Kévin Chalet
4 years ago
22 changed files with 1919 additions and 44 deletions
@ -0,0 +1,26 @@ |
|||||
|
<Project Sdk="Microsoft.NET.Sdk"> |
||||
|
|
||||
|
<PropertyGroup> |
||||
|
<TargetFrameworks>net461;net472;net48;netcoreapp3.1;net6.0</TargetFrameworks> |
||||
|
</PropertyGroup> |
||||
|
|
||||
|
<ItemGroup> |
||||
|
<ProjectReference Include="..\..\src\OpenIddict.Client.AspNetCore\OpenIddict.Client.AspNetCore.csproj" /> |
||||
|
<ProjectReference Include="..\OpenIddict.Client.IntegrationTests\OpenIddict.Client.IntegrationTests.csproj" /> |
||||
|
</ItemGroup> |
||||
|
|
||||
|
<ItemGroup> |
||||
|
<PackageReference Include="Microsoft.AspNetCore.TestHost" /> |
||||
|
</ItemGroup> |
||||
|
|
||||
|
<ItemGroup Condition=" '$(TargetFrameworkIdentifier)' == '.NETFramework' "> |
||||
|
<Reference Include="System.Net.Http" /> |
||||
|
</ItemGroup> |
||||
|
|
||||
|
<ItemGroup> |
||||
|
<Using Include="OpenIddict.Abstractions" /> |
||||
|
<Using Include="OpenIddict.Abstractions.OpenIddictConstants" Static="true" /> |
||||
|
<Using Include="OpenIddict.Abstractions.OpenIddictResources" Alias="SR" /> |
||||
|
</ItemGroup> |
||||
|
|
||||
|
</Project> |
||||
@ -0,0 +1,31 @@ |
|||||
|
<Project Sdk="Microsoft.NET.Sdk"> |
||||
|
|
||||
|
<PropertyGroup> |
||||
|
<TargetFrameworks>net461;net472;net48;netcoreapp3.1;net6.0</TargetFrameworks> |
||||
|
</PropertyGroup> |
||||
|
|
||||
|
<ItemGroup> |
||||
|
<ProjectReference Include="..\..\src\OpenIddict.Client\OpenIddict.Client.csproj" /> |
||||
|
<ProjectReference Include="..\..\src\OpenIddict.Core\OpenIddict.Core.csproj" /> |
||||
|
</ItemGroup> |
||||
|
|
||||
|
<ItemGroup> |
||||
|
<PackageReference Include="AngleSharp" /> |
||||
|
<PackageReference Include="MartinCostello.Logging.XUnit" /> |
||||
|
<PackageReference Include="Microsoft.Extensions.DependencyInjection" /> |
||||
|
<PackageReference Include="Moq" /> |
||||
|
<PackageReference Include="System.Linq.Async" /> |
||||
|
<PackageReference Include="System.Net.Http.Json" /> |
||||
|
</ItemGroup> |
||||
|
|
||||
|
<ItemGroup Condition=" '$(TargetFrameworkIdentifier)' == '.NETFramework' "> |
||||
|
<Reference Include="System.Net.Http" /> |
||||
|
</ItemGroup> |
||||
|
|
||||
|
<ItemGroup> |
||||
|
<Using Include="OpenIddict.Abstractions" /> |
||||
|
<Using Include="OpenIddict.Abstractions.OpenIddictConstants" Static="true" /> |
||||
|
<Using Include="OpenIddict.Abstractions.OpenIddictResources" Alias="SR" /> |
||||
|
</ItemGroup> |
||||
|
|
||||
|
</Project> |
||||
@ -0,0 +1,26 @@ |
|||||
|
<Project Sdk="Microsoft.NET.Sdk"> |
||||
|
|
||||
|
<PropertyGroup> |
||||
|
<TargetFrameworks>net461;net472;net48</TargetFrameworks> |
||||
|
</PropertyGroup> |
||||
|
|
||||
|
<ItemGroup> |
||||
|
<ProjectReference Include="..\..\src\OpenIddict.Client.Owin\OpenIddict.Client.Owin.csproj" /> |
||||
|
<ProjectReference Include="..\OpenIddict.Client.IntegrationTests\OpenIddict.Client.IntegrationTests.csproj" /> |
||||
|
</ItemGroup> |
||||
|
|
||||
|
<ItemGroup> |
||||
|
<PackageReference Include="Microsoft.Owin.Testing" /> |
||||
|
</ItemGroup> |
||||
|
|
||||
|
<ItemGroup Condition=" '$(TargetFrameworkIdentifier)' == '.NETFramework' "> |
||||
|
<Reference Include="System.Net.Http" /> |
||||
|
</ItemGroup> |
||||
|
|
||||
|
<ItemGroup> |
||||
|
<Using Include="OpenIddict.Abstractions" /> |
||||
|
<Using Include="OpenIddict.Abstractions.OpenIddictConstants" Static="true" /> |
||||
|
<Using Include="OpenIddict.Abstractions.OpenIddictResources" Alias="SR" /> |
||||
|
</ItemGroup> |
||||
|
|
||||
|
</Project> |
||||
@ -0,0 +1,26 @@ |
|||||
|
<Project Sdk="Microsoft.NET.Sdk"> |
||||
|
|
||||
|
<PropertyGroup> |
||||
|
<TargetFrameworks>net461;net472;net48;netcoreapp3.1;net6.0</TargetFrameworks> |
||||
|
</PropertyGroup> |
||||
|
|
||||
|
<ItemGroup> |
||||
|
<ProjectReference Include="..\..\src\OpenIddict.Validation.AspNetCore\OpenIddict.Validation.AspNetCore.csproj" /> |
||||
|
<ProjectReference Include="..\OpenIddict.Validation.IntegrationTests\OpenIddict.Validation.IntegrationTests.csproj" /> |
||||
|
</ItemGroup> |
||||
|
|
||||
|
<ItemGroup> |
||||
|
<PackageReference Include="Microsoft.AspNetCore.TestHost" /> |
||||
|
</ItemGroup> |
||||
|
|
||||
|
<ItemGroup Condition=" '$(TargetFrameworkIdentifier)' == '.NETFramework' "> |
||||
|
<Reference Include="System.Net.Http" /> |
||||
|
</ItemGroup> |
||||
|
|
||||
|
<ItemGroup> |
||||
|
<Using Include="OpenIddict.Abstractions" /> |
||||
|
<Using Include="OpenIddict.Abstractions.OpenIddictConstants" Static="true" /> |
||||
|
<Using Include="OpenIddict.Abstractions.OpenIddictResources" Alias="SR" /> |
||||
|
</ItemGroup> |
||||
|
|
||||
|
</Project> |
||||
@ -0,0 +1,65 @@ |
|||||
|
/* |
||||
|
* Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
|
||||
|
* See https://github.com/openiddict/openiddict-core for more information concerning
|
||||
|
* the license and the contributors participating to this project. |
||||
|
*/ |
||||
|
|
||||
|
using System.Diagnostics.CodeAnalysis; |
||||
|
using Microsoft.AspNetCore.TestHost; |
||||
|
using OpenIddict.Validation.IntegrationTests; |
||||
|
|
||||
|
#if SUPPORTS_GENERIC_HOST
|
||||
|
using Microsoft.Extensions.Hosting; |
||||
|
#endif
|
||||
|
|
||||
|
namespace OpenIddict.Validation.AspNetCore.IntegrationTests; |
||||
|
|
||||
|
/// <summary>
|
||||
|
/// Represents a test host used by the validation integration tests.
|
||||
|
/// </summary>
|
||||
|
public class OpenIddictValidationAspNetCoreIntegrationTestServer : OpenIddictValidationIntegrationTestServer |
||||
|
{ |
||||
|
#if SUPPORTS_GENERIC_HOST
|
||||
|
public OpenIddictValidationAspNetCoreIntegrationTestServer(IHost host) |
||||
|
{ |
||||
|
Host = host; |
||||
|
Server = host.GetTestServer(); |
||||
|
} |
||||
|
|
||||
|
/// <summary>
|
||||
|
/// Gets the generic host used by this instance.
|
||||
|
/// </summary>
|
||||
|
public IHost Host { get; } |
||||
|
#else
|
||||
|
public OpenIddictValidationAspNetCoreIntegrationTestServer(TestServer server) |
||||
|
=> Server = server; |
||||
|
#endif
|
||||
|
|
||||
|
/// <summary>
|
||||
|
/// Gets the ASP.NET Core test server used by this instance.
|
||||
|
/// </summary>
|
||||
|
public TestServer Server { get; } |
||||
|
|
||||
|
[SuppressMessage("Reliability", "CA2000:Dispose objects before losing scope", |
||||
|
Justification = "The caller is responsible for disposing the test client.")] |
||||
|
public override ValueTask<OpenIddictValidationIntegrationTestClient> CreateClientAsync() |
||||
|
=> new(new OpenIddictValidationIntegrationTestClient(Server.CreateClient())); |
||||
|
|
||||
|
public override |
||||
|
#if SUPPORTS_GENERIC_HOST
|
||||
|
async |
||||
|
#endif
|
||||
|
ValueTask DisposeAsync() |
||||
|
{ |
||||
|
// Dispose of the underlying test server.
|
||||
|
Server.Dispose(); |
||||
|
|
||||
|
#if SUPPORTS_GENERIC_HOST
|
||||
|
// Stop and dispose of the underlying generic host.
