public static async Task AssertLoginAsync(this IdentityServerPipeline idSvrPipeline, string username, string password)
{
var old = idSvrPipeline.BrowserClient.AllowAutoRedirect;
try
{
var loginResponse = await idSvrPipeline.BrowserClient.GetAsync(IdentityServerPipeline.PermissionsPage);
var html = await loginResponse.Content.ReadAsStringAsync();
var model = await loginResponse.GetModelAsync <LoginViewModel>();
var values = new Dictionary <string, string>();
values.Add("username", username);
values.Add("password", password);
values.Add(model.AntiForgery.Name, model.AntiForgery.Value);
var postResponse = await idSvrPipeline.BrowserClient.PostAsync(IdentityServerPipeline.Authority + model.LoginUrl, new FormUrlEncodedContent(values));
postResponse.StatusCode.Should().Be(HttpStatusCode.OK);
await postResponse.AssertPageAsync("permissions");
}
finally
{
idSvrPipeline.BrowserClient.AllowAutoRedirect = old;
}
}
public ConnectivityTests()
{
_idSvrPipeline = new IdentityServerPipeline();
_idSvrPipeline.Clients.AddRange(new IdentityServer3.Core.Models.Client[] {
_client = new IdentityServer3.Core.Models.Client
{
ClientId = ClientId,
Flow = Flows.ResourceOwner,
ClientSecrets = new List <Secret>
{
new Secret(ClientSecret.Sha256())
},
AllowedScopes = new List <string>
{
"openid", "profile", "email", "roles", "api1"
}
}
});
_idSvrPipeline.Scopes.AddRange(new IdentityServer3.Core.Models.Scope[] {
IdentityServer3.Core.Models.StandardScopes.OpenId,
IdentityServer3.Core.Models.StandardScopes.Profile,
IdentityServer3.Core.Models.StandardScopes.Email,
IdentityServer3.Core.Models.StandardScopes.Roles,
new IdentityServer3.Core.Models.Scope
{
Name = "api1",
Type = ScopeType.Resource,
ScopeSecrets = new List <IdentityServer3.Core.Models.Secret>
{
new IdentityServer3.Core.Models.Secret("secret".Sha256())
},
Claims = new List <IdentityServer3.Core.Models.ScopeClaim>
{
new IdentityServer3.Core.Models.ScopeClaim("role")
}
}
});
_idSvrPipeline.Users.Add(new IdentityServer3.Core.Services.InMemory.InMemoryUser
{
Subject = "123",
Username = Username,
Password = Password,
Claims = new Claim[] {
new Claim("email", "*****@*****.**"),
new Claim("role", "Admin")
}
});
_idSvrPipeline.Initialize();
_webApiPipeline = new WebApiPipeline(_idSvrPipeline.Handler);
_webApiPipeline.Initialize();
}
public static async Task <AuthorizeResponse> GetAuthorizeResponseAsync(this IdentityServerPipeline idSvrPipeline, string clientId, string redirectUri, string responseType, string scope, string state = "state", string nonce = "nonce")
{
var old = idSvrPipeline.BrowserClