tsai
/
openiddict-core
mirror of https://github.com/openiddict/openiddict-core.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Update the ASP.NET Core/OWIN server/validation hosts to populate AuthenticationProperties.IssuedUtc/ExpiresUtc

pull/1273/head
Kévin Chalet 5 years ago
parent
57d5923225
commit
371afd2303
6 changed files with 262 additions and 12 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 7
      src/OpenIddict.Server.AspNetCore/OpenIddictServerAspNetCoreHandler.cs
  2. 6
      src/OpenIddict.Server.Owin/OpenIddictServerOwinHandler.cs
  3. 7
      src/OpenIddict.Validation.AspNetCore/OpenIddictValidationAspNetCoreHandler.cs
  4. 6
      src/OpenIddict.Validation.Owin/OpenIddictValidationOwinHandler.cs
  5. 124
      test/OpenIddict.Server.AspNetCore.IntegrationTests/OpenIddictServerAspNetCoreIntegrationTests.cs
  6. 124
      test/OpenIddict.Server.Owin.IntegrationTests/OpenIddictServerOwinIntegrationTests.cs

7
src/OpenIddict.Server.AspNetCore/OpenIddictServerAspNetCoreHandler.cs
View File

@ -161,7 +161,12 @@ namespace OpenIddict.Server.AspNetCore
// Store the token to allow any OWIN/Katana component (e.g a controller)
// to retrieve it (e.g to make an API request to another application).
var properties = new AuthenticationProperties();
var properties = new AuthenticationProperties
{
ExpiresUtc = context.Principal.GetExpirationDate(),
IssuedUtc = context.Principal.GetCreationDate()
};
properties.StoreTokens(new[]
{
new AuthenticationToken

6
src/OpenIddict.Server.Owin/OpenIddictServerOwinHandler.cs
View File

@ -176,7 +176,11 @@ namespace OpenIddict.Server.Owin
var properties = new AuthenticationProperties(new Dictionary<string, string?>
{
[context.Principal.GetTokenType()!] = context.Token
});
})
{
ExpiresUtc = context.Principal.GetExpirationDate(),
IssuedUtc = context.Principal.GetCreationDate()
};
return new AuthenticationTicket((ClaimsIdentity) context.Principal.Identity, properties);
}

7
src/OpenIddict.Validation.AspNetCore/OpenIddictValidationAspNetCoreHandler.cs
View File

@ -159,7 +159,12 @@ namespace OpenIddict.Validation.AspNetCore
// Store the token to allow any ASP.NET Core component (e.g a controller)
// to retrieve it (e.g to make an API request to another application).
var properties = new AuthenticationProperties();
var properties = new AuthenticationProperties
{
ExpiresUtc = context.Principal.GetExpirationDate(),
IssuedUtc = context.Principal.GetCreationDate()
};
properties.StoreTokens(new[]
{
new AuthenticationToken

6
src/OpenIddict.Validation.Owin/OpenIddictValidationOwinHandler.cs
View File

@ -173,7 +173,11 @@ namespace OpenIddict.Validation.Owin
var properties = new AuthenticationProperties(new Dictionary<string, string?>
{
[context.Principal.GetTokenType()!] = context.Token
});
})
{
ExpiresUtc = context.Principal.GetExpirationDate(),
IssuedUtc = context.Principal.GetCreationDate()
};
return new AuthenticationTicket((ClaimsIdentity) context.Principal.Identity, properties);
}

124
test/OpenIddict.Server.AspNetCore.IntegrationTests/OpenIddictServerAspNetCoreIntegrationTests.cs
View File

