public static AuthorizeRequestValidator CreateAuthorizeRequestValidator(
IdentityServerOptions options = null,
IScopeStore scopes = null,
IClientStore clients = null,
IUserService users = null,
ICustomRequestValidator customValidator = null,
IRedirectUriValidator uriValidator = null,
ScopeValidator scopeValidator = null,
IDictionary <string, object> environment = null)
{
if (options == null)
{
options = TestIdentityServerOptions.Create();
}
if (scopes == null)
{
scopes = new InMemoryScopeStore(TestScopes.Get());
}
if (clients == null)
{
clients = new InMemoryClientStore(TestClients.Get());
}
if (customValidator == null)
{
customValidator = new DefaultCustomRequestValidator();
}
if (uriValidator == null)
{
uriValidator = new DefaultRedirectUriValidator();
}
if (scopeValidator == null)
{
scopeValidator = new ScopeValidator(scopes);
}
var mockSessionCookie = new Mock <SessionCookie>((IOwinContext)null, (IdentityServerOptions)null);
mockSessionCookie.CallBase = false;
mockSessionCookie.Setup(x => x.GetSessionId()).Returns((string)null);
return(new AuthorizeRequestValidator(options, clients, customValidator, uriValidator, scopeValidator, mockSessionCookie.Object));
}
public static IdentityServerServiceFactory Configure(string connString)
{
var factory = new IdentityServerServiceFactory();
factory.UserService =
new Registration <IUserService>(resolver => MembershipRebootUserServiceFactory.Factory(connString));
var scopeStore = new InMemoryScopeStore(Scopes.Get());
factory.ScopeStore = new Registration <IScopeStore>(resolver => scopeStore);
var clientStore = new InMemoryClientStore(Clients.Get());
factory.ClientStore = new Registration <IClientStore>(resolver => clientStore);
return(factory);
}
public static IdentityServerServiceFactory Configure()
{
var factory = new IdentityServerServiceFactory();
var scopeStore = new InMemoryScopeStore(Scopes.Get());
factory.ScopeStore = new Registration <IScopeStore>(scopeStore);
var clientStore = new InMemoryClientStore(Clients.Get());
factory.ClientStore = new Registration <IClientStore>(clientStore);
factory.CorsPolicyService = new Registration <ICorsPolicyService>(new DefaultCorsPolicyService {
AllowAll = true
});
return(factory);
}
public static IdentityServerServiceFactory Create()
{
var factory = new IdentityServerServiceFactory();
var scopeStore = new InMemoryScopeStore(Scopes.ScopesRepository.GetAll());
factory.ScopeStore = new Registration <IScopeStore>(resolver => scopeStore);
var clientStore = new InMemoryClientStore(Clients.ClientsRepository.GetAll());
factory.ClientStore = new Registration <IClientStore>(resolver => clientStore);
var usersStore = new InMemoryUserService(new List <InMemoryUser>());
factory.UserService = new Registration <IUserService>(resolver => usersStore);
return(factory);
}
public static AuthorizeRequestValidator CreateAuthorizeRequestValidator(
IdentityServerOptions options = null,
IScopeStore scopes = null,
IClientStore clients = null,
IUserService users = null,
ICustomRequestValidator customValidator = null,
IDictionary <string, object> environment = null)
{
if (options == null)
{
options = Thinktecture.IdentityServer.Tests.TestIdentityServerOptions.Create();
}
if (scopes == null)
{
scopes = new InMemoryScopeStore(TestScopes.Get());
}
if (clients == null)
{
clients = new InMemoryClientStore(TestClients.Get());
}
if (customValidator == null)
{
customValidator = new DefaultCustomRequestValidator();
}
IOwinContext context;
if (environment == null)
{
context = new OwinContext(new Dictionary <string, object>());
}
else
{
context = new OwinContext(environment);
}
return(new AuthorizeRequestValidator(options, scopes, clients, customValidator, context));
}
public static TokenRequestValidator CreateTokenValidator(
IdentityServerOptions options = null,
IScopeStore scopes = null,
