public UserInfoEndpointController(IdentityServerOptions options, TokenValidator tokenValidator, UserInfoResponseGenerator generator, BearerTokenUsageValidator tokenUsageValidator)
{
_tokenValidator = tokenValidator;
_generator = generator;
_options = options;
_tokenUsageValidator = tokenUsageValidator;
}
/// <summary>
/// Initializes a new instance of the <see cref="UserInfoEndpoint" /> class.
/// </summary>
/// <param name="tokenUsageValidator">The token usage validator.</param>
/// <param name="requestValidator">The request validator.</param>
/// <param name="responseGenerator">The response generator.</param>
/// <param name="logger">The logger.</param>
public UserInfoEndpoint(BearerTokenUsageValidator tokenUsageValidator, IUserInfoRequestValidator requestValidator, IUserInfoResponseGenerator responseGenerator, ILogger <UserInfoEndpoint> logger)
{
_tokenUsageValidator = tokenUsageValidator;
_requestValidator = requestValidator;
_responseGenerator = responseGenerator;
_logger = logger;
}
public UserInfoEndpoint(IdentityServerOptions options, ITokenValidator tokenValidator, IUserInfoResponseGenerator generator, BearerTokenUsageValidator tokenUsageValidator, ILogger <UserInfoEndpoint> logger)
{
_options = options;
_tokenValidator = tokenValidator;
_tokenUsageValidator = tokenUsageValidator;
_generator = generator;
_logger = logger;
}
/// <summary>
/// Initializes a new instance of the <see cref="UserInfoEndpoint" /> class.
/// </summary>
/// <param name="tokenUsageValidator">The token usage validator.</param>
/// <param name="requestValidator">The request validator.</param>
/// <param name="responseGenerator">The response generator.</param>
/// <param name="logger">The logger.</param>
public UserInfoEndpoint(
BearerTokenUsageValidator tokenUsageValidator,
IUserInfoRequestValidator requestValidator,
IUserInfoResponseGenerator responseGenerator,
ILogger <UserInfoEndpoint> logger)
{
_tokenUsageValidator = tokenUsageValidator ?? throw new ArgumentNullException(nameof(tokenUsageValidator));
_requestValidator = requestValidator ?? throw new ArgumentNullException(nameof(requestValidator));
_responseGenerator = responseGenerator ?? throw new ArgumentNullException(nameof(responseGenerator));
_logger = logger ?? throw new ArgumentNullException(nameof(logger));
}
public async Task No_Header_no_Body_Get()
{
var ctx = new DefaultHttpContext();
ctx.Request.Method = "GET";
var validator = new BearerTokenUsageValidator(TestLogger.Create <BearerTokenUsageValidator>());
var result = await validator.ValidateAsync(ctx);
result.TokenFound.Should().BeFalse();
}
public async Task No_Header_no_Body_Post()
{
var ctx = new OwinContext();
ctx.Request.Method = "POST";
var validator = new BearerTokenUsageValidator();
var result = await validator.ValidateAsync(ctx);
result.TokenFound.Should().BeFalse();
}
public async Task No_Header_no_Body_Get()
{
var request = new HttpRequestMessage();
request.Method = HttpMethod.Get;
var validator = new BearerTokenUsageValidator();
var result = await validator.ValidateAsync(request);
result.TokenFound.Should().BeFalse();
}
public async Task Whitespaces_Bearer_Scheme_Header()
{
var ctx = new OwinContext();
ctx.Request.Method = "GET";
ctx.Request.Headers.Add("Authorization", new string[] { "Bearer " });
var validator = new BearerTokenUsageValidator();
var result = await validator.ValidateAsync(ctx);
result.TokenFound.Should().BeFalse();
}
public async Task Whitespaces_Bearer_Scheme_Header()
{
var request = new HttpRequestMessage();
request.Method = HttpMethod.Get;
request.Headers.Add("Authorization", "Bearer ");
var validator = new BearerTokenUsageValidator();
var result = await validator.ValidateAsync(request);
result.TokenFound.Should().BeFalse();
}
public async Task Empty_Bearer_Scheme_Header()
{
var ctx = new DefaultHttpContext();
ctx.Request.Method = "GET";
ctx.Request.Headers.Add("Authorization", new string[] { "Bearer" });
var validator = new BearerTokenUsageValidator(TestLogger.Create <BearerTokenUsageValidator>());
var result = await validator.ValidateAsync(ctx);
result.TokenFound.Should().BeFalse();
}
public async Task No_Header_no_Body_Post()
{
var request = new HttpRequestMessage();
request.Method = HttpMethod.Post;
request.Content = new FormUrlEncodedContent(new Dictionary <string, string>());
var validator = new BearerTokenUsageValidator();
var result = await validator.ValidateAsync(request);
result.TokenFound.Should().BeFalse();
}
/// <summary>
/// Initializes a new instance of the <see cref="UserInfoEndpoint" /> class.
