public async Task OnRedirectToIdentityProvider_DefaultUserFlow_DoesntUpdateContext() { var errorAccessor = Substitute.For <ILoginErrorAccessor>(); var options = new MicrosoftIdentityOptions() { SignUpSignInPolicyId = DefaultUserFlow }; var handler = new AzureADB2COpenIDConnectEventHandlers(OpenIdConnectDefaults.AuthenticationScheme, options, errorAccessor); var httpContext = HttpContextUtilities.CreateHttpContext(); var authProperties = new AuthenticationProperties(); authProperties.Items.Add(OidcConstants.PolicyKey, DefaultUserFlow); var context = new RedirectContext(httpContext, _authScheme, new OpenIdConnectOptions(), authProperties) { ProtocolMessage = new OpenIdConnectMessage() { IssuerAddress = _defaultIssuer } }; await handler.OnRedirectToIdentityProvider(context).ConfigureAwait(false); errorAccessor.DidNotReceive().SetMessage(httpContext, Arg.Any <string>()); Assert.Null(context.ProtocolMessage.Scope); Assert.Null(context.ProtocolMessage.ResponseType); Assert.Equal(_defaultIssuer, context.ProtocolMessage.IssuerAddress); Assert.True(context.Properties.Items.ContainsKey(OidcConstants.PolicyKey)); }
public async void OnRedirectToIdentityProvider_CustomUserFlow_UpdatesContext() { var options = new MicrosoftIdentityOptions() { SignUpSignInPolicyId = DefaultUserFlow }; var handler = new AzureADB2COpenIDConnectEventHandlers(OpenIdConnectDefaults.AuthenticationScheme, options); var httpContext = HttpContextUtilities.CreateHttpContext(); var authProperties = new AuthenticationProperties(); authProperties.Items.Add(OidcConstants.PolicyKey, CustomUserFlow); var context = new RedirectContext(httpContext, _authScheme, new OpenIdConnectOptions(), authProperties) { ProtocolMessage = new OpenIdConnectMessage() { IssuerAddress = _defaultIssuer } }; await handler.OnRedirectToIdentityProvider(context).ConfigureAwait(false); Assert.Equal(OpenIdConnectScope.OpenIdProfile, context.ProtocolMessage.Scope); Assert.Equal(OpenIdConnectResponseType.IdToken, context.ProtocolMessage.ResponseType); Assert.Equal(_customIssuer, context.ProtocolMessage.IssuerAddress, true); Assert.False(context.Properties.Items.ContainsKey(OidcConstants.PolicyKey)); }
public async Task OnRedirectToIdentityProvider_CustomUserFlow_UpdatesContext(bool hasClientCredentials) { var errorAccessor = Substitute.For <ILoginErrorAccessor>(); var options = new MicrosoftIdentityOptions() { SignUpSignInPolicyId = DefaultUserFlow }; if (hasClientCredentials) { options.ClientSecret = TestConstants.ClientSecret; } var handler = new AzureADB2COpenIDConnectEventHandlers(OpenIdConnectDefaults.AuthenticationScheme, options, errorAccessor); var httpContext = HttpContextUtilities.CreateHttpContext(); var authProperties = new AuthenticationProperties(); authProperties.Items.Add(OidcConstants.PolicyKey, CustomUserFlow); var context = new RedirectContext(httpContext, _authScheme, new OpenIdConnectOptions(), authProperties) { ProtocolMessage = new OpenIdConnectMessage() { IssuerAddress = _defaultIssuer, Scope = TestConstants.Scopes, }, }; await handler.OnRedirectToIdentityProvider(context).ConfigureAwait(false); errorAccessor.DidNotReceive().SetMessage(httpContext, Arg.Any <string>()); Assert.Equal(TestConstants.Scopes, context.ProtocolMessage.Scope); Assert.Equal(_customIssuer, context.ProtocolMessage.IssuerAddress, true); Assert.False(context.Properties.Items.ContainsKey(OidcConstants.PolicyKey)); if (hasClientCredentials) { Assert.Equal(OpenIdConnectResponseType.CodeIdToken, context.ProtocolMessage.ResponseType); } else { Assert.Equal(OpenIdConnectResponseType.IdToken, context.ProtocolMessage.ResponseType); } }
public async Task OnRedirectToIdentityProviderHandler_UpdatesRequestForOtherPolicies() { // Arrange var handlers = new AzureADB2COpenIDConnectEventHandlers( AzureADB2CDefaults.AuthenticationScheme, new AzureADB2COptions() { SignUpSignInPolicyId = "B2C_1_SiUpIn" }); var authenticationProperties = new AuthenticationProperties(new Dictionary <string, string> { [AzureADB2CDefaults.PolicyKey] = "B2C_1_EP" }); var redirectContext = new RedirectContext( new DefaultHttpContext(), new AuthenticationScheme(AzureADB2CDefaults.AuthenticationScheme, "", typeof(OpenIdConnectHandler)), new OpenIdConnectOptions(), authenticationProperties) { ProtocolMessage = new OpenIdConnectMessage { Scope = OpenIdConnectScope.OpenId, ResponseType = OpenIdConnectResponseType.Code, IssuerAddress = "https://login.microsoftonline.com/tfp/domain.onmicrosoft.com/B2C_1_EP/v2.0" } }; // Act await handlers.OnRedirectToIdentityProvider(redirectContext); // Assert Assert.Equal(OpenIdConnectScope.OpenIdProfile, redirectContext.ProtocolMessage.Scope); Assert.Equal(OpenIdConnectResponseType.IdToken, redirectContext.ProtocolMessage.ResponseType); Assert.Equal( "https://login.microsoftonline.com/tfp/domain.onmicrosoft.com/b2c_1_ep/v2.0", redirectContext.ProtocolMessage.IssuerAddress); Assert.False(authenticationProperties.Items.ContainsKey(AzureADB2CDefaults.PolicyKey)); }