public CodeFlowTests() { _pipeline.IdentityScopes.Add(new IdentityResources.OpenId()); _pipeline.Clients.Add(new Client { Enabled = true, ClientId = "code_pipeline.Client", ClientSecrets = new List <Secret> { new Secret("secret".Sha512()) }, AllowedGrantTypes = GrantTypes.Code, AllowedScopes = { "openid" }, RequireConsent = false, RequirePkce = false, RedirectUris = new List <Uri> { new Uri("https://code_pipeline.Client/callback"), new Uri("https://code_pipeline.Client/callback?foo=bar&baz=quux") } }); _pipeline.Users.Add(new TestUser { SubjectId = "bob", Username = "******", Claims = new Claim[] { new Claim("name", "Bob Loblaw"), new Claim("email", "*****@*****.**"), new Claim("role", "Attorney") } }); _pipeline.Initialize(); }
public ResponseTypeResponseModeTests() { _mockPipeline.Initialize(); _mockPipeline.BrowserClient.AllowAutoRedirect = false; _mockPipeline.Clients.Add(new Client { Enabled = true, ClientId = "code_client", ClientSecrets = new List <Secret> { new Secret("secret".Sha512()) }, AllowedGrantTypes = GrantTypes.Code, AllowedScopes = { "openid" }, RequireConsent = false, RequirePkce = false, RedirectUris = new List <string> { "https://code_client/callback" } }); _mockPipeline.IdentityScopes.Add(new IdentityResources.OpenId()); _mockPipeline.Users.Add(new TestUser { SubjectId = "bob", Username = "******", Claims = new Claim[] { new Claim("name", "Bob Loblaw"), new Claim("email", "*****@*****.**"), new Claim("role", "Attorney") } }); }
public SubpathHosting() { _mockPipeline.Clients.AddRange(new Client[] { _client1 = new Client { ClientId = "client1", AllowedGrantTypes = GrantTypes.Implicit, RequireConsent = false, AllowedScopes = new List <string> { "openid", "profile" }, RedirectUris = new List <string> { "https://client1/callback" }, AllowAccessTokensViaBrowser = true } }); _mockPipeline.Users.Add(new TestUser { SubjectId = "bob", Username = "******", Claims = new Claim[] { new Claim("name", "Bob Loblaw"), new Claim("email", "*****@*****.**"), new Claim("role", "Attorney") } }); _mockPipeline.IdentityScopes.AddRange(new IdentityResource[] { new IdentityResources.OpenId(), new IdentityResources.Profile(), new IdentityResources.Email() }); _mockPipeline.Initialize("/subpath"); }
public async Task Algorithms_supported_should_match_signing_key() { var key = CryptoHelper.CreateECDsaSecurityKey(JsonWebKeyECTypes.P256); var expectedAlgorithm = SecurityAlgorithms.EcdsaSha256; IdentityServerPipeline pipeline = new IdentityServerPipeline(); pipeline.OnPostConfigureServices += services => { services.AddIdentityServerBuilder() .AddSigningCredential(key, expectedAlgorithm); }; pipeline.Initialize("/ROOT"); var result = await pipeline.BackChannelClient.GetAsync("https://server/root/.well-known/openid-configuration"); var json = await result.Content.ReadAsStringAsync(); var data = JObject.Parse(json); var algorithmsSupported = data["id_token_signing_alg_values_supported"].Values <string>(); algorithmsSupported.Should().Contain(expectedAlgorithm); }
public async Task Jwks_entries_should_contain_alg() { IdentityServerPipeline pipeline = new IdentityServerPipeline(); pipeline.Initialize("/ROOT"); var result = await pipeline.BackChannelClient.GetAsync("https://server/root/.well-known/openid-configuration/jwks"); var json = await result.Content.ReadAsStringAsync(); var data = JsonSerializer.Deserialize <Dictionary <string, JsonElement> >(json); var keys = data["keys"]; keys.Should().NotBeNull(); var key = keys[0]; key.Should().NotBeNull(); var alg = key.TryGetValue("alg"); alg.GetString().Should().Be(Constants.SigningAlgorithms.RSA_SHA_256); }
public JwtRequestAuthorizeTests() { IdentityModelEventSource.ShowPII = true; _rsaKey = CryptoHelper.CreateRsaSecurityKey(); _mockPipeline.Clients.AddRange(new Client[] { _client = new Client { ClientName = "Client with keys", ClientId = "client", Enabled = true, RequireRequestObject = true, RedirectUris = { "https://client/callback" }, ClientSecrets = { new Secret { // x509 cert as base64 string Type = IdentityServerConstants.SecretTypes.X509CertificateBase64, Value = Convert.ToBase64String(TestCert.Load().Export(X509ContentType.Cert)) }, new Secret { // symmetric key as JWK Type = IdentityServerConstants.SecretTypes.JsonWebKey, Value = _symmetricJwk }, new Secret { // RSA key as JWK Type = IdentityServerConstants.SecretTypes.JsonWebKey, Value = JsonConvert.SerializeObject(JsonWebKeyConverter.ConvertFromRSASecurityKey(_rsaKey)) }, new Secret { // x509 cert as JWK Type = IdentityServerConstants.SecretTypes.JsonWebKey, Value = JsonConvert.SerializeObject(JsonWebKeyConverter.ConvertFromX509SecurityKey(new X509SecurityKey(TestCert.Load()))) } }, AllowedGrantTypes = GrantTypes.Implicit, AllowedScopes = new List <string> { "openid", "profile", "api1", "api2" } }, }); _mockPipeline.Users.Add(new TestUser { SubjectId = "bob", Username = "******", Claims = new Claim[] { new Claim("name", "Bob Loblaw"), new Claim("email", "*****@*****.**"), new Claim("role", "Attorney") } }); _mockPipeline.IdentityScopes.AddRange(new IdentityResource[] { new IdentityResources.OpenId(), new IdentityResources.Profile(), new IdentityResources.Email() }); _mockPipeline.ApiScopes.AddRange(new ApiResource[] { new ApiResource { Name = "api", Scopes = { new Scope { Name = "api1" }, new Scope { Name = "api2" } } } }); _mockPipeline.Initialize(); }
public PkceTests() { _pipeline.Users.Add(new TestUser { SubjectId = "bob", Username = "******", Claims = new Claim[] { new Claim("name", "Bob Loblaw"), new Claim("email", "*****@*****.**"), new Claim("role", "Attorney") } }); _pipeline.IdentityScopes.Add(new IdentityResources.OpenId()); _pipeline.Clients.Add(client = new Client { Enabled = true, ClientId = client_id, ClientSecrets = new List <Secret> { new Secret(client_secret.Sha256()) }, AllowedGrantTypes = GrantTypes.Code, RequirePkce = true, AllowedScopes = { "openid" }, RequireConsent = false, RedirectUris = new List <string> { redirect_uri } }); _pipeline.Clients.Add(client = new Client { Enabled = true, ClientId = client_id_optional, ClientSecrets = new List <Secret> { new Secret(client_secret.Sha256()) }, AllowedGrantTypes = GrantTypes.Code, RequirePkce = false, AllowedScopes = { "openid" }, RequireConsent = false, RedirectUris = new List <string> { redirect_uri } }); _pipeline.Clients.Add(client = new Client { Enabled = true, ClientId = client_id_pkce, ClientSecrets = new List <Secret> { new Secret(client_secret.Sha256()) }, AllowedGrantTypes = GrantTypes.Code, RequirePkce = true, AllowedScopes = { "openid" }, RequireConsent = false, RedirectUris = new List <string> { redirect_uri } }); // allow plain text PKCE _pipeline.Clients.Add(client = new Client { Enabled = true, ClientId = client_id_plain, ClientSecrets = new List <Secret> { new Secret(client_secret.Sha256()) }, AllowedGrantTypes = GrantTypes.Code, RequirePkce = true, AllowPlainTextPkce = true, AllowedScopes = { "openid" }, RequireConsent = false, RedirectUris = new List <string> { redirect_uri } }); _pipeline.Clients.Add(client = new Client { Enabled = true, ClientId = client_id_pkce_plain, ClientSecrets = new List <Secret> { new Secret(client_secret.Sha256()) }, AllowedGrantTypes = GrantTypes.Code, RequirePkce = true, AllowPlainTextPkce = true, AllowedScopes = { "openid" }, RequireConsent = false, RedirectUris = new List <string> { redirect_uri } }); _pipeline.Initialize(); }
public RestrictAccessTokenViaBrowserTests() { _mockPipeline.Clients.AddRange(new Client[] { new Client { ClientId = "client1", AllowedGrantTypes = GrantTypes.Implicit, RequireConsent = false, AllowedScopes = new List <string> { "openid" }, RedirectUris = new List <string> { "https://client1/callback" }, AllowAccessTokensViaBrowser = true }, new Client { ClientId = "client2", AllowedGrantTypes = GrantTypes.Implicit, RequireConsent = false, AllowedScopes = new List <string> { "openid" }, RedirectUris = new List <string> { "https://client2/callback" }, AllowAccessTokensViaBrowser = false }, new Client { ClientId = "client3", AllowedGrantTypes = GrantTypes.Hybrid, RequireConsent = false, AllowedScopes = new List <string> { "openid" }, RedirectUris = new List <string> { "https://client3/callback" }, AllowAccessTokensViaBrowser = true }, new Client { ClientId = "client4", AllowedGrantTypes = GrantTypes.Hybrid, RequireConsent = false, AllowedScopes = new List <string> { "openid" }, RedirectUris = new List <string> { "https://client4/callback" }, AllowAccessTokensViaBrowser = false } }); _mockPipeline.Users.Add(new TestUser { SubjectId = "bob", Username = "******", Claims = new Claim[] { new Claim("name", "Bob Loblaw"), new Claim("email", "*****@*****.**"), new Claim("role", "Attorney") } }); _mockPipeline.IdentityScopes.AddRange(new IdentityResource[] { new IdentityResources.OpenId() }); _mockPipeline.Initialize(); }
public CibaTokenEndpointTests() { _mockPipeline.OnPostConfigureServices += services => { services.AddSingleton <IBackchannelAuthenticationUserValidator>(_mockCibaUserValidator); services.AddSingleton <IBackchannelAuthenticationUserNotificationService>(_mockCibaUserNotificationService); }; _mockPipeline.Clients.AddRange(new Client[] { _cibaClient = new Client { ClientId = "client1", AllowedGrantTypes = GrantTypes.Ciba, ClientSecrets = { new Secret("secret".Sha256()), }, AllowOfflineAccess = true, AllowedScopes = new List <string> { "openid", "profile", "scope1" }, }, new Client { ClientId = "client2", AllowedGrantTypes = GrantTypes.Ciba, ClientSecrets = { new Secret("secret".Sha256()), }, AllowOfflineAccess = true, AllowedScopes = new List <string> { "openid", "profile", "scope1" }, }, new Client { ClientId = "client3", AllowedGrantTypes = GrantTypes.ClientCredentials, ClientSecrets = { new Secret("secret".Sha256()), }, AllowOfflineAccess = true, AllowedScopes = new List <string> { "openid", "profile", "scope1" }, }, }); _mockPipeline.Users.Add(_user = new TestUser { SubjectId = "123", Username = "******", Password = "******", Claims = new Claim[] { new Claim("name", "Bob Loblaw"), new Claim("email", "*****@*****.**"), new Claim("role", "Attorney") } }); _mockPipeline.IdentityScopes.AddRange(new IdentityResource[] { new IdentityResources.OpenId(), new IdentityResources.Profile(), new IdentityResources.Email() }); _mockPipeline.ApiResources.AddRange(new ApiResource[] { new ApiResource { Name = "urn:api1", Scopes = { "scope1" } }, new ApiResource { Name = "urn:api2", Scopes = { "scope1" } }, }); _mockPipeline.ApiScopes.AddRange(new ApiScope[] { new ApiScope { Name = "scope1" }, }); _mockPipeline.Initialize(); }
