNVm04ZTVqSUp6SldRPT08L0Q+PC9SU0FLZXlWYWx1ZT4=");
             request.Content = new FormUrlEncodedContent(new Dictionary<string, string>()
                                                         {
                                                             { "grant_type", GrantType.Password },
@@ -416,7 +419,7 @@ public async void GetIdentity_WhenUsingOpenId_ReturnsValidAccessToken()
         public async void AuthenticateRefreshToken_WhenGivenValidRefreshToken_ReturnsCorrectScope()
         {
             var accessTokenRequest = new HttpRequestMessage(HttpMethod.Post, "oauth/token");
-            accessTokenRequest.Headers.Authorization = new BasicAuthenticationHeaderValue("NUnit", "aabbccddee");
+            accessTokenRequest.Headers.Authorization = new BasicAuthenticationHeaderValue("NUnit", "PFJTQUtleVZhbHVlPjxNb2R1bHVzPnFKMEtXaXZWSjUxUWtKWGdIU1hidkxOTEJsa09rOE9uSWtvRTljU1FrRzhOZm5VYXBrWHpkTlEvb3FLZE9BSWxYK1hFMnNwN0xFcS9KRnJMaDRNblhRPT08L01vZHVsdXM+PEV4cG9uZW50PkFRQUI8L0V4cG9uZW50PjxQPnljRXBJUDJseG1oa0hRMGRrKzRBVk1lZDhWRUFFVHN5TXgvL3NaNS9TbFU9PC9QPjxRPjFmTEVGWU1JMk1TMUJQbzYwcnYyQmhkYWNBaTI2d2Z0V1N2OVl0aUdnT2s9PC9RPjxEUD5uZ0dYTW0wejdXVklNckJZMzhmZm5vWVBIalR2dG84RHk2SmQ0RDlmTlZrPTwvRFA+PERRPk5FZEQzclhNSFp2RFY5b0ZNYVU0TXJqV0luWWVyRU9kbmFLQUlmMGlzTEU9PC9EUT48SW52ZXJzZVE+ZGQzNVh6T0RvUlZQaXQxb2REL0lKRHpXdUtYMXZrb2NjcXQ4REZGVTlwVT08L0ludmVyc2VRPjxEPkFBcC80VW1oSmFJcm9DcWJ5eXdRbDViY0xFMXNSSkwxek50dllkdGxNTCsxWVFRdWx6YzVPRkh1WUcxQW56OE8vbXU2MXNDN0dNVm04ZTVqSUp6SldRPT08L0Q+PC9SU0FLZXlWYWx1ZT4=");
             accessTokenRequest.Content = new FormUrlEncodedContent(new Dictionary<string, string>()
                                                         {
                                                             { "grant_type", GrantType.Password },
@@ -431,7 +434,7 @@ public async void AuthenticateRefreshToken_WhenGivenValidRefreshToken_ReturnsCor
             var accessToken1 = JsonConvert.DeserializeObject<AccessTokenResponse>(accessTokenContent);
 
             var refreshTokenRequest = new HttpRequestMessage(HttpMethod.Post, "oauth/token");
-            refreshTokenRequest.Headers.Authorization = new BasicAuthenticationHeaderValue("NUnit", "aabbccddee");
+            refreshTokenRequest.Headers.Authorization = new BasicAuthenticationHeaderValue("NUnit", "PFJTQUtleVZhbHVlPjxNb2R1bHVzPnFKMEtXaXZWSjUxUWtKWGdIU1hidkxOTEJsa09rOE9uSWtvRTljU1FrRzhOZm5VYXBrWHpkTlEvb3FLZE9BSWxYK1hFMnNwN0xFcS9KRnJMaDRNblhRPT08L01vZHVsdXM+PEV4cG9uZW50PkFRQUI8L0V4cG9uZW50PjxQPnljRXBJUDJseG1oa0hRMGRrKzRBVk1lZDhWRUFFVHN5TXgvL3NaNS9TbFU9PC9QPjxRPjFmTEVGWU1JMk1TMUJQbzYwcnYyQmhkYWNBaTI2d2Z0V1N2OVl0aUdnT2s9PC9RPjxEUD5uZ0dYTW0wejdXVklNckJZMzhmZm5vWVBIalR2dG84RHk2SmQ0RDlmTlZrPTwvRFA+PERRPk5FZEQzclhNSFp2RFY5b0ZNYVU0TXJqV0luWWVyRU9kbmFLQUlmMGlzTEU9PC9EUT48SW52ZXJzZVE+ZGQzNVh6T0RvUlZQaXQxb2REL0lKRHpXdUtYMXZrb2NjcXQ4REZGVTlwVT08L0ludmVyc2VRPjxEPkFBcC80VW1oSmFJcm9DcWJ5eXdRbDViY0xFMXNSSkwxek50dllkdGxNTCsxWVFRdWx6YzVPRkh1WUcxQW56OE8vbXU2MXNDN0dNVm04ZTVqSUp6SldRPT08L0Q+PC9SU0FLZXlWYWx1ZT4=");