|
||||
|
await Host.StopAsync(); |
||||
|
Host.Dispose(); |
||||
|
#else
|
||||
|
return default; |
||||
|
#endif
|
||||
|
} |
||||
|
} |
||||
@ -0,0 +1,234 @@ |
|||||
|
/* |
||||
|
* Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
|
||||
|
* See https://github.com/openiddict/openiddict-core for more information concerning
|
||||
|
* the license and the contributors participating to this project. |
||||
|
*/ |
||||
|
|
||||
|
using System.Diagnostics.CodeAnalysis; |
||||
|
using System.Security.Claims; |
||||
|
using System.Text.Json; |
||||
|
using Microsoft.AspNetCore.Authentication; |
||||
|
using Microsoft.AspNetCore.Builder; |
||||
|
using Microsoft.AspNetCore.Hosting; |
||||
|
using Microsoft.AspNetCore.Http; |
||||
|
using Microsoft.AspNetCore.TestHost; |
||||
|
using Microsoft.Extensions.DependencyInjection; |
||||
|
using Microsoft.Extensions.Hosting; |
||||
|
using Microsoft.Extensions.Logging; |
||||
|
using OpenIddict.Validation.IntegrationTests; |
||||
|
using Xunit; |
||||
|
using Xunit.Abstractions; |
||||
|
using static OpenIddict.Validation.OpenIddictValidationEvents; |
||||
|
using static OpenIddict.Validation.OpenIddictValidationHandlers.Protection; |
||||
|
|
||||
|
#if SUPPORTS_JSON_NODES
|
||||
|
using System.Text.Json.Nodes; |
||||
|
#endif
|
||||
|
|
||||
|
namespace OpenIddict.Validation.AspNetCore.IntegrationTests; |
||||
|
|
||||
|
public partial class OpenIddictValidationAspNetCoreIntegrationTests : OpenIddictValidationIntegrationTests |
||||
|
{ |
||||
|
public OpenIddictValidationAspNetCoreIntegrationTests(ITestOutputHelper outputHelper) |
||||
|
: base(outputHelper) |
||||
|
{ |
||||
|
} |
||||
|
|
||||
|
[Fact] |
||||
|
public async Task ProcessAuthentication_CreationDateIsMappedToIssuedUtc() |
||||
|
{ |
||||
|
// Arrange
|
||||
|
await using var server = await CreateServerAsync(options => |
||||
|
{ |
||||
|
options.AddEventHandler<ValidateTokenContext>(builder => |
||||
|
{ |
||||
|
builder.UseInlineHandler(context => |
||||
|
{ |
||||
|
Assert.Equal("access_token", context.Token); |
||||
|
Assert.Equal(new[] { TokenTypeHints.AccessToken }, context.ValidTokenTypes); |
||||
|
|
||||
|
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer")) |
||||
|
.SetTokenType(TokenTypeHints.AccessToken) |
||||
|
.SetClaim(Claims.Subject, "Bob le Magnifique") |
||||
|
.SetCreationDate(new DateTimeOffset(2020, 01, 01, 00, 00, 00, TimeSpan.Zero)); |
||||
|
|
||||
|
return default; |
||||
|
}); |
||||
|
|
||||
|
builder.SetOrder(ValidateIdentityModelToken.Descriptor.Order - 500); |
||||
|
}); |
||||
|
}); |
||||
|
|
||||
|
await using var client = await server.CreateClientAsync(); |
||||
|
|
||||
|
// Act
|
||||
|
var response = await client.GetAsync("/authenticate/properties", new OpenIddictRequest |
||||
|
{ |
||||
|
AccessToken = "access_token" |
||||
|
}); |
||||
|
|
||||
|
// Assert
|
||||
|
var properties = new AuthenticationProperties(response.GetParameters() |
||||
|
.ToDictionary(parameter => parameter.Key, parameter => (string?) parameter.Value)); |
||||
|
|
||||
|
Assert.Equal(new DateTimeOffset(2020, 01, 01, 00, 00, 00, TimeSpan.Zero), properties.IssuedUtc); |
||||
|
} |
||||
|
|
||||
|
[Fact] |
||||
|
public async Task ProcessAuthentication_ExpirationDateIsMappedToIssuedUtc() |
||||
|
{ |
||||
|
// Arrange
|
||||
|
await using var server = await CreateServerAsync(options => |
||||
|
{ |
||||
|
options.AddEventHandler<ValidateTokenContext>(builder => |
||||
|
{ |
||||
|
builder.UseInlineHandler(context => |
||||
|
{ |
||||
|
Assert.Equal("access_token", context.Token); |
||||
|
Assert.Equal(new[] { TokenTypeHints.AccessToken }, context.ValidTokenTypes); |
||||
|
|
||||
|
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer")) |
||||
|
.SetTokenType(TokenTypeHints.AccessToken) |
||||
|
.SetExpirationDate(new DateTimeOffset(2120, 01, 01, 00, 00, 00, TimeSpan.Zero)); |
||||
|
|
||||
|
return default; |
||||
|
}); |
||||
|
|
||||
|
builder.SetOrder(ValidateIdentityModelToken.Descriptor.Order - 500); |
||||
|
}); |
||||
|
}); |
||||
|
|
||||
|
await using var client = await server.CreateClientAsync(); |
||||
|
|
||||
|
// Act
|
||||
|
var response = await client.GetAsync("/authenticate/properties", new OpenIddictRequest |
||||
|
{ |
||||
|
AccessToken = "access_token" |
||||
|
}); |
||||
|
|
||||
|
// Assert
|
||||
|
var properties = new AuthenticationProperties(response.GetParameters() |
||||
|
.ToDictionary(parameter => parameter.Key, parameter => (string?) parameter.Value)); |
||||
|
|
||||
|
Assert.Equal(new DateTimeOffset(2120, 01, 01, 00, 00, 00, TimeSpan.Zero), properties.ExpiresUtc); |
||||
|
} |
||||
|
|
||||
|
[SuppressMessage("Reliability", "CA2000:Dispose objects before losing scope", |
||||
|
Justification = "The caller is responsible for disposing the test server.")] |
||||
|
protected override |
||||
|
#if SUPPORTS_GENERIC_HOST
|
||||
|
async |
||||
|
#endif
|
||||
|
ValueTask<OpenIddictValidationIntegrationTestServer> CreateServerAsync(Action<OpenIddictValidationBuilder>? configuration = null) |
||||
|
{ |
||||
|
#if SUPPORTS_GENERIC_HOST
|
||||
|
var builder = new HostBuilder(); |
||||
|
#else
|
||||
|
var builder = new WebHostBuilder(); |
||||
|
#endif
|
||||
|
builder.UseEnvironment("Testing"); |
||||
|
|
||||
|
builder.ConfigureLogging(options => options.AddXUnit(OutputHelper)); |
||||
|
|
||||
|
builder.ConfigureServices(ConfigureServices); |
||||
|
builder.ConfigureServices(services => |
||||
|
{ |
||||
|
services.AddOpenIddict() |
||||
|
.AddValidation(options => |
||||
|
{ |
||||
|
options.UseAspNetCore(); |
||||
|
|
||||
|
configuration?.Invoke(options); |
||||
|
}); |
||||
|
}); |
||||
|
|
||||
|
#if SUPPORTS_GENERIC_HOST
|
||||
|
builder.ConfigureWebHost(options => |
||||
|
{ |
||||
|
options.UseTestServer(); |
||||
|
options.Configure(ConfigurePipeline); |
||||
|
}); |
||||
|
#else
|
||||
|
builder.Configure(ConfigurePipeline); |
||||
|
#endif
|
||||
|
|
||||
|
#if SUPPORTS_GENERIC_HOST
|
||||
|
var host = await builder.StartAsync(); |
||||
|
|
||||
|
return new OpenIddictValidationAspNetCoreIntegrationTestServer(host); |
||||
|
#else
|
||||
|
var server = new TestServer(builder); |
||||
|
|
||||
|
return new(new OpenIddictValidationAspNetCoreIntegrationTestServer(server)); |
||||
|
#endif
|
||||
|
|
||||
|
void ConfigurePipeline(IApplicationBuilder app) |
||||
|
{ |
||||
|
app.Use(next => async context => |
||||
|
{ |
||||
|
await next(context); |
||||
|
|
||||
|
var feature = context.Features.Get<OpenIddictValidationAspNetCoreFeature>(); |
||||
|
var response = feature?.Transaction?.GetProperty<object>("custom_response"); |
||||
|
if (response is not null) |
||||
|
{ |
||||
|
context.Response.ContentType = "application/json"; |
||||
|
await context.Response.WriteAsync(JsonSerializer.Serialize(response)); |
||||
|
} |
||||
|
}); |
||||
|
|
||||
|
app.UseAuthentication(); |
||||
|
|
||||
|
app.Use(next => async context => |
||||
|
{ |
||||
|
if (context.Request.Path == "/authenticate") |
||||
|
{ |
||||
|
var result = await context.AuthenticateAsync(OpenIddictValidationAspNetCoreDefaults.AuthenticationScheme); |
||||
|
if (result?.Principal is null) |
||||
|
{ |
||||
|
await context.ChallengeAsync(OpenIddictValidationAspNetCoreDefaults.AuthenticationScheme); |
||||
|
return; |
||||
|
} |
||||
|
|
||||
|
var claims = result.Principal.Claims.GroupBy(claim => claim.Type) |
||||
|
.Select(group => new KeyValuePair<string, string?[]?>( |
||||
|
group.Key, group.Select(claim => claim.Value).ToArray())); |
||||
|
|
||||
|
context.Response.ContentType = "application/json"; |
||||
|
await context.Response.WriteAsync(JsonSerializer.Serialize(new OpenIddictResponse(claims))); |
||||
|
return; |
||||
|
} |
||||
|
|
||||
|
else if (context.Request.Path == "/authenticate/properties") |
||||
|
{ |
||||
|
var result = await context.AuthenticateAsync(OpenIddictValidationAspNetCoreDefaults.AuthenticationScheme); |
||||
|
if (result?.Properties is null) |
||||
|
{ |
||||
|
return; |
||||
|
} |
||||
|
|
||||
|
context.Response.ContentType = "application/json"; |
||||
|
await context.Response.WriteAsync(JsonSerializer.Serialize(new OpenIddictResponse(result.Properties.Items))); |
||||
|
return; |
||||
|
} |
||||
|
|
||||
|
else if (context.Request.Path == "/challenge") |
||||
|
{ |
||||
|
await context.ChallengeAsync(OpenIddictValidationAspNetCoreDefaults.AuthenticationScheme); |
||||
|
return; |
||||
|
} |
||||
|
|
||||
|
await next(context); |
||||
|
}); |
||||
|
|
||||
|
app.Run(context => |
||||
|
{ |
||||
|
context.Response.ContentType = "application/json"; |
||||
|
return context.Response.WriteAsync(JsonSerializer.Serialize(new |
||||
|
{ |
||||
|
name = "Bob le Magnifique" |
||||
|
})); |
||||
|
}); |
||||
|
} |
||||
|
} |
||||
|
} |
||||
Binary file not shown.