IAuthorizationCodeStore authorizationCodeStore = null,
IRefreshTokenStore refreshTokens = null,
IUserService userService = null,
IAssertionGrantValidator assertionGrantValidator = null,
ICustomRequestValidator customRequestValidator = null)
{
if (options == null)
{
options = Thinktecture.IdentityServer.Tests.TestIdentityServerOptions.Create();
}
if (scopes == null)
{
scopes = new InMemoryScopeStore(TestScopes.Get());
}
if (userService == null)
{
userService = new TestUserService();
}
if (customRequestValidator == null)
{
customRequestValidator = new DefaultCustomRequestValidator();
}
if (assertionGrantValidator == null)
{
assertionGrantValidator = new TestAssertionValidator();
}
if (refreshTokens == null)
{
refreshTokens = new InMemoryRefreshTokenStore();
}
return(new TokenRequestValidator(options, authorizationCodeStore, refreshTokens, userService, scopes, assertionGrantValidator, customRequestValidator));
}
protected void Init()
{
clients = TestClients.Get();
var clientStore = new InMemoryClientStore(clients);
var scopeStore = new InMemoryScopeStore(TestScopes.Get());
var factory = new IdentityServerServiceFactory
{
ScopeStore = new Registration <IScopeStore>((resolver) => scopeStore),
ClientStore = new Registration <IClientStore>((resolver) => clientStore)
};
server = TestServer.Create(app =>
{
appBuilder = app;
mockUserService = new MockUserService(TestUsers.Get());
factory.UserService = new Registration <IUserService>(resolver =>
{
mockUserService.OwinEnvironmentService = resolver.Resolve <OwinEnvironmentService>();
return(mockUserService);
});
options = TestIdentityServerOptions.Create();
options.Factory = factory;
options.AuthenticationOptions.IdentityProviders = OverrideIdentityProviderConfiguration ?? ConfigureAdditionalIdentityProviders;
protector = options.DataProtector;
if (ConfigureIdentityServerOptions != null)
{
ConfigureIdentityServerOptions(options);
}
app.UseIdentityServer(options);
ticketFormatter = new TicketDataFormat(
new DataProtectorAdapter(protector, options.AuthenticationOptions.CookieOptions.Prefix + Constants.PartialSignInAuthenticationType));
});
client = server.HttpClient;
}
public static IdentityServerServiceFactory Configure()
{
var factory = new IdentityServerServiceFactory();
var scopes = Scopes.Get().ToList();
scopes.ForEach(s => s.IncludeAllClaimsForUser = true);
var scopeStore = new InMemoryScopeStore(scopes);
factory.ScopeStore = new Registration <IScopeStore>(scopeStore);
var clientStore = new InMemoryClientStore(Clients.Get());
factory.ClientStore = new Registration <IClientStore>(clientStore);
factory.CorsPolicyService = new Registration <ICorsPolicyService>(new DefaultCorsPolicyService {
AllowAll = true
});
return(factory);
}
public IdentityServerHost()
{
var clientStore = new InMemoryClientStore(Clients);
var scopeStore = new InMemoryScopeStore(Scopes);
var userService = new InMemoryUserService(Users);
var factory = new IdentityServerServiceFactory
{
ScopeStore = new Registration <IScopeStore>(scopeStore),
ClientStore = new Registration <IClientStore>(clientStore),
UserService = new Registration <IUserService>(userService),
};
Options = new IdentityServerOptions
{
Factory = factory,
DataProtector = new NoDataProtector(),
SiteName = "IdentityServer3 Host",
SigningCertificate = SigningCertificate
};
}
private static IdentityServerServiceFactory ConfigureFactory(SsoServiceEnvironmentConfiguration environment)
{
var connectionString = environment.TableStorageConnectionString;
var factory = new IdentityServerServiceFactory();
var viewOptions = new DefaultViewServiceOptions();
#if DEBUG
viewOptions.CacheViews = false;
#endif
viewOptions.Stylesheets.Add("https://maxcdn.bootstrapcdn.com/bootswatch/3.3.6/united/bootstrap.min.css");
viewOptions.Stylesheets.Add("https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css");