public EndSessionTests() { _mockPipeline.Clients.Add(new Client { ClientId = "client1", AllowedGrantTypes = GrantTypes.Implicit, RequireConsent = false, AllowedScopes = new List <string> { "openid" }, RedirectUris = new List <string> { "https://client1/callback" }, FrontChannelLogoutUri = "https://client1/signout", PostLogoutRedirectUris = new List <string> { "https://client1/signout-callback" }, AllowAccessTokensViaBrowser = true }); _mockPipeline.Clients.Add(new Client { ClientId = "client2", AllowedGrantTypes = GrantTypes.Implicit, RequireConsent = false, AllowedScopes = new List <string> { "openid" }, RedirectUris = new List <string> { "https://client2/callback" }, FrontChannelLogoutUri = "https://client2/signout", PostLogoutRedirectUris = new List <string> { "https://client2/signout-callback", "https://client2/signout-callback2" }, AllowAccessTokensViaBrowser = true }); _mockPipeline.Clients.Add(new Client { ClientId = "client3", AllowedGrantTypes = GrantTypes.Implicit, RequireConsent = false, AllowedScopes = new List <string> { "openid" }, RedirectUris = new List <string> { "https://client3/callback" }, BackChannelLogoutUri = "https://client3/signout", AllowAccessTokensViaBrowser = true }); _mockPipeline.Clients.Add(_wsfedClient = new Client { ClientId = "client4", AllowedGrantTypes = GrantTypes.Implicit, RequireConsent = false, AllowedScopes = new List <string> { "openid" }, RedirectUris = new List <string> { "https://client4/callback" }, FrontChannelLogoutUri = "https://client4/signout", AllowAccessTokensViaBrowser = true }); _mockPipeline.Users.Add(new TestUser { SubjectId = "bob", Username = "******", Claims = new Claim[] { new Claim("name", "Bob Loblaw"), new Claim("email", "*****@*****.**"), new Claim("role", "Attorney") } }); _mockPipeline.IdentityScopes.AddRange(new IdentityResource[] { new IdentityResources.OpenId() }); _mockPipeline.Initialize(); }
public ServerSideSessionTests() { _urls.Origin = IdentityServerPipeline.BaseUrl; _urls.BasePath = "/"; _pipeline.OnPostConfigureServices += s => { s.AddSingleton <IServerUrls>(_urls); s.AddIdentityServerBuilder().AddServerSideSessions(); }; _pipeline.OnPostConfigure += app => { _pipeline.Options.ServerSideSessions.RemoveExpiredSessionsFrequency = TimeSpan.FromMilliseconds(100); app.Map("/user", ep => { ep.Run(ctx => { if (ctx.User.Identity.IsAuthenticated) { ctx.Response.StatusCode = 200; } else { ctx.Response.StatusCode = 401; } return(Task.CompletedTask); }); }); }; _pipeline.Users.Add(new TestUser { SubjectId = "bob", Username = "******", }); _pipeline.Users.Add(new TestUser { SubjectId = "alice", Username = "******", }); _pipeline.Clients.Add(new Client { ClientId = "client", AllowedGrantTypes = GrantTypes.Code, RequireClientSecret = false, RequireConsent = false, RequirePkce = false, AllowedScopes = { "openid", "api" }, AllowOfflineAccess = true, CoordinateLifetimeWithUserSession = true, RefreshTokenUsage = TokenUsage.ReUse, RedirectUris = { "https://client/callback" }, BackChannelLogoutUri = "https://client/bc-logout" }); _pipeline.IdentityScopes.Add(new IdentityResources.OpenId()); _pipeline.ApiScopes.Add(new ApiScope("api")); _pipeline.Initialize(); _sessionStore = _pipeline.Resolve <IServerSideSessionStore>(); _ticketService = _pipeline.Resolve <IServerSideTicketService>(); _sessionMgmt = _pipeline.Resolve <ISessionManagementService>(); _grantStore = _pipeline.Resolve <IPersistedGrantStore>(); _refreshTokenStore = _pipeline.Resolve <IRefreshTokenStore>(); }