@ -26,6 +26,7 @@ using Xunit.Abstractions;
using static OpenIddict.Abstractions.OpenIddictConstants;
using static OpenIddict.Server.AspNetCore.OpenIddictServerAspNetCoreHandlers;
using static OpenIddict.Server.OpenIddictServerEvents;
using static OpenIddict.Server.OpenIddictServerHandlers;
using SR = OpenIddict.Abstractions.OpenIddictResources;
namespace OpenIddict.Server.AspNetCore.IntegrationTests
@ -37,6 +38,107 @@ namespace OpenIddict.Server.AspNetCore.IntegrationTests
{
}
[Fact]
public async Task ProcessAuthentication_CreationDateIsMappedToIssuedUtc()
{
// Arrange
await using var server = await CreateServerAsync(options =>
{
options.EnableDegradedMode();
options.SetUserinfoEndpointUris("/authenticate/properties");
options.AddEventHandler<HandleUserinfoRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.SkipRequest();
return default;
}));
options.AddEventHandler<ProcessAuthenticationContext>(builder =>
{
builder.UseInlineHandler(context =>
{
Assert.Equal("access_token", context.Token);
Assert.Equal(TokenTypeHints.AccessToken, context.TokenType);
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetTokenType(TokenTypeHints.AccessToken)
.SetClaim(Claims.Subject, "Bob le Magnifique")
.SetCreationDate(new DateTimeOffset(2020, 01, 01, 00, 00, 00, TimeSpan.Zero));
return default;
});
builder.SetOrder(ValidateIdentityModelToken.Descriptor.Order - 500);
});
});
await using var client = await server.CreateClientAsync();
// Act
var response = await client.GetAsync("/authenticate/properties", new OpenIddictRequest
{
AccessToken = "access_token"
});
// Assert
var properties = new AuthenticationProperties(response.GetParameters()
.ToDictionary(parameter => parameter.Key, parameter => (string?) parameter.Value));
Assert.Equal(new DateTimeOffset(2020, 01, 01, 00, 00, 00, TimeSpan.Zero), properties.IssuedUtc);
}
[Fact]
public async Task ProcessAuthentication_ExpirationDateIsMappedToIssuedUtc()
{
// Arrange
await using var server = await CreateServerAsync(options =>
{
options.EnableDegradedMode();
options.SetUserinfoEndpointUris("/authenticate/properties");
options.AddEventHandler<HandleUserinfoRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.SkipRequest();
return default;
}));
options.AddEventHandler<ProcessAuthenticationContext>(builder =>
{
builder.UseInlineHandler(context =>
{
Assert.Equal("access_token", context.Token);
Assert.Equal(TokenTypeHints.AccessToken, context.TokenType);
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetTokenType(TokenTypeHints.AccessToken)
.SetExpirationDate(new DateTimeOffset(2120, 01, 01, 00, 00, 00, TimeSpan.Zero));
return default;
});
builder.SetOrder(ValidateIdentityModelToken.Descriptor.Order - 500);
});
});
await using var client = await server.CreateClientAsync();
// Act
var response = await client.GetAsync("/authenticate/properties", new OpenIddictRequest
{
AccessToken = "access_token"
});
// Assert
var properties = new AuthenticationProperties(response.GetParameters()
.ToDictionary(parameter => parameter.Key, parameter => (string?) parameter.Value));
Assert.Equal(new DateTimeOffset(2120, 01, 01, 00, 00, 00, TimeSpan.Zero), properties.ExpiresUtc);
}
[Fact]
public async Task ProcessChallenge_ReturnsParametersFromAuthenticationProperties()
{
@ -601,11 +703,25 @@ namespace OpenIddict.Server.AspNetCore.IntegrationTests
return;
}
var claims = result.Principal.Claims.GroupBy(claim => claim.Type)
.Select(group => new KeyValuePair<string, string?[]?>(
group.Key, group.Select(claim => claim.Value).ToArray()));
context.Response.ContentType = "application/json";
await context.Response.WriteAsync(JsonSerializer.Serialize(new OpenIddictResponse(claims)));
return;
}
else if (context.Request.Path == "/authenticate/properties")
{
var result = await context.AuthenticateAsync(OpenIddictServerAspNetCoreDefaults.AuthenticationScheme);
if (result?.Properties is null)
{
return;
}
context.Response.ContentType = "application/json";
await context.Response.WriteAsync(JsonSerializer.Serialize(
new OpenIddictResponse(result.Principal.Claims.GroupBy(claim => claim.Type)
.Select(group => new KeyValuePair<string, string?[]?>(
group.Key, group.Select(claim => claim.Value).ToArray())))));
await context.Response.WriteAsync(JsonSerializer.Serialize(new OpenIddictResponse(result.Properties.Items)));
return;
}

124
test/OpenIddict.Server.Owin.IntegrationTests/OpenIddictServerOwinIntegrationTests.cs
View File