             refreshTokenRequest.Content = new FormUrlEncodedContent(new Dictionary<string, string>()
                                                         {
                                                             { "grant_type", GrantType.RefreshToken },
@@ -541,7 +544,7 @@ public async void GetResource_WhenGivenNoUserSignatureAuthentication_ReturnsData
             Assert.AreEqual(response.StatusCode, HttpStatusCode.Unauthorized, "User was authenticated");
         }
 
-        [TestCase("NUnit", "aabbccddee")]
+        [TestCase("NUnit", "PFJTQUtleVZhbHVlPjxNb2R1bHVzPnFKMEtXaXZWSjUxUWtKWGdIU1hidkxOTEJsa09rOE9uSWtvRTljU1FrRzhOZm5VYXBrWHpkTlEvb3FLZE9BSWxYK1hFMnNwN0xFcS9KRnJMaDRNblhRPT08L01vZHVsdXM+PEV4cG9uZW50PkFRQUI8L0V4cG9uZW50PjxQPnljRXBJUDJseG1oa0hRMGRrKzRBVk1lZDhWRUFFVHN5TXgvL3NaNS9TbFU9PC9QPjxRPjFmTEVGWU1JMk1TMUJQbzYwcnYyQmhkYWNBaTI2d2Z0V1N2OVl0aUdnT2s9PC9RPjxEUD5uZ0dYTW0wejdXVklNckJZMzhmZm5vWVBIalR2dG84RHk2SmQ0RDlmTlZrPTwvRFA+PERRPk5FZEQzclhNSFp2RFY5b0ZNYVU0TXJqV0luWWVyRU9kbmFLQUlmMGlzTEU9PC9EUT48SW52ZXJzZVE+ZGQzNVh6T0RvUlZQaXQxb2REL0lKRHpXdUtYMXZrb2NjcXQ4REZGVTlwVT08L0ludmVyc2VRPjxEPkFBcC80VW1oSmFJcm9DcWJ5eXdRbDViY0xFMXNSSkwxek50dllkdGxNTCsxWVFRdWx6YzVPRkh1WUcxQW56OE8vbXU2MXNDN0dNVm04ZTVqSUp6SldRPT08L0Q+PC9SU0FLZXlWYWx1ZT4=")]
         public async void GetResource_WhenGivenValidClientBasicAuthentication_ReturnsData(string username, string password)
         {
             var request = new HttpRequestMessage(HttpMethod.Get, "openid/userinfo");
Original file line number	Diff line number	Diff line change
`@@ -32,12 +32,15 @@ public abstract class BaseAuthorizationServerTests`
`32`	`32`
`33`	`33`	`protected IAsymmetricCryptoProvider AsymmetricCryptoProvider;`
`34`	`34`
	`35`	`+ protected ICryptoProvider PasswordCryptoProvider;`
	`36`	`+`
`35`	`37`	`protected EventHandler<Tuple<AccessTokenResponse, IdentityResponse>> ValidateTokenEventHandler;`
`36`	`38`
`37`	`39`	`[TestFixtureSetUp]`
`38`	`40`	`public virtual void TestFixtureSetUp()`
`39`	`41`	`{`
`40`	`42`	`this.AsymmetricCryptoProvider = new AsymmetricCryptoProvider();`
	`43`	`+ this.PasswordCryptoProvider = new PBKDF2CryptoProvider();`
`41`	`44`	`}`
`42`	`45`
`43`	`46`	`[TestFixtureTearDown]`
`@@ -58,7 +61,7 @@ public virtual void SetUp()`
`58`	`61`	`public async void AuthenticateResourceOwner_WhenGivenValidClientAndUserAndPassword_ShouldReturnAccessToken(string username, string password)`