/// </summary>
/// <param name="tokenUsageValidator">The token usage validator.</param>
/// <param name="requestValidator">The request validator.</param>
/// <param name="responseGenerator">The response generator.</param>
/// <param name="logger">The logger.</param>
public GetUserDetailByIdEndpoint(
BearerTokenUsageValidator tokenUsageValidator,
IUserInfoRequestValidator requestValidator,
IUserInfoResponseGenerator responseGenerator,
ILogger <UserInfoEndpoint> logger,
IUsersService usersService)
{
_usersService = usersService;
_tokenUsageValidator = tokenUsageValidator;
_requestValidator = requestValidator;
_responseGenerator = responseGenerator;
_logger = logger;
}
/// <summary>
/// Initializes a new instance of the <see cref="RegisterEndpoint" /> class.
/// </summary>
/// <param name="tokenUsageValidator">The token usage validator.</param>
/// <param name="requestValidator">The request validator.</param>
/// <param name="responseGenerator">The response generator.</param>
/// <param name="logger">The logger.</param>
public UpdateRolesEndpoint(
BearerTokenUsageValidator tokenUsageValidator,
IUserInfoRequestValidator requestValidator,
IUserInfoResponseGenerator responseGenerator,
ILogger <RegisterEndpoint> logger,
IRolesService rolesService)
{
_roleService = rolesService;
_tokenUsageValidator = tokenUsageValidator;
_requestValidator = requestValidator;
_responseGenerator = responseGenerator;
_logger = logger;
}
/// <summary>
/// Initializes a new instance of the <see cref="RegisterEndpoint" /> class.
/// </summary>
/// <param name="tokenUsageValidator">The token usage validator.</param>
/// <param name="requestValidator">The request validator.</param>
/// <param name="responseGenerator">The response generator.</param>
/// <param name="logger">The logger.</param>
public DeleteUserEndpoint(
BearerTokenUsageValidator tokenUsageValidator,
IUserInfoRequestValidator requestValidator,
IUserInfoResponseGenerator responseGenerator,
ILogger <RegisterEndpoint> logger,
IUsersService UserService)
{
_userService = UserService;
_tokenUsageValidator = tokenUsageValidator;
_requestValidator = requestValidator;
_responseGenerator = responseGenerator;
_logger = logger;
}
public CompleteRegistrationEndpoint(
BearerTokenUsageValidator tokenUsageValidator,
CompleteRegistrationRequestValidator requestValidator,
CompleteRegistrationResponseGenerator responseGenerator,
ILogger <CompleteRegistrationEndpoint> logger,
IUserDeviceStore userDeviceStore
)
{
Logger = logger ?? throw new ArgumentNullException(nameof(logger));
UserDeviceStore = userDeviceStore ?? throw new ArgumentNullException(nameof(userDeviceStore));
Request = requestValidator ?? throw new ArgumentNullException(nameof(requestValidator));
Response = responseGenerator ?? throw new ArgumentNullException(nameof(responseGenerator));
Token = tokenUsageValidator ?? throw new ArgumentNullException(nameof(tokenUsageValidator));
}
public async Task Valid_Bearer_Scheme_Header()
{
var ctx = new OwinContext();
ctx.Request.Method = "GET";
ctx.Request.Headers.Add("Authorization", new string[] { "Bearer token" });
var validator = new BearerTokenUsageValidator();
var result = await validator.ValidateAsync(ctx);
result.TokenFound.Should().BeTrue();
result.Token.Should().Be("token");
result.UsageType.Should().Be(BearerTokenUsageType.AuthorizationHeader);
}
public async Task Valid_Bearer_Scheme_Header()
{
var request = new HttpRequestMessage();
request.Method = HttpMethod.Get;
request.Headers.Add("Authorization", "Bearer token");
var validator = new BearerTokenUsageValidator();
var result = await validator.ValidateAsync(request);
result.TokenFound.Should().BeTrue();
result.Token.Should().Be("token");
result.UsageType.Should().Be(BearerTokenUsageType.AuthorizationHeader);
}
public async Task Body_Post_no_Token()
{
var ctx = new OwinContext();
ctx.Request.Method = "POST";
ctx.Request.ContentType = "application/x-www-form-urlencoded";
var body = "foo=bar";
