public async Task When_A_Consent_Has_Been_Given_And_The_AuthorizationFlow_Is_Not_Supported_Then_Exception_Is_Thrown()
{
// ARRANGE
InitializeFakeObjects();
const string clientId = "clientId";
const string state = "state";
var responseTypes = new List <ResponseType>();
var authorizationParameter = new AuthorizationParameter
{
ClientId = clientId,
State = state,
ResponseMode = ResponseMode.None // No response mode is defined
};
var consent = new SimpleIdServer.Core.Common.Models.Consent();
_clientRepositoryFake.Setup(c => c.GetClientByIdAsync(It.IsAny <string>()))
.Returns(Task.FromResult(new Client()));
_consentHelperFake.Setup(c => c.GetConfirmedConsentsAsync(It.IsAny <string>(),
It.IsAny <AuthorizationParameter>()))
.Returns(Task.FromResult(consent));
_parameterParserHelperFake.Setup(p => p.ParseResponseTypes(It.IsAny <string>()))
.Returns(responseTypes);
// ACT & ASSERTS
var exception = await Assert.ThrowsAsync <IdentityServerExceptionWithState>(() => _displayConsentAction.Execute(authorizationParameter,
"subject", null));
Assert.True(exception.Code == ErrorCodes.InvalidRequestCode);
Assert.True(exception.Message == ErrorDescriptions.TheAuthorizationFlowIsNotSupported);
Assert.True(exception.State == state);
}
public async Task When_A_Consent_Has_Been_Given_Then_Redirect_To_Callback()
{
// ARRANGE
InitializeFakeObjects();
var actionResult = new ActionResult
{
RedirectInstruction = new RedirectInstruction()
};
var authorizationParameter = new AuthorizationParameter
{
ResponseMode = ResponseMode.fragment
};
var consent = new SimpleIdServer.Core.Common.Models.Consent();
_clientRepositoryFake.Setup(c => c.GetClientByIdAsync(It.IsAny <string>()))
.Returns(Task.FromResult(new Client()));
_consentHelperFake.Setup(c => c.GetConfirmedConsentsAsync(It.IsAny <string>(),
It.IsAny <AuthorizationParameter>()))
.Returns(Task.FromResult(consent));
_actionResultFactoryFake.Setup(a => a.CreateAnEmptyActionResultWithRedirectionToCallBackUrl())
.Returns(actionResult);
// ACT
var result = await _displayConsentAction.Execute(authorizationParameter, "subject", null);
// ASSERT
_actionResultFactoryFake.Verify(a => a.CreateAnEmptyActionResultWithRedirectionToCallBackUrl());
Assert.True(result.ActionResult.RedirectInstruction.ResponseMode == ResponseMode.fragment);
}
public async Task When_No_Consent_Has_Been_Given_For_The_Claims_Then_Create_And_Insert_A_New_One()
{
// ARRANGE
InitializeFakeObjects();
const string subject = "subject";
const string clientId = "clientId";
var authorizationParameter = new AuthorizationParameter
{
Claims = new ClaimsParameter
{
UserInfo = new List <ClaimParameter>
{
new ClaimParameter
{
Name = Constants.StandardResourceOwnerClaimNames.Subject
}
}
},
Scope = "profile"
};
var claims = new List <Claim>
{
new Claim(Constants.StandardResourceOwnerClaimNames.Subject, subject)
};
var client = new Client
{
ClientId = clientId
};
var resourceOwner = new ResourceOwner
{
Id = subject
};
var actionResult = new ActionResult
{
RedirectInstruction = new RedirectInstruction()
};
ICollection <Scope> scopes = new List <Scope>();
_consentHelperFake.Setup(c => c.GetConfirmedConsentsAsync(It.IsAny <string>(),
It.IsAny <AuthorizationParameter>()))
.Returns(Task.FromResult((SimpleIdServer.Core.Common.Models.Consent)null));
_clientRepositoryFake.Setup(c => c.GetClientByIdAsync(It.IsAny <string>()))
.Returns(Task.FromResult(client));
_parameterParserHelperFake.Setup(p => p.ParseScopes(It.IsAny <string>()))
.Returns(new List <string>());
_scopeRepositoryFake.Setup(s => s.SearchByNamesAsync(It.IsAny <IEnumerable <string> >()))
.Returns(Task.FromResult(scopes));
_resourceOwnerRepositoryFake.Setup(r => r.GetAsync(It.IsAny <string>()))
.Returns(Task.FromResult(resourceOwner));
_actionResultFactoryFake.Setup(a => a.CreateAnEmptyActionResultWithRedirectionToCallBackUrl())
.Returns(actionResult);
SimpleIdServer.Core.Common.Models.Consent insertedConsent = null;
_consentRepositoryFake.Setup(co => co.InsertAsync(It.IsAny <SimpleIdServer.Core.Common.Models.Consent>()))
.Callback <SimpleIdServer.Core.Common.Models.Consent>(consent => insertedConsent = consent)
.Returns(Task.FromResult(true));
// ACT
await _confirmConsentAction.Execute(authorizationParameter, subject, null);
// ASSERT
Assert.NotNull(insertedConsent);
Assert.True(insertedConsent.Claims.Contains(Constants.StandardResourceOwnerClaimNames.Subject));
Assert.True(insertedConsent.ResourceOwner.Id == subject);
Assert.True(insertedConsent.Client.ClientId == clientId);
_actionResultFactoryFake.Verify(a => a.CreateAnEmptyActionResultWithRedirectionToCallBackUrl());
}