`59`	`62`	`{`
`60`	`63`	`var request = new HttpRequestMessage(HttpMethod.Post, "oauth/token");`
`61`		`- request.Headers.Authorization = new BasicAuthenticationHeaderValue("NUnit", "aabbccddee");`
	`64`	+ request.Headers.Authorization = new BasicAuthenticationHeaderValue("NUnit", "PFJTQUtleVZhbHVlPjxNb2R1bHVzPnFKMEtXaXZWSjUxUWtKWGdIU1hidkxOTEJsa09rOE9uSWtvRTljU1FrRzhOZm5VYXBrWHpkTlEvb3FLZE9BSWxYK1hFMnNwN0xFcS9KRnJMaDRNblhRPT08L01vZHVsdXM+PEV4cG9uZW50PkFRQUI8L0V4cG9uZW50PjxQPnljRXBJUDJseG1oa0hRMGRrKzRBVk1lZDhWRUFFVHN5TXgvL3NaNS9TbFU9PC9QPjxRPjFmTEVGWU1JMk1TMUJQbzYwcnYyQmhkYWNBaTI2d2Z0V1N2OVl0aUdnT2s9PC9RPjxEUD5uZ0dYTW0wejdXVklNckJZMzhmZm5vWVBIalR2dG84RHk2SmQ0RDlmTlZrPTwvRFA+PERRPk5FZEQzclhNSFp2RFY5b0ZNYVU0TXJqV0luWWVyRU9kbmFLQUlmMGlzTEU9PC9EUT48SW52ZXJzZVE+ZGQzNVh6T0RvUlZQaXQxb2REL0lKRHpXdUtYMXZrb2NjcXQ4REZGVTlwVT08L0ludmVyc2VRPjxEPkFBcC80VW1oSmFJcm9DcWJ5eXdRbDViY0xFMXNSSkwxek50dllkdGxNTCsxWVFRdWx6YzVPRkh1WUcxQW56OE8vbXU2MXNDN0dNVm04ZTVqSUp6SldRPT08L0Q+PC9SU0FLZXlWYWx1ZT4=");
`62`	`65`	`request.Content = new FormUrlEncodedContent(new Dictionary<string, string>()`
`63`	`66`	`{`
`64`	`67`	`{ "grant_type", GrantType.Password },`
`@@ -103,7 +106,7 @@ public async void AuthenticateResourceOwner_WhenGivenValidClientAndUserAndPasswo`
`103`	`106`	`public async void AuthenticateResourceOwner_WhenGivenInvalidClientAndUserAndPassword_ShouldReturnInvalidGrant(string username, string password)`
`104`	`107`	`{`
`105`	`108`	`var request = new HttpRequestMessage(HttpMethod.Post, "oauth/token");`
`106`		`- request.Headers.Authorization = new BasicAuthenticationHeaderValue("NUnit", "aabbccddee");`
	`109`	+ request.Headers.Authorization = new BasicAuthenticationHeaderValue("NUnit", "PFJTQUtleVZhbHVlPjxNb2R1bHVzPnFKMEtXaXZWSjUxUWtKWGdIU1hidkxOTEJsa09rOE9uSWtvRTljU1FrRzhOZm5VYXBrWHpkTlEvb3FLZE9BSWxYK1hFMnNwN0xFcS9KRnJMaDRNblhRPT08L01vZHVsdXM+PEV4cG9uZW50PkFRQUI8L0V4cG9uZW50PjxQPnljRXBJUDJseG1oa0hRMGRrKzRBVk1lZDhWRUFFVHN5TXgvL3NaNS9TbFU9PC9QPjxRPjFmTEVGWU1JMk1TMUJQbzYwcnYyQmhkYWNBaTI2d2Z0V1N2OVl0aUdnT2s9PC9RPjxEUD5uZ0dYTW0wejdXVklNckJZMzhmZm5vWVBIalR2dG84RHk2SmQ0RDlmTlZrPTwvRFA+PERRPk5FZEQzclhNSFp2RFY5b0ZNYVU0TXJqV0luWWVyRU9kbmFLQUlmMGlzTEU9PC9EUT48SW52ZXJzZVE+ZGQzNVh6T0RvUlZQaXQxb2REL0lKRHpXdUtYMXZrb2NjcXQ4REZGVTlwVT08L0ludmVyc2VRPjxEPkFBcC80VW1oSmFJcm9DcWJ5eXdRbDViY0xFMXNSSkwxek50dllkdGxNTCsxWVFRdWx6YzVPRkh1WUcxQW56OE8vbXU2MXNDN0dNVm04ZTVqSUp6SldRPT08L0Q+PC9SU0FLZXlWYWx1ZT4=");
`107`	`110`	`request.Content = new FormUrlEncodedContent(new Dictionary<string, string>()`
`108`	`111`	`{`
`109`	`112`	`{ "grant_type", GrantType.Password },`
`@@ -127,7 +130,7 @@ public async void AuthenticateResourceOwner_WhenGivenInvalidClientAndUserAndPass`