viewOptions.Stylesheets.Add("https://appsyndication.azureedge.net/css/site.css");
#if DEBUG
viewOptions.Stylesheets.Add("/sso/css/site.css");
#endif
viewOptions.Scripts.Add("https://code.jquery.com/jquery-1.12.3.min.js");
viewOptions.Scripts.Add("https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js");
viewOptions.Scripts.Add("https://appsyndication.azureedge.net/js/site.js");
factory.ConfigureDefaultViewService(viewOptions);
var scopes = Scopes.Get();
var scopeStore = new InMemoryScopeStore(scopes);
factory.ScopeStore = new Registration <IScopeStore>(scopeStore);
var clients = Clients.Get(environment);
var clientStore = new InMemoryClientStore(clients);
factory.ClientStore = new Registration <IClientStore>(clientStore);
factory.UserService = new Registration <IUserService, UserService>();
factory.Register(new Registration <AtsUserService>());
factory.Register(new Registration <AtsUserRepository>());
factory.Register(new Registration <AtsUserServiceConfig>(r => new AtsUserServiceConfig(connectionString, "appsyndication")));
return(factory);
}
public static IdentityServerServiceFactory Configure(string idSrvConnStrName)
{
var factory = new IdentityServerServiceFactory();
//Note:
//Users repository configured through the CustomUserServices class
//In memory scopes and clients
var scopeStore = new InMemoryScopeStore(Scopes.Get());
factory.ScopeStore = new Registration <IScopeStore>(resolver => scopeStore);
var clientStore = new InMemoryClientStore(Clients.Get());
factory.ClientStore = new Registration <IClientStore>(resolver => clientStore);
//this will configure the opeartional services
factory.RegisterOperationalServices(new EntityFrameworkServiceOptions
{
ConnectionString = idSrvConnStrName,
Schema = MapHive.Identity.IdentityServer.Migrations.OperationalDbContext.Schema
});
//schemas for the clients and scopes storage as follows:
//MapHive.Identity.IdentityServer.Migrations.ScopeConfigurationDbContext.Schema
//MapHive.Identity.IdentityServer.Migrations.ClientConfigurationDbContext.Schema
//Note: this would register a service for configurations - clients, scopes, users
//need the seed methods for them too.
//factory.RegisterConfigurationServices(efConfig);
//or
//RegisterScopeStore
//RegisterClientStore
return(factory);
}
public static TokenRequestValidator CreateTokenRequestValidator(
IdentityServerOptions options = null,
IScopeStore scopes = null,
IAuthorizationCodeStore authorizationCodeStore = null,
IRefreshTokenStore refreshTokens = null,
IResourceOwnerPasswordValidator resourceOwnerValidator = null,
IProfileService profile = null,
IEnumerable <ICustomGrantValidator> customGrantValidators = null,
ICustomRequestValidator customRequestValidator = null,
ScopeValidator scopeValidator = null)
{
if (options == null)
{
options = TestIdentityServerOptions.Create();
}
if (scopes == null)
{
scopes = new InMemoryScopeStore(TestScopes.Get());
}
if (resourceOwnerValidator == null)
{
resourceOwnerValidator = new TestResourceOwnerPasswordValidator();
}
if (profile == null)
{
profile = new TestProfileService();
}
if (customRequestValidator == null)
{
customRequestValidator = new DefaultCustomRequestValidator();
}
CustomGrantValidator aggregateCustomValidator;
if (customGrantValidators == null)
{
aggregateCustomValidator = new CustomGrantValidator(new [] { new TestGrantValidator() }, TestLogger.Create <CustomGrantValidator>());
}
else
{
aggregateCustomValidator = new CustomGrantValidator(customGrantValidators, TestLogger.Create <CustomGrantValidator>());
}
if (refreshTokens == null)
{
refreshTokens = new InMemoryRefreshTokenStore();
}
if (scopeValidator == null)
{
scopeValidator = new ScopeValidator(scopes, new LoggerFactory().CreateLogger <ScopeValidator>());
}
var idsvrContext = IdentityServerContextHelper.Create();
return(new TokenRequestValidator(
options,
authorizationCodeStore,
refreshTokens,