@ -0,0 +1,35 @@ |
|||||
|
<Project Sdk="Microsoft.NET.Sdk"> |
||||
|
|
||||
|
<PropertyGroup> |
||||
|
<TargetFrameworks>net461;net472;net48;netcoreapp3.1;net6.0</TargetFrameworks> |
||||
|
</PropertyGroup> |
||||
|
|
||||
|
<ItemGroup> |
||||
|
<EmbeddedResource Include="Certificate.cer" /> |
||||
|
</ItemGroup> |
||||
|
|
||||
|
<ItemGroup> |
||||
|
<ProjectReference Include="..\..\src\OpenIddict.Core\OpenIddict.Core.csproj" /> |
||||
|
<ProjectReference Include="..\..\src\OpenIddict.Validation\OpenIddict.Validation.csproj" /> |
||||
|
</ItemGroup> |
||||
|
|
||||
|
<ItemGroup> |
||||
|
<PackageReference Include="AngleSharp" /> |
||||
|
<PackageReference Include="MartinCostello.Logging.XUnit" /> |
||||
|
<PackageReference Include="Microsoft.Extensions.DependencyInjection" /> |
||||
|
<PackageReference Include="Moq" /> |
||||
|
<PackageReference Include="System.Linq.Async" /> |
||||
|
<PackageReference Include="System.Net.Http.Json" /> |
||||
|
</ItemGroup> |
||||
|
|
||||
|
<ItemGroup Condition=" '$(TargetFrameworkIdentifier)' == '.NETFramework' "> |
||||
|
<Reference Include="System.Net.Http" /> |
||||
|
</ItemGroup> |
||||
|
|
||||
|
<ItemGroup> |
||||
|
<Using Include="OpenIddict.Abstractions" /> |
||||
|
<Using Include="OpenIddict.Abstractions.OpenIddictConstants" Static="true" /> |
||||
|
<Using Include="OpenIddict.Abstractions.OpenIddictResources" Alias="SR" /> |
||||
|
</ItemGroup> |
||||
|
|
||||
|
</Project> |
||||
@ -0,0 +1,509 @@ |
|||||
|
/* |
||||
|
* Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
|
||||
|
* See https://github.com/openiddict/openiddict-core for more information concerning
|
||||
|
* the license and the contributors participating to this project. |
||||
|
*/ |
||||
|
|
||||
|
using System.Net.Http.Json; |
||||
|
using System.Text; |
||||
|
using System.Text.Encodings.Web; |
||||
|
using AngleSharp.Html.Parser; |
||||
|
using Microsoft.Extensions.Primitives; |
||||
|
|
||||
|
namespace OpenIddict.Validation.IntegrationTests; |
||||
|
|
||||
|
/// <summary>
|
||||
|
/// Exposes methods that allow sending OpenID Connect
|
||||
|
/// requests and extracting the corresponding responses.
|
||||
|
/// </summary>
|
||||
|
public class OpenIddictValidationIntegrationTestClient : IAsyncDisposable |
||||
|
{ |
||||
|
/// <summary>
|
||||
|
/// Initializes a new instance of the OpenID Connect client.
|
||||
|
/// </summary>
|
||||
|
public OpenIddictValidationIntegrationTestClient() |
||||
|
: this(new HttpClient()) |
||||
|
{ |
||||
|
} |
||||
|
|
||||
|
/// <summary>
|
||||
|
/// Initializes a new instance of the OpenID Connect client.
|
||||
|
/// </summary>
|
||||
|
/// <param name="client">The HTTP client used to communicate with the OpenID Connect server.</param>
|
||||
|
public OpenIddictValidationIntegrationTestClient(HttpClient client) |
||||
|
: this(client, new HtmlParser()) |
||||
|
{ |
||||
|
} |
||||
|
|
||||
|
/// <summary>
|
||||
|
/// Initializes a new instance of the OpenID Connect client.
|
||||
|
/// </summary>
|
||||
|
/// <param name="client">The HTTP client used to communicate with the OpenID Connect server.</param>
|
||||
|
/// <param name="parser">The HTML parser used to parse the responses returned by the OpenID Connect server.</param>
|
||||
|
public OpenIddictValidationIntegrationTestClient(HttpClient client, HtmlParser parser) |
||||
|
{ |
||||
|
HttpClient = client ?? throw new ArgumentNullException(nameof(client)); |
||||
|
HtmlParser = parser ?? throw new ArgumentNullException(nameof(parser)); |
||||
|
} |
||||
|
|
||||
|
/// <summary>
|
||||
|
/// Gets the underlying HTTP client used to
|
||||
|
/// communicate with the OpenID Connect server.
|
||||
|
/// </summary>
|
||||
|
public HttpClient HttpClient { get; } |
||||
|
|
||||
|
/// <summary>
|
||||
|
/// Gets the underlying HTML parser used to parse the
|
||||
|
/// responses returned by the OpenID Connect server.
|
||||
|
/// </summary>
|
||||
|
public HtmlParser HtmlParser { get; } |
||||
|
|
||||
|
/// <summary>
|
||||
|
/// Sends an empty OpenID Connect request to the given endpoint using GET
|
||||
|
/// and converts the returned response to an OpenID Connect response.
|
||||
|
/// </summary>
|
||||
|
/// <param name="uri">The endpoint to which the request is sent.</param>
|
||||
|
/// <returns>The OpenID Connect response returned by the server.</returns>
|
||||
|
public Task<OpenIddictResponse> GetAsync(string uri) |
||||
|
=> GetAsync(uri, new OpenIddictRequest()); |
||||
|
|
||||
|
/// <summary>
|
||||
|
/// Sends an empty OpenID Connect request to the given endpoint using GET
|
||||
|
/// and converts the returned response to an OpenID Connect response.
|
||||
|
/// </summary>
|
||||
|
/// <param name="uri">The endpoint to which the request is sent.</param>
|
||||
|
/// <returns>The OpenID Connect response returned by the server.</returns>
|
||||
|
public Task<OpenIddictResponse> GetAsync(Uri uri) |
||||
|
=> GetAsync(uri, new OpenIddictRequest()); |
||||
|
|
||||
|
/// <summary>
|
||||
|
/// Sends a generic OpenID Connect request to the given endpoint using GET
|
||||
|
/// and converts the returned response to an OpenID Connect response.
|
||||
|
/// </summary>
|
||||
|
/// <param name="uri">The endpoint to which the request is sent.</param>
|
||||
|
/// <param name="request">The OpenID Connect request to send.</param>
|
||||
|
/// <returns>The OpenID Connect response returned by the server.</returns>
|
||||
|
public Task<OpenIddictResponse> GetAsync(string uri, OpenIddictRequest request) |
||||
|
{ |
||||
|
if (request is null) |
||||
|
{ |
||||
|
throw new ArgumentNullException(nameof(request)); |
||||
|
} |
||||
|
|
||||
|
if (string.IsNullOrEmpty(uri)) |
||||
|
{ |
||||
|
throw new ArgumentException("The URL cannot be null or empty.", nameof(uri)); |
||||
|
} |
||||
|
|
||||
|
return GetAsync(new Uri(uri, UriKind.RelativeOrAbsolute), request); |
||||
|
} |
||||
|
|
||||
|
/// <summary>
|
||||
|
/// Sends a generic OpenID Connect request to the given endpoint using GET
|
||||
|
/// and converts the returned response to an OpenID Connect response.
|
||||
|
/// </summary>
|
||||
|
/// <param name="uri">The endpoint to which the request is sent.</param>
|
||||
|
/// <param name="request">The OpenID Connect request to send.</param>
|
||||
|
/// <returns>The OpenID Connect response returned by the server.</returns>
|
||||
|
public Task<OpenIddictResponse> GetAsync(Uri uri, OpenIddictRequest request) |
||||
|
=> SendAsync(HttpMethod.Get, uri, request); |
||||
|
|
||||
|
/// <summary>
|
||||
|
/// Sends a generic OpenID Connect request to the given endpoint using POST
|
||||
|
/// and converts the returned response to an OpenID Connect response.
