tsai
/
openiddict-core
mirror of https://github.com/openiddict/openiddict-core.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Port the challenge integration tests

pull/895/head
Kévin Chalet 6 years ago
parent
3cbe3936bd
commit
76a432e045
6 changed files with 790 additions and 56 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      src/OpenIddict.Server/OpenIddictServerHandlers.cs
  2. 18
      test/OpenIddict.Server.AspNetCore.IntegrationTests/OpenIddictServerAspNetCoreIntegrationTests.cs
  3. 122
      test/OpenIddict.Server.IntegrationTests/OpenIddictServerIntegrationTests.Authentication.cs
  4. 218
      test/OpenIddict.Server.IntegrationTests/OpenIddictServerIntegrationTests.Exchange.cs
  5. 471
      test/OpenIddict.Server.IntegrationTests/OpenIddictServerIntegrationTests.cs
  6. 15
      test/OpenIddict.Server.Owin.IntegrationTests/OpenIddictServerOwinIntegrationTests.cs

2
src/OpenIddict.Server/OpenIddictServerHandlers.cs
View File

@ -1022,7 +1022,7 @@ namespace OpenIddict.Server
case OpenIddictServerEndpointType.Verification: case OpenIddictServerEndpointType.Verification:
return default; return default;
default: throw new InvalidOperationException("No challenge can be triggered from this endpoint."); default: throw new InvalidOperationException("An OpenID Connect response cannot be returned from this endpoint.");
} }
} }
} }

18
test/OpenIddict.Server.AspNetCore.IntegrationTests/OpenIddictServerAspNetCoreIntegrationTests.cs
View File

@ -5,6 +5,7 @@
*/ */
using System; using System;
using System.Collections.Generic;
using System.Linq; using System.Linq;
using System.Security.Claims; using System.Security.Claims;
using System.Text.Json; using System.Text.Json;
@ -312,9 +313,20 @@ namespace OpenIddict.Server.AspNetCore.FunctionalTests
else if (context.Request.Path == "/challenge") else if (context.Request.Path == "/challenge")
{ {
await context.ChallengeAsync( await context.ChallengeAsync(OpenIddictServerAspNetCoreDefaults.AuthenticationScheme);
OpenIddictServerAspNetCoreDefaults.AuthenticationScheme, return;
new AuthenticationProperties()); }
else if (context.Request.Path == "/challenge/custom")
{
var properties = new AuthenticationProperties(new Dictionary<string, string>
{
[OpenIddictServerAspNetCoreConstants.Properties.Error] = "custom_error",
[OpenIddictServerAspNetCoreConstants.Properties.ErrorDescription] = "custom_error_description",
[OpenIddictServerAspNetCoreConstants.Properties.ErrorUri] = "custom_error_uri"
});
await context.ChallengeAsync(OpenIddictServerAspNetCoreDefaults.AuthenticationScheme, properties);
return; return;
} }

122
test/OpenIddict.Server.IntegrationTests/OpenIddictServerIntegrationTests.Authentication.cs
View File

@ -8,6 +8,7 @@ using System;
using System.Collections.Immutable; using System.Collections.Immutable;
using System.Linq; using System.Linq;
using System.Net.Http; using System.Net.Http;
using System.Security.Claims;
using System.Text; using System.Text;
using System.Threading; using System.Threading;
using System.Threading.Tasks; using System.Threading.Tasks;
@ -363,7 +364,19 @@ namespace OpenIddict.Server.FunctionalTests
public async Task ValidateAuthorizationRequest_ValidPromptDoesNotCauseAnError(string prompt) public async Task ValidateAuthorizationRequest_ValidPromptDoesNotCauseAnError(string prompt)
{ {
// Arrange // Arrange
var client = CreateClient(options => options.EnableDegradedMode()); var client = CreateClient(options =>
{
options.EnableDegradedMode();
options.AddEventHandler<HandleAuthorizationRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
});
// Act // Act
var response = await client.PostAsync("/connect/authorize", new OpenIddictRequest var response = await client.PostAsync("/connect/authorize", new OpenIddictRequest
@ -429,8 +442,7 @@ namespace OpenIddict.Server.FunctionalTests
// Assert // Assert
Assert.Equal(Errors.InvalidRequest, response.Error); Assert.Equal(Errors.InvalidRequest, response.Error);
Assert.Equal("The 'code_challenge_method' parameter " + Assert.Equal("The 'code_challenge_method' parameter cannot be used without 'code_challenge'.", response.ErrorDescription);
"cannot be used without 'code_challenge'.", response.ErrorDescription);
} }
[Fact] [Fact]
@ -576,6 +588,8 @@ namespace OpenIddict.Server.FunctionalTests
// Arrange // Arrange
var client = CreateClient(options => var client = CreateClient(options =>
{ {
options.RegisterScopes("registered_scope");
options.Services.AddSingleton(CreateApplicationManager(mock => options.Services.AddSingleton(CreateApplicationManager(mock =>
{ {
var application = new OpenIddictApplication(); var application = new OpenIddictApplication();