resourceOwnerValidator,
profile,
aggregateCustomValidator,
customRequestValidator,
scopeValidator,
new TestEventService(),
TestLogger.Create <TokenRequestValidator>()));
}
public void Configuration(IAppBuilder app)
{
//var factory2 = new IdentityServerServiceFactory();
//LogProvider.SetCurrentLogProvider(new DiagnosticsTraceLogProvider());
//var factory = InMemoryFactory.Create(
// scopes: Scopes.Get(),
// clients: Clients.Get(),
// users: Users2.Get()
// );
var factory = new IdentityServerServiceFactory();
var scopeStore = new InMemoryScopeStore(Scopes.Get());
factory.ScopeStore = new Registration <IScopeStore>(scopeStore);
var clientStore = new InMemoryClientStore(Clients.Get());
factory.ClientStore = new Registration <IClientStore>(clientStore);
factory.TokenService = new Registration <ITokenService>(typeof(MyCustomTokenService));
factory.RefreshTokenStore = new Registration <IRefreshTokenStore>(typeof(MyCustomRefreshTokenStore));
factory.CustomTokenValidator = new Registration <ICustomTokenValidator>(new MyCustomTokenValidator());
factory.TokenHandleStore = new Registration <ITokenHandleStore>(new MyCustomTokenHandleStore());
factory.ConfigureUserService("AspId");
LogProvider.SetCurrentLogProvider(new NLogLogProvider());
//LogProvider.SetCurrentLogProvider(new DiagnosticsTraceLogProvider());
//factory.TokenHandleStore = new Registration<ITokenHandleStore>();
//factory.RefreshTokenStore = new Registration<IRefreshTokenStore>();
//factory.CustomTokenValidator = new Registration<ICustomTokenValidator>(new MyCustomTokenValidator());
//factory.Register(new Registration<IUserService, MyCustomUserService>());
//factory.Register(new Registration<IMyCustomLogger, MyCustomLogger>());
//factory.UserService = new Registration<IUserService>(typeof(IUserService));
var options = new IdentityServerOptions
{
Factory = factory,
//IssuerUri = "https://idsrv3.com",
SiteName = "Thinktecture IdentityServer3 Halo",
SigningCertificate = Certificate.Get(),
RequireSsl = false,
CspOptions = new CspOptions
{
Enabled = true,
},
Endpoints = new EndpointOptions
{
EnableAccessTokenValidationEndpoint = true,
EnableTokenEndpoint = true,
EnableTokenRevocationEndpoint = true,
EnableIdentityTokenValidationEndpoint = true,
//remove in production
EnableDiscoveryEndpoint = true,
EnableAuthorizeEndpoint = false,
EnableClientPermissionsEndpoint = false,
EnableCspReportEndpoint = false,
EnableEndSessionEndpoint = false,
EnableCheckSessionEndpoint = false,
EnableUserInfoEndpoint = false
},
AuthenticationOptions = new AuthenticationOptions
{
EnableLocalLogin = true,
EnableLoginHint = false,
},
LoggingOptions = new LoggingOptions
{
EnableHttpLogging = true,
EnableWebApiDiagnostics = true,
IncludeSensitiveDataInLogs = true,
WebApiDiagnosticsIsVerbose = true
},
EnableWelcomePage = false,
IssuerUri = "https://HFL0100:44333"
};
options.CorsPolicy.AllowedOrigins.Add("http://localhost:14869/");
app.UseHsts();
app.UseIdentityServer(options);
}
public static TokenRequestValidator CreateTokenRequestValidator(
IdentityServerOptions options = null,
IScopeStore scopes = null,
IAuthorizationCodeStore authorizationCodeStore = null,
IRefreshTokenStore refreshTokens = null,
IUserService userService = null,
IEnumerable <ICustomGrantValidator> customGrantValidators = null,
ICustomRequestValidator customRequestValidator = null,
ScopeValidator scopeValidator = null)
{
if (options == null)
{
options = TestIdentityServerOptions.Create();
}
if (scopes == null)
{
scopes = new InMemoryScopeStore(TestScopes.Get());
}
if (userService == null)
{
userService = new TestUserService();
}
if (customRequestValidator == null)
{
customRequestValidator = new DefaultCustomRequestValidator();
}
CustomGrantValidator aggregateCustomValidator;
if (customGrantValidators == null)
{
