public FederatedSignoutMiddlewareTests()
{
_user = IdentityServerPrincipal.Create("bob", "bob", new Claim(JwtClaimTypes.SessionId, "123"));
_pipeline = new MockIdSvrUiPipeline();
_pipeline.Users.Add(new InMemoryUser
{
Subject = "bob",
Username = "******",
Claims = new Claim[]
{
new Claim("name", "Bob Loblaw"),
new Claim("email", "*****@*****.**"),
new Claim("role", "Attorney"),
}
});
_pipeline.FederatedSignOut = async ctx =>
{
_idSvrIFrameUrl = await ctx.GetIdentityServerSignoutFrameCallbackUrlAsync();
ISessionIdService sessionId = ctx.RequestServices.GetRequiredService <ISessionIdService>();
_idSvrSid = await sessionId.GetCurrentSessionIdAsync();
};
_pipeline.Initialize();
_pipeline.Options.AuthenticationOptions.FederatedSignOutPaths.Add(MockIdSvrUiPipeline.FederatedSignOutPath);
}
public async Task jwks_entries_should_contain_alg()
{
MockIdSvrUiPipeline pipeline = new MockIdSvrUiPipeline();
pipeline.Initialize("/ROOT");
var result = await pipeline.Client.GetAsync("https://server/root/.well-known/openid-configuration/jwks");
var json = await result.Content.ReadAsStringAsync();
var data = JObject.Parse(json);
var keys = data["keys"];
keys.Should().NotBeNull();
var key = keys[0];
key.Should().NotBeNull();
var alg = key["alg"];
alg.Should().NotBeNull();
alg.Value <string>().Should().Be(Constants.SigningAlgorithms.RSA_SHA_256);
}
public async Task issuer_uri_should_be_lowercase()
{
MockIdSvrUiPipeline pipeline = new MockIdSvrUiPipeline();
pipeline.Initialize("/ROOT");
var result = await pipeline.Client.GetAsync("HTTPS://SERVER/ROOT/.WELL-KNOWN/OPENID-CONFIGURATION");
var json = await result.Content.ReadAsStringAsync();
var data = JObject.Parse(json);
var issuer = data["issuer"].ToString();
issuer.Should().Be("https://server/root");
}
public FederatedSignoutMiddlewareTests()
{
_user = IdentityServerPrincipal.Create("bob", "bob", new Claim(JwtClaimTypes.SessionId, "123"));
_pipeline = new MockIdSvrUiPipeline();
_pipeline.IdentityScopes.AddRange(new IdentityResource[] {
new IdentityResources.OpenId()
});
_pipeline.Clients.Add(new Client
{
ClientId = "client1",
AllowedGrantTypes = GrantTypes.Implicit,
RequireConsent = false,
AllowedScopes = new List <string> {
"openid"
},
RedirectUris = new List <string> {
"https://client1/callback"
},
FrontChannelLogoutUri = "https://client1/signout",
PostLogoutRedirectUris = new List <string> {
"https://client1/signout-callback"
},
AllowAccessTokensViaBrowser = true
});
_pipeline.Users.Add(new TestUser
{
SubjectId = "bob",
Username = "******",
Claims = new Claim[]
{
new Claim("name", "Bob Loblaw"),
new Claim("email", "*****@*****.**"),
new Claim("role", "Attorney")
}
});
_pipeline.Initialize();
_pipeline.Options.Authentication.FederatedSignOutPaths.Add(MockIdSvrUiPipeline.FederatedSignOutPath);
}