@ -604,7 +618,14 @@ namespace OpenIddict.Server.FunctionalTests
.ReturnsAsync(ClientTypes.Public); .ReturnsAsync(ClientTypes.Public);
})); }));
options.RegisterScopes("registered_scope"); options.AddEventHandler<HandleAuthorizationRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
}); });
// Act // Act
@ -632,6 +653,8 @@ namespace OpenIddict.Server.FunctionalTests
{ {
var scope = new OpenIddictScope(); var scope = new OpenIddictScope();
options.RegisterScopes("scope_registered_in_options");
options.Services.AddSingleton(CreateApplicationManager(mock => options.Services.AddSingleton(CreateApplicationManager(mock =>
{ {
var application = new OpenIddictApplication(); var application = new OpenIddictApplication();
@ -657,7 +680,14 @@ namespace OpenIddict.Server.FunctionalTests
.ReturnsAsync("scope_registered_in_database"); .ReturnsAsync("scope_registered_in_database");
})); }));
options.RegisterScopes("scope_registered_in_options"); options.AddEventHandler<HandleAuthorizationRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
}); });
// Act // Act
@ -800,6 +830,15 @@ namespace OpenIddict.Server.FunctionalTests
options.EnableDegradedMode(); options.EnableDegradedMode();
options.Configure(options => options.CodeChallengeMethods.Clear()); options.Configure(options => options.CodeChallengeMethods.Clear());
options.Configure(options => options.CodeChallengeMethods.Add(method)); options.Configure(options => options.CodeChallengeMethods.Add(method));
options.AddEventHandler<HandleAuthorizationRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
}); });
// Act // Act
@ -1467,6 +1506,15 @@ namespace OpenIddict.Server.FunctionalTests
{ {
options.EnableDegradedMode(); options.EnableDegradedMode();
options.AddEventHandler<HandleAuthorizationRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
options.AddEventHandler<ApplyAuthorizationResponseContext>(builder => options.AddEventHandler<ApplyAuthorizationResponseContext>(builder =>
builder.UseInlineHandler(context => builder.UseInlineHandler(context =>
{ {
@ -1498,6 +1546,15 @@ namespace OpenIddict.Server.FunctionalTests
{ {
options.EnableDegradedMode(); options.EnableDegradedMode();
options.AddEventHandler<HandleAuthorizationRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
options.AddEventHandler<ApplyAuthorizationResponseContext>(builder => options.AddEventHandler<ApplyAuthorizationResponseContext>(builder =>
builder.UseInlineHandler(context => builder.UseInlineHandler(context =>
{ {
@ -1533,6 +1590,15 @@ namespace OpenIddict.Server.FunctionalTests
{ {
options.EnableDegradedMode(); options.EnableDegradedMode();
options.AddEventHandler<HandleAuthorizationRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
options.AddEventHandler<ApplyAuthorizationResponseContext>(builder => options.AddEventHandler<ApplyAuthorizationResponseContext>(builder =>
builder.UseInlineHandler(context => builder.UseInlineHandler(context =>
{ {
@ -1603,6 +1669,15 @@ namespace OpenIddict.Server.FunctionalTests
{ {
options.EnableDegradedMode(); options.EnableDegradedMode();
options.AddEventHandler<HandleAuthorizationRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
options.AddEventHandler<ValidateAuthorizationRequestContext>(builder => options.AddEventHandler<ValidateAuthorizationRequestContext>(builder =>
builder.UseInlineHandler(context => builder.UseInlineHandler(context =>
{ {
@ -1628,7 +1703,19 @@ namespace OpenIddict.Server.FunctionalTests
public async Task ApplyAuthorizationResponse_FlowsStateWhenRedirectUriIsUsed() public async Task ApplyAuthorizationResponse_FlowsStateWhenRedirectUriIsUsed()
{ {
// Arrange // Arrange
var client = CreateClient(options => options.EnableDegradedMode()); var client = CreateClient(options =>
{
options.EnableDegradedMode();
options.AddEventHandler<HandleAuthorizationRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
});
// Act // Act
var response = await client.PostAsync("/connect/authorize", new OpenIddictRequest var response = await client.PostAsync("/connect/authorize", new OpenIddictRequest
@ -1651,6 +1738,15 @@ namespace OpenIddict.Server.FunctionalTests
{ {
options.EnableDegradedMode(); options.EnableDegradedMode();
options.AddEventHandler<HandleAuthorizationRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
options.AddEventHandler<ApplyAuthorizationResponseContext>(builder => options.AddEventHandler<ApplyAuthorizationResponseContext>(builder =>
builder.UseInlineHandler(context => builder.UseInlineHandler(context =>
{ {
@ -1682,7 +1778,19 @@ namespace OpenIddict.Server.FunctionalTests
// as validated and a signin grant is applied to return an authorization response. // as validated and a signin grant is applied to return an authorization response.