|
||||
|
/// </summary>
|
||||
|
/// <param name="uri">The endpoint to which the request is sent.</param>
|
||||
|
/// <param name="request">The OpenID Connect request to send.</param>
|
||||
|
/// <returns>The OpenID Connect response returned by the server.</returns>
|
||||
|
public Task<OpenIddictResponse> PostAsync(string uri, OpenIddictRequest request) |
||||
|
{ |
||||
|
if (request is null) |
||||
|
{ |
||||
|
throw new ArgumentNullException(nameof(request)); |
||||
|
} |
||||
|
|
||||
|
if (string.IsNullOrEmpty(uri)) |
||||
|
{ |
||||
|
throw new ArgumentException("The URL cannot be null or empty.", nameof(uri)); |
||||
|
} |
||||
|
|
||||
|
return PostAsync(new Uri(uri, UriKind.RelativeOrAbsolute), request); |
||||
|
} |
||||
|
|
||||
|
/// <summary>
|
||||
|
/// Sends a generic OpenID Connect request to the given endpoint using POST
|
||||
|
/// and converts the returned response to an OpenID Connect response.
|
||||
|
/// </summary>
|
||||
|
/// <param name="uri">The endpoint to which the request is sent.</param>
|
||||
|
/// <param name="request">The OpenID Connect request to send.</param>
|
||||
|
/// <returns>The OpenID Connect response returned by the server.</returns>
|
||||
|
public Task<OpenIddictResponse> PostAsync(Uri uri, OpenIddictRequest request) |
||||
|
=> SendAsync(HttpMethod.Post, uri, request); |
||||
|
|
||||
|
/// <summary>
|
||||
|
/// Sends a generic OpenID Connect request to the given endpoint and
|
||||
|
/// converts the returned response to an OpenID Connect response.
|
||||
|
/// </summary>
|
||||
|
/// <param name="method">The HTTP method used to send the OpenID Connect request.</param>
|
||||
|
/// <param name="uri">The endpoint to which the request is sent.</param>
|
||||
|
/// <param name="request">The OpenID Connect request to send.</param>
|
||||
|
/// <returns>The OpenID Connect response returned by the server.</returns>
|
||||
|
public Task<OpenIddictResponse> SendAsync(string method, string uri, OpenIddictRequest request) |
||||
|
{ |
||||
|
if (request is null) |
||||
|
{ |
||||
|
throw new ArgumentNullException(nameof(request)); |
||||
|
} |
||||
|
|
||||
|
if (string.IsNullOrEmpty(method)) |
||||
|
{ |
||||
|
throw new ArgumentException("The HTTP method cannot be null or empty.", nameof(method)); |
||||
|
} |
||||
|
|
||||
|
if (string.IsNullOrEmpty(uri)) |
||||
|
{ |
||||
|
throw new ArgumentException("The URL cannot be null or empty.", nameof(uri)); |
||||
|
} |
||||
|
|
||||
|
return SendAsync(new HttpMethod(method), uri, request); |
||||
|
} |
||||
|
|
||||
|
/// <summary>
|
||||
|
/// Sends a generic OpenID Connect request to the given endpoint and
|
||||
|
/// converts the returned response to an OpenID Connect response.
|
||||
|
/// </summary>
|
||||
|
/// <param name="method">The HTTP method used to send the OpenID Connect request.</param>
|
||||
|
/// <param name="uri">The endpoint to which the request is sent.</param>
|
||||
|
/// <param name="request">The OpenID Connect request to send.</param>
|
||||
|
/// <returns>The OpenID Connect response returned by the server.</returns>
|
||||
|
public Task<OpenIddictResponse> SendAsync(HttpMethod method, string uri, OpenIddictRequest request) |
||||
|
{ |
||||
|
if (method is null) |
||||
|
{ |
||||
|
throw new ArgumentNullException(nameof(method)); |
||||
|
} |
||||
|
|
||||
|
if (request is null) |
||||
|
{ |
||||
|
throw new ArgumentNullException(nameof(request)); |
||||
|
} |
||||
|
|
||||
|
if (string.IsNullOrEmpty(uri)) |
||||
|
{ |
||||
|
throw new ArgumentException("The URL cannot be null or empty.", nameof(uri)); |
||||
|
} |
||||
|
|
||||
|
return SendAsync(method, new Uri(uri, UriKind.RelativeOrAbsolute), request); |
||||
|
} |
||||
|
|
||||
|
/// <summary>
|
||||
|
/// Sends a generic OpenID Connect request to the given endpoint and
|
||||
|
/// converts the returned response to an OpenID Connect response.
|
||||
|
/// </summary>
|
||||
|
/// <param name="method">The HTTP method used to send the OpenID Connect request.</param>
|
||||
|
/// <param name="uri">The endpoint to which the request is sent.</param>
|
||||
|
/// <param name="request">The OpenID Connect request to send.</param>
|
||||
|
/// <returns>The OpenID Connect response returned by the server.</returns>
|
||||
|
public virtual async Task<OpenIddictResponse> SendAsync(HttpMethod method, Uri uri, OpenIddictRequest request) |
||||
|
{ |
||||
|
if (method is null) |
||||
|
{ |
||||
|
throw new ArgumentNullException(nameof(method)); |
||||
|
} |
||||
|
|
||||
|
if (uri is null) |
||||
|
{ |
||||
|
throw new ArgumentNullException(nameof(uri)); |
||||
|
} |
||||
|
|
||||
|
if (request is null) |
||||
|
{ |
||||
|
throw new ArgumentNullException(nameof(request)); |
||||
|
} |
||||
|
|
||||
|
if (HttpClient.BaseAddress is null && !uri.IsAbsoluteUri) |
||||
|
{ |
||||
|
throw new ArgumentException("The address cannot be a relative URI when no base address " + |
||||
|
"is associated with the HTTP client.", nameof(uri)); |
||||
|
} |
||||
|
|
||||
|
using var message = CreateRequestMessage(request, method, uri); |
||||
|
using var response = await HttpClient.SendAsync(message); |
||||
|
|
||||
|
return await GetResponseAsync(response); |
||||
|
} |
||||
|
|
||||
|
private HttpRequestMessage CreateRequestMessage(OpenIddictRequest request, HttpMethod method, Uri uri) |
||||
|
{ |
||||
|
// Note: a dictionary is deliberately not used here to allow multiple parameters with the
|
||||
|
// same name to be specified. While initially not allowed by the core OAuth2 specification,
|
||||
|
// this is required for derived drafts like the OAuth2 token exchange specification.
|
||||
|
var parameters = new List<KeyValuePair<string?, string?>>(); |
||||
|
|
||||
|
foreach (var parameter in request.GetParameters()) |
||||
|
{ |
||||
|
// If the parameter is null or empty, send an empty value.
|
||||
|
if (OpenIddictParameter.IsNullOrEmpty(parameter.Value)) |
||||
|
{ |
||||
|
parameters.Add(new KeyValuePair<string?, string?>(parameter.Key, string.Empty)); |
||||
|
|
||||
|
continue; |
||||
|
} |
||||
|
|
||||
|
var values = (string?[]?) parameter.Value; |
||||
|
if (values is not { Length: > 0 }) |
||||
|
{ |
||||
|
continue; |
||||
|
} |
||||
|
|
||||
|
foreach (var value in values) |
||||
|
{ |
||||
|
parameters.Add(new KeyValuePair<string?, string?>(parameter.Key, value)); |
||||
|
} |
||||
|
} |
||||
|
|
||||
|
if (method == HttpMethod.Get && parameters.Count != 0) |
||||
|
{ |
||||
|
var builder = new StringBuilder(); |
||||
|
|
||||
|
foreach (var parameter in parameters) |
||||
|
{ |
||||
|
if (string.IsNullOrEmpty(parameter.Key)) |
||||
|
{ |
||||
|
continue; |
||||
|
} |
||||
|
|
||||
|
if (builder.Length != 0) |
||||
|
{ |
||||
|
builder.Append('&'); |
||||
|
} |
||||
|
|
||||
|
builder.Append(UrlEncoder.Default.Encode(parameter.Key)); |
||||
|
|
||||
|
if (!string.IsNullOrEmpty(parameter.Value)) |
||||
|
{ |
||||
|
builder.Append('='); |
||||
|
builder.Append(UrlEncoder.Default.Encode(parameter.Value)); |
||||
|
} |
||||
|
} |
||||
|
|
||||
|
if (!uri.IsAbsoluteUri) |
||||
|
{ |
||||
|
uri = new Uri(HttpClient.BaseAddress!, uri); |
||||
|
} |
||||
|
|
||||
|
uri = new UriBuilder(uri) { Query = builder.ToString() }.Uri; |
||||
|
} |
||||
|
|
||||
|
var message = new HttpRequestMessage(method, uri); |
||||
|
|
||||
|
if (method != HttpMethod.Get) |
||||
|
{ |
||||
|
message.Content = new FormUrlEncodedContent(parameters); |
||||
|
} |
||||
|
|
||||
|
return message; |
||||
|
} |
||||
|
|
||||
|
private async Task<OpenIddictResponse> GetResponseAsync(HttpResponseMessage message) |
||||
|
{ |
||||
|
if (message.Headers.WwwAuthenticate.Count is not 0) |
||||
|
{ |
||||
|
var parameters = new Dictionary<string, StringValues>(message.Headers.WwwAuthenticate.Count); |
||||
|
|
||||
|
foreach (var header in message.Headers.WwwAuthenticate) |
||||
|
{ |
||||
|
if (string.IsNullOrEmpty(header.Parameter)) |
||||
|
{ |
||||
|
continue; |
||||
|
} |
||||
|
|
||||
|
// Note: while initially not allowed by the core OAuth 2.0 specification, multiple
|
||||
|
// parameters with the same name are used by derived drafts like the OAuth 2.0
|
||||
|
// token exchange specification. For consistency, multiple parameters with the
|
||||
|
// same name are also supported when returned as part of WWW-Authentication headers.