public void Init() { _mockPipeline = new IdentityServerPipeline(); _mockPipeline.Clients.AddRange(new Client[] { new Client { ClientId = "client1", AllowedGrantTypes = GrantTypes.Implicit, RequireConsent = false, AllowedScopes = new List <string> { "openid", "profile", "aid" }, RedirectUris = new List <string> { "https://client1/callback" }, AllowAccessTokensViaBrowser = true, AccessTokenLifetime = 3600, IdentityTokenLifetime = 500 }, new Client { ClientId = "client2", AllowedGrantTypes = GrantTypes.Implicit, RequireConsent = true, AllowedScopes = new List <string> { "openid", "profile", "api1", "api2", "aid", "aid_idResource" }, RedirectUris = new List <string> { "https://client2/callback" }, AllowAccessTokensViaBrowser = true, AlwaysIncludeUserClaimsInIdToken = true } }); _mockPipeline.Users.Add(new TestUser { SubjectId = "bob", Username = "******", Claims = new Claim[] { new Claim("name", "Bob Loblaw"), new Claim("email", "*****@*****.**"), new Claim("role", "Attorney") } }); _mockPipeline.IdentityScopes.AddRange(new IdentityResource[] { new IdentityResources.OpenId(), new IdentityResources.Profile(), new IdentityResources.Email(), new IdentityResource("aid_idResource", new [] { "aid" }) }); _mockPipeline.ApiScopes.AddRange(new ApiResource[] { new ApiResource { Name = "api", Scopes = { new Scope { Name = "api1" }, new Scope { Name = "api2" }, new Scope { Name = "aid", UserClaims = new List <string>() { "aid" } } } } }); _mockPipeline.Initialize(); }
public void Init() { _mockPipeline = new IdentityServerPipeline(); _mockPipeline.Initialize(); }
public void Init() { _mockPipeline = new IdentityServerPipeline(); _mockPipeline.Clients.AddRange(new Client[] { _client1 = new Client { ClientId = "client1", AllowedGrantTypes = GrantTypes.Implicit, RequireConsent = false, AllowedScopes = new List <string> { "openid", "profile" }, RedirectUris = new List <string> { "https://client1/callback" }, AllowAccessTokensViaBrowser = true, AccessTokenLifetime = 3600 }, new Client { ClientId = "client2", AllowedGrantTypes = GrantTypes.Implicit, RequireConsent = true, AllowedScopes = new List <string> { "openid", "profile", "api1", "api2" }, RedirectUris = new List <string> { "https://client2/callback" }, AllowAccessTokensViaBrowser = true }, new Client { ClientId = "client3", AllowedGrantTypes = GrantTypes.Implicit, RequireConsent = false, AllowedScopes = new List <string> { "openid", "profile", "api1", "api2" }, RedirectUris = new List <string> { "https://client3/callback" }, AllowAccessTokensViaBrowser = true, EnableLocalLogin = false, IdentityProviderRestrictions = new List <string> { "google" } }, new Client { ClientId = "client4", AllowedGrantTypes = GrantTypes.Code, RequireClientSecret = false, RequireConsent = false, AllowedScopes = new List <string> { "openid", "profile", "api1", "api2" }, RedirectUris = new List <string> { "https://client4/callback" }, AccessTokenLifetime = 3600 }, new Client { ClientId = client_id, ClientSecrets = new List <Secret> { new Secret(client_secret.Sha256()) }, AllowedGrantTypes = { GrantType.ClientCredentials, GrantType.ResourceOwnerPassword }, AllowedScopes = new List <string> { "api3" }, AccessTokenLifetime = 3600 } }); _mockPipeline.Users.Add(new TestUser { SubjectId = "bob", Username = "******", Password = "******", Claims = new Claim[] { new Claim("name", "Bob Loblaw"), new Claim("email", "*****@*****.