// Arrange // Arrange
var client = CreateClient(options => options.EnableDegradedMode()); var client = CreateClient(options =>
{
options.EnableDegradedMode();
options.AddEventHandler<HandleAuthorizationRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
});
// Act // Act
var response = await client.PostAsync("/connect/authorize", new OpenIddictRequest var response = await client.PostAsync("/connect/authorize", new OpenIddictRequest

218
test/OpenIddict.Server.IntegrationTests/OpenIddictServerIntegrationTests.Exchange.cs
View File

@ -762,6 +762,15 @@ namespace OpenIddict.Server.FunctionalTests
builder.SetOrder(ValidateIdentityModelToken.Descriptor.Order - 500); builder.SetOrder(ValidateIdentityModelToken.Descriptor.Order - 500);
}); });
options.AddEventHandler<HandleTokenRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
}); });
// Act // Act
@ -1028,8 +1037,16 @@ namespace OpenIddict.Server.FunctionalTests
var client = CreateClient(options => var client = CreateClient(options =>
{ {
options.EnableDegradedMode(); options.EnableDegradedMode();
options.RegisterScopes("registered_scope"); options.RegisterScopes("registered_scope");
options.AddEventHandler<HandleTokenRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
}); });
// Act // Act
@ -1070,6 +1087,15 @@ namespace OpenIddict.Server.FunctionalTests
options.RegisterScopes("scope_registered_in_options"); options.RegisterScopes("scope_registered_in_options");
options.Services.AddSingleton(manager); options.Services.AddSingleton(manager);
options.AddEventHandler<HandleTokenRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
}); });
// Act // Act
@ -1664,6 +1690,15 @@ namespace OpenIddict.Server.FunctionalTests
builder.SetOrder(ValidateIdentityModelToken.Descriptor.Order - 500); builder.SetOrder(ValidateIdentityModelToken.Descriptor.Order - 500);
}); });
options.AddEventHandler<HandleTokenRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
options.Services.AddSingleton(CreateApplicationManager(mock => options.Services.AddSingleton(CreateApplicationManager(mock =>
{ {
var application = new OpenIddictApplication(); var application = new OpenIddictApplication();
@ -1716,6 +1751,15 @@ namespace OpenIddict.Server.FunctionalTests
builder.SetOrder(ValidateIdentityModelToken.Descriptor.Order - 500); builder.SetOrder(ValidateIdentityModelToken.Descriptor.Order - 500);
}); });
options.AddEventHandler<HandleTokenRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
options.SetRevocationEndpointUris(Array.Empty<Uri>()); options.SetRevocationEndpointUris(Array.Empty<Uri>());
options.DisableTokenStorage(); options.DisableTokenStorage();
options.DisableSlidingExpiration(); options.DisableSlidingExpiration();
@ -1761,6 +1805,15 @@ namespace OpenIddict.Server.FunctionalTests
builder.SetOrder(ValidateIdentityModelToken.Descriptor.Order - 500); builder.SetOrder(ValidateIdentityModelToken.Descriptor.Order - 500);
}); });
options.AddEventHandler<HandleTokenRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
options.Services.AddSingleton(CreateApplicationManager(mock => options.Services.AddSingleton(CreateApplicationManager(mock =>
{ {
var application = new OpenIddictApplication(); var application = new OpenIddictApplication();
@ -1821,6 +1874,15 @@ namespace OpenIddict.Server.FunctionalTests
builder.SetOrder(ValidateIdentityModelToken.Descriptor.Order - 500); builder.SetOrder(ValidateIdentityModelToken.Descriptor.Order - 500);
}); });
options.AddEventHandler<HandleTokenRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
options.Services.AddSingleton(manager); options.Services.AddSingleton(manager);
}); });
@ -1876,6 +1938,15 @@ namespace OpenIddict.Server.FunctionalTests
builder.SetOrder(ValidateIdentityModelToken.Descriptor.Order - 500); builder.SetOrder(ValidateIdentityModelToken.Descriptor.Order - 500);
}); });
options.AddEventHandler<HandleTokenRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
options.Services.AddSingleton(CreateApplicationManager(mock => options.Services.AddSingleton(CreateApplicationManager(mock =>
{ {
var application = new OpenIddictApplication(); var application = new OpenIddictApplication();
@ -1944,6 +2015,15 @@ namespace OpenIddict.Server.FunctionalTests
builder.SetOrder(ValidateIdentityModelToken.Descriptor.Order - 500); builder.SetOrder(ValidateIdentityModelToken.Descriptor.Order - 500);
}); });
options.AddEventHandler<HandleTokenRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
options.Services.AddSingleton(manager); options.Services.AddSingleton(manager);
}); });
@ -1995,6 +2075,15 @@ namespace OpenIddict.Server.FunctionalTests
builder.SetOrder(ValidateIdentityModelToken.Descriptor.Order - 500); builder.SetOrder(ValidateIdentityModelToken.Descriptor.Order - 500);
}); });
options.AddEventHandler<HandleTokenRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
options.Services.AddSingleton(CreateApplicationManager(mock => options.Services.AddSingleton(CreateApplicationManager(mock =>
{ {
var application = new OpenIddictApplication(); var application = new OpenIddictApplication();
@ -2078,6 +2167,15 @@ namespace OpenIddict.Server.FunctionalTests
builder.SetOrder(ValidateIdentityModelToken.Descriptor.Order - 500); builder.SetOrder(ValidateIdentityModelToken.Descriptor.Order - 500);
}); });