|
||||
|
|
||||
|
foreach (var parameter in header.Parameter.Split(Separators.Comma, StringSplitOptions.RemoveEmptyEntries)) |
||||
|
{ |
||||
|
var values = parameter.Split(Separators.EqualsSign, StringSplitOptions.RemoveEmptyEntries); |
||||
|
if (values.Length is not 2) |
||||
|
{ |
||||
|
continue; |
||||
|
} |
||||
|
|
||||
|
var (name, value) = ( |
||||
|
values[0]?.Trim(Separators.Space[0]), |
||||
|
values[1]?.Trim(Separators.Space[0], Separators.DoubleQuote[0])); |
||||
|
|
||||
|
if (string.IsNullOrEmpty(name)) |
||||
|
{ |
||||
|
continue; |
||||
|
} |
||||
|
|
||||
|
parameters[name] = parameters.ContainsKey(name) ? |
||||
|
StringValues.Concat(parameters[name], value?.Replace("\\\"", "\"")) : |
||||
|
new StringValues(value?.Replace("\\\"", "\"")); |
||||
|
} |
||||
|
} |
||||
|
|
||||
|
return new OpenIddictResponse(parameters); |
||||
|
} |
||||
|
|
||||
|
else if (message.Headers.Location is not null) |
||||
|
{ |
||||
|
var payload = message.Headers.Location.Fragment; |
||||
|
if (string.IsNullOrEmpty(payload)) |
||||
|
{ |
||||
|
payload = message.Headers.Location.Query; |
||||
|
} |
||||
|
|
||||
|
if (string.IsNullOrEmpty(payload)) |
||||
|
{ |
||||
|
return new OpenIddictResponse(); |
||||
|
} |
||||
|
|
||||
|
static string? UnescapeDataString(string value) |
||||
|
{ |
||||
|
if (string.IsNullOrEmpty(value)) |
||||
|
{ |
||||
|
return null; |
||||
|
} |
||||
|
|
||||
|
return Uri.UnescapeDataString(value.Replace("+", "%20")); |
||||
|
} |
||||
|
|
||||
|
// Note: a dictionary is deliberately not used here to allow multiple parameters with the
|
||||
|
// same name to be retrieved. While initially not allowed by the core OAuth2 specification,
|
||||
|
// this is required for derived drafts like the OAuth2 token exchange specification.
|
||||
|
var parameters = new List<KeyValuePair<string, string?>>(); |
||||
|
|
||||
|
foreach (var element in new StringTokenizer(payload, Separators.Ampersand)) |
||||
|
{ |
||||
|
var segment = element; |
||||
|
if (segment.Length == 0) |
||||
|
{ |
||||
|
continue; |
||||
|
} |
||||
|
|
||||
|
// Always skip the first char (# or ?).
|
||||
|
if (segment.Offset == 0) |
||||
|
{ |
||||
|
segment = segment.Subsegment(1, segment.Length - 1); |
||||
|
} |
||||
|
|
||||
|
var index = segment.IndexOf('='); |
||||
|
if (index == -1) |
||||
|
{ |
||||
|
continue; |
||||
|
} |
||||
|
|
||||
|
var name = UnescapeDataString(segment.Substring(0, index)); |
||||
|
if (string.IsNullOrEmpty(name)) |
||||
|
{ |
||||
|
continue; |
||||
|
} |
||||
|
|
||||
|
var value = UnescapeDataString(segment.Substring(index + 1, segment.Length - (index + 1))); |
||||
|
|
||||
|
parameters.Add(new KeyValuePair<string, string?>(name, value)); |
||||
|
} |
||||
|
|
||||
|
return new OpenIddictResponse( |
||||
|
from parameter in parameters |
||||
|
group parameter by parameter.Key into grouping |
||||
|
let values = grouping.Select(parameter => parameter.Value) |
||||
|
select new KeyValuePair<string, StringValues>(grouping.Key, values.ToArray())); |
||||
|
} |
||||
|
|
||||
|
else if (string.Equals(message.Content?.Headers?.ContentType?.MediaType, "application/json", StringComparison.OrdinalIgnoreCase)) |
||||
|
{ |
||||
|
return (await message.Content!.ReadFromJsonAsync<OpenIddictResponse>())!; |
||||
|
} |
||||
|
|
||||
|
else if (string.Equals(message.Content?.Headers?.ContentType?.MediaType, "text/html", StringComparison.OrdinalIgnoreCase)) |
||||
|
{ |
||||
|
// Note: this test client is only used with OpenIddict's ASP.NET Core or OWIN hosts,
|
||||
|
// that always return their HTTP responses encoded using UTF-8. As such, the stream
|
||||
|
// returned by ReadAsStreamAsync() is always assumed to contain UTF-8 encoded payloads.
|
||||
|
using var stream = await message.Content!.ReadAsStreamAsync(); |
||||
|
|
||||
|
using var document = await HtmlParser.ParseDocumentAsync(stream); |
||||
|
if (document.Body is null) |
||||
|
{ |
||||
|
return new OpenIddictResponse(); |
||||
|
} |
||||
|
|
||||
|
// Note: a dictionary is deliberately not used here to allow multiple parameters with the
|
||||
|
// same name to be retrieved. While initially not allowed by the core OAuth2 specification,
|
||||
|
// this is required for derived drafts like the OAuth2 token exchange specification.
|
||||
|
var parameters = new List<KeyValuePair<string, string?>>(); |
||||
|
|
||||
|
foreach (var element in document.Body.GetElementsByTagName("input")) |
||||
|
{ |
||||
|
var name = element.GetAttribute("name"); |
||||
|
if (string.IsNullOrEmpty(name)) |
||||
|
{ |
||||
|
continue; |
||||
|
} |
||||
|
|
||||
|
var value = element.GetAttribute("value"); |
||||
|
|
||||
|
parameters.Add(new KeyValuePair<string, string?>(name, value)); |
||||
|
} |
||||
|
|
||||
|
return new OpenIddictResponse( |
||||
|
from parameter in parameters |
||||
|
group parameter by parameter.Key into grouping |
||||
|
let values = grouping.Select(parameter => parameter.Value) |
||||
|
select new KeyValuePair<string, StringValues>(grouping.Key, values.ToArray())); |
||||
|
} |
||||
|
|
||||
|
else if (string.Equals(message.Content?.Headers?.ContentType?.MediaType, "text/plain", StringComparison.OrdinalIgnoreCase)) |
||||
|
{ |
||||
|
// Note: this test client is only used with OpenIddict's ASP.NET Core or OWIN hosts,
|
||||
|
// that always return their HTTP responses encoded using UTF-8. As such, the stream
|
||||
|
// returned by ReadAsStreamAsync() is always assumed to contain UTF-8 encoded payloads.
|
||||
|
using var stream = await message.Content!.ReadAsStreamAsync(); |
||||
|
using var reader = new StreamReader(stream); |
||||
|
|
||||
|
// Note: a dictionary is deliberately not used here to allow multiple parameters with the
|
||||
|
// same name to be retrieved. While initially not allowed by the core OAuth2 specification,
|
||||
|
// this is required for derived drafts like the OAuth2 token exchange specification.
|
||||
|
var parameters = new List<KeyValuePair<string, string>>(); |
||||
|
|
||||
|
for (var line = await reader.ReadLineAsync(); line is not null; line = await reader.ReadLineAsync()) |
||||
|
{ |
||||
|
var index = line.IndexOf(':'); |
||||
|
if (index == -1) |
||||
|
{ |
||||
|
continue; |
||||
|
} |
||||
|
|
||||
|
var name = line.Substring(0, index); |
||||
|
if (string.IsNullOrEmpty(name)) |
||||
|
{ |
||||
|
continue; |
||||
|
} |
||||
|
|
||||
|
var value = line.Substring(index + 1); |
||||
|
|
||||
|
parameters.Add(new KeyValuePair<string, string>(name, value)); |
||||
|
} |
||||
|
|
||||
|
return new OpenIddictResponse( |
||||
|
from parameter in parameters |
||||
|
group parameter by parameter.Key into grouping |
||||
|
let values = grouping.Select(parameter => parameter.Value) |
||||
|
select new KeyValuePair<string, StringValues>(grouping.Key, values.ToArray())); |
||||
|
} |
||||
|
|
||||
|
return new OpenIddictResponse(); |
||||
|
} |
||||
|
|
||||
|
public ValueTask DisposeAsync() |
||||
|
{ |
||||
|
HttpClient.Dispose(); |
||||
|
|
||||
|
return default; |
||||
|
} |
||||
|
} |
||||
@ -0,0 +1,17 @@ |
|||||
|
/* |
||||
|
* Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
|
||||
|
* See https://github.com/openiddict/openiddict-core for more information concerning
|
||||
|
* the license and the contributors participating to this project. |
||||
|
*/ |
||||
|
|
||||
|
namespace OpenIddict.Validation.IntegrationTests; |
||||
|
|
||||
|
/// <summary>
|
||||
|
/// Represents a test host used by the validation integration tests.