ctx.Request.Body = new MemoryStream(Encoding.UTF8.GetBytes(body));
var validator = new BearerTokenUsageValidator();
var result = await validator.ValidateAsync(ctx);
result.TokenFound.Should().BeFalse();
}
public async Task Body_Post_Whitespace_Token()
{
var ctx = new DefaultHttpContext();
ctx.Request.Method = "POST";
ctx.Request.ContentType = "application/x-www-form-urlencoded";
var body = "access_token= ";
ctx.Request.Body = new MemoryStream(Encoding.UTF8.GetBytes(body));
var validator = new BearerTokenUsageValidator(TestLogger.Create <BearerTokenUsageValidator>());
var result = await validator.ValidateAsync(ctx);
result.TokenFound.Should().BeFalse();
}
public InitRegistrationEndpoint(BearerTokenUsageValidator tokenUsageValidator, ILogger <InitRegistrationEndpoint> logger, InitRegistrationRequestValidator requestValidator,
InitRegistrationResponseGenerator responseGenerator, IProfileService profileService, IResourceStore resourceStore, ITotpService totpService, IUserDeviceStore userDeviceStore,
IdentityMessageDescriber identityMessageDescriber
)
{
Logger = logger ?? throw new ArgumentNullException(nameof(logger));
ProfileService = profileService ?? throw new ArgumentNullException(nameof(profileService));
Request = requestValidator ?? throw new ArgumentNullException(nameof(requestValidator));
ResourceStore = resourceStore;
Response = responseGenerator ?? throw new ArgumentNullException(nameof(responseGenerator));
Token = tokenUsageValidator ?? throw new ArgumentNullException(nameof(tokenUsageValidator));
TotpService = totpService ?? throw new ArgumentNullException(nameof(totpService));
UserDeviceStore = userDeviceStore ?? throw new ArgumentNullException(nameof(userDeviceStore));
IdentityMessageDescriber = identityMessageDescriber ?? throw new ArgumentNullException(nameof(identityMessageDescriber));
}
public async Task Body_Post_Whitespace_Token()
{
var request = new HttpRequestMessage();
request.Method = HttpMethod.Post;
request.Content = new FormUrlEncodedContent(new Dictionary <string, string>
{
{ "access_token", " " }
});
var validator = new BearerTokenUsageValidator();
var result = await validator.ValidateAsync(request);
result.TokenFound.Should().BeFalse();
}
public async Task Valid_Body_Post()
{
var ctx = new OwinContext();
ctx.Request.Method = "POST";
ctx.Request.ContentType = "application/x-www-form-urlencoded";
var body = "access_token=token";
ctx.Request.Body = new MemoryStream(Encoding.UTF8.GetBytes(body));
var validator = new BearerTokenUsageValidator();
var result = await validator.ValidateAsync(ctx);
result.TokenFound.Should().BeTrue();
result.Token.Should().Be("token");
result.UsageType.Should().Be(BearerTokenUsageType.PostBody);
}
public async Task Valid_Body_Post()
{
var request = new HttpRequestMessage();
request.Method = HttpMethod.Post;
request.Content = new FormUrlEncodedContent(new Dictionary <string, string>
{
{ "access_token", "token" }
});
var validator = new BearerTokenUsageValidator();
var result = await validator.ValidateAsync(request);
result.TokenFound.Should().BeTrue();
result.Token.Should().Be("token");
result.UsageType.Should().Be(BearerTokenUsageType.PostBody);
}
public Authorize2Endpoint(
BearerTokenUsageValidator tokenUsageValidator,
IUserInfoRequestValidator requestValidator,
IUserInfoResponseGenerator responseGenerator,
IEventService events,
IClientSecretValidator clientValidator,
ILogger <AuthorizeEndpoint> logger,
IAuthorize2RequestValidator validator2,
IAuthorizeRequestValidator validator,
IAuthorizeInteractionResponseGenerator interactionGenerator,
IAuthorizeResponseGenerator authorizeResponseGenerator,
IUserSession userSession)
: base(events, logger, validator, interactionGenerator, authorizeResponseGenerator, userSession)
{
_validator2 = validator2;
_clientValidator = clientValidator;
_tokenUsageValidator = tokenUsageValidator;
_requestValidator = requestValidator;
_responseGenerator = responseGenerator;
}