options.AddEventHandler<HandleTokenRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
options.Services.AddSingleton(CreateTokenManager(mock => options.Services.AddSingleton(CreateTokenManager(mock =>
{ {
var token = new OpenIddictToken(); var token = new OpenIddictToken();
@ -2170,6 +2268,15 @@ namespace OpenIddict.Server.FunctionalTests
builder.SetOrder(ValidateIdentityModelToken.Descriptor.Order - 500); builder.SetOrder(ValidateIdentityModelToken.Descriptor.Order - 500);
}); });
options.AddEventHandler<HandleTokenRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
options.Services.AddSingleton(CreateApplicationManager(mock => options.Services.AddSingleton(CreateApplicationManager(mock =>
{ {
var application = new OpenIddictApplication(); var application = new OpenIddictApplication();
@ -2258,6 +2365,15 @@ namespace OpenIddict.Server.FunctionalTests
builder.SetOrder(ValidateIdentityModelToken.Descriptor.Order - 500); builder.SetOrder(ValidateIdentityModelToken.Descriptor.Order - 500);
}); });
options.AddEventHandler<HandleTokenRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
options.Services.AddSingleton(manager); options.Services.AddSingleton(manager);
}); });
@ -2321,6 +2437,15 @@ namespace OpenIddict.Server.FunctionalTests
builder.SetOrder(ValidateIdentityModelToken.Descriptor.Order - 500); builder.SetOrder(ValidateIdentityModelToken.Descriptor.Order - 500);
}); });
options.AddEventHandler<HandleTokenRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
options.Services.AddSingleton(CreateApplicationManager(mock => options.Services.AddSingleton(CreateApplicationManager(mock =>
{ {
var application = new OpenIddictApplication(); var application = new OpenIddictApplication();
@ -2395,6 +2520,15 @@ namespace OpenIddict.Server.FunctionalTests
builder.SetOrder(ValidateIdentityModelToken.Descriptor.Order - 500); builder.SetOrder(ValidateIdentityModelToken.Descriptor.Order - 500);
}); });
options.AddEventHandler<HandleTokenRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
options.Services.AddSingleton(manager); options.Services.AddSingleton(manager);
}); });
@ -2444,6 +2578,15 @@ namespace OpenIddict.Server.FunctionalTests
builder.SetOrder(ValidateIdentityModelToken.Descriptor.Order - 500); builder.SetOrder(ValidateIdentityModelToken.Descriptor.Order - 500);
}); });
options.AddEventHandler<HandleTokenRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
options.Services.AddSingleton(CreateApplicationManager(mock => options.Services.AddSingleton(CreateApplicationManager(mock =>
{ {
var application = new OpenIddictApplication(); var application = new OpenIddictApplication();
@ -2509,6 +2652,7 @@ namespace OpenIddict.Server.FunctionalTests
mock.Setup(manager => manager.FindByIdAsync("18D15F73-BE2B-6867-DC01-B3C1E8AFDED0", It.IsAny<CancellationToken>())) mock.Setup(manager => manager.FindByIdAsync("18D15F73-BE2B-6867-DC01-B3C1E8AFDED0", It.IsAny<CancellationToken>()))
.ReturnsAsync(new OpenIddictAuthorization()); .ReturnsAsync(new OpenIddictAuthorization());
}); });
var client = CreateClient(options => var client = CreateClient(options =>
{ {
options.AddEventHandler<ProcessAuthenticationContext>(builder => options.AddEventHandler<ProcessAuthenticationContext>(builder =>
@ -2529,6 +2673,15 @@ namespace OpenIddict.Server.FunctionalTests
builder.SetOrder(ValidateIdentityModelToken.Descriptor.Order - 500); builder.SetOrder(ValidateIdentityModelToken.Descriptor.Order - 500);
}); });
options.AddEventHandler<HandleTokenRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
options.Services.AddSingleton(CreateTokenManager(mock => options.Services.AddSingleton(CreateTokenManager(mock =>
{ {
var token = new OpenIddictToken(); var token = new OpenIddictToken();
@ -2598,6 +2751,15 @@ namespace OpenIddict.Server.FunctionalTests
builder.SetOrder(ValidateIdentityModelToken.Descriptor.Order - 500); builder.SetOrder(ValidateIdentityModelToken.Descriptor.Order - 500);
}); });
options.AddEventHandler<HandleTokenRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
options.Services.AddSingleton(CreateApplicationManager(mock => options.Services.AddSingleton(CreateApplicationManager(mock =>
{ {
var application = new OpenIddictApplication(); var application = new OpenIddictApplication();
@ -2684,6 +2846,15 @@ namespace OpenIddict.Server.FunctionalTests
builder.SetOrder(ValidateIdentityModelToken.Descriptor.Order - 500); builder.SetOrder(ValidateIdentityModelToken.Descriptor.Order - 500);
}); });
options.AddEventHandler<HandleTokenRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
options.Services.AddSingleton(CreateApplicationManager(mock => options.Services.AddSingleton(CreateApplicationManager(mock =>
{ {
var application = new OpenIddictApplication(); var application = new OpenIddictApplication();
@ -2765,6 +2936,15 @@ namespace OpenIddict.Server.FunctionalTests
builder.SetOrder(ValidateIdentityModelToken.Descriptor.Order - 500); builder.SetOrder(ValidateIdentityModelToken.Descriptor.Order - 500);
}); });
options.AddEventHandler<HandleTokenRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
options.Services.AddSingleton(CreateTokenManager(mock => options.Services.AddSingleton(CreateTokenManager(mock =>
{ {
var token = new OpenIddictToken(); var token = new OpenIddictToken();
@ -2837,6 +3017,15 @@ namespace OpenIddict.Server.FunctionalTests
