Port the introspection endpoint tests and enable basic authentication support

src/OpenIddict.Server.AspNetCore/OpenIddictServerAspNetCoreHandlers.Introspection.cs

@@ -18,6 +18,7 @@ namespace OpenIddict.Server.AspNetCore
                  * Introspection request extraction:
                  */
                 ExtractGetOrPostRequest<ExtractIntrospectionRequestContext>.Descriptor,
+                ExtractBasicAuthenticationCredentials<ExtractIntrospectionRequestContext>.Descriptor,
 
                 /*
                  * Introspection response processing:

src/OpenIddict.Server.AspNetCore/OpenIddictServerAspNetCoreHandlers.Revocation.cs

@@ -18,6 +18,7 @@ namespace OpenIddict.Server.AspNetCore
                  * Revocation request extraction:
                  */
                 ExtractGetOrPostRequest<ExtractRevocationRequestContext>.Descriptor,
+                ExtractBasicAuthenticationCredentials<ExtractRevocationRequestContext>.Descriptor,
 
                 /*
                  * Revocation response processing:

src/OpenIddict.Server.Owin/OpenIddictServerOwinHandlers.Introspection.cs

@@ -18,6 +18,7 @@ namespace OpenIddict.Server.Owin
                  * Introspection request extraction:
                  */
                 ExtractGetOrPostRequest<ExtractIntrospectionRequestContext>.Descriptor,
+                ExtractBasicAuthenticationCredentials<ExtractIntrospectionRequestContext>.Descriptor,
 
                 /*
                  * Introspection response processing:

src/OpenIddict.Server.Owin/OpenIddictServerOwinHandlers.Revocation.cs

@@ -18,6 +18,7 @@ namespace OpenIddict.Server.Owin
                  * Revocation request extraction:
                  */
                 ExtractGetOrPostRequest<ExtractRevocationRequestContext>.Descriptor,
+                ExtractBasicAuthenticationCredentials<ExtractRevocationRequestContext>.Descriptor,
 
                 /*
                  * Revocation response processing:

test/OpenIddict.Server.AspNetCore.IntegrationTests/OpenIddictServerAspNetCoreIntegrationTests.Introspection.cs

@@ -0,0 +1,55 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ * See https://github.com/openiddict/openiddict-core for more information concerning
+ * the license and the contributors participating to this project.
+ */
+
+using System.Threading.Tasks;
+using Microsoft.AspNetCore;
+using Microsoft.Net.Http.Headers;
+using OpenIddict.Abstractions;
+using OpenIddict.Server.FunctionalTests;
+using Xunit;
+using static OpenIddict.Abstractions.OpenIddictConstants;
+using static OpenIddict.Server.OpenIddictServerEvents;
+
+namespace OpenIddict.Server.AspNetCore.FunctionalTests
+{
+    public partial class OpenIddictServerAspNetCoreIntegrationTests : OpenIddictServerIntegrationTests
+    {
+        [Fact]
+        public async Task ExtractIntrospectionRequest_MultipleClientCredentialsCauseAnError()
+        {
+            // Arrange
+            var client = CreateClient(options =>
+            {
+                options.EnableDegradedMode();
+
+                options.AddEventHandler<ExtractIntrospectionRequestContext>(builder =>
+                {
+                    builder.UseInlineHandler(context =>
+                    {
+                        var request = context.Transaction.GetHttpRequest();
+                        request.Headers[HeaderNames.Authorization] = "Basic czZCaGRSa3F0MzpnWDFmQmF0M2JW";
+
+                        return default;
+                    });
+
+                    builder.SetOrder(int.MinValue);
+                });
+            });
+
+            // Act
+            var response = await client.PostAsync("/connect/introspect", new OpenIddictRequest
+            {
+                ClientId = "Fabrikam",
+                ClientSecret = "7Fjfp0ZBr1KtDRbnfVdmIw",
+                Token = "2YotnFZFEjr1zCsicMWpAA"
+            });
+
+            // Assert
+            Assert.Equal(Errors.InvalidRequest, response.Error);
+            Assert.Equal("Multiple client credentials cannot be specified.", response.ErrorDescription);
+        }
+    }
+}

test/OpenIddict.Server.Owin.IntegrationTests/OpenIddictServerOwinIntegrationTests.Introspection.cs

@@ -0,0 +1,54 @@
+/*
+ * Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ * See https://github.com/openiddict/openiddict-core for more information concerning
+ * the license and the contributors participating to this project.
+ */
+
+using System.Threading.Tasks;
+using OpenIddict.Abstractions;
+using OpenIddict.Server.FunctionalTests;
+using Owin;
+using Xunit;
+using static OpenIddict.Abstractions.OpenIddictConstants;
+using static OpenIddict.Server.OpenIddictServerEvents;
+
+namespace OpenIddict.Server.Owin.FunctionalTests
+{
+    public partial class OpenIddictServerOwinIntegrationTests : OpenIddictServerIntegrationTests
+    {
+        [Fact]
+        public async Task ExtractIntrospectionRequest_MultipleClientCredentialsCauseAnError()
+        {
+            // Arrange
+            var client = CreateClient(options =>
+            {
+                options.EnableDegradedMode();
+
+                options.AddEventHandler<ExtractIntrospectionRequestContext>(builder =>
+                {
+                    builder.UseInlineHandler(context =>
+                    {
+                        var request = context.Transaction.GetOwinRequest();
+                        request.Headers["Authorization"] = "Basic czZCaGRSa3F0MzpnWDFmQmF0M2JW";
+
+                        return default;
+                    });
+
+                    builder.SetOrder(int.MinValue);
+                });
+            });
+
+            // Act
+            var response = await client.PostAsync("/connect/introspect", new OpenIddictRequest
+            {
+                ClientId = "Fabrikam",
+                ClientSecret = "7Fjfp0ZBr1KtDRbnfVdmIw",
+                Token = "2YotnFZFEjr1zCsicMWpAA"
+            });
+
+            // Assert
+            Assert.Equal(Errors.InvalidRequest, response.Error);
+            Assert.Equal("Multiple client credentials cannot be specified.", response.ErrorDescription);
+        }
+    }
+}