public void AddPimsKeycloakService_Success()
{
// Arrange
var services = new ServiceCollection();
var mockPimsService = new Mock <IPimsRepository>();
services.AddScoped((s) => mockPimsService.Object);
var mockMapper = new Mock <IMapper>();
services.AddScoped((s) => mockMapper.Object);
var mockLogger = new Mock <ILogger <IPimsKeycloakService> >();
services.AddScoped((s) => mockLogger.Object);
var user = PrincipalHelper.CreateForPermission();
services.AddScoped((s) => user);
var mockConfig = new Mock <IOptions <KeycloakOptions> >();
var options = new KeycloakOptions()
{
Authority = "test",
Audience = "test",
Client = "test",
Admin = new KeycloakAdminOptions
{
Authority = "test",
Users = "test"
},
OpenIdConnect = new OpenIdConnectOptions
{
Token = "test",
UserInfo = "test"
},
ServiceAccount = new KeycloakServiceAccountOptions
{
Client = "test",
Secret = "test"
}
};
mockConfig.Setup(m => m.Value).Returns(options);
services.AddScoped((s) => mockConfig.Object);
var mockOpenIdConnectRequestClient = new Mock <IOpenIdConnectRequestClient>();
var clientOptions = new AuthClientOptions();
mockOpenIdConnectRequestClient.Setup(m => m.AuthClientOptions).Returns(clientOptions);
services.AddScoped((s) => mockOpenIdConnectRequestClient.Object);
// Act
var result = services.AddPimsKeycloakService();
var provider = result.BuildServiceProvider();
var service = provider.GetService <IPimsKeycloakService>();
// Assert
result.Should().NotBeNull();
result.Count.Should().Be(8);
provider.Should().NotBeNull();
service.Should().NotBeNull();
}
public HttpGetTokenAutoHandler(IKeycloakClient keycloakClient,
IHttpContextAccessor httpContextAccesor,
KeycloakOptions options)
{
_keycloakClient = keycloakClient;
_httpContextAccesor = httpContextAccesor;
_options = options;
}
public void CuandoUrlTieneSinPlecaAlFinal()
{
var uri = "http://artemis:8085/auth";
var options = new KeycloakOptions {
KeycloakUrl = uri, Realm = "prueba"
};
var result = options.KeycloakUrlRealm;
Assert.AreEqual("http://artemis:8085/auth/realms/prueba", result);
}
/// <summary>
/// Creates a new instance of an KeycloakRequestClient class, initializes it with the specified arguments.
/// </summary>
/// <param name="clientFactory"></param>
/// <param name="tokenHandler"></param>
/// <param name="keycloakOptions"></param>
/// <param name="openIdConnectOptions"></param>
/// <param name="requestOptions"></param>
/// <param name="serializerOptions"></param>
/// <param name="logger"></param>
public KeycloakRequestClient(
IHttpClientFactory clientFactory,
JwtSecurityTokenHandler tokenHandler,
IOptionsMonitor <KeycloakOptions> keycloakOptions,
IOptionsMonitor <OpenIdConnectOptions> openIdConnectOptions,
IOptionsMonitor <RequestOptions> requestOptions,
IOptionsMonitor <JsonSerializerOptions> serializerOptions,
ILogger <RequestClient> logger)
: base(clientFactory, tokenHandler, keycloakOptions, openIdConnectOptions, requestOptions, serializerOptions, logger)
{
_keycloakOptions = keycloakOptions.CurrentValue;
}
public void AddKeycloakService_Success()
{
// Arrange
var services = new ServiceCollection();
var mockConfig = new Mock <IOptions <KeycloakOptions> >();
var options = new KeycloakOptions()
{
Authority = "test",
Audience = "test",
Client = "test",
Admin = new KeycloakAdminOptions
{
Authority = "test",
Users = "test"
},
OpenIdConnect = new OpenIdConnectOptions
{
Token = "test",
UserInfo = "test"
},
ServiceAccount = new KeycloakServiceAccountOptions
{
Client = "test",
Secret = "test"
}
};
mockConfig.Setup(m => m.Value).Returns(options);
services.AddScoped((s) => mockConfig.Object);
var mockOpenIdConnectRequestClient = new Mock <IOpenIdConnectRequestClient>();
var clientOptions = new AuthClientOptions();
mockOpenIdConnectRequestClient.Setup(m => m.AuthClientOptions).Returns(clientOptions);
services.AddScoped((s) => mockOpenIdConnectRequestClient.Object);
// Act
var result = services.AddKeycloakService();
var provider = result.BuildServiceProvider();
var service = provider.GetService <IKeycloakService>();
// Assert
result.Should().NotBeNull();
result.Count.Should().Be(3);
provider.Should().NotBeNull();
service.Should().NotBeNull();
}
/// <summary>
/// Agrega y configura la funcionalidad de Autenticación y autorización de Keycloak a un proyecto .NET Core
/// </summary>
/// <param name="services"></param>
/// <param name="options">Parametro con los valores necesarios para configurar la autenticación de Keycloak.</param>
/// <returns>Devuelve una referencia a la instancia después de implementar la autenticación con JWT.</returns>
public static IServiceCollection AddKeycloakAuthentication(this IServiceCollection services, KeycloakOptions options)
{
//Se agrega al contenedor de dependencias el KeycloakClient
services.AddSingleton(options);
//Se agrega al contenedor las opciones de configuración
services.AddHttpClient <IKeycloakClient>(c => c.BaseAddress = new Uri(options.KeycloakUrlRealm))
.AddTypedClient <IKeycloakClient, KeycloakClient>();
#region PASOS 1 Y 2 (ENVIO Y REFRESCO DE TOKEN)
if (options.EnableGetTokenAuto || options.EnableRefreshToken)
{
services.AddHttpContextAccessor();
services.AddSession(config => config.Cookie.Name = options.ClientId);
if (options.EnableGetTokenAuto)
{
_enableGetTokenAuto = true;
services.AddTransient <HttpGetTokenAutoHandler>();
}
if (options.EnableRefreshToken)
{
_enableRefreshToken = true;
}
}
#endregion
#region PASOS 3 Y 4 (VALIDACION DE TOKEN)
var validationParameters = new TokenValidationParameters
{
ClockSkew = options.TokenClockSkew,
ValidateAudience = false,
ValidateIssuer = false
};
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(opts =>
{
opts.Authority = options.KeycloakUrlRealm;
opts.Audience = options.ClientId;
opts.TokenValidationParameters = validationParameters;
opts.RequireHttpsMetadata = false;
opts.SaveToken = true;
});
services.AddTransient <IAuthorizationHandler, HasRoleHandler>(t => new HasRoleHandler(options.ClientId));
#endregion
return(services);
}