`127`	`130`	`public async void AuthenticateResourceOwner_WhenGivenValidRefreshToken_ShouldReturnNewAccessToken(string username, string password)`
`128`	`131`	`{`
`129`	`132`	`var request1 = new HttpRequestMessage(HttpMethod.Post, "oauth/token");`
`130`		`- request1.Headers.Authorization = new BasicAuthenticationHeaderValue("NUnit", "aabbccddee");`
	`133`	+ request1.Headers.Authorization = new BasicAuthenticationHeaderValue("NUnit", "PFJTQUtleVZhbHVlPjxNb2R1bHVzPnFKMEtXaXZWSjUxUWtKWGdIU1hidkxOTEJsa09rOE9uSWtvRTljU1FrRzhOZm5VYXBrWHpkTlEvb3FLZE9BSWxYK1hFMnNwN0xFcS9KRnJMaDRNblhRPT08L01vZHVsdXM+PEV4cG9uZW50PkFRQUI8L0V4cG9uZW50PjxQPnljRXBJUDJseG1oa0hRMGRrKzRBVk1lZDhWRUFFVHN5TXgvL3NaNS9TbFU9PC9QPjxRPjFmTEVGWU1JMk1TMUJQbzYwcnYyQmhkYWNBaTI2d2Z0V1N2OVl0aUdnT2s9PC9RPjxEUD5uZ0dYTW0wejdXVklNckJZMzhmZm5vWVBIalR2dG84RHk2SmQ0RDlmTlZrPTwvRFA+PERRPk5FZEQzclhNSFp2RFY5b0ZNYVU0TXJqV0luWWVyRU9kbmFLQUlmMGlzTEU9PC9EUT48SW52ZXJzZVE+ZGQzNVh6T0RvUlZQaXQxb2REL0lKRHpXdUtYMXZrb2NjcXQ4REZGVTlwVT08L0ludmVyc2VRPjxEPkFBcC80VW1oSmFJcm9DcWJ5eXdRbDViY0xFMXNSSkwxek50dllkdGxNTCsxWVFRdWx6YzVPRkh1WUcxQW56OE8vbXU2MXNDN0dNVm04ZTVqSUp6SldRPT08L0Q+PC9SU0FLZXlWYWx1ZT4=");
`131`	`134`	`request1.Content = new FormUrlEncodedContent(new Dictionary<string, string>()`
`132`	`135`	`{`
`133`	`136`	`{ "grant_type", GrantType.Password },`
`@@ -150,7 +153,7 @@ public async void AuthenticateResourceOwner_WhenGivenValidRefreshToken_ShouldRet`
`150`	`153`	`Assert.IsNotNullOrEmpty(content1.RefreshToken, "No refresh token returned");`
`151`	`154`
`152`	`155`	`var request2 = new HttpRequestMessage(HttpMethod.Post, "oauth/token");`
`153`		`- request2.Headers.Authorization = new BasicAuthenticationHeaderValue("NUnit", "aabbccddee");`
	`156`	+ request2.Headers.Authorization = new BasicAuthenticationHeaderValue("NUnit", "PFJTQUtleVZhbHVlPjxNb2R1bHVzPnFKMEtXaXZWSjUxUWtKWGdIU1hidkxOTEJsa09rOE9uSWtvRTljU1FrRzhOZm5VYXBrWHpkTlEvb3FLZE9BSWxYK1hFMnNwN0xFcS9KRnJMaDRNblhRPT08L01vZHVsdXM+PEV4cG9uZW50PkFRQUI8L0V4cG9uZW50PjxQPnljRXBJUDJseG1oa0hRMGRrKzRBVk1lZDhWRUFFVHN5TXgvL3NaNS9TbFU9PC9QPjxRPjFmTEVGWU1JMk1TMUJQbzYwcnYyQmhkYWNBaTI2d2Z0V1N2OVl0aUdnT2s9PC9RPjxEUD5uZ0dYTW0wejdXVklNckJZMzhmZm5vWVBIalR2dG84RHk2SmQ0RDlmTlZrPTwvRFA+PERRPk5FZEQzclhNSFp2RFY5b0ZNYVU0TXJqV0luWWVyRU9kbmFLQUlmMGlzTEU9PC9EUT48SW52ZXJzZVE+ZGQzNVh6T0RvUlZQaXQxb2REL0lKRHpXdUtYMXZrb2NjcXQ4REZGVTlwVT08L0ludmVyc2VRPjxEPkFBcC80VW1oSmFJcm9DcWJ5eXdRbDViY0xFMXNSSkwxek50dllkdGxNTCsxWVFRdWx6YzVPRkh1WUcxQW56OE8vbXU2MXNDN0dNVm04ZTVqSUp6SldRPT08L0Q+PC9SU0FLZXlWYWx1ZT4=");
`154`	`157`	`request2.Content = new FormUrlEncodedContent(new Dictionary<string, string>()`
`155`	`158`	`{`
`156`	`159`	`{ "grant_type", GrantType.RefreshToken },`
`@@ -176,7 +179,7 @@ public async void AuthenticateResourceOwner_WhenGivenValidRefreshToken_ShouldRet`