|
||||
|
/// </summary>
|
||||
|
public abstract class OpenIddictValidationIntegrationTestServer : IAsyncDisposable |
||||
|
{ |
||||
|
public abstract ValueTask<OpenIddictValidationIntegrationTestClient> CreateClientAsync(); |
||||
|
|
||||
|
public virtual ValueTask DisposeAsync() => default; |
||||
|
} |
||||
@ -0,0 +1,325 @@ |
|||||
|
|
||||
|
|
||||
|
/* |
||||
|
* Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
|
||||
|
* See https://github.com/openiddict/openiddict-core for more information concerning
|
||||
|
* the license and the contributors participating to this project. |
||||
|
*/ |
||||
|
|
||||
|
using System.Reflection; |
||||
|
using System.Security.Claims; |
||||
|
using System.Security.Cryptography.X509Certificates; |
||||
|
using Microsoft.Extensions.DependencyInjection; |
||||
|
using Microsoft.Extensions.Options; |
||||
|
using Microsoft.IdentityModel.Protocols; |
||||
|
using Microsoft.IdentityModel.Tokens; |
||||
|
using Moq; |
||||
|
using OpenIddict.Core; |
||||
|
using Xunit; |
||||
|
using Xunit.Abstractions; |
||||
|
using static OpenIddict.Validation.OpenIddictValidationEvents; |
||||
|
using static OpenIddict.Validation.OpenIddictValidationHandlers; |
||||
|
using static OpenIddict.Validation.OpenIddictValidationHandlers.Protection; |
||||
|
|
||||
|
namespace OpenIddict.Validation.IntegrationTests; |
||||
|
|
||||
|
public abstract partial class OpenIddictValidationIntegrationTests |
||||
|
{ |
||||
|
protected OpenIddictValidationIntegrationTests(ITestOutputHelper outputHelper) |
||||
|
{ |
||||
|
OutputHelper = outputHelper; |
||||
|
} |
||||
|
|
||||
|
protected ITestOutputHelper OutputHelper { get; } |
||||
|
|
||||
|
[Fact] |
||||
|
public async Task ProcessAuthentication_InvalidIssuerThrowsAnException() |
||||
|
{ |
||||
|
// Arrange
|
||||
|
await using var server = await CreateServerAsync(options => options.Configure(options => |
||||
|
{ |
||||
|
options.ConfigurationManager = new StaticConfigurationManager<OpenIddictConfiguration>(new() |
||||
|
{ |
||||
|
Issuer = new Uri("https://fabrikam.com/") |
||||
|
}); |
||||
|
})); |
||||
|
|
||||
|
await using var client = await server.CreateClientAsync(); |
||||
|
|
||||
|
// Act and assert
|
||||
|
var exception = await Assert.ThrowsAsync<InvalidOperationException>(delegate |
||||
|
{ |
||||
|
return client.PostAsync("/authenticate", new OpenIddictRequest()); |
||||
|
}); |
||||
|
|
||||
|
Assert.Equal(SR.GetResourceString(SR.ID0307), exception.Message); |
||||
|
} |
||||
|
|
||||
|
[Fact] |
||||
|
public async Task ProcessAuthentication_EvalutesCorrectValidatedTokens() |
||||
|
{ |
||||
|
// Arrange
|
||||
|
await using var server = await CreateServerAsync(options => |
||||
|
{ |
||||
|
options.AddEventHandler<ProcessAuthenticationContext>(builder => |
||||
|
{ |
||||
|
builder.UseInlineHandler(context => |
||||
|
{ |
||||
|
// Assert
|
||||
|
Assert.True(context.ExtractAccessToken); |
||||
|
Assert.True(context.RequireAccessToken); |
||||
|
Assert.True(context.ValidateAccessToken); |
||||
|
|
||||
|
return default; |
||||
|
}); |
||||
|
|
||||
|
builder.SetOrder(EvaluateValidatedTokens.Descriptor.Order + 1); |
||||
|
}); |
||||
|
}); |
||||
|
|
||||
|
await using var client = await server.CreateClientAsync(); |
||||
|
|
||||
|
// Act
|
||||
|
var response = await client.PostAsync("/authenticate", new OpenIddictRequest()); |
||||
|
|
||||
|
// Assert
|
||||
|
Assert.Equal(0, response.Count); |
||||
|
} |
||||
|
|
||||
|
[Fact] |
||||
|
public async Task ProcessAuthentication_RejectsDemandWhenAccessTokenIsMissing() |
||||
|
{ |
||||
|
// Arrange
|
||||
|
await using var server = await CreateServerAsync(options => |
||||
|
{ |
||||
|
options.AddEventHandler<ProcessAuthenticationContext>(builder => |
||||
|
{ |
||||
|
builder.UseInlineHandler(context => |
||||
|
{ |
||||
|
// Assert
|
||||
|
Assert.True(context.IsRejected); |
||||
|
Assert.Equal(Errors.MissingToken, context.Error); |
||||
|
Assert.Equal(SR.GetResourceString(SR.ID2000), context.ErrorDescription); |
||||
|
|
||||
|
return default; |
||||
|
}); |
||||
|
|
||||
|
builder.SetOrder(ValidateRequiredTokens.Descriptor.Order + 1); |
||||
|
}); |
||||
|
}); |
||||
|
|
||||
|
await using var client = await server.CreateClientAsync(); |
||||
|
|
||||
|
// Act
|
||||
|
var response = await client.PostAsync("/authenticate", new OpenIddictRequest()); |
||||
|
|
||||
|
// Assert
|
||||
|
Assert.Equal(0, response.Count); |
||||
|
} |
||||
|
|
||||
|
[Fact] |
||||
|
public async Task ProcessAuthentication_RejectsDemandWhenAccessTokenIsInvalid() |
||||
|
{ |
||||
|
// Arrange
|
||||
|
await using var server = await CreateServerAsync(); |
||||
|
await using var client = await server.CreateClientAsync(); |
||||
|
|
||||
|
// Act
|
||||
|
var response = await client.PostAsync("/authenticate", new OpenIddictRequest |
||||
|
{ |
||||
|
AccessToken = "SlAV32hkKG" |
||||
|
}); |
||||
|
|
||||
|
// Assert
|
||||
|
Assert.Equal(Errors.InvalidToken, response.Error); |
||||
|
Assert.Equal(SR.GetResourceString(SR.ID2004), response.ErrorDescription); |
||||
|
} |
||||
|
|
||||
|
[Fact] |
||||
|
public async Task ProcessAuthentication_ReturnsExpectedIdentityWhenAccessTokenIsValid() |
||||
|
{ |
||||
|
// Arrange
|
||||
|
await using var server = await CreateServerAsync(options => |
||||
|
{ |
||||
|
options.AddEventHandler<ValidateTokenContext>(builder => |
||||
|
{ |
||||
|
builder.UseInlineHandler(context => |
||||
|
{ |
||||
|
Assert.Equal("access_token", context.Token); |
||||
|
Assert.Equal(new[] { TokenTypeHints.AccessToken }, context.ValidTokenTypes); |
||||
|
|
||||
|
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer")) |
||||
|
.SetTokenType(TokenTypeHints.AccessToken) |
||||
|
.SetClaim(Claims.Subject, "Bob le Magnifique"); |
||||
|
|
||||
|
return default; |
||||
|
}); |
||||
|
|
||||
|
builder.SetOrder(ValidateIdentityModelToken.Descriptor.Order - 500); |
||||
|
}); |
||||
|
}); |
||||
|
|
||||
|
await using var client = await server.CreateClientAsync(); |
||||
|
|
||||
|
// Act
|
||||
|
var response = await client.GetAsync("/authenticate", new OpenIddictRequest |
||||
|
{ |
||||
|
AccessToken = "access_token" |
||||
|
}); |
||||
|
|
||||
|
// Assert
|
||||
|
Assert.Equal("Bob le Magnifique", (string?) response[Claims.Subject]); |
||||
|
} |
||||
|
|
||||
|
[Fact] |
||||
|
public async Task ProcessChallenge_ReturnsDefaultErrorWhenNoneIsSpecified() |
||||
|
{ |
||||
|
// Arrange
|
||||
|
await using var server = await CreateServerAsync(); |
||||
|
await using var client = await server.CreateClientAsync(); |
||||
|
|
||||
|
// Act
|
||||
|
var response = await client.PostAsync("/challenge", new OpenIddictRequest()); |
||||
|
|
||||
|
// Assert
|
||||
|
Assert.Equal(Errors.InsufficientAccess, response.Error); |
||||
|
Assert.Equal(SR.GetResourceString(SR.ID2095), response.ErrorDescription); |
||||
|
Assert.Equal(SR.FormatID8000(SR.ID2095), response.ErrorUri); |
||||
|
} |
||||
|
|
||||
|
[Theory] |
||||
|
[InlineData("custom_error", null, null)] |
||||
|
[InlineData("custom_error", "custom_description", null)] |
||||
|
[InlineData("custom_error", "custom_description", "custom_uri")] |
||||
|
[InlineData(null, "custom_description", null)] |
||||
|
[InlineData(null, "custom_description", "custom_uri")] |
||||
|
[InlineData(null, null, "custom_uri")] |
||||
|
[InlineData(null, null, null)] |