**"), new Claim("role", "Attorney") } }); _mockPipeline.IdentityScopes.AddRange(new IdentityResource[] { new IdentityResources.OpenId(), new IdentityResources.Profile(), new IdentityResources.Email() }); _mockPipeline.ApiScopes.AddRange(new ApiResource[] { new ApiResource { Name = "api", Scopes = { new Scope { Name = "api1" }, new Scope { Name = "api2" } } }, new ApiResource { Name = "api1", ApiSecrets = new List <Secret> { new Secret(scope_secret.Sha256()) }, Scopes = { new Scope { Name = scope_name } } } }); _mockPipeline.Initialize(); }
public AuthorizeLoggingTests() { _mockPipeline.Clients.AddRange(new Client[] { _client1 = new Client { ClientId = "client1", AllowedGrantTypes = GrantTypes.Implicit, RequireConsent = false, AllowedScopes = new List <string> { "openid", "profile" }, RedirectUris = new List <string> { "https://client1/callback" }, AllowAccessTokensViaBrowser = true }, new Client { ClientId = "client2", AllowedGrantTypes = GrantTypes.Implicit, RequireConsent = true, AllowedScopes = new List <string> { "openid", "profile", "api1", "api2" }, RedirectUris = new List <string> { "https://client2/callback" }, AllowAccessTokensViaBrowser = true }, new Client { ClientId = "client3", AllowedGrantTypes = GrantTypes.Implicit, RequireConsent = false, AllowedScopes = new List <string> { "openid", "profile", "api1", "api2" }, RedirectUris = new List <string> { "https://client3/callback" }, AllowAccessTokensViaBrowser = true, EnableLocalLogin = false, IdentityProviderRestrictions = new List <string> { "google" } } }); _mockPipeline.Users.Add(new TestUser { SubjectId = "bob", Username = "******", Claims = new Claim[] { new Claim("name", "Bob Loblaw"), new Claim("email", "*****@*****.**"), new Claim("role", "Attorney") } }); _mockPipeline.IdentityScopes.AddRange(new IdentityResource[] { new IdentityResources.OpenId(), new IdentityResources.Profile(), new IdentityResources.Email() }); _mockPipeline.ApiScopes.AddRange(new ApiResource[] { new ApiResource { Name = "api", Scopes = { new Scope { Name = "api1" }, new Scope { Name = "api2" } } } }); _mockPipeline.Initialize(enableLogging: true); }
public ResourceTests() { _mockPipeline.Clients.AddRange(new Client[] { _client1 = new Client { ClientId = "client1", ClientSecrets = { new Secret("secret".Sha256()) }, AllowedGrantTypes = GrantTypes.Code, RequireConsent = false, RequirePkce = false, AllowOfflineAccess = true, AllowedScopes = new List <string> { "openid", "profile", "scope1", "scope2", "scope3", "scope4" }, RedirectUris = new List <string> { "https://client1/callback" }, }, new Client { ClientId = "client2", AllowedGrantTypes = GrantTypes.Implicit, RequireConsent = false, AllowAccessTokensViaBrowser = true, AllowedScopes = new List <string> { "openid", "profile", "scope1", "scope2", "scope3", "scope4" }, RedirectUris = new List <string> { "https://client2/callback" }, }, }); _mockPipeline.Users.Add(new TestUser { SubjectId = "bob", Username = "******", Claims = new Claim[] { new Claim("name", "Bob Loblaw"), new Claim("email", "*****@*****.**"), new Claim("role", "Attorney") } }); _mockPipeline.IdentityScopes.AddRange(new IdentityResource[] { new IdentityResources.OpenId(), new IdentityResources.Profile(), new IdentityResources.Email() }); _mockPipeline.ApiResources.AddRange(new ApiResource[] { new ApiResource { Name = "urn:resource1", Scopes = { "scope1", "scope2" } }, new ApiResource { Name = "urn:resource2", Scopes = { "scope2" } }, new ApiResource { RequireResourceIndicator = true, Name = "urn:resource3", Scopes = { "scope3" } }, }); _mockPipeline.ApiScopes.AddRange(new ApiScope[] { new ApiScope { Name = "scope1" }, new ApiScope { Name = "scope2" }, new ApiScope { Name = "scope3" }, new ApiScope { Name = "scope4" }, }); _mockPipeline.Initialize(); }
