Ensure endpoint addresses are unique across endpoints

5 years ago · 5f7378f707
3 changed files with 23 additions and 1 deletions
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@ -46,7 +46,7 @@ jobs:
        $QuarterHours = [Math]::Floor($Now.Minute / 15.0)
        $Revision = $Hours + $QuarterHours + 1
        $BuildId = $Now.ToString("yyyyMMdd") + "." + $Revision
-        Write-Host "::set-env name=_ComputedOfficialBuildId::${BuildId}"
+        Write-Output "_ComputedOfficialBuildId=${BuildId}" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append

    - name: Build, test and pack
      if: ${{ runner.os == 'Windows' }}
--- a/src/OpenIddict.Abstractions/Resources/OpenIddictResources.resx
+++ b/src/OpenIddict.Abstractions/Resources/OpenIddictResources.resx
@ -1393,6 +1393,10 @@ To register the OpenIddict core services, reference the 'OpenIddict.Core' packag
    <value>The context type associated with the specified descriptor doesn't match the context type of this builder.</value>
    <comment>{Locked}</comment>
  </data>
+  <data name="ID0285" xml:space="preserve">
+    <value>Endpoint addresses must be unique across endpoints.</value>
+    <comment>{Locked}</comment>
+  </data>
  <data name="ID2000" xml:space="preserve">
    <value>The security token is missing.</value>
  </data>
--- a/src/OpenIddict.Server/OpenIddictServerConfiguration.cs
+++ b/src/OpenIddict.Server/OpenIddictServerConfiguration.cs
@ -61,6 +61,24 @@ namespace OpenIddict.Server
                throw new InvalidOperationException(SR.GetResourceString(SR.ID0076));
            }

+            var addresses = options.AuthorizationEndpointUris.Distinct()
+                .Concat(options.ConfigurationEndpointUris.Distinct())
+                .Concat(options.CryptographyEndpointUris.Distinct())
+                .Concat(options.DeviceEndpointUris.Distinct())
+                .Concat(options.IntrospectionEndpointUris.Distinct())
+                .Concat(options.LogoutEndpointUris.Distinct())
+                .Concat(options.RevocationEndpointUris.Distinct())
+                .Concat(options.TokenEndpointUris.Distinct())
+                .Concat(options.UserinfoEndpointUris.Distinct())
+                .Concat(options.VerificationEndpointUris.Distinct())
+                .ToList();
+
+            // Ensure endpoint addresses are unique across endpoints.
+            if (addresses.Count != addresses.Distinct().Count())
+            {
+                throw new InvalidOperationException(SR.GetResourceString(SR.ID0285));
+            }
+
            // Ensure the authorization endpoint has been enabled when
            // the authorization code or implicit grants are supported.
            if (options.AuthorizationEndpointUris.Count == 0 && (options.GrantTypes.Contains(GrantTypes.AuthorizationCode) ||