`176`	`179`	`public async void AuthenticateResourceOwner_WhenGivenValidClientAndInvalidRedirectUri_ShouldReturnInvalidRequest(string username, string password)`
`177`	`180`	`{`
`178`	`181`	`var request = new HttpRequestMessage(HttpMethod.Post, "oauth/token");`
`179`		`- request.Headers.Authorization = new BasicAuthenticationHeaderValue("NUnit", "aabbccddee");`
	`182`	+ request.Headers.Authorization = new BasicAuthenticationHeaderValue("NUnit", "PFJTQUtleVZhbHVlPjxNb2R1bHVzPnFKMEtXaXZWSjUxUWtKWGdIU1hidkxOTEJsa09rOE9uSWtvRTljU1FrRzhOZm5VYXBrWHpkTlEvb3FLZE9BSWxYK1hFMnNwN0xFcS9KRnJMaDRNblhRPT08L01vZHVsdXM+PEV4cG9uZW50PkFRQUI8L0V4cG9uZW50PjxQPnljRXBJUDJseG1oa0hRMGRrKzRBVk1lZDhWRUFFVHN5TXgvL3NaNS9TbFU9PC9QPjxRPjFmTEVGWU1JMk1TMUJQbzYwcnYyQmhkYWNBaTI2d2Z0V1N2OVl0aUdnT2s9PC9RPjxEUD5uZ0dYTW0wejdXVklNckJZMzhmZm5vWVBIalR2dG84RHk2SmQ0RDlmTlZrPTwvRFA+PERRPk5FZEQzclhNSFp2RFY5b0ZNYVU0TXJqV0luWWVyRU9kbmFLQUlmMGlzTEU9PC9EUT48SW52ZXJzZVE+ZGQzNVh6T0RvUlZQaXQxb2REL0lKRHpXdUtYMXZrb2NjcXQ4REZGVTlwVT08L0ludmVyc2VRPjxEPkFBcC80VW1oSmFJcm9DcWJ5eXdRbDViY0xFMXNSSkwxek50dllkdGxNTCsxWVFRdWx6YzVPRkh1WUcxQW56OE8vbXU2MXNDN0dNVm04ZTVqSUp6SldRPT08L0Q+PC9SU0FLZXlWYWx1ZT4=");
`180`	`183`	`request.Content = new FormUrlEncodedContent(new Dictionary<string, string>()`
`181`	`184`	`{`
`182`	`185`	`{ "grant_type", GrantType.Password },`
`@@ -198,7 +201,7 @@ public async void AuthenticateResourceOwner_WhenGivenValidClientAndInvalidRedire`
`198`	`201`	`public async void AuthenticateClientCredentials_WhenGivenValidClientIdAndSecret_ShouldReturnAccessToken()`
`199`	`202`	`{`
`200`	`203`	`var request = new HttpRequestMessage(HttpMethod.Post, "oauth/token");`
`201`		`- request.Headers.Authorization = new BasicAuthenticationHeaderValue("NUnit", "aabbccddee");`
	`204`	+ request.Headers.Authorization = new BasicAuthenticationHeaderValue("NUnit", "PFJTQUtleVZhbHVlPjxNb2R1bHVzPnFKMEtXaXZWSjUxUWtKWGdIU1hidkxOTEJsa09rOE9uSWtvRTljU1FrRzhOZm5VYXBrWHpkTlEvb3FLZE9BSWxYK1hFMnNwN0xFcS9KRnJMaDRNblhRPT08L01vZHVsdXM+PEV4cG9uZW50PkFRQUI8L0V4cG9uZW50PjxQPnljRXBJUDJseG1oa0hRMGRrKzRBVk1lZDhWRUFFVHN5TXgvL3NaNS9TbFU9PC9QPjxRPjFmTEVGWU1JMk1TMUJQbzYwcnYyQmhkYWNBaTI2d2Z0V1N2OVl0aUdnT2s9PC9RPjxEUD5uZ0dYTW0wejdXVklNckJZMzhmZm5vWVBIalR2dG84RHk2SmQ0RDlmTlZrPTwvRFA+PERRPk5FZEQzclhNSFp2RFY5b0ZNYVU0TXJqV0luWWVyRU9kbmFLQUlmMGlzTEU9PC9EUT48SW52ZXJzZVE+ZGQzNVh6T0RvUlZQaXQxb2REL0lKRHpXdUtYMXZrb2NjcXQ4REZGVTlwVT08L0ludmVyc2VRPjxEPkFBcC80VW1oSmFJcm9DcWJ5eXdRbDViY0xFMXNSSkwxek50dllkdGxNTCsxWVFRdWx6YzVPRkh1WUcxQW56OE8vbXU2MXNDN0dNVm04ZTVqSUp6SldRPT08L0Q+PC9SU0FLZXlWYWx1ZT4=");
`202`	`205`	`request.Content = new FormUrlEncodedContent(new Dictionary<string, string>()`
`203`	`206`	`{`
`204`	`207`	`{ "grant_type", GrantType.ClientCredentials },`
