Example #1
0
        private static IAuthorizationRequestFactory CreateAuthorizationRequestFactory(bool validClientId = true, bool validRedirectUri = true, bool validScopes = true)
        {
            var clientIdValidator = new Mock <IClientIdValidator>();

            clientIdValidator
            .Setup(c => c.ValidateClientIdAsync(It.IsAny <string>()))
            .ReturnsAsync(validClientId);

            var redirectUriValidatorMock = new Mock <IRedirectUriResolver>();

            redirectUriValidatorMock
            .Setup(m => m.ResolveRedirectUriAsync(It.IsAny <string>(), It.IsAny <string>()))
            .ReturnsAsync((string clientId, string redirectUrl) => validRedirectUri ?
                          RedirectUriResolutionResult.Valid(redirectUrl ?? "http://www.example.com/registered") :
                          RedirectUriResolutionResult.Invalid(ProtocolErrorProvider.InvalidRedirectUri(redirectUrl)));

            var scopeValidatorMock = new Mock <IScopeResolver>();

            scopeValidatorMock
            .Setup(m => m.ResolveScopesAsync(It.IsAny <string>(), It.IsAny <IEnumerable <string> >()))
            .ReturnsAsync(
                (string clientId, IEnumerable <string> scopes) => validScopes ?
                ScopeResolutionResult.Valid(scopes.Select(s => ApplicationScope.CanonicalScopes.TryGetValue(s, out var parsedScope) ? parsedScope : new ApplicationScope(clientId, s))) :
                ScopeResolutionResult.Invalid(ProtocolErrorProvider.InvalidScope(scopes.First())));

            return(new AuthorizationRequestFactory(
                       clientIdValidator.Object,
                       redirectUriValidatorMock.Object,
                       scopeValidatorMock.Object,
                       Enumerable.Empty <IAuthorizationRequestValidator>(),
                       new ProtocolErrorProvider()));
        }
Example #2
0
        private IScopeResolver GetScopeResolver(bool hasInvalidScopes)
        {
            var mock = new Mock <IScopeResolver>();

            mock.Setup(m => m.ResolveScopesAsync(It.IsAny <string>(), It.IsAny <IEnumerable <string> >()))
            .ReturnsAsync((string clientId, IEnumerable <string> scopes) => !hasInvalidScopes ?
                          ScopeResolutionResult.Valid(scopes.Select(s => CreateScope(s))) :
                          ScopeResolutionResult.Invalid(ProtocolErrorProvider.InvalidScope(scopes.First())));

            return(mock.Object);

            ApplicationScope CreateScope(string s) =>
            ApplicationScope.CanonicalScopes.TryGetValue(s, out var parsedScope) ? parsedScope : new ApplicationScope("resourceId", s);
        }
Example #3
0
        public async Task <ScopeResolutionResult> ResolveScopesAsync(string clientId, IEnumerable <string> scopes)
        {
            var authorizedParty = await _applicationManager.FindByClientIdAsync(clientId);

            var authorizedPartyScopes = await _applicationManager.FindScopesAsync(authorizedParty);

            var result = new List <ApplicationScope>();

            string               resourceName              = null;
            TApplication         resourceApplication       = null;
            IEnumerable <string> resourceApplicationScopes = null;

            foreach (var scope in scopes)
            {
                var(wellFormed, canonical, name, scopeValue) = ParseScope(scope);
                if (!wellFormed)
                {
                    return(ScopeResolutionResult.Invalid(_errorProvider.InvalidScope(scope)));
                }

                if (canonical && authorizedPartyScopes.Any(s => s.Equals(scope, StringComparison.Ordinal)))
                {
                    result.Add(ApplicationScope.CanonicalScopes[scope]);
                }
                if (canonical)
                {
                    // We purposely ignore canonical scopes not allowed by the client application.
                    continue;
                }

                resourceName = resourceName ?? name;
                if (resourceName != null && !resourceName.Equals(name, StringComparison.Ordinal))
                {
                    return(ScopeResolutionResult.Invalid(_errorProvider.MultipleResourcesNotSupported(resourceName, name)));
                }

                if (resourceApplicationScopes == null)
                {
                    resourceApplication = await _applicationManager.FindByNameAsync(resourceName);

                    if (resourceApplication == null)
                    {
                        return(ScopeResolutionResult.Invalid(_errorProvider.InvalidScope(scope)));
                    }

                    resourceApplicationScopes = await _applicationManager.FindScopesAsync(resourceApplication);
                }

                if (!resourceApplicationScopes.Contains(scopeValue, StringComparer.Ordinal))
                {
                    return(ScopeResolutionResult.Invalid(_errorProvider.InvalidScope(scope)));
                }
                else
                {
                    var resourceClientId = await _applicationManager.GetApplicationClientIdAsync(resourceApplication);

                    result.Add(new ApplicationScope(resourceClientId, scopeValue));
                }
            }

            return(ScopeResolutionResult.Valid(result));
        }