public void GetAvailable_Should_Return_Expected_GrantTypes()
{
var validator = new CustomGrantValidator(new List <ICustomGrantValidator>
{
new TestGrantValidator(),
new TestGrantValidator2()
});
var available = validator.GetAvailableGrantTypes();
available.Count().Should().Be(2);
available.First().Should().Be("custom_grant");
available.Skip(1).First().Should().Be("custom_grant2");
}
public async Task Valid_Custom_Grant_Validator_Throws_Exception()
{
var validatorThrowingException = new Mock <ICustomGrantValidator>();
validatorThrowingException.Setup(y => y.ValidateAsync(It.IsAny <ValidatedTokenRequest>())).Throws(new Exception("Random validation error"));
validatorThrowingException.Setup(y => y.GrantType).Returns("custom_grant");
var validator = new CustomGrantValidator(new[] { validatorThrowingException.Object });
var request = new ValidatedTokenRequest
{
GrantType = validator.GetAvailableGrantTypes().Single()
};
var result = await validator.ValidateAsync(request);
result.IsError.Should().BeTrue();
result.Error.Should().Be("Grant validation error");
result.Principal.Should().BeNull();
}
private async Task <IEndpointResult> ExecuteDiscoDocAsync(HttpContext context)
{
_logger.LogTrace("Start discovery request");
var baseUrl = _context.GetIdentityServerBaseUrl().EnsureTrailingSlash();
var allScopes = await _scopes.GetScopesAsync(publicOnly : true);
var showScopes = new List <Scope>();
var document = new DiscoveryDocument
{
issuer = _context.GetIssuerUri(),
subject_types_supported = new[] { "public" },
id_token_signing_alg_values_supported = new[] { Constants.SigningAlgorithms.RSA_SHA_256 }
};
// scopes
if (_options.DiscoveryOptions.ShowIdentityScopes)
{
showScopes.AddRange(allScopes.Where(s => s.Type == ScopeType.Identity));
}
if (_options.DiscoveryOptions.ShowResourceScopes)
{
showScopes.AddRange(allScopes.Where(s => s.Type == ScopeType.Resource));
}
if (showScopes.Any())
{
document.scopes_supported = showScopes.Where(s => s.ShowInDiscoveryDocument).Select(s => s.Name).ToArray();
}
// claims
if (_options.DiscoveryOptions.ShowClaims)
{
var claims = new List <string>();
foreach (var s in allScopes)
{
claims.AddRange(from c in s.Claims
where s.Type == ScopeType.Identity
select c.Name);
}
document.claims_supported = claims.Distinct().ToArray();
}
// grant types
if (_options.DiscoveryOptions.ShowGrantTypes)
{
var standardGrantTypes = Constants.SupportedGrantTypes.AsEnumerable();
if (this._options.AuthenticationOptions.EnableLocalLogin == false)
{
standardGrantTypes = standardGrantTypes.Where(type => type != OidcConstants.GrantTypes.Password);
}
var showGrantTypes = new List <string>(standardGrantTypes);
if (_options.DiscoveryOptions.ShowCustomGrantTypes)
{
showGrantTypes.AddRange(_customGrants.GetAvailableGrantTypes());
}
document.grant_types_supported = showGrantTypes.ToArray();
}
// response types
if (_options.DiscoveryOptions.ShowResponseTypes)
{
document.response_types_supported = Constants.SupportedResponseTypes.ToArray();
}
// response modes
if (_options.DiscoveryOptions.ShowResponseModes)
{
document.response_modes_supported = Constants.SupportedResponseModes.ToArray();
}
// token endpoint authentication methods
if (_options.DiscoveryOptions.ShowTokenEndpointAuthenticationMethods)
{
document.token_endpoint_auth_methods_supported = _parsers.GetAvailableAuthenticationMethods().ToArray();
}
// endpoints
if (_options.DiscoveryOptions.ShowEndpoints)
{
if (_options.Endpoints.EnableEndSessionEndpoint)
{
document.http_logout_supported = true;
}
if (_options.Endpoints.EnableAuthorizeEndpoint)
{
document.authorization_endpoint = baseUrl + Constants.RoutePaths.Oidc.Authorize;
}
if (_options.Endpoints.EnableTokenEndpoint)
{
document.token_endpoint = baseUrl + Constants.RoutePaths.Oidc.Token;
}
if (_options.Endpoints.EnableUserInfoEndpoint)
{
document.userinfo_endpoint = baseUrl + Constants.RoutePaths.Oidc.UserInfo;
}
if (_options.Endpoints.EnableEndSessionEndpoint)
{
document.end_session_endpoint = baseUrl + Constants.RoutePaths.Oidc.EndSession;
}
if (_options.Endpoints.EnableCheckSessionEndpoint)
{
document.check_session_iframe = baseUrl + Constants.RoutePaths.Oidc.CheckSession;
}
if (_options.Endpoints.EnableTokenRevocationEndpoint)
{
document.revocation_endpoint = baseUrl + Constants.RoutePaths.Oidc.Revocation;
}
if (_options.Endpoints.EnableIntrospectionEndpoint)
{
document.introspection_endpoint = baseUrl + Constants.RoutePaths.Oidc.Introspection;
}
}
if (_options.DiscoveryOptions.ShowKeySet)
{
if (_options.SigningCertificate != null)
{
document.jwks_uri = baseUrl + Constants.RoutePaths.Oidc.DiscoveryWebKeys;
}
}
return(new DiscoveryDocumentResult(document, _options.DiscoveryOptions.CustomEntries));
}