`@@ -234,7 +237,7 @@ public async void AuthenticateClientCredentials_WhenGivenValidClientIdAndSecret_`
`234`	`237`	`public async void AuthenticateClientCredentials_WhenGivenInvalidClientIdAndSecret_ShouldReturnInvalidGrant()`
`235`	`238`	`{`
`236`	`239`	`var request = new HttpRequestMessage(HttpMethod.Post, "oauth/token");`
`237`		`- request.Headers.Authorization = new BasicAuthenticationHeaderValue("NUnit66", "aabbccddee");`
	`240`	+ request.Headers.Authorization = new BasicAuthenticationHeaderValue("NUnit66", "PFJTQUtleVZhbHVlPjxNb2R1bHVzPnFKMEtXaXZWSjUxUWtKWGdIU1hidkxOTEJsa09rOE9uSWtvRTljU1FrRzhOZm5VYXBrWHpkTlEvb3FLZE9BSWxYK1hFMnNwN0xFcS9KRnJMaDRNblhRPT08L01vZHVsdXM+PEV4cG9uZW50PkFRQUI8L0V4cG9uZW50PjxQPnljRXBJUDJseG1oa0hRMGRrKzRBVk1lZDhWRUFFVHN5TXgvL3NaNS9TbFU9PC9QPjxRPjFmTEVGWU1JMk1TMUJQbzYwcnYyQmhkYWNBaTI2d2Z0V1N2OVl0aUdnT2s9PC9RPjxEUD5uZ0dYTW0wejdXVklNckJZMzhmZm5vWVBIalR2dG84RHk2SmQ0RDlmTlZrPTwvRFA+PERRPk5FZEQzclhNSFp2RFY5b0ZNYVU0TXJqV0luWWVyRU9kbmFLQUlmMGlzTEU9PC9EUT48SW52ZXJzZVE+ZGQzNVh6T0RvUlZQaXQxb2REL0lKRHpXdUtYMXZrb2NjcXQ4REZGVTlwVT08L0ludmVyc2VRPjxEPkFBcC80VW1oSmFJcm9DcWJ5eXdRbDViY0xFMXNSSkwxek50dllkdGxNTCsxWVFRdWx6YzVPRkh1WUcxQW56OE8vbXU2MXNDN0dNVm04ZTVqSUp6SldRPT08L0Q+PC9SU0FLZXlWYWx1ZT4=");
`238`	`241`	`request.Content = new FormUrlEncodedContent(new Dictionary<string, string>()`
`239`	`242`	`{`
`240`	`243`	`{ "grant_type", GrantType.ClientCredentials },`
`@@ -312,7 +315,7 @@ public async void GetIdentity_WhenNotAuthorized_ShouldReturnCorrectWwwAuthentica`
`312`	`315`	`public async void GetIdentity_WhenAuthenticated_ReturnsClaims()`
`313`	`316`	`{`
`314`	`317`	`var request = new HttpRequestMessage(HttpMethod.Post, "oauth/token");`
`315`		`- request.Headers.Authorization = new BasicAuthenticationHeaderValue("NUnit", "aabbccddee");`
	`318`	+ request.Headers.Authorization = new BasicAuthenticationHeaderValue("NUnit", "PFJTQUtleVZhbHVlPjxNb2R1bHVzPnFKMEtXaXZWSjUxUWtKWGdIU1hidkxOTEJsa09rOE9uSWtvRTljU1FrRzhOZm5VYXBrWHpkTlEvb3FLZE9BSWxYK1hFMnNwN0xFcS9KRnJMaDRNblhRPT08L01vZHVsdXM+PEV4cG9uZW50PkFRQUI8L0V4cG9uZW50PjxQPnljRXBJUDJseG1oa0hRMGRrKzRBVk1lZDhWRUFFVHN5TXgvL3NaNS9TbFU9PC9QPjxRPjFmTEVGWU1JMk1TMUJQbzYwcnYyQmhkYWNBaTI2d2Z0V1N2OVl0aUdnT2s9PC9RPjxEUD5uZ0dYTW0wejdXVklNckJZMzhmZm5vWVBIalR2dG84RHk2SmQ0RDlmTlZrPTwvRFA+PERRPk5FZEQzclhNSFp2RFY5b0ZNYVU0TXJqV0luWWVyRU9kbmFLQUlmMGlzTEU9PC9EUT48SW52ZXJzZVE+ZGQzNVh6T0RvUlZQaXQxb2REL0lKRHpXdUtYMXZrb2NjcXQ4REZGVTlwVT08L0ludmVyc2VRPjxEPkFBcC80VW1oSmFJcm9DcWJ5eXdRbDViY0xFMXNSSkwxek50dllkdGxNTCsxWVFRdWx6YzVPRkh1WUcxQW56OE8vbXU2MXNDN0dNVm04ZTVqSUp6SldRPT08L0Q+PC9SU0FLZXlWYWx1ZT4=");
`316`	`319`	`request.Content = new FormUrlEncodedContent(new Dictionary<string, string>()`
`317`	`320`	`{`
`318`	`321`	`{ "grant_type", GrantType.Password },`