@ -23,6 +23,7 @@ using Xunit;
using Xunit.Abstractions;
using static OpenIddict.Abstractions.OpenIddictConstants;
using static OpenIddict.Server.OpenIddictServerEvents;
using static OpenIddict.Server.OpenIddictServerHandlers;
using static OpenIddict.Server.Owin.OpenIddictServerOwinHandlers;
using SR = OpenIddict.Abstractions.OpenIddictResources;
@ -35,6 +36,107 @@ namespace OpenIddict.Server.Owin.IntegrationTests
{
}
[Fact]
public async Task ProcessAuthentication_CreationDateIsMappedToIssuedUtc()
{
// Arrange
await using var server = await CreateServerAsync(options =>
{
options.EnableDegradedMode();
options.SetUserinfoEndpointUris("/authenticate/properties");
options.AddEventHandler<HandleUserinfoRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.SkipRequest();
return default;
}));
options.AddEventHandler<ProcessAuthenticationContext>(builder =>
{
builder.UseInlineHandler(context =>
{
Assert.Equal("access_token", context.Token);
Assert.Equal(TokenTypeHints.AccessToken, context.TokenType);
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetTokenType(TokenTypeHints.AccessToken)
.SetClaim(Claims.Subject, "Bob le Magnifique")
.SetCreationDate(new DateTimeOffset(2020, 01, 01, 00, 00, 00, TimeSpan.Zero));
return default;
});
builder.SetOrder(ValidateIdentityModelToken.Descriptor.Order - 500);
});
});
await using var client = await server.CreateClientAsync();
// Act
var response = await client.GetAsync("/authenticate/properties", new OpenIddictRequest
{
AccessToken = "access_token"
});
// Assert
var properties = new AuthenticationProperties(response.GetParameters()
.ToDictionary(parameter => parameter.Key, parameter => (string?) parameter.Value));
Assert.Equal(new DateTimeOffset(2020, 01, 01, 00, 00, 00, TimeSpan.Zero), properties.IssuedUtc);
}
[Fact]
public async Task ProcessAuthentication_ExpirationDateIsMappedToIssuedUtc()
{
// Arrange
await using var server = await CreateServerAsync(options =>
{
options.EnableDegradedMode();
options.SetUserinfoEndpointUris("/authenticate/properties");
options.AddEventHandler<HandleUserinfoRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.SkipRequest();
return default;
}));
options.AddEventHandler<ProcessAuthenticationContext>(builder =>
{
builder.UseInlineHandler(context =>
{
Assert.Equal("access_token", context.Token);
Assert.Equal(TokenTypeHints.AccessToken, context.TokenType);
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetTokenType(TokenTypeHints.AccessToken)
.SetExpirationDate(new DateTimeOffset(2120, 01, 01, 00, 00, 00, TimeSpan.Zero));
return default;
});
builder.SetOrder(ValidateIdentityModelToken.Descriptor.Order - 500);
});
});
await using var client = await server.CreateClientAsync();
// Act
var response = await client.GetAsync("/authenticate/properties", new OpenIddictRequest
{
AccessToken = "access_token"
});
// Assert
var properties = new AuthenticationProperties(response.GetParameters()
.ToDictionary(parameter => parameter.Key, parameter => (string?) parameter.Value));
Assert.Equal(new DateTimeOffset(2120, 01, 01, 00, 00, 00, TimeSpan.Zero), properties.ExpiresUtc);
}
[Fact]
public async Task ProcessChallenge_ReturnsErrorFromAuthenticationProperties()
{
@ -423,11 +525,25 @@ namespace OpenIddict.Server.Owin.IntegrationTests
return;
}
var claims = result.Identity.Claims.GroupBy(claim => claim.Type)
.Select(group => new KeyValuePair<string, string?[]?>(
group.Key, group.Select(claim => claim.Value).ToArray()));
context.Response.ContentType = "application/json";
await context.Response.WriteAsync(JsonSerializer.Serialize(new OpenIddictResponse(claims)));
return;
}
else if (context.Request.Path == new PathString("/authenticate/properties"))
{
var result = await context.Authentication.AuthenticateAsync(OpenIddictServerOwinDefaults.AuthenticationType);
if (result?.Properties is null)
{
return;
}
context.Response.ContentType = "application/json";
await context.Response.WriteAsync(JsonSerializer.Serialize(
new OpenIddictResponse(result.Identity.Claims.GroupBy(claim => claim.Type)
.Select(group => new KeyValuePair<string, string[]>(
group.Key, group.Select(claim => claim.Value).ToArray()))!)));
await context.Response.WriteAsync(JsonSerializer.Serialize(new OpenIddictResponse(result.Properties.Dictionary)));
return;
}

Write Preview
Loading…
Cancel
Save