diff --git a/src/OpenIddict.Abstractions/OpenIddictConstants.cs b/src/OpenIddict.Abstractions/OpenIddictConstants.cs index 0d7deddb..519ad819 100644 --- a/src/OpenIddict.Abstractions/OpenIddictConstants.cs +++ b/src/OpenIddict.Abstractions/OpenIddictConstants.cs @@ -87,10 +87,10 @@ namespace OpenIddict.Abstractions { public const string Application = ".application"; public const string AuthenticationTicket = ".authentication_ticket"; - public const string AuthorizationId = ".authorization_id"; + public const string InternalAuthorizationId = ".internal_authorization_id"; + public const string InternalTokenId = ".internal_token_id"; public const string ReferenceToken = ".reference_token"; public const string Token = ".token"; - public const string TokenId = ".token_id"; } public static class PropertyTypes diff --git a/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Exchange.cs b/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Exchange.cs index d792b3b6..eca485ac 100644 --- a/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Exchange.cs +++ b/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Exchange.cs @@ -352,7 +352,7 @@ namespace OpenIddict.Server if (!options.DisableTokenStorage) { // Extract the token identifier from the authentication ticket. - var identifier = context.Ticket.GetTokenId(); + var identifier = context.Ticket.GetProperty(OpenIddictConstants.Properties.InternalTokenId); Debug.Assert(!string.IsNullOrEmpty(identifier), "The authentication ticket should contain a token identifier."); // Retrieve the authorization code/refresh token from the request properties. @@ -408,7 +408,7 @@ namespace OpenIddict.Server if (!options.DisableAuthorizationStorage) { // Extract the authorization identifier from the authentication ticket. - var identifier = context.Ticket.GetProperty(OpenIddictConstants.Properties.AuthorizationId); + var identifier = context.Ticket.GetProperty(OpenIddictConstants.Properties.InternalAuthorizationId); if (!string.IsNullOrEmpty(identifier)) { var authorization = await authorizationManager.FindByIdAsync(identifier); diff --git a/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Helpers.cs b/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Helpers.cs index 9e934677..99104e67 100644 --- a/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Helpers.cs +++ b/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Helpers.cs @@ -82,7 +82,7 @@ namespace OpenIddict.Server // Attach the unique identifier of the ad hoc authorization to the authentication ticket // so that it is attached to all the derived tokens, allowing batched revocations support. - ticket.SetProperty(OpenIddictConstants.Properties.AuthorizationId, identifier); + ticket.SetProperty(OpenIddictConstants.Properties.InternalAuthorizationId, identifier); } } @@ -123,7 +123,7 @@ namespace OpenIddict.Server var descriptor = new OpenIddictTokenDescriptor { - AuthorizationId = ticket.GetProperty(OpenIddictConstants.Properties.AuthorizationId), + AuthorizationId = ticket.GetProperty(OpenIddictConstants.Properties.InternalAuthorizationId), CreationDate = ticket.Properties.IssuedUtc, ExpirationDate = ticket.Properties.ExpiresUtc, Principal = ticket.Principal, @@ -146,8 +146,8 @@ namespace OpenIddict.Server type == OpenIdConnectConstants.TokenUsages.RefreshToken)) { ticket.Properties.IssuedUtc = ticket.Properties.ExpiresUtc = null; - ticket.RemoveProperty(OpenIddictConstants.Properties.AuthorizationId) - .RemoveProperty(OpenIdConnectConstants.Properties.TokenId); + ticket.RemoveProperty(OpenIddictConstants.Properties.InternalAuthorizationId) + .RemoveProperty(OpenIddictConstants.Properties.InternalTokenId); } // If reference tokens are enabled, create a new entry for @@ -202,16 +202,13 @@ namespace OpenIddict.Server throw new InvalidOperationException("The unique key associated with a refresh token cannot be null or empty."); } - // Restore the token identifier using the unique - // identifier attached with the database entry. - ticket.SetTokenId(identifier); - // Dynamically set the creation and expiration dates. ticket.Properties.IssuedUtc = descriptor.CreationDate; ticket.Properties.ExpiresUtc = descriptor.ExpirationDate; - // Restore the authorization identifier using the identifier attached with the database entry. - ticket.SetProperty(OpenIddictConstants.Properties.AuthorizationId, descriptor.AuthorizationId); + // Restore the token/authorization identifiers using the identifiers attached with the database entry. + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, identifier) + .SetProperty(OpenIddictConstants.Properties.InternalAuthorizationId, descriptor.AuthorizationId); if (!string.IsNullOrEmpty(result)) { @@ -318,7 +315,7 @@ namespace OpenIddict.Server return