aggregateCustomValidator = new CustomGrantValidator(new [] { new TestGrantValidator() }, new Logger <CustomGrantValidator>(new LoggerFactory()));
}
else
{
aggregateCustomValidator = new CustomGrantValidator(customGrantValidators, new Logger <CustomGrantValidator>(new LoggerFactory()));
}
if (refreshTokens == null)
{
refreshTokens = new InMemoryRefreshTokenStore();
}
if (scopeValidator == null)
{
scopeValidator = new ScopeValidator(scopes, new LoggerFactory());
}
return(new TokenRequestValidator(
options,
authorizationCodeStore,
refreshTokens,
userService,
aggregateCustomValidator,
customRequestValidator,
scopeValidator,
new DefaultEventService(new LoggerFactory()),
new LoggerFactory()));
}
public static TokenRequestValidator CreateTokenRequestValidator(
IdentityServerOptions options = null,
IScopeStore scopes = null,
IPersistedGrantService grants = null,
IResourceOwnerPasswordValidator resourceOwnerValidator = null,
IProfileService profile = null,
IEnumerable <IExtensionGrantValidator> extensionGrantValidators = null,
ICustomTokenRequestValidator customRequestValidator = null,
ScopeValidator scopeValidator = null)
{
if (options == null)
{
options = TestIdentityServerOptions.Create();
}
if (scopes == null)
{
scopes = new InMemoryScopeStore(TestScopes.Get());
}
if (resourceOwnerValidator == null)
{
resourceOwnerValidator = new TestResourceOwnerPasswordValidator();
}
if (profile == null)
{
profile = new TestProfileService();
}
if (customRequestValidator == null)
{
customRequestValidator = new DefaultCustomTokenRequestValidator();
}
ExtensionGrantValidator aggregateExtensionGrantValidator;
if (extensionGrantValidators == null)
{
aggregateExtensionGrantValidator = new ExtensionGrantValidator(new[] { new TestGrantValidator() }, TestLogger.Create <ExtensionGrantValidator>());
}
else
{
aggregateExtensionGrantValidator = new ExtensionGrantValidator(extensionGrantValidators, TestLogger.Create <ExtensionGrantValidator>());
}
if (grants == null)
{
grants = CreateGrantService();
}
if (scopeValidator == null)
{
scopeValidator = new ScopeValidator(scopes, new LoggerFactory().CreateLogger <ScopeValidator>());
}
return(new TokenRequestValidator(
options,
grants,
resourceOwnerValidator,
profile,
aggregateExtensionGrantValidator,
customRequestValidator,
scopeValidator,
new TestEventService(),
TestLogger.Create <TokenRequestValidator>()));
}
public void RefreshTokenPersists()
{
var subClaim = new Claim("sub", "*****@*****.**");
var emailClaim = new Claim("email", "*****@*****.**");
var token = new RefreshToken {
AccessToken = new Token {
CreationTime = DateTimeOffset.Now,
Audience = "aud",
Claims = new List <Claim> {
subClaim, emailClaim
},
Client = new Client {
ClientId = "cid",
ClientName = "cname",
Enabled = true,
SlidingRefreshTokenLifetime = 100,
AccessTokenType = AccessTokenType.Jwt,
//todo
//Flow = Flows.Implicit
},
Issuer = "iss",
Lifetime = 1234567,
Type = OidcConstants.TokenTypes.RefreshToken,
Version = 1,
},
CreationTime = DateTimeOffset.Now,
Version = 1,
LifeTime = 1234567,
Subject = new ClaimsPrincipal(new ClaimsIdentity(new List <Claim> {
subClaim, emailClaim
}))
};
var clients = new List <Client>
{
new Client
{
ClientId = "cid",
ClientName = "cname",
Enabled = true,
SlidingRefreshTokenLifetime = 100,
AccessTokenType = AccessTokenType.Jwt,
//todo
//Flow = Flows.Implicit
}
};
var clientStore = new InMemoryClientStore(clients);
var scopes = new List <Scope>
{
new Scope
{
Description = "sdescription",
Name = "sname",
Enabled = true,
Emphasize = false,
IncludeAllClaimsForUser = true,
Required = false,
Type = ScopeType.Identity
}
};
var scopeStore = new InMemoryScopeStore(scopes);
var store = new RedisRefreshTokenStore(clientStore, scopeStore, RedisServer);
store.StoreAsync("key2", token).Wait();
var result = store.GetAsync("key2").Result;
Assert.Equal(token.SubjectId, result.SubjectId);
Assert.Equal(token.ClientId, result.ClientId);
}
