You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
104 lines
4.0 KiB
104 lines
4.0 KiB
using System.Linq;
|
|
using System.Threading.Tasks;
|
|
using AspNet.Security.OpenIdConnect.Extensions;
|
|
using Xunit;
|
|
|
|
namespace OpenIddict.Core.Tests.Infrastructure {
|
|
public partial class OpenIddictProviderTests {
|
|
[Fact]
|
|
public async Task HandleConfigurationRequest_PlainCodeChallengeMethodIsNotReturned() {
|
|
// Arrange
|
|
var server = CreateAuthorizationServer();
|
|
|
|
var client = new OpenIdConnectClient(server.CreateClient());
|
|
|
|
// Act
|
|
var response = await client.GetAsync(ConfigurationEndpoint);
|
|
|
|
// Assert
|
|
Assert.DoesNotContain(
|
|
OpenIdConnectConstants.CodeChallengeMethods.Plain,
|
|
response[OpenIdConnectConstants.Metadata.CodeChallengeMethodsSupported].Values<string>());
|
|
}
|
|
|
|
[Theory]
|
|
[InlineData(OpenIdConnectConstants.GrantTypes.AuthorizationCode)]
|
|
[InlineData(OpenIdConnectConstants.GrantTypes.ClientCredentials)]
|
|
[InlineData(OpenIdConnectConstants.GrantTypes.Implicit)]
|
|
[InlineData(OpenIdConnectConstants.GrantTypes.Password)]
|
|
[InlineData(OpenIdConnectConstants.GrantTypes.RefreshToken)]
|
|
public async Task HandleConfigurationRequest_EnabledFlowsAreReturned(string flow) {
|
|
// Arrange
|
|
var server = CreateAuthorizationServer(builder => {
|
|
builder.Configure(options => {
|
|
options.GrantTypes.Clear();
|
|
options.GrantTypes.Add(flow);
|
|
});
|
|
});
|
|
|
|
var client = new OpenIdConnectClient(server.CreateClient());
|
|
|
|
// Act
|
|
var response = await client.GetAsync(ConfigurationEndpoint);
|
|
var types = response[OpenIdConnectConstants.Metadata.GrantTypesSupported].Values<string>();
|
|
|
|
// Assert
|
|
Assert.Equal(1, types.Count());
|
|
Assert.Contains(flow, types);
|
|
}
|
|
|
|
[Theory]
|
|
[InlineData(OpenIdConnectConstants.Scopes.Profile)]
|
|
[InlineData(OpenIdConnectConstants.Scopes.Email)]
|
|
[InlineData(OpenIdConnectConstants.Scopes.Phone)]
|
|
[InlineData(OpenIddictConstants.Scopes.Roles)]
|
|
public async Task HandleConfigurationRequest_StandardScopesAreExposed(string scope) {
|
|
// Arrange
|
|
var server = CreateAuthorizationServer();
|
|
|
|
var client = new OpenIdConnectClient(server.CreateClient());
|
|
|
|
// Act
|
|
var response = await client.GetAsync(ConfigurationEndpoint);
|
|
|
|
// Assert
|
|
Assert.Contains(scope, response[OpenIdConnectConstants.Metadata.ScopesSupported].Values<string>());
|
|
}
|
|
|
|
[Fact]
|
|
public async Task HandleConfigurationRequest_OfflineAccessScopeIsReturnedWhenRefreshTokenFlowIsEnabled() {
|
|
// Arrange
|
|
var server = CreateAuthorizationServer();
|
|
|
|
var client = new OpenIdConnectClient(server.CreateClient());
|
|
|
|
// Act
|
|
var response = await client.GetAsync(ConfigurationEndpoint);
|
|
|
|
// Assert
|
|
Assert.Contains(OpenIdConnectConstants.Scopes.OfflineAccess,
|
|
response[OpenIdConnectConstants.Metadata.ScopesSupported].Values<string>());
|
|
}
|
|
|
|
[Fact]
|
|
public async Task HandleConfigurationRequest_OfflineAccessScopeIsReturnedWhenRefreshTokenFlowIsDisabled() {
|
|
// Arrange
|
|
var server = CreateAuthorizationServer(builder => {
|
|
builder.Configure(options => {
|
|
// Note: at least one flow must be enabled.
|
|
options.GrantTypes.Clear();
|
|
options.GrantTypes.Add(OpenIdConnectConstants.GrantTypes.AuthorizationCode);
|
|
});
|
|
});
|
|
|
|
var client = new OpenIdConnectClient(server.CreateClient());
|
|
|
|
// Act
|
|
var response = await client.GetAsync(ConfigurationEndpoint);
|
|
|
|
// Assert
|
|
Assert.DoesNotContain(OpenIdConnectConstants.Scopes.OfflineAccess,
|
|
response[OpenIdConnectConstants.Metadata.ScopesSupported].Values<string>());
|
|
}
|
|
}
|
|
}
|
|
|