builder.SetOrder(ValidateIdentityModelToken.Descriptor.Order - 500); builder.SetOrder(ValidateIdentityModelToken.Descriptor.Order - 500);
}); });
options.AddEventHandler<HandleTokenRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
options.Services.AddSingleton(CreateTokenManager(mock => options.Services.AddSingleton(CreateTokenManager(mock =>
{ {
var token = new OpenIddictToken(); var token = new OpenIddictToken();
@ -2926,6 +3115,15 @@ namespace OpenIddict.Server.FunctionalTests
builder.SetOrder(ValidateIdentityModelToken.Descriptor.Order - 500); builder.SetOrder(ValidateIdentityModelToken.Descriptor.Order - 500);
}); });
options.AddEventHandler<HandleTokenRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
options.Services.AddSingleton(CreateApplicationManager(mock => options.Services.AddSingleton(CreateApplicationManager(mock =>
{ {
var application = new OpenIddictApplication(); var application = new OpenIddictApplication();
@ -3072,6 +3270,15 @@ namespace OpenIddict.Server.FunctionalTests
{ {
options.EnableDegradedMode(); options.EnableDegradedMode();
options.AddEventHandler<HandleTokenRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
options.AddEventHandler<ApplyTokenResponseContext>(builder => options.AddEventHandler<ApplyTokenResponseContext>(builder =>
builder.UseInlineHandler(context => builder.UseInlineHandler(context =>
{ {
@ -3106,6 +3313,15 @@ namespace OpenIddict.Server.FunctionalTests
{ {
options.EnableDegradedMode(); options.EnableDegradedMode();
options.AddEventHandler<HandleTokenRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
options.AddEventHandler<ApplyTokenResponseContext>(builder => options.AddEventHandler<ApplyTokenResponseContext>(builder =>
builder.UseInlineHandler(context => builder.UseInlineHandler(context =>
{ {

471
test/OpenIddict.Server.IntegrationTests/OpenIddictServerIntegrationTests.cs
View File

@ -5,7 +5,6 @@
*/ */
using System; using System;
using System.Collections.Immutable;
using System.Linq; using System.Linq;
using System.Security.Claims; using System.Security.Claims;
using System.Text; using System.Text;
@ -426,6 +425,236 @@ namespace OpenIddict.Server.FunctionalTests
Assert.Equal("Bob le Magnifique", (string) response[Claims.Subject]); Assert.Equal("Bob le Magnifique", (string) response[Claims.Subject]);
} }
[Fact]
public async Task ProcessChallenge_UnknownEndpointCausesAnException()
{
// Arrange
var client = CreateClient(options => options.EnableDegradedMode());
// Act and assert
var exception = await Assert.ThrowsAsync<InvalidOperationException>(delegate
{
return client.PostAsync("/challenge", new OpenIddictRequest());
});
Assert.Equal("An OpenID Connect response cannot be returned from this endpoint.", exception.Message);
}
[Fact]
public async Task ProcessChallenge_InvalidEndpointCausesAnException()
{
// Arrange
var client = CreateClient(options =>
{
options.EnableDegradedMode();
options.SetConfigurationEndpointUris("/challenge");
options.AddEventHandler<HandleConfigurationRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.SkipRequest();
return default;
}));
});
// Act and assert
var exception = await Assert.ThrowsAsync<InvalidOperationException>(delegate
{
return client.GetAsync("/challenge");
});
Assert.Equal("An OpenID Connect response cannot be returned from this endpoint.", exception.Message);
}
[Fact]
public async Task ProcessChallenge_ReturnsDefaultErrorForAuthorizationRequestsWhenNoneIsSpecified()
{
// Arrange
var client = CreateClient(options =>
{
options.EnableDegradedMode();
options.SetAuthorizationEndpointUris("/challenge");
options.AddEventHandler<HandleAuthorizationRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.SkipRequest();
return default;
}));
});
// Act
var response = await client.PostAsync("/challenge", new OpenIddictRequest
{
ClientId = "Fabrikam",
Nonce = "n-0S6_WzA2Mj",
RedirectUri = "http://www.fabrikam.com/path",
ResponseType = ResponseTypes.Code,
Scope = Scopes.OpenId
});
// Assert
Assert.Equal(Errors.AccessDenied, response.Error);
Assert.Equal("The authorization was denied by the resource owner.", response.ErrorDescription);
Assert.Null(response.ErrorUri);
}
[Fact]
public async Task ProcessChallenge_ReturnsDefaultErrorForTokenRequestsWhenNoneIsSpecified()
{
// Arrange
var client = CreateClient(options =>
{
options.EnableDegradedMode();
options.SetTokenEndpointUris("/challenge");
options.AddEventHandler<HandleTokenRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.SkipRequest();
return default;
}));
});
// Act
var response = await client.PostAsync("/challenge", new OpenIddictRequest
{
GrantType = GrantTypes.Password,
Username = "johndoe",
Password = "A3ddj3w"
});
// Assert
Assert.Equal(Errors.InvalidGrant, response.Error);
Assert.Equal("The token request was rejected by the authorization server.", response.ErrorDescription);
Assert.Null(response.ErrorUri);
}
[Fact]
public async Task ProcessChallenge_ReturnsErrorFromAuthenticationProperties()
{
// Arrange
var client = CreateClient(options =>
{
options.EnableDegradedMode();
options.SetTokenEndpointUris("/challenge/custom");
options.AddEventHandler<HandleTokenRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.SkipRequest();
return default;
}));
});
// Act
var response = await client.PostAsync("/challenge/custom", new OpenIddictRequest
{
