public async Task SignOutWith_Specific_RedirectUri_From_Authentication_Properites()
{
var configuration = TestServerBuilder.CreateDefaultOpenIdConnectConfiguration();
var stateFormat = new PropertiesDataFormat(new EphemeralDataProtectionProvider(NullLoggerFactory.Instance).CreateProtector("OIDCTest"));
var server = TestServerBuilder.CreateServer(o =>
{
o.Authority = TestServerBuilder.DefaultAuthority;
o.StateDataFormat = stateFormat;
o.ClientId = "Test Id";
o.Configuration = configuration;
o.SignedOutRedirectUri = "https://example.com/postlogout";
});
var transaction = await server.SendAsync("https://example.com/signout_with_specific_redirect_uri");
Assert.Equal(HttpStatusCode.Redirect, transaction.Response.StatusCode);
var query = transaction.Response.Headers.Location.Query.Substring(1).Split('&')
.Select(each => each.Split('='))
.ToDictionary(pair => pair[0], pair => pair[1]);
string redirectUri;
Assert.True(query.TryGetValue("post_logout_redirect_uri", out redirectUri));
Assert.Equal(UrlEncoder.Default.Encode("https://example.com/signout-callback-oidc"), redirectUri, true);
string state;
Assert.True(query.TryGetValue("state", out state));
var properties = stateFormat.Unprotect(state);
Assert.Equal("http://www.example.com/specific_redirect_uri", properties.RedirectUri, true);
}
public async Task EndSessionRequestDoesNotIncludeTelemetryParametersWhenDisabled()
{
var configuration = TestServerBuilder.CreateDefaultOpenIdConnectConfiguration();
var setting = new TestSettings(opt =>
{
opt.ClientId = "Test Id";
opt.Configuration = configuration;
opt.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
opt.DisableTelemetry = true;
});
var server = setting.CreateTestServer();
var transaction = await server.SendAsync(DefaultHost + TestServerBuilder.Signout);
var res = transaction.Response;
Assert.Equal(HttpStatusCode.Redirect, res.StatusCode);
Assert.DoesNotContain(OpenIdConnectParameterNames.SkuTelemetry, res.Headers.Location.Query);
Assert.DoesNotContain(OpenIdConnectParameterNames.VersionTelemetry, res.Headers.Location.Query);
setting.ValidateSignoutRedirect(transaction.Response.Headers.Location);
}
public async Task SignOutWithDefaultRedirectUri()
{
var configuration = TestServerBuilder.CreateDefaultOpenIdConnectConfiguration();
var server = TestServerBuilder.CreateServer(o =>
{
o.Authority = TestServerBuilder.DefaultAuthority;
o.ClientId = "Test Id";
o.Configuration = configuration;
});
var transaction = await server.SendAsync(DefaultHost + TestServerBuilder.Signout);
Assert.Equal(HttpStatusCode.Redirect, transaction.Response.StatusCode);
Assert.True(transaction.Response.Headers.Location.AbsoluteUri.StartsWith(configuration.EndSessionEndpoint));
var query = transaction.Response.Headers.Location.Query.Substring(1).Split('&')
.Select(each => each.Split('='))
.ToDictionary(pair => pair[0], pair => pair[1]);
string redirectUri;
Assert.True(query.TryGetValue("post_logout_redirect_uri", out redirectUri));
Assert.Equal(UrlEncoder.Default.Encode("https://example.com/signout-callback-oidc"), redirectUri, true);
}