||||
|
public async Task ProcessChallenge_AllowsRejectingRequest(string error, string description, string uri) |
||||
|
{ |
||||
|
// Arrange
|
||||
|
await using var server = await CreateServerAsync(options => |
||||
|
{ |
||||
|
options.AddEventHandler<ProcessChallengeContext>(builder => |
||||
|
builder.UseInlineHandler(context => |
||||
|
{ |
||||
|
context.Reject(error, description, uri); |
||||
|
|
||||
|
return default; |
||||
|
})); |
||||
|
}); |
||||
|
|
||||
|
await using var client = await server.CreateClientAsync(); |
||||
|
|
||||
|
// Act
|
||||
|
var response = await client.PostAsync("/challenge", new OpenIddictRequest()); |
||||
|
|
||||
|
// Assert
|
||||
|
Assert.Equal(error ?? Errors.InvalidRequest, response.Error); |
||||
|
Assert.Equal(description, response.ErrorDescription); |
||||
|
Assert.Equal(uri, response.ErrorUri); |
||||
|
} |
||||
|
|
||||
|
[Fact] |
||||
|
public async Task ProcessChallenge_AllowsHandlingResponse() |
||||
|
{ |
||||
|
// Arrange
|
||||
|
await using var server = await CreateServerAsync(options => |
||||
|
{ |
||||
|
options.AddEventHandler<ProcessChallengeContext>(builder => |
||||
|
builder.UseInlineHandler(context => |
||||
|
{ |
||||
|
context.Transaction.SetProperty("custom_response", new |
||||
|
{ |
||||
|
name = "Bob le Bricoleur" |
||||
|
}); |
||||
|
|
||||
|
context.HandleRequest(); |
||||
|
|
||||
|
return default; |
||||
|
})); |
||||
|
}); |
||||
|
|
||||
|
await using var client = await server.CreateClientAsync(); |
||||
|
|
||||
|
// Act
|
||||
|
var response = await client.PostAsync("/challenge", new OpenIddictRequest()); |
||||
|
|
||||
|
// Assert
|
||||
|
Assert.Equal("Bob le Bricoleur", (string?) response["name"]); |
||||
|
} |
||||
|
|
||||
|
protected virtual void ConfigureServices(IServiceCollection services) |
||||
|
{ |
||||
|
services.AddOpenIddict() |
||||
|
.AddCore(options => |
||||
|
{ |
||||
|
options.SetDefaultAuthorizationEntity<OpenIddictAuthorization>() |
||||
|
.SetDefaultTokenEntity<OpenIddictToken>(); |
||||
|
|
||||
|
options.Services.AddSingleton(CreateAuthorizationManager()) |
||||
|
.AddSingleton(CreateTokenManager()); |
||||
|
}) |
||||
|
|
||||
|
.AddValidation(options => |
||||
|
{ |
||||
|
options.SetIssuer(new Uri("https://contoso.com/")); |
||||
|
|
||||
|
options.SetConfiguration(new OpenIddictConfiguration |
||||
|
{ |
||||
|
SigningKeys = |
||||
|
{ |
||||
|
new X509SecurityKey(GetSigningCertificate( |
||||
|
assembly: typeof(OpenIddictValidationIntegrationTests).Assembly, |
||||
|
resource: "OpenIddict.Validation.IntegrationTests.Certificate.cer", |
||||
|
password: null)) |
||||
|
} |
||||
|
}); |
||||
|
}); |
||||
|
|
||||
|
static X509Certificate2 GetSigningCertificate(Assembly assembly, string resource, string? password) |
||||
|
{ |
||||
|
using var stream = assembly.GetManifestResourceStream(resource) ?? |
||||
|
throw new InvalidOperationException(SR.GetResourceString(SR.ID0064)); |
||||
|
|
||||
|
using var buffer = new MemoryStream(); |
||||
|
stream.CopyTo(buffer); |
||||
|
|
||||
|
return new X509Certificate2(buffer.ToArray(), password, X509KeyStorageFlags.MachineKeySet); |
||||
|
} |
||||
|
} |
||||
|
|
||||
|
protected abstract ValueTask<OpenIddictValidationIntegrationTestServer> CreateServerAsync( |
||||
|
Action<OpenIddictValidationBuilder>? configuration = null); |
||||
|
|
||||
|
protected OpenIddictAuthorizationManager<OpenIddictAuthorization> CreateAuthorizationManager( |
||||
|
Action<Mock<OpenIddictAuthorizationManager<OpenIddictAuthorization>>>? configuration = null) |
||||
|
{ |
||||
|
var manager = new Mock<OpenIddictAuthorizationManager<OpenIddictAuthorization>>( |
||||
|
Mock.Of<IOpenIddictAuthorizationCache<OpenIddictAuthorization>>(), |
||||
|
OutputHelper.ToLogger<OpenIddictAuthorizationManager<OpenIddictAuthorization>>(), |
||||
|
Mock.Of<IOptionsMonitor<OpenIddictCoreOptions>>(), |
||||
|
Mock.Of<IOpenIddictAuthorizationStoreResolver>()); |
||||
|
|
||||
|
configuration?.Invoke(manager); |
||||
|
|
||||
|
return manager.Object; |
||||
|
} |
||||
|
|
||||
|
protected OpenIddictTokenManager<OpenIddictToken> CreateTokenManager( |
||||
|
Action<Mock<OpenIddictTokenManager<OpenIddictToken>>>? configuration = null) |
||||
|
{ |
||||
|
var manager = new Mock<OpenIddictTokenManager<OpenIddictToken>>( |
||||
|
Mock.Of<IOpenIddictTokenCache<OpenIddictToken>>(), |
||||
|
OutputHelper.ToLogger<OpenIddictTokenManager<OpenIddictToken>>(), |
||||
|
Mock.Of<IOptionsMonitor<OpenIddictCoreOptions>>(), |
||||
|
Mock.Of<IOpenIddictTokenStoreResolver>()); |
||||
|
|
||||
|
configuration?.Invoke(manager); |
||||
|
|
||||
|
return manager.Object; |
||||
|
} |
||||
|
|
||||
|
public class OpenIddictAuthorization { } |
||||
|
public class OpenIddictToken { } |
||||
|
} |
||||
@ -0,0 +1,26 @@ |
|||||
|
<Project Sdk="Microsoft.NET.Sdk"> |
||||
|
|
||||
|
<PropertyGroup> |
||||
|
<TargetFrameworks>net461;net472;net48</TargetFrameworks> |
||||
|
</PropertyGroup> |
||||
|
|
||||
|
<ItemGroup> |
||||
|
<ProjectReference Include="..\..\src\OpenIddict.Validation.Owin\OpenIddict.Validation.Owin.csproj" /> |
||||
|
<ProjectReference Include="..\OpenIddict.Validation.IntegrationTests\OpenIddict.Validation.IntegrationTests.csproj" /> |
||||
|
</ItemGroup> |
||||
|
|
||||
|
<ItemGroup> |
||||
|
<PackageReference Include="Microsoft.Owin.Testing" /> |
||||
|
</ItemGroup> |
||||
|
|
||||
|
<ItemGroup Condition=" '$(TargetFrameworkIdentifier)' == '.NETFramework' "> |
||||
|
<Reference Include="System.Net.Http" /> |
||||
|
</ItemGroup> |
||||
|
|
||||
|
<ItemGroup> |
||||
|
<Using Include="OpenIddict.Abstractions" /> |
||||
|
<Using Include="OpenIddict.Abstractions.OpenIddictConstants" Static="true" /> |
||||
|
<Using Include="OpenIddict.Abstractions.OpenIddictResources" Alias="SR" /> |
||||
|
</ItemGroup> |
||||
|
|
||||
|
</Project> |
||||
@ -0,0 +1,38 @@ |
|||||
|
/* |
||||
|
* Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
|
||||
|
* See https://github.com/openiddict/openiddict-core for more information concerning
|
||||
|
* the license and the contributors participating to this project. |
||||
|
*/ |
||||
|
|
||||
|
using System.Diagnostics.CodeAnalysis; |
||||
|
using Microsoft.Owin.Testing; |
||||
|
using OpenIddict.Validation.IntegrationTests; |
||||
|
|
||||
|
namespace OpenIddict.Validation.Owin.IntegrationTests; |
||||
|
|
||||
|
/// <summary>
|
||||
|
/// Represents a test host used by the validation integration tests.
|
||||
|
/// </summary>
|
||||
|
public class OpenIddictValidationOwinIntegrationTestValidation : OpenIddictValidationIntegrationTestServer |
||||
|
{ |
||||
|
public OpenIddictValidationOwinIntegrationTestValidation(TestServer server) |
||||
|
=> Server = server; |
||||
|
|
||||
|
/// <summary>
|
||||
|
/// Gets the ASP.NET Core test server used by this instance.
|
||||
|
/// </summary>
|
||||
|
public TestServer Server { get; } |
||||
|
|
||||
|
[SuppressMessage("Reliability", "CA2000:Dispose objects before losing scope", |
||||
|
Justification = "The caller is responsible for disposing the test client.")] |
||||
|
public override ValueTask<OpenIddictValidationIntegrationTestClient> CreateClientAsync() |
||||
|
=> new(new OpenIddictValidationIntegrationTestClient(Server.HttpClient)); |
||||
|
|
||||
|
public override ValueTask DisposeAsync() |
||||
|
{ |
||||
|
// Dispose of the underlying test server.