GrantType = GrantTypes.Password,
Username = "johndoe",
Password = "A3ddj3w"
});
// Assert
Assert.Equal("custom_error", response.Error);
Assert.Equal("custom_error_description", response.ErrorDescription);
Assert.Equal("custom_error_uri", response.ErrorUri);
}
[Theory]
[InlineData("custom_error", null, null)]
[InlineData("custom_error", "custom_description", null)]
[InlineData("custom_error", "custom_description", "custom_uri")]
[InlineData(null, "custom_description", null)]
[InlineData(null, "custom_description", "custom_uri")]
[InlineData(null, null, "custom_uri")]
[InlineData(null, null, null)]
public async Task ProcessChallenge_AllowsRejectingRequest(string error, string description, string uri)
{
// Arrange
var client = CreateClient(options =>
{
options.EnableDegradedMode();
options.SetTokenEndpointUris("/challenge");
options.AddEventHandler<HandleTokenRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.SkipRequest();
return default;
}));
options.AddEventHandler<ProcessChallengeContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Reject(error, description, uri);
return default;
}));
});
// Act
var response = await client.PostAsync("/challenge", new OpenIddictRequest
{
GrantType = GrantTypes.Password,
Username = "johndoe",
Password = "A3ddj3w"
});
// Assert
Assert.Equal(error ?? Errors.InvalidRequest, response.Error);
Assert.Equal(description, response.ErrorDescription);
Assert.Equal(uri, response.ErrorUri);
}
[Fact]
public async Task ProcessChallenge_AllowsHandlingResponse()
{
// Arrange
var client = CreateClient(options =>
{
options.EnableDegradedMode();
options.SetTokenEndpointUris("/challenge");
options.AddEventHandler<HandleTokenRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.SkipRequest();
return default;
}));
options.AddEventHandler<ProcessChallengeContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Transaction.SetProperty("custom_response", new
{
name = "Bob le Bricoleur"
});
context.HandleRequest();
return default;
}));
});
// Act
var response = await client.PostAsync("/challenge", new OpenIddictRequest
{
GrantType = GrantTypes.Password,
Username = "johndoe",
Password = "A3ddj3w"
});
// Assert
Assert.Equal("Bob le Bricoleur", (string) response["name"]);
}
[Fact] [Fact]
public async Task ProcessSignIn_UnknownEndpointCausesAnException() public async Task ProcessSignIn_UnknownEndpointCausesAnException()
{ {
@ -576,6 +805,15 @@ namespace OpenIddict.Server.FunctionalTests
{ {
options.EnableDegradedMode(); options.EnableDegradedMode();
options.AddEventHandler<HandleTokenRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
options.AddEventHandler<ProcessSignInContext>(builder => options.AddEventHandler<ProcessSignInContext>(builder =>
builder.UseInlineHandler(context => builder.UseInlineHandler(context =>
{ {
@ -606,21 +844,21 @@ namespace OpenIddict.Server.FunctionalTests
{ {
options.EnableDegradedMode(); options.EnableDegradedMode();
options.AddEventHandler<ProcessSignInContext>(builder => options.AddEventHandler<HandleTokenRequestContext>(builder =>
builder.UseInlineHandler(context => builder.UseInlineHandler(context =>
{ {
Assert.Equal(new[] { "http://www.fabrikam.com/" }, context.Principal.GetResources()); context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetAudiences("http://www.fabrikam.com/")
.SetScopes(Scopes.OfflineAccess)
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default; return default;
})); }));
options.AddEventHandler<HandleTokenRequestContext>(builder => options.AddEventHandler<ProcessSignInContext>(builder =>
builder.UseInlineHandler(context => builder.UseInlineHandler(context =>
{ {
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer")) Assert.Equal(new[] { "http://www.fabrikam.com/" }, context.Principal.GetResources());
.SetAudiences("http://www.fabrikam.com/")
.SetScopes(Scopes.OfflineAccess)
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default; return default;
})); }));
@ -647,6 +885,15 @@ namespace OpenIddict.Server.FunctionalTests
{ {
options.EnableDegradedMode(); options.EnableDegradedMode();
options.AddEventHandler<HandleTokenRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
options.AddEventHandler<ProcessSignInContext>(builder => options.AddEventHandler<ProcessSignInContext>(builder =>
{ {
builder.UseInlineHandler(context => builder.UseInlineHandler(context =>
@ -690,6 +937,15 @@ namespace OpenIddict.Server.FunctionalTests
{ {
options.EnableDegradedMode(); options.EnableDegradedMode();
options.AddEventHandler<HandleAuthorizationRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
options.AddEventHandler<ProcessSignInContext>(builder => options.AddEventHandler<ProcessSignInContext>(builder =>
{ {
builder.UseInlineHandler(context => builder.UseInlineHandler(context =>
@ -813,6 +1069,15 @@ namespace OpenIddict.Server.FunctionalTests
{ {
options.EnableDegradedMode(); options.EnableDegradedMode();
options.AddEventHandler<HandleAuthorizationRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
options.AddEventHandler<ProcessSignInContext>(builder => options.AddEventHandler<ProcessSignInContext>(builder =>
{ {
builder.UseInlineHandler(context => builder.UseInlineHandler(context =>
@ -946,6 +1211,15 @@ namespace OpenIddict.Server.FunctionalTests
{ {
options.EnableDegradedMode(); options.EnableDegradedMode();