null; } - identifier = ticket.GetTokenId(); + identifier = ticket.GetProperty(OpenIddictConstants.Properties.InternalTokenId); if (string.IsNullOrEmpty(identifier)) { logger.LogWarning("The identifier associated with the received token cannot be retrieved. " + @@ -349,7 +346,7 @@ namespace OpenIddict.Server if (token == null) { - logger.LogInformation("The token '{Identifier}' cannot be found in the database.", ticket.GetTokenId()); + logger.LogInformation("The token '{Identifier}' cannot be found in the database.", identifier); return null; } @@ -360,21 +357,18 @@ namespace OpenIddict.Server return null; } - // Restore the token identifier using the unique - // identifier attached with the database entry. - ticket.SetTokenId(identifier); - // Dynamically set the creation and expiration dates. ticket.Properties.IssuedUtc = await tokenManager.GetCreationDateAsync(token); ticket.Properties.ExpiresUtc = await tokenManager.GetExpirationDateAsync(token); - // Restore the authorization identifier using the identifier attached with the database entry. - ticket.SetProperty(OpenIddictConstants.Properties.AuthorizationId, + // Restore the token/authorization identifiers using the identifiers attached with the database entry. + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, identifier); + ticket.SetProperty(OpenIddictConstants.Properties.InternalAuthorizationId, await tokenManager.GetAuthorizationIdAsync(token)); logger.LogTrace("The token '{Identifier}' was successfully decrypted and " + "retrieved from the database: {Claims} ; {Properties}.", - ticket.GetTokenId(), ticket.Principal.Claims, ticket.Properties.Items); + identifier, ticket.Principal.Claims, ticket.Properties.Items); return ticket; } @@ -387,7 +381,7 @@ namespace OpenIddict.Server // Note: if the authorization identifier or the authorization itself // cannot be found, return true as the authorization doesn't need // to be revoked if it doesn't exist or is already invalid. - var identifier = ticket.GetProperty(OpenIddictConstants.Properties.AuthorizationId); + var identifier = ticket.GetProperty(OpenIddictConstants.Properties.InternalAuthorizationId); if (string.IsNullOrEmpty(identifier)) { return true; @@ -466,7 +460,7 @@ namespace OpenIddict.Server var tokenManager = GetTokenManager(context.RequestServices); // Note: if the authorization identifier is null, return true as no tokens need to be revoked. - var identifier = ticket.GetProperty(OpenIddictConstants.Properties.AuthorizationId); + var identifier = ticket.GetProperty(OpenIddictConstants.Properties.InternalAuthorizationId); if (string.IsNullOrEmpty(identifier)) { return true; @@ -477,7 +471,8 @@ namespace OpenIddict.Server foreach (var token in await tokenManager.FindByAuthorizationIdAsync(identifier)) { // Don't change the status of the token used in the token request. - if (string.Equals(ticket.GetTokenId(), await tokenManager.GetIdAsync(token), StringComparison.Ordinal)) + if (string.Equals(ticket.GetProperty(OpenIddictConstants.Properties.InternalTokenId), + await tokenManager.GetIdAsync(token), StringComparison.Ordinal)) { continue; } @@ -529,7 +524,7 @@ namespace OpenIddict.Server var logger = GetLogger(context.RequestServices); var tokenManager = GetTokenManager(context.RequestServices); - var identifier = ticket.GetTokenId(); + var identifier = ticket.GetProperty(OpenIddictConstants.Properties.InternalTokenId); Debug.Assert(!string.IsNullOrEmpty(identifier), "The token identifier shouldn't be null or empty."); try diff --git a/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Introspection.cs b/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Introspection.cs index e40bc89f..63c8760e 100644 --- a/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Introspection.cs +++ b/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Introspection.cs @@ -117,7 +117,7 @@ namespace OpenIddict.Server Debug.Assert(context.Ticket != null, "The authentication ticket shouldn't be null."); Debug.Assert(!string.IsNullOrEmpty(context.Request.ClientId), "The client_id parameter shouldn't be null."); - var identifier = context.Ticket.GetTokenId(); + var identifier = context.Ticket.GetProperty(OpenIddictConstants.Properties.InternalTokenId); Debug.Assert(!string.IsNullOrEmpty(identifier), "The authentication ticket should contain a token identifier."); if (!context.Ticket.IsAccessToken()) @@ -156,10 +156,10 @@ namespace OpenIddict.Server // If an authorization was attached to the access token, ensure it is still valid. if (!options.DisableAuthorizationStorage && - context.Ticket.HasProperty(OpenIddictConstants.Properties.AuthorizationId)) + context.Ticket.HasProperty(OpenIddictConstants.Properties.InternalAuthorizationId)) { var authorization = await