public CheckSessionTests() { _mockPipeline.Initialize(); }
public RevocationTests() { _mockPipeline.Clients.Add(new Client { ClientId = client_id, ClientSecrets = new List <Secret> { new Secret(client_secret.Sha256()) }, AllowedGrantTypes = GrantTypes.Code, RequireConsent = false, RequirePkce = false, AllowOfflineAccess = true, AllowedScopes = new List <string> { "api" }, RedirectUris = new List <string> { redirect_uri }, AllowAccessTokensViaBrowser = true, AccessTokenType = AccessTokenType.Reference, RefreshTokenUsage = TokenUsage.ReUse }); _mockPipeline.Clients.Add(new Client { ClientId = "implicit", AllowedGrantTypes = GrantTypes.Implicit, RequireConsent = false, AllowedScopes = new List <string> { "api" }, RedirectUris = new List <string> { redirect_uri }, AllowAccessTokensViaBrowser = true, AccessTokenType = AccessTokenType.Reference }); _mockPipeline.Clients.Add(new Client { ClientId = "implicit_and_client_creds", AllowedGrantTypes = GrantTypes.ImplicitAndClientCredentials, ClientSecrets = { new Secret("secret".Sha256()) }, RequireConsent = false, AllowedScopes = new List <string> { "api" }, RedirectUris = new List <string> { redirect_uri }, AllowAccessTokensViaBrowser = true, AccessTokenType = AccessTokenType.Reference }); _mockPipeline.Users.Add(new TestUser { SubjectId = "bob", Username = "******", Claims = new Claim[] { new Claim("name", "Bob Loblaw"), new Claim("email", "*****@*****.**"), new Claim("role", "Attorney") } }); _mockPipeline.IdentityScopes.AddRange(new IdentityResource[] { new IdentityResources.OpenId() }); _mockPipeline.ApiResources.AddRange(new ApiResource[] { new ApiResource { Name = "api", ApiSecrets = new List <Secret> { new Secret(scope_secret.Sha256()) }, Scopes = { scope_name } } }); _mockPipeline.ApiScopes.AddRange(new ApiScope[] { new ApiScope { Name = scope_name } }); _mockPipeline.Initialize(); }
public SessionIdTests() { _mockPipeline.Clients.AddRange(new Client[] { new Client { ClientId = "client1", AllowedGrantTypes = GrantTypes.Implicit, RequireConsent = false, AllowedScopes = new List <string> { "openid", "profile" }, RedirectUris = new List <Uri> { new Uri("https://client1/callback") }, AllowAccessTokensViaBrowser = true }, new Client { ClientId = "client2", AllowedGrantTypes = GrantTypes.Implicit, RequireConsent = true, AllowedScopes = new List <string> { "openid", "profile", "api1", "api2" }, RedirectUris = new List <Uri> { new Uri("https://client2/callback") }, AllowAccessTokensViaBrowser = true } }); _mockPipeline.Users.Add(new TestUser { SubjectId = "bob", Username = "******", Claims = new Claim[] { new Claim("name", "Bob Loblaw"), new Claim("email", "*****@*****.**"), new Claim("role", "Attorney") } }); _mockPipeline.IdentityScopes.AddRange(new IdentityResource[] { new IdentityResources.OpenId(), new IdentityResources.Profile(), new IdentityResources.Email() }); _mockPipeline.ApiResources.AddRange(new ApiResource[] { new ApiResource { Name = "api", } }); _mockPipeline.ApiScopes.AddRange(new ApiScope[] { new ApiScope { Name = "api1" }, new ApiScope { Name = "api2" } }); _mockPipeline.Initialize(); }