options.AddEventHandler<HandleTokenRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
options.AddEventHandler<ProcessSignInContext>(builder => options.AddEventHandler<ProcessSignInContext>(builder =>
{ {
builder.UseInlineHandler(context => builder.UseInlineHandler(context =>
@ -979,6 +1253,15 @@ namespace OpenIddict.Server.FunctionalTests
{ {
options.EnableDegradedMode(); options.EnableDegradedMode();
options.AddEventHandler<HandleTokenRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
options.AddEventHandler<ProcessSignInContext>(builder => options.AddEventHandler<ProcessSignInContext>(builder =>
{ {
builder.UseInlineHandler(context => builder.UseInlineHandler(context =>
@ -1013,6 +1296,15 @@ namespace OpenIddict.Server.FunctionalTests
options.EnableDegradedMode(); options.EnableDegradedMode();
options.AllowCustomFlow("urn:ietf:params:oauth:grant-type:custom_grant"); options.AllowCustomFlow("urn:ietf:params:oauth:grant-type:custom_grant");
options.AddEventHandler<HandleTokenRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
options.AddEventHandler<ProcessSignInContext>(builder => options.AddEventHandler<ProcessSignInContext>(builder =>
{ {
builder.UseInlineHandler(context => builder.UseInlineHandler(context =>
@ -1040,7 +1332,19 @@ namespace OpenIddict.Server.FunctionalTests
public async Task ProcessSignIn_ExpiresInIsReturnedWhenExpirationDateIsKnown() public async Task ProcessSignIn_ExpiresInIsReturnedWhenExpirationDateIsKnown()
{ {
// Arrange // Arrange
var client = CreateClient(options => options.EnableDegradedMode()); var client = CreateClient(options =>
{
options.EnableDegradedMode();
options.AddEventHandler<HandleTokenRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
});
// Act // Act
var response = await client.PostAsync("/connect/token", new OpenIddictRequest var response = await client.PostAsync("/connect/token", new OpenIddictRequest
@ -1062,6 +1366,15 @@ namespace OpenIddict.Server.FunctionalTests
{ {
options.EnableDegradedMode(); options.EnableDegradedMode();
options.AddEventHandler<HandleTokenRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
options.AddEventHandler<ProcessSignInContext>(builder => options.AddEventHandler<ProcessSignInContext>(builder =>
{ {
builder.UseInlineHandler(context => builder.UseInlineHandler(context =>
@ -1373,6 +1686,15 @@ namespace OpenIddict.Server.FunctionalTests
{ {
options.EnableDegradedMode(); options.EnableDegradedMode();
options.AddEventHandler<HandleTokenRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
options.AddEventHandler<ProcessSignInContext>(builder => options.AddEventHandler<ProcessSignInContext>(builder =>
{ {
builder.UseInlineHandler(context => builder.UseInlineHandler(context =>
@ -1410,6 +1732,15 @@ namespace OpenIddict.Server.FunctionalTests
{ {
options.EnableDegradedMode(); options.EnableDegradedMode();
options.AddEventHandler<HandleAuthorizationRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
options.AddEventHandler<ProcessSignInContext>(builder => options.AddEventHandler<ProcessSignInContext>(builder =>
{ {
builder.UseInlineHandler(context => builder.UseInlineHandler(context =>
@ -1556,6 +1887,15 @@ namespace OpenIddict.Server.FunctionalTests
builder.SetOrder(EvaluateReturnedTokens.Descriptor.Order + 500); builder.SetOrder(EvaluateReturnedTokens.Descriptor.Order + 500);
}); });
options.AddEventHandler<HandleTokenRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
}); });
// Act // Act
@ -1579,6 +1919,15 @@ namespace OpenIddict.Server.FunctionalTests
{ {
options.EnableDegradedMode(); options.EnableDegradedMode();
options.AddEventHandler<HandleTokenRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
options.AddEventHandler<ProcessSignInContext>(builder => options.AddEventHandler<ProcessSignInContext>(builder =>
{ {
builder.UseInlineHandler(context => builder.UseInlineHandler(context =>
@ -1614,6 +1963,15 @@ namespace OpenIddict.Server.FunctionalTests
options.EnableDegradedMode(); options.EnableDegradedMode();
options.AllowCustomFlow("urn:ietf:params:oauth:grant-type:custom_grant"); options.AllowCustomFlow("urn:ietf:params:oauth:grant-type:custom_grant");
options.AddEventHandler<HandleTokenRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
options.AddEventHandler<ProcessSignInContext>(builder => options.AddEventHandler<ProcessSignInContext>(builder =>
{ {
builder.UseInlineHandler(context => builder.UseInlineHandler(context =>
@ -1653,6 +2011,15 @@ namespace OpenIddict.Server.FunctionalTests
{ {
options.EnableDegradedMode(); options.EnableDegradedMode();
options.AddEventHandler<HandleAuthorizationRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
options.AddEventHandler<ProcessSignInContext>(builder => options.AddEventHandler<ProcessSignInContext>(builder =>
builder.UseInlineHandler(context => builder.UseInlineHandler(context =>
{ {
@ -1685,6 +2052,15 @@ namespace OpenIddict.Server.FunctionalTests
{ {
options.EnableDegradedMode(); options.EnableDegradedMode();
options.AddEventHandler<HandleTokenRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
options.AddEventHandler<ProcessSignInContext>(builder => options.AddEventHandler<ProcessSignInContext>(builder =>
builder.UseInlineHandler(context => builder.UseInlineHandler(context =>
{ {
@ -1720,15 +2096,6 @@ namespace OpenIddict.Server.FunctionalTests