`@@ -362,7 +365,7 @@ public async void GetIdentity_WhenAuthenticated_ReturnsClaims()`
`362`	`365`	`public async void GetIdentity_WhenUsingOpenId_ReturnsValidAccessToken()`
`363`	`366`	`{`
`364`	`367`	`var request = new HttpRequestMessage(HttpMethod.Post, "oauth/token");`
`365`		`- request.Headers.Authorization = new BasicAuthenticationHeaderValue("NUnit", "aabbccddee");`
	`368`	+ request.Headers.Authorization = new BasicAuthenticationHeaderValue("NUnit", "PFJTQUtleVZhbHVlPjxNb2R1bHVzPnFKMEtXaXZWSjUxUWtKWGdIU1hidkxOTEJsa09rOE9uSWtvRTljU1FrRzhOZm5VYXBrWHpkTlEvb3FLZE9BSWxYK1hFMnNwN0xFcS9KRnJMaDRNblhRPT08L01vZHVsdXM+PEV4cG9uZW50PkFRQUI8L0V4cG9uZW50PjxQPnljRXBJUDJseG1oa0hRMGRrKzRBVk1lZDhWRUFFVHN5TXgvL3NaNS9TbFU9PC9QPjxRPjFmTEVGWU1JMk1TMUJQbzYwcnYyQmhkYWNBaTI2d2Z0V1N2OVl0aUdnT2s9PC9RPjxEUD5uZ0dYTW0wejdXVklNckJZMzhmZm5vWVBIalR2dG84RHk2SmQ0RDlmTlZrPTwvRFA+PERRPk5FZEQzclhNSFp2RFY5b0ZNYVU0TXJqV0luWWVyRU9kbmFLQUlmMGlzTEU9PC9EUT48SW52ZXJzZVE+ZGQzNVh6T0RvUlZQaXQxb2REL0lKRHpXdUtYMXZrb2NjcXQ4REZGVTlwVT08L0ludmVyc2VRPjxEPkFBcC80VW1oSmFJcm9DcWJ5eXdRbDViY0xFMXNSSkwxek50dllkdGxNTCsxWVFRdWx6YzVPRkh1WUcxQW56OE8vbXU2MXNDN0dNVm04ZTVqSUp6SldRPT08L0Q+PC9SU0FLZXlWYWx1ZT4=");
`366`	`369`	`request.Content = new FormUrlEncodedContent(new Dictionary<string, string>()`
`367`	`370`	`{`
`368`	`371`	`{ "grant_type", GrantType.Password },`
`@@ -416,7 +419,7 @@ public async void GetIdentity_WhenUsingOpenId_ReturnsValidAccessToken()`
`416`	`419`	`public async void AuthenticateRefreshToken_WhenGivenValidRefreshToken_ReturnsCorrectScope()`
`417`	`420`	`{`
`418`	`421`	`var accessTokenRequest = new HttpRequestMessage(HttpMethod.Post, "oauth/token");`
`419`		`- accessTokenRequest.Headers.Authorization = new BasicAuthenticationHeaderValue("NUnit", "aabbccddee");`
	`422`	+ accessTokenRequest.Headers.Authorization = new BasicAuthenticationHeaderValue("NUnit", "PFJTQUtleVZhbHVlPjxNb2R1bHVzPnFKMEtXaXZWSjUxUWtKWGdIU1hidkxOTEJsa09rOE9uSWtvRTljU1FrRzhOZm5VYXBrWHpkTlEvb3FLZE9BSWxYK1hFMnNwN0xFcS9KRnJMaDRNblhRPT08L01vZHVsdXM+PEV4cG9uZW50PkFRQUI8L0V4cG9uZW50PjxQPnljRXBJUDJseG1oa0hRMGRrKzRBVk1lZDhWRUFFVHN5TXgvL3NaNS9TbFU9PC9QPjxRPjFmTEVGWU1JMk1TMUJQbzYwcnYyQmhkYWNBaTI2d2Z0V1N2OVl0aUdnT2s9PC9RPjxEUD5uZ0dYTW0wejdXVklNckJZMzhmZm5vWVBIalR2dG84RHk2SmQ0RDlmTlZrPTwvRFA+PERRPk5FZEQzclhNSFp2RFY5b0ZNYVU0TXJqV0luWWVyRU9kbmFLQUlmMGlzTEU9PC9EUT48SW52ZXJzZVE+ZGQzNVh6T0RvUlZQaXQxb2REL0lKRHpXdUtYMXZrb2NjcXQ4REZGVTlwVT08L0ludmVyc2VRPjxEPkFBcC80VW1oSmFJcm9DcWJ5eXdRbDViY0xFMXNSSkwxek50dllkdGxNTCsxWVFRdWx6YzVPRkh1WUcxQW56OE8vbXU2MXNDN0dNVm04ZTVqSUp6SldRPT08L0Q+PC9SU0FLZXlWYWx1ZT4=");
`420`	`423`	`accessTokenRequest.Content = new FormUrlEncodedContent(new Dictionary<string, string>()`
`421`	`424`	`{`