|
||||
|
Server.Dispose(); |
||||
|
|
||||
|
return default; |
||||
|
} |
||||
|
} |
||||
@ -0,0 +1,217 @@ |
|||||
|
/* |
||||
|
* Licensed under the Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
|
||||
|
* See https://github.com/openiddict/openiddict-core for more information concerning
|
||||
|
* the license and the contributors participating to this project. |
||||
|
*/ |
||||
|
|
||||
|
using System.Diagnostics.CodeAnalysis; |
||||
|
using System.Security.Claims; |
||||
|
using System.Text.Json; |
||||
|
using Microsoft.Extensions.DependencyInjection; |
||||
|
using Microsoft.Extensions.Logging; |
||||
|
using Microsoft.Owin; |
||||
|
using Microsoft.Owin.Security; |
||||
|
using Microsoft.Owin.Testing; |
||||
|
using OpenIddict.Validation.IntegrationTests; |
||||
|
using Owin; |
||||
|
using Xunit; |
||||
|
using Xunit.Abstractions; |
||||
|
using static OpenIddict.Validation.OpenIddictValidationEvents; |
||||
|
using static OpenIddict.Validation.OpenIddictValidationHandlers.Protection; |
||||
|
|
||||
|
namespace OpenIddict.Validation.Owin.IntegrationTests; |
||||
|
|
||||
|
public partial class OpenIddictValidationOwinIntegrationTests : OpenIddictValidationIntegrationTests |
||||
|
{ |
||||
|
public OpenIddictValidationOwinIntegrationTests(ITestOutputHelper outputHelper) |
||||
|
: base(outputHelper) |
||||
|
{ |
||||
|
} |
||||
|
|
||||
|
[Fact] |
||||
|
public async Task ProcessAuthentication_CreationDateIsMappedToIssuedUtc() |
||||
|
{ |
||||
|
// Arrange
|
||||
|
await using var server = await CreateServerAsync(options => |
||||
|
{ |
||||
|
options.AddEventHandler<ValidateTokenContext>(builder => |
||||
|
{ |
||||
|
builder.UseInlineHandler(context => |
||||
|
{ |
||||
|
Assert.Equal("access_token", context.Token); |
||||
|
Assert.Equal(new[] { TokenTypeHints.AccessToken }, context.ValidTokenTypes); |
||||
|
|
||||
|
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer")) |
||||
|
.SetTokenType(TokenTypeHints.AccessToken) |
||||
|
.SetClaim(Claims.Subject, "Bob le Magnifique") |
||||
|
.SetCreationDate(new DateTimeOffset(2020, 01, 01, 00, 00, 00, TimeSpan.Zero)); |
||||
|
|
||||
|
return default; |
||||
|
}); |
||||
|
|
||||
|
builder.SetOrder(ValidateIdentityModelToken.Descriptor.Order - 500); |
||||
|
}); |
||||
|
}); |
||||
|
|
||||
|
await using var client = await server.CreateClientAsync(); |
||||
|
|
||||
|
// Act
|
||||
|
var response = await client.GetAsync("/authenticate/properties", new OpenIddictRequest |
||||
|
{ |
||||
|
AccessToken = "access_token" |
||||
|
}); |
||||
|
|
||||
|
// Assert
|
||||
|
var properties = new AuthenticationProperties(response.GetParameters() |
||||
|
.ToDictionary(parameter => parameter.Key, parameter => (string?) parameter.Value)); |
||||
|
|
||||
|
Assert.Equal(new DateTimeOffset(2020, 01, 01, 00, 00, 00, TimeSpan.Zero), properties.IssuedUtc); |
||||
|
} |
||||
|
|
||||
|
[Fact] |
||||
|
public async Task ProcessAuthentication_ExpirationDateIsMappedToIssuedUtc() |
||||
|
{ |
||||
|
// Arrange
|
||||
|
await using var server = await CreateServerAsync(options => |
||||
|
{ |
||||
|
options.AddEventHandler<ValidateTokenContext>(builder => |
||||
|
{ |
||||
|
builder.UseInlineHandler(context => |
||||
|
{ |
||||
|
Assert.Equal("access_token", context.Token); |
||||
|
Assert.Equal(new[] { TokenTypeHints.AccessToken }, context.ValidTokenTypes); |
||||
|
|
||||
|
context.Principal = new ClaimsPrincipal(new ClaimsIdentity("Bearer")) |
||||
|
.SetTokenType(TokenTypeHints.AccessToken) |
||||
|
.SetExpirationDate(new DateTimeOffset(2120, 01, 01, 00, 00, 00, TimeSpan.Zero)); |
||||
|
|
||||
|
return default; |
||||
|
}); |
||||
|
|
||||
|
builder.SetOrder(ValidateIdentityModelToken.Descriptor.Order - 500); |
||||
|
}); |
||||
|
}); |
||||
|
|
||||
|
await using var client = await server.CreateClientAsync(); |
||||
|
|
||||
|
// Act
|
||||
|
var response = await client.GetAsync("/authenticate/properties", new OpenIddictRequest |
||||
|
{ |
||||
|
AccessToken = "access_token" |
||||
|
}); |
||||
|
|
||||
|
// Assert
|
||||
|
var properties = new AuthenticationProperties(response.GetParameters() |
||||
|
.ToDictionary(parameter => parameter.Key, parameter => (string?) parameter.Value)); |
||||
|
|
||||
|
Assert.Equal(new DateTimeOffset(2120, 01, 01, 00, 00, 00, TimeSpan.Zero), properties.ExpiresUtc); |
||||
|
} |
||||
|
|
||||
|
[SuppressMessage("Reliability", "CA2000:Dispose objects before losing scope", |
||||
|
Justification = "The caller is responsible for disposing the test Validation.")] |
||||
|
protected override ValueTask<OpenIddictValidationIntegrationTestServer> CreateServerAsync(Action<OpenIddictValidationBuilder>? configuration = null) |
||||
|
{ |
||||
|
var services = new ServiceCollection(); |
||||
|
ConfigureServices(services); |
||||
|
|
||||
|
services.AddLogging(options => options.AddXUnit(OutputHelper)); |
||||
|
|
||||
|
services.AddOpenIddict() |
||||
|
.AddValidation(options => |
||||
|
{ |
||||
|
options.UseOwin(); |
||||
|
|
||||
|
configuration?.Invoke(options); |
||||
|
}); |
||||
|
|
||||
|
var provider = services.BuildServiceProvider(); |
||||
|
|
||||
|
var server = TestServer.Create(app => |
||||
|
{ |
||||
|
app.Use(async (context, next) => |
||||
|
{ |
||||
|
using var scope = provider.CreateScope(); |
||||
|
|
||||
|
context.Set(typeof(IServiceProvider).FullName, scope.ServiceProvider); |
||||
|
|
||||
|
try |
||||
|
{ |
||||
|
await next(); |
||||
|
} |
||||
|
|
||||
|
finally |
||||
|
{ |
||||
|
context.Environment.Remove(typeof(IServiceProvider).FullName); |
||||
|
} |
||||
|
}); |
||||
|
|
||||
|
app.Use(async (context, next) => |
||||
|
{ |
||||
|
await next(); |
||||
|
|
||||
|
var transaction = context.Get<OpenIddictValidationTransaction>(typeof(OpenIddictValidationTransaction).FullName); |
||||
|
var response = transaction?.GetProperty<object>("custom_response"); |
||||
|
if (response is not null) |
||||
|
{ |
||||
|
context.Response.ContentType = "application/json"; |
||||
|
await context.Response.WriteAsync(JsonSerializer.Serialize(response)); |
||||
|
} |
||||
|
}); |
||||
|
|
||||
|
app.UseOpenIddictValidation(); |
||||
|
|
||||
|
app.Use(async (context, next) => |
||||
|
{ |
||||
|
if (context.Request.Path == new PathString("/authenticate")) |
||||
|
{ |
||||
|
var result = await context.Authentication.AuthenticateAsync(OpenIddictValidationOwinDefaults.AuthenticationType); |
||||
|
if (result?.Identity is null) |
||||
|
{ |
||||
|
context.Authentication.Challenge(OpenIddictValidationOwinDefaults.AuthenticationType); |
||||
|
return; |
||||
|
} |
||||
|
|
||||
|
var claims = result.Identity.Claims.GroupBy(claim => claim.Type) |
||||
|
.Select(group => new KeyValuePair<string, string?[]?>( |
||||
|
group.Key, group.Select(claim => claim.Value).ToArray())); |
||||
|
|
||||
|
context.Response.ContentType = "application/json"; |
||||
|
await context.Response.WriteAsync(JsonSerializer.Serialize(new OpenIddictResponse(claims))); |
||||
|
return; |
||||
|
} |
||||
|
|
||||
|
else if (context.Request.Path == new PathString("/authenticate/properties")) |
||||
|
{ |
||||
|
var result = await context.Authentication.AuthenticateAsync(OpenIddictValidationOwinDefaults.AuthenticationType); |
||||
|
if (result?.Properties is null) |
||||
|
{ |
||||
|
return; |
||||
|
} |
||||
|
|
||||
|
context.Response.ContentType = "application/json"; |
||||
|
await context.Response.WriteAsync(JsonSerializer.Serialize(new OpenIddictResponse(result.Properties.Dictionary))); |
||||
|
return; |
||||
|
} |
||||
|
|
||||
|
else if (context.Request.Path == new PathString("/challenge")) |
||||
|
{ |
||||
|
context.Authentication.Challenge(OpenIddictValidationOwinDefaults.AuthenticationType); |
||||
|
return; |
||||
|
} |
||||
|
|
||||
|
await next(); |
||||
|
}); |
||||
|
|
||||
|
app.Run(context => |
||||
|
{ |
||||
|
context.Response.ContentType = "application/json"; |
||||
|
return context.Response.WriteAsync(JsonSerializer.Serialize(new |
||||
|
{ |
||||
|
name = "Bob le Magnifique" |
||||
|
})); |
||||
|
}); |
||||
|
}); |
||||
|
|
||||
|
return new(new OpenIddictValidationOwinIntegrationTestValidation(server)); |
||||
|
} |
||||
|
} |
||||
Loading…
Reference in new issue