options.EnableDegradedMode(); options.EnableDegradedMode();
options.UseRollingTokens(); options.UseRollingTokens();
options.AddEventHandler<ProcessSignInContext>(builder =>
builder.UseInlineHandler(context =>
{
Assert.Equal(new[] { Scopes.OpenId, Scopes.OfflineAccess }, context.Principal.GetScopes());
Assert.Equal("value", context.Principal.GetClaim(Claims.Prefixes.Private + "_private_claim"));
return default;
}));
options.AddEventHandler<ProcessAuthenticationContext>(builder => options.AddEventHandler<ProcessAuthenticationContext>(builder =>
{ {
builder.UseInlineHandler(context => builder.UseInlineHandler(context =>
@ -1746,6 +2113,15 @@ namespace OpenIddict.Server.FunctionalTests
builder.SetOrder(ValidateIdentityModelToken.Descriptor.Order - 500); builder.SetOrder(ValidateIdentityModelToken.Descriptor.Order - 500);
}); });
options.AddEventHandler<ProcessSignInContext>(builder =>
builder.UseInlineHandler(context =>
{
Assert.Equal(new[] { Scopes.OpenId, Scopes.OfflineAccess }, context.Principal.GetScopes());
Assert.Equal("value", context.Principal.GetClaim(Claims.Prefixes.Private + "_private_claim"));
return default;
}));
}); });
// Act // Act
@ -2716,6 +3092,15 @@ namespace OpenIddict.Server.FunctionalTests
})); }));
options.Services.AddSingleton(manager); options.Services.AddSingleton(manager);
options.AddEventHandler<HandleAuthorizationRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
}); });
// Act // Act
@ -2780,6 +3165,15 @@ namespace OpenIddict.Server.FunctionalTests
options.Services.AddSingleton(manager); options.Services.AddSingleton(manager);
options.DisableAuthorizationStorage(); options.DisableAuthorizationStorage();
options.AddEventHandler<HandleAuthorizationRequestContext>(builder =>
builder.UseInlineHandler(context =>
{
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
}));
}); });
// Act // Act
@ -2796,6 +3190,21 @@ namespace OpenIddict.Server.FunctionalTests
Mock.Get(manager).Verify(manager => manager.CreateAsync(It.IsAny<OpenIddictAuthorizationDescriptor>(), It.IsAny<CancellationToken>()), Times.Never()); Mock.Get(manager).Verify(manager => manager.CreateAsync(It.IsAny<OpenIddictAuthorizationDescriptor>(), It.IsAny<CancellationToken>()), Times.Never());
} }
[Fact]
public async Task ProcessSignOut_UnknownEndpointCausesAnException()
{
// Arrange
var client = CreateClient(options => options.EnableDegradedMode());
// Act and assert
var exception = await Assert.ThrowsAsync<InvalidOperationException>(delegate
{
return client.PostAsync("/signout", new OpenIddictRequest());
});
Assert.Equal("An OpenID Connect response cannot be returned from this endpoint.", exception.Message);
}
[Fact] [Fact]
public async Task ProcessSignOut_InvalidEndpointCausesAnException() public async Task ProcessSignOut_InvalidEndpointCausesAnException()
{ {
@ -2951,32 +3360,6 @@ namespace OpenIddict.Server.FunctionalTests
options.AddEventHandler<ValidateTokenRequestContext>(builder => options.AddEventHandler<ValidateTokenRequestContext>(builder =>
builder.UseInlineHandler(context => default)); builder.UseInlineHandler(context => default));
options.AddEventHandler<HandleAuthorizationRequestContext>(builder =>
{
builder.UseInlineHandler(context =>
{
context.Principal ??= new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
});
builder.SetOrder(int.MaxValue);
});
options.AddEventHandler<HandleTokenRequestContext>(builder =>
{
builder.UseInlineHandler(context =>
{
context.Principal ??= new ClaimsPrincipal(new ClaimsIdentity("Bearer"))
.SetClaim(Claims.Subject, "Bob le Magnifique");
return default;
});
builder.SetOrder(int.MaxValue);
});
}); });
} }

15
test/OpenIddict.Server.Owin.IntegrationTests/OpenIddictServerOwinIntegrationTests.cs
View File

@ -5,12 +5,14 @@
*/ */
using System; using System;
using System.Collections.Generic;
using System.Linq; using System.Linq;
using System.Security.Claims; using System.Security.Claims;
using System.Text.Json; using System.Text.Json;
using System.Threading.Tasks; using System.Threading.Tasks;
using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.DependencyInjection;
using Microsoft.Owin; using Microsoft.Owin;
using Microsoft.Owin.Security;
using Microsoft.Owin.Testing; using Microsoft.Owin.Testing;
using OpenIddict.Abstractions; using OpenIddict.Abstractions;
using OpenIddict.Server.FunctionalTests; using OpenIddict.Server.FunctionalTests;
@ -326,6 +328,19 @@ namespace OpenIddict.Server.Owin.FunctionalTests
return; return;
} }
else if (context.Request.Path == new PathString("/challenge/custom"))
{
var properties = new AuthenticationProperties(new Dictionary<string, string>
{
[OpenIddictServerOwinConstants.Properties.Error] = "custom_error",
[OpenIddictServerOwinConstants.Properties.ErrorDescription] = "custom_error_description",
[OpenIddictServerOwinConstants.Properties.ErrorUri] = "custom_error_uri"
});
context.Authentication.Challenge(properties, OpenIddictServerOwinDefaults.AuthenticationType);
return;
}
else if (context.Request.Path == new PathString("/authenticate")) else if (context.Request.Path == new PathString("/authenticate"))
{ {
var result = await context.Authentication.AuthenticateAsync(OpenIddictServerOwinDefaults.AuthenticationType); var result = await context.Authentication.AuthenticateAsync(OpenIddictServerOwinDefaults.AuthenticationType);

Write Preview
Loading…
Cancel
Save