`422`	`425`	`{ "grant_type", GrantType.Password },`
`@@ -431,7 +434,7 @@ public async void AuthenticateRefreshToken_WhenGivenValidRefreshToken_ReturnsCor`
`431`	`434`	`var accessToken1 = JsonConvert.DeserializeObject<AccessTokenResponse>(accessTokenContent);`
`432`	`435`
`433`	`436`	`var refreshTokenRequest = new HttpRequestMessage(HttpMethod.Post, "oauth/token");`
`434`		`- refreshTokenRequest.Headers.Authorization = new BasicAuthenticationHeaderValue("NUnit", "aabbccddee");`
	`437`	+ refreshTokenRequest.Headers.Authorization = new BasicAuthenticationHeaderValue("NUnit", "PFJTQUtleVZhbHVlPjxNb2R1bHVzPnFKMEtXaXZWSjUxUWtKWGdIU1hidkxOTEJsa09rOE9uSWtvRTljU1FrRzhOZm5VYXBrWHpkTlEvb3FLZE9BSWxYK1hFMnNwN0xFcS9KRnJMaDRNblhRPT08L01vZHVsdXM+PEV4cG9uZW50PkFRQUI8L0V4cG9uZW50PjxQPnljRXBJUDJseG1oa0hRMGRrKzRBVk1lZDhWRUFFVHN5TXgvL3NaNS9TbFU9PC9QPjxRPjFmTEVGWU1JMk1TMUJQbzYwcnYyQmhkYWNBaTI2d2Z0V1N2OVl0aUdnT2s9PC9RPjxEUD5uZ0dYTW0wejdXVklNckJZMzhmZm5vWVBIalR2dG84RHk2SmQ0RDlmTlZrPTwvRFA+PERRPk5FZEQzclhNSFp2RFY5b0ZNYVU0TXJqV0luWWVyRU9kbmFLQUlmMGlzTEU9PC9EUT48SW52ZXJzZVE+ZGQzNVh6T0RvUlZQaXQxb2REL0lKRHpXdUtYMXZrb2NjcXQ4REZGVTlwVT08L0ludmVyc2VRPjxEPkFBcC80VW1oSmFJcm9DcWJ5eXdRbDViY0xFMXNSSkwxek50dllkdGxNTCsxWVFRdWx6YzVPRkh1WUcxQW56OE8vbXU2MXNDN0dNVm04ZTVqSUp6SldRPT08L0Q+PC9SU0FLZXlWYWx1ZT4=");
`435`	`438`	`refreshTokenRequest.Content = new FormUrlEncodedContent(new Dictionary<string, string>()`
`436`	`439`	`{`
`437`	`440`	`{ "grant_type", GrantType.RefreshToken },`
`@@ -541,7 +544,7 @@ public async void GetResource_WhenGivenNoUserSignatureAuthentication_ReturnsData`
`541`	`544`	`Assert.AreEqual(response.StatusCode, HttpStatusCode.Unauthorized, "User was authenticated");`
`542`	`545`	`}`
`543`	`546`
`544`		`- [TestCase("NUnit", "aabbccddee")]`
	`547`	+ [TestCase("NUnit", "PFJTQUtleVZhbHVlPjxNb2R1bHVzPnFKMEtXaXZWSjUxUWtKWGdIU1hidkxOTEJsa09rOE9uSWtvRTljU1FrRzhOZm5VYXBrWHpkTlEvb3FLZE9BSWxYK1hFMnNwN0xFcS9KRnJMaDRNblhRPT08L01vZHVsdXM+PEV4cG9uZW50PkFRQUI8L0V4cG9uZW50PjxQPnljRXBJUDJseG1oa0hRMGRrKzRBVk1lZDhWRUFFVHN5TXgvL3NaNS9TbFU9PC9QPjxRPjFmTEVGWU1JMk1TMUJQbzYwcnYyQmhkYWNBaTI2d2Z0V1N2OVl0aUdnT2s9PC9RPjxEUD5uZ0dYTW0wejdXVklNckJZMzhmZm5vWVBIalR2dG84RHk2SmQ0RDlmTlZrPTwvRFA+PERRPk5FZEQzclhNSFp2RFY5b0ZNYVU0TXJqV0luWWVyRU9kbmFLQUlmMGlzTEU9PC9EUT48SW52ZXJzZVE+ZGQzNVh6T0RvUlZQaXQxb2REL0lKRHpXdUtYMXZrb2NjcXQ4REZGVTlwVT08L0ludmVyc2VRPjxEPkFBcC80VW1oSmFJcm9DcWJ5eXdRbDViY0xFMXNSSkwxek50dllkdGxNTCsxWVFRdWx6YzVPRkh1WUcxQW56OE8vbXU2MXNDN0dNVm04ZTVqSUp6SldRPT08L0Q+PC9SU0FLZXlWYWx1ZT4=")]
`545`	`548`	`public async void GetResource_WhenGivenValidClientBasicAuthentication_ReturnsData(string username, string password)`
`546`	`549`	`{`
`547`	`550`	`var request = new HttpRequestMessage(HttpMethod.Get, "openid/userinfo");`