authorizationManager.FindByIdAsync( - context.Ticket.GetProperty(OpenIddictConstants.Properties.AuthorizationId)); + context.Ticket.GetProperty(OpenIddictConstants.Properties.InternalAuthorizationId)); if (authorization == null || !await authorizationManager.IsValidAsync(authorization)) { diff --git a/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Revocation.cs b/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Revocation.cs index d60bad43..f161067a 100644 --- a/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Revocation.cs +++ b/src/OpenIddict.Server/Internal/OpenIddictServerProvider.Revocation.cs @@ -207,7 +207,7 @@ namespace OpenIddict.Server } // Extract the token identifier from the authentication ticket. - var identifier = context.Ticket.GetTokenId(); + var identifier = context.Ticket.GetProperty(OpenIddictConstants.Properties.InternalTokenId); Debug.Assert(!string.IsNullOrEmpty(identifier), "The authentication ticket should contain a token identifier."); // Retrieve the token from the request properties. If it's already marked as revoked, directly return a 200 response. diff --git a/src/OpenIddict.Server/Internal/OpenIddictServerProvider.cs b/src/OpenIddict.Server/Internal/OpenIddictServerProvider.cs index bc11c0ab..70c82de2 100644 --- a/src/OpenIddict.Server/Internal/OpenIddictServerProvider.cs +++ b/src/OpenIddict.Server/Internal/OpenIddictServerProvider.cs @@ -75,7 +75,7 @@ namespace OpenIddict.Server // This scenario is deliberately not supported in OpenIddict and all the tickets // must be linked. To ensure the properties are flowed from the authorization code // or the refresh token to the new ticket, they are manually restored if necessary. - if (!context.Ticket.Properties.HasProperty(OpenIdConnectConstants.Properties.TokenId)) + if (!context.Ticket.Properties.HasProperty(OpenIddictConstants.Properties.InternalTokenId)) { // Retrieve the original authentication ticket from the request properties. var ticket = context.Request.GetProperty( @@ -117,7 +117,8 @@ namespace OpenIddict.Server // If token revocation was explicitly disabled, none of the following security routines apply. if (!options.DisableTokenStorage) { - var token = context.Request.GetProperty($"{OpenIddictConstants.Properties.Token}:{context.Ticket.GetTokenId()}"); + var token = context.Request.GetProperty(OpenIddictConstants.Properties.Token + ":" + + context.Ticket.GetProperty(OpenIddictConstants.Properties.InternalTokenId)); Debug.Assert(token != null, "The token shouldn't be null."); // If rolling tokens are enabled or if the request is a grant_type=authorization_code request, @@ -167,7 +168,7 @@ namespace OpenIddict.Server // create an ad hoc authorization if an authorization code or a refresh token // is going to be returned to the client application as part of the response. if (!options.DisableAuthorizationStorage && - !context.Ticket.HasProperty(OpenIddictConstants.Properties.AuthorizationId) && + !context.Ticket.HasProperty(OpenIddictConstants.Properties.InternalAuthorizationId) && (context.IncludeAuthorizationCode || context.IncludeRefreshToken)) { await CreateAuthorizationAsync(context.Ticket, options, context.HttpContext, context.Request); diff --git a/src/OpenIddict.Validation/Internal/OpenIddictValidationProvider.cs b/src/OpenIddict.Validation/Internal/OpenIddictValidationProvider.cs index 630e011f..9bf0f2b1 100644 --- a/src/OpenIddict.Validation/Internal/OpenIddictValidationProvider.cs +++ b/src/OpenIddict.Validation/Internal/OpenIddictValidationProvider.cs @@ -86,8 +86,8 @@ namespace OpenIddict.Validation ticket.Properties.ExpiresUtc = await manager.GetExpirationDateAsync(token); // Restore the token and authorization identifiers attached with the database entry. - ticket.Properties.SetProperty(OpenIddictConstants.Properties.TokenId, await manager.GetIdAsync(token)); - ticket.Properties.SetProperty(OpenIddictConstants.Properties.AuthorizationId, + ticket.Properties.SetProperty(OpenIddictConstants.Properties.InternalTokenId, await manager.GetIdAsync(token)); + ticket.Properties.SetProperty(OpenIddictConstants.Properties.InternalAuthorizationId, await manager.GetAuthorizationIdAsync(token)); context.Ticket = ticket; diff --git a/test/OpenIddict.Server.Tests/Internal/OpenIddictServerProviderTests.Exchange.cs b/test/OpenIddict.Server.Tests/Internal/OpenIddictServerProviderTests.Exchange.cs index c3ab3769..47e85c36 100644 --- a/test/OpenIddict.Server.Tests/Internal/OpenIddictServerProviderTests.Exchange.cs +++ b/test/OpenIddict.Server.Tests/Internal/OpenIddictServerProviderTests.Exchange.cs @@ -717,7 +717,7 @@ namespace OpenIddict.Server.Tests OpenIddictServerDefaults.AuthenticationScheme); ticket.SetPresenters("Fabrikam"); - ticket.SetTokenId("3E228451-1555-46F7-A471-951EFBA23A56"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "3E228451-1555-46F7-A471-951EFBA23A56"); ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.AuthorizationCode); var format = new Mock>(); @@ -769,7 +769,7 @@ namespace OpenIddict.Server.Tests new AuthenticationProperties(), OpenIddictServerDefaults.AuthenticationScheme); - ticket.SetTokenId("60FFF7EA-F98E-437B-937E-5073CC313103"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "3E228451-1555-46F7-A471-951EFBA23A56"); ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.RefreshToken); var format = new Mock>(); @@ -820,7 +820,7 @@ namespace OpenIddict.Server.Tests OpenIddictServerDefaults.AuthenticationScheme); ticket.SetPresenters("Fabrikam"); - ticket.SetTokenId("3E228451-1555-46F7-A471-951EFBA23A56"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "3E228451-1555-46F7-A471-951EFBA23A56"); ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.AuthorizationCode); var format = new Mock>(); @@ -879,7 +879,7 @@ namespace OpenIddict.Server.Tests new AuthenticationProperties(), OpenIddictServerDefaults.AuthenticationScheme); - ticket.SetTokenId("60FFF7EA-F98E-437B-937E-5073CC313103"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "60FFF7EA-F98E-437B-937E-5073CC313103"); ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.RefreshToken); var format = new Mock>(); @@ -937,7 +937,7 @@ namespace OpenIddict.Server.Tests OpenIddictServerDefaults.AuthenticationScheme); ticket.SetPresenters("Fabrikam"); - ticket.SetTokenId("3E228451-1555-46F7-A471-951EFBA23A56"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "3E228451-1555-46F7-A471-951EFBA23A56"); ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.AuthorizationCode); var format = new Mock>(); @@ -1005,7 +1005,7 @@ namespace OpenIddict.Server.Tests new AuthenticationProperties(), OpenIddictServerDefaults.AuthenticationScheme); - ticket.SetTokenId("60FFF7EA-F98E-437B-937E-5073CC313103"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "60FFF7EA-F98E-437B-937E-5073CC313103"); ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.RefreshToken); var format = new Mock>(); @@ -1072,9 +1072,9 @@ namespace OpenIddict.Server.Tests OpenIddictServerDefaults.AuthenticationScheme); ticket.SetPresenters("Fabrikam"); - ticket.SetTokenId("3E228451-1555-46F7-A471-951EFBA23A56"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "3E228451-1555-46F7-A471-951EFBA23A56"); ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.AuthorizationCode); - ticket.SetProperty(OpenIddictConstants.Properties.AuthorizationId, "18D15F73-BE2B-6867-DC01-B3C1E8AFDED0"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalAuthorizationId, "18D15F73-BE2B-6867-DC01-B3C1E8AFDED0"); var format = new Mock>(); @@ -1155,9 +1155,9 @@ namespace OpenIddict.Server.Tests new AuthenticationProperties(), OpenIddictServerDefaults.AuthenticationScheme); - ticket.SetTokenId("3E228451-1555-46F7-A471-951EFBA23A56"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "3E228451-1555-46F7-A471-951EFBA23A56"); ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.RefreshToken); - ticket.SetProperty(OpenIddictConstants.Properties.AuthorizationId, "18D15F73-BE2B-6867-DC01-B3C1E8AFDED0"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalAuthorizationId, "18D15F73-BE2B-6867-DC01-B3C1E8AFDED0"); var format = new Mock>(); @@ -1237,9 +1237,9 @@ namespace OpenIddict.Server.Tests OpenIddictServerDefaults.AuthenticationScheme); ticket.SetPresenters("Fabrikam"); - ticket.SetTokenId("3E228451-1555-46F7-A471-951EFBA23A56"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "3E228451-1555-46F7-A471-951EFBA23A56"); ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.AuthorizationCode); - ticket.SetProperty(OpenIddictConstants.Properties.AuthorizationId, "18D15F73-BE2B-6867-DC01-B3C1E8AFDED0"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalAuthorizationId, "18D15F73-BE2B-6867-DC01-B3C1E8AFDED0"); var format = new Mock>(); @@ -1332,9 +1332,9 @@ namespace OpenIddict.Server.Tests new AuthenticationProperties(), OpenIddictServerDefaults.AuthenticationScheme); - ticket.SetTokenId("3E228451-1555-46F7-A471-951EFBA23A56"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "3E228451-1555-46F7-A471-951EFBA23A56"); ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.RefreshToken); - ticket.SetProperty(OpenIddictConstants.Properties.AuthorizationId, "18D15F73-BE2B-6867-DC01-B3C1E8AFDED0"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalAuthorizationId, "18D15F73-BE2B-6867-DC01-B3C1E8AFDED0"); var format = new Mock>(); @@ -1426,7 +1426,7 @@ namespace OpenIddict.Server.Tests OpenIddictServerDefaults.AuthenticationScheme); ticket.SetPresenters("Fabrikam"); - ticket.SetTokenId("3E228451-1555-46F7-A471-951EFBA23A56"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "3E228451-1555-46F7-A471-951EFBA23A56"); ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.AuthorizationCode); var format = new Mock>(); @@ -1498,7 +1498,7 @@ namespace OpenIddict.Server.Tests new AuthenticationProperties(), OpenIddictServerDefaults.AuthenticationScheme); - ticket.SetTokenId("60FFF7EA-F98E-437B-937E-5073CC313103"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "60FFF7EA-F98E-437B-937E-5073CC313103"); ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.RefreshToken); var format = new Mock>(); @@ -1568,7 +1568,7 @@ namespace OpenIddict.Server.Tests OpenIddictServerDefaults.AuthenticationScheme); ticket.SetPresenters("Fabrikam"); - ticket.SetTokenId("3E228451-1555-46F7-A471-951EFBA23A56"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "3E228451-1555-46F7-A471-951EFBA23A56"); ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.AuthorizationCode); var format = new Mock>(); @@ -1649,7 +1649,7 @@ namespace OpenIddict.Server.Tests OpenIddictServerDefaults.AuthenticationScheme); ticket.SetPresenters("Fabrikam"); - ticket.SetTokenId("3E228451-1555-46F7-A471-951EFBA23A56"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "3E228451-1555-46F7-A471-951EFBA23A56"); ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.AuthorizationCode); var format = new Mock>(); @@ -1732,7 +1732,7 @@ namespace OpenIddict.Server.Tests OpenIddictServerDefaults.AuthenticationScheme); ticket.SetPresenters("Fabrikam"); - ticket.SetTokenId("3E228451-1555-46F7-A471-951EFBA23A56"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "3E228451-1555-46F7-A471-951EFBA23A56"); ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.AuthorizationCode); var format = new Mock>(); @@ -1812,7 +1812,7 @@ namespace OpenIddict.Server.Tests OpenIddictServerDefaults.AuthenticationScheme); ticket.SetPresenters("Fabrikam"); - ticket.SetTokenId("3E228451-1555-46F7-A471-951EFBA23A56"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "3E228451-1555-46F7-A471-951EFBA23A56"); ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.AuthorizationCode); var format = new Mock>(); @@ -1897,9 +1897,9 @@ namespace OpenIddict.Server.Tests new AuthenticationProperties(), OpenIddictServerDefaults.AuthenticationScheme); - ticket.SetTokenId("60FFF7EA-F98E-437B-937E-5073CC313103"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "60FFF7EA-F98E-437B-937E-5073CC313103"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalAuthorizationId, "18D15F73-BE2B-6867-DC01-B3C1E8AFDED0"); ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.RefreshToken); - ticket.SetProperty(OpenIddictConstants.Properties.AuthorizationId, "18D15F73-BE2B-6867-DC01-B3C1E8AFDED0"); var format = new Mock>(); @@ -1975,9 +1975,9 @@ namespace OpenIddict.Server.Tests new AuthenticationProperties(), OpenIddictServerDefaults.AuthenticationScheme); - ticket.SetTokenId("60FFF7EA-F98E-437B-937E-5073CC313103"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "60FFF7EA-F98E-437B-937E-5073CC313103"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalAuthorizationId, "18D15F73-BE2B-6867-DC01-B3C1E8AFDED0"); ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.RefreshToken); - ticket.SetProperty(OpenIddictConstants.Properties.AuthorizationId, "18D15F73-BE2B-6867-DC01-B3C1E8AFDED0"); var format = new Mock>(); @@ -2067,7 +2067,7 @@ namespace OpenIddict.Server.Tests new AuthenticationProperties(), OpenIddictServerDefaults.AuthenticationScheme); - ticket.SetTokenId("60FFF7EA-F98E-437B-937E-5073CC313103"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "60FFF7EA-F98E-437B-937E-5073CC313103"); switch (flow) { diff --git a/test/OpenIddict.Server.Tests/Internal/OpenIddictServerProviderTests.Introspection.cs b/test/OpenIddict.Server.Tests/Internal/OpenIddictServerProviderTests.Introspection.cs index dc9ca02a..eb543a37 100644 --- a/test/OpenIddict.Server.Tests/Internal/OpenIddictServerProviderTests.Introspection.cs +++ b/test/OpenIddict.Server.Tests/Internal/OpenIddictServerProviderTests.Introspection.cs @@ -213,7 +213,7 @@ namespace OpenIddict.Server.Tests new AuthenticationProperties(), OpenIddictServerDefaults.AuthenticationScheme); - ticket.SetTokenId("3E228451-1555-46F7-A471-951EFBA23A56"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "3E228451-1555-46F7-A471-951EFBA23A56"); ticket.SetTokenUsage(type); var format = new Mock>(); @@ -267,7 +267,7 @@ namespace OpenIddict.Server.Tests new AuthenticationProperties(), OpenIddictServerDefaults.AuthenticationScheme); - ticket.SetTokenId("3E228451-1555-46F7-A471-951EFBA23A56"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "3E228451-1555-46F7-A471-951EFBA23A56"); ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.AccessToken); var format = new Mock>(); @@ -322,7 +322,7 @@ namespace OpenIddict.Server.Tests OpenIddictServerDefaults.AuthenticationScheme); ticket.SetAudiences("Contoso"); - ticket.SetTokenId("3E228451-1555-46F7-A471-951EFBA23A56"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "3E228451-1555-46F7-A471-951EFBA23A56"); ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.AccessToken); var format = new Mock>(); @@ -429,7 +429,7 @@ namespace OpenIddict.Server.Tests OpenIddictServerDefaults.AuthenticationScheme); ticket.SetAudiences("Fabrikam"); - ticket.SetTokenId("3E228451-1555-46F7-A471-951EFBA23A56"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "3E228451-1555-46F7-A471-951EFBA23A56"); ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.AccessToken); var format = new Mock>(); @@ -520,7 +520,7 @@ namespace OpenIddict.Server.Tests OpenIddictServerDefaults.AuthenticationScheme); ticket.SetAudiences("Fabrikam"); - ticket.SetTokenId("3E228451-1555-46F7-A471-951EFBA23A56"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "3E228451-1555-46F7-A471-951EFBA23A56"); ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.AccessToken); var format = new Mock>(); @@ -610,7 +610,7 @@ namespace OpenIddict.Server.Tests OpenIddictServerDefaults.AuthenticationScheme); ticket.SetAudiences("Fabrikam"); - ticket.SetTokenId("3E228451-1555-46F7-A471-951EFBA23A56"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "3E228451-1555-46F7-A471-951EFBA23A56"); ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.AccessToken); var format = new Mock>(); @@ -706,7 +706,7 @@ namespace OpenIddict.Server.Tests OpenIddictServerDefaults.AuthenticationScheme); ticket.SetAudiences("Fabrikam"); - ticket.SetTokenId("3E228451-1555-46F7-A471-951EFBA23A56"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "3E228451-1555-46F7-A471-951EFBA23A56"); ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.AccessToken); var format = new Mock>(); diff --git a/test/OpenIddict.Server.Tests/Internal/OpenIddictServerProviderTests.Revocation.cs b/test/OpenIddict.Server.Tests/Internal/OpenIddictServerProviderTests.Revocation.cs index 522ea37d..87d1cc2d 100644 --- a/test/OpenIddict.Server.Tests/Internal/OpenIddictServerProviderTests.Revocation.cs +++ b/test/OpenIddict.Server.Tests/Internal/OpenIddictServerProviderTests.Revocation.cs @@ -314,7 +314,7 @@ namespace OpenIddict.Server.Tests new AuthenticationProperties(), OpenIddictServerDefaults.AuthenticationScheme); - ticket.SetTokenId("3E228451-1555-46F7-A471-951EFBA23A56"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "3E228451-1555-46F7-A471-951EFBA23A56"); ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.AccessToken); var format = new Mock>(); @@ -395,7 +395,7 @@ namespace OpenIddict.Server.Tests new AuthenticationProperties(), OpenIddictServerDefaults.AuthenticationScheme); - ticket.SetTokenId("3E228451-1555-46F7-A471-951EFBA23A56"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "3E228451-1555-46F7-A471-951EFBA23A56"); var format = new Mock>(); @@ -439,7 +439,7 @@ namespace OpenIddict.Server.Tests new AuthenticationProperties(), OpenIddictServerDefaults.AuthenticationScheme); - ticket.SetTokenId("3E228451-1555-46F7-A471-951EFBA23A56"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "3E228451-1555-46F7-A471-951EFBA23A56"); var format = new Mock>(); @@ -488,7 +488,7 @@ namespace OpenIddict.Server.Tests new AuthenticationProperties(), OpenIddictServerDefaults.AuthenticationScheme); - ticket.SetTokenId("3E228451-1555-46F7-A471-951EFBA23A56"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "3E228451-1555-46F7-A471-951EFBA23A56"); var format = new Mock>(); diff --git a/test/OpenIddict.Server.Tests/Internal/OpenIddictServerProviderTests.Serialization.cs b/test/OpenIddict.Server.Tests/Internal/OpenIddictServerProviderTests.Serialization.cs index 81111232..2bb052d7 100644 --- a/test/OpenIddict.Server.Tests/Internal/OpenIddictServerProviderTests.Serialization.cs +++ b/test/OpenIddict.Server.Tests/Internal/OpenIddictServerProviderTests.Serialization.cs @@ -86,7 +86,7 @@ namespace OpenIddict.Server.Tests OpenIddictServerDefaults.AuthenticationScheme); ticket.SetAudiences("Fabrikam"); - ticket.SetTokenId("3E228451-1555-46F7-A471-951EFBA23A56"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "3E228451-1555-46F7-A471-951EFBA23A56"); ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.AccessToken); var format = new Mock>(); @@ -336,7 +336,8 @@ namespace OpenIddict.Server.Tests OpenIddictServerDefaults.AuthenticationScheme); ticket.SetAudiences("Fabrikam"); - ticket.SetTokenId("3E228451-1555-46F7-A471-951EFBA23A56"); + ticket.SetTokenId("070AAEDE-38BF-41BE-870C-4E5A73E54566"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "3E228451-1555-46F7-A471-951EFBA23A56"); var format = new Mock>(); @@ -411,7 +412,7 @@ namespace OpenIddict.Server.Tests // Assert Assert.True((bool) response[OpenIdConnectConstants.Claims.Active]); - Assert.Equal("3E228451-1555-46F7-A471-951EFBA23A56", response[OpenIdConnectConstants.Claims.JwtId]); + Assert.Equal("070AAEDE-38BF-41BE-870C-4E5A73E54566", response[OpenIdConnectConstants.Claims.JwtId]); Assert.Equal(1483228800, (long) response[OpenIdConnectConstants.Claims.IssuedAt]); Assert.Equal(1484006400, (long) response[OpenIdConnectConstants.Claims.ExpiresAt]); @@ -483,7 +484,7 @@ namespace OpenIddict.Server.Tests OpenIddictServerDefaults.AuthenticationScheme); ticket.SetPresenters("Fabrikam"); - ticket.SetTokenId("3E228451-1555-46F7-A471-951EFBA23A56"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "3E228451-1555-46F7-A471-951EFBA23A56"); var format = new Mock>(); @@ -933,7 +934,7 @@ namespace OpenIddict.Server.Tests OpenIddictServerDefaults.AuthenticationScheme); ticket.SetPresenters("Fabrikam"); - ticket.SetTokenId("3E228451-1555-46F7-A471-951EFBA23A56"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "3E228451-1555-46F7-A471-951EFBA23A56"); var format = new Mock>(); @@ -1065,7 +1066,7 @@ namespace OpenIddict.Server.Tests new AuthenticationProperties(), OpenIddictServerDefaults.AuthenticationScheme); - ticket.SetTokenId("3E228451-1555-46F7-A471-951EFBA23A56"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "3E228451-1555-46F7-A471-951EFBA23A56"); var format = new Mock>(); @@ -1393,7 +1394,7 @@ namespace OpenIddict.Server.Tests new AuthenticationProperties(), OpenIddictServerDefaults.AuthenticationScheme); - ticket.SetTokenId("3E228451-1555-46F7-A471-951EFBA23A56"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "3E228451-1555-46F7-A471-951EFBA23A56"); var format = new Mock>(); @@ -1976,7 +1977,7 @@ namespace OpenIddict.Server.Tests new AuthenticationProperties(), OpenIddictServerDefaults.AuthenticationScheme); - ticket.SetTokenId("60FFF7EA-F98E-437B-937E-5073CC313103"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "60FFF7EA-F98E-437B-937E-5073CC313103"); ticket.SetScopes(OpenIdConnectConstants.Scopes.OpenId, OpenIdConnectConstants.Scopes.OfflineAccess); var format = new Mock>(); diff --git a/test/OpenIddict.Server.Tests/Internal/OpenIddictServerProviderTests.cs b/test/OpenIddict.Server.Tests/Internal/OpenIddictServerProviderTests.cs index c778bb85..b8754dd9 100644 --- a/test/OpenIddict.Server.Tests/Internal/OpenIddictServerProviderTests.cs +++ b/test/OpenIddict.Server.Tests/Internal/OpenIddictServerProviderTests.cs @@ -155,7 +155,7 @@ namespace OpenIddict.Server.Tests new AuthenticationProperties(), OpenIddictServerDefaults.AuthenticationScheme); - ticket.SetTokenId("60FFF7EA-F98E-437B-937E-5073CC313103"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "60FFF7EA-F98E-437B-937E-5073CC313103"); ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.RefreshToken); ticket.SetScopes(OpenIdConnectConstants.Scopes.OpenId, OpenIdConnectConstants.Scopes.OfflineAccess); ticket.SetProperty("custom_property_in_original_ticket", "original_value"); @@ -227,7 +227,7 @@ namespace OpenIddict.Server.Tests OpenIddictServerDefaults.AuthenticationScheme); ticket.SetPresenters("Fabrikam"); - ticket.SetTokenId("3E228451-1555-46F7-A471-951EFBA23A56"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "3E228451-1555-46F7-A471-951EFBA23A56"); ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.AuthorizationCode); ticket.SetScopes(OpenIdConnectConstants.Scopes.OpenId, OpenIdConnectConstants.Scopes.OfflineAccess); @@ -300,7 +300,7 @@ namespace OpenIddict.Server.Tests new AuthenticationProperties(), OpenIddictServerDefaults.AuthenticationScheme); - ticket.SetTokenId("60FFF7EA-F98E-437B-937E-5073CC313103"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "60FFF7EA-F98E-437B-937E-5073CC313103"); ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.RefreshToken); ticket.SetScopes(OpenIdConnectConstants.Scopes.OpenId, OpenIdConnectConstants.Scopes.OfflineAccess); @@ -363,7 +363,7 @@ namespace OpenIddict.Server.Tests new AuthenticationProperties(), OpenIddictServerDefaults.AuthenticationScheme); - ticket.SetTokenId("60FFF7EA-F98E-437B-937E-5073CC313103"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "3E228451-1555-46F7-A471-951EFBA23A56"); ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.RefreshToken); ticket.SetScopes(OpenIdConnectConstants.Scopes.OpenId, OpenIdConnectConstants.Scopes.OfflineAccess); @@ -422,7 +422,7 @@ namespace OpenIddict.Server.Tests OpenIddictServerDefaults.AuthenticationScheme); ticket.SetPresenters("Fabrikam"); - ticket.SetTokenId("3E228451-1555-46F7-A471-951EFBA23A56"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "3E228451-1555-46F7-A471-951EFBA23A56"); ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.AuthorizationCode); var format = new Mock>(); @@ -491,7 +491,7 @@ namespace OpenIddict.Server.Tests OpenIddictServerDefaults.AuthenticationScheme); ticket.SetPresenters("Fabrikam"); - ticket.SetTokenId("3E228451-1555-46F7-A471-951EFBA23A56"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "3E228451-1555-46F7-A471-951EFBA23A56"); ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.AuthorizationCode); var format = new Mock>(); @@ -565,7 +565,7 @@ namespace OpenIddict.Server.Tests new AuthenticationProperties(), OpenIddictServerDefaults.AuthenticationScheme); - ticket.SetTokenId("60FFF7EA-F98E-437B-937E-5073CC313103"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "60FFF7EA-F98E-437B-937E-5073CC313103"); ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.RefreshToken); ticket.SetScopes(OpenIdConnectConstants.Scopes.OpenId, OpenIdConnectConstants.Scopes.OfflineAccess); @@ -631,7 +631,7 @@ namespace OpenIddict.Server.Tests new AuthenticationProperties(), OpenIddictServerDefaults.AuthenticationScheme); - ticket.SetTokenId("60FFF7EA-F98E-437B-937E-5073CC313103"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "60FFF7EA-F98E-437B-937E-5073CC313103"); ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.RefreshToken); ticket.SetScopes(OpenIdConnectConstants.Scopes.OpenId, OpenIdConnectConstants.Scopes.OfflineAccess); @@ -701,7 +701,7 @@ namespace OpenIddict.Server.Tests new AuthenticationProperties(), OpenIddictServerDefaults.AuthenticationScheme); - ticket.SetTokenId("60FFF7EA-F98E-437B-937E-5073CC313103"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "60FFF7EA-F98E-437B-937E-5073CC313103"); ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.RefreshToken); ticket.SetScopes(OpenIdConnectConstants.Scopes.OpenId, OpenIdConnectConstants.Scopes.OfflineAccess); @@ -759,7 +759,7 @@ namespace OpenIddict.Server.Tests new AuthenticationProperties(), OpenIddictServerDefaults.AuthenticationScheme); - ticket.SetTokenId("60FFF7EA-F98E-437B-937E-5073CC313103"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "60FFF7EA-F98E-437B-937E-5073CC313103"); ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.RefreshToken); ticket.SetScopes(OpenIdConnectConstants.Scopes.OpenId, OpenIdConnectConstants.Scopes.OfflineAccess); @@ -853,10 +853,10 @@ namespace OpenIddict.Server.Tests new AuthenticationProperties(), OpenIddictServerDefaults.AuthenticationScheme); - ticket.SetTokenId("60FFF7EA-F98E-437B-937E-5073CC313103"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "60FFF7EA-F98E-437B-937E-5073CC313103"); ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.RefreshToken); ticket.SetScopes(OpenIdConnectConstants.Scopes.OpenId, OpenIdConnectConstants.Scopes.OfflineAccess); - ticket.SetProperty(OpenIddictConstants.Properties.AuthorizationId, "18D15F73-BE2B-6867-DC01-B3C1E8AFDED0"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalAuthorizationId, "18D15F73-BE2B-6867-DC01-B3C1E8AFDED0"); var format = new Mock>(); @@ -938,7 +938,7 @@ namespace OpenIddict.Server.Tests new AuthenticationProperties(), OpenIddictServerDefaults.AuthenticationScheme); - ticket.SetTokenId("60FFF7EA-F98E-437B-937E-5073CC313103"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "60FFF7EA-F98E-437B-937E-5073CC313103"); ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.RefreshToken); ticket.SetScopes(OpenIdConnectConstants.Scopes.OpenId, OpenIdConnectConstants.Scopes.OfflineAccess); @@ -1006,7 +1006,7 @@ namespace OpenIddict.Server.Tests new AuthenticationProperties(), OpenIddictServerDefaults.AuthenticationScheme); - ticket.SetTokenId("60FFF7EA-F98E-437B-937E-5073CC313103"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "3E228451-1555-46F7-A471-951EFBA23A56"); ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.RefreshToken); ticket.SetScopes(OpenIdConnectConstants.Scopes.OpenId, OpenIdConnectConstants.Scopes.OfflineAccess); @@ -1073,7 +1073,7 @@ namespace OpenIddict.Server.Tests new AuthenticationProperties(), OpenIddictServerDefaults.AuthenticationScheme); - ticket.SetTokenId("60FFF7EA-F98E-437B-937E-5073CC313103"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalTokenId, "60FFF7EA-F98E-437B-937E-5073CC313103"); ticket.SetTokenUsage(OpenIdConnectConstants.TokenUsages.RefreshToken); ticket.SetScopes(OpenIdConnectConstants.Scopes.OpenId, OpenIdConnectConstants.Scopes.OfflineAccess); @@ -1515,7 +1515,7 @@ namespace OpenIddict.Server.Tests if (request.HasParameter("attach-authorization")) { - ticket.SetProperty(OpenIddictConstants.Properties.AuthorizationId, "1AF06AB2-A0FC-4E3D-86AF-E04DA8C7BE70"); + ticket.SetProperty(OpenIddictConstants.Properties.InternalAuthorizationId, "1AF06AB2-A0FC-4E3D-86AF-E04DA8C7BE70"); } if (request.HasParameter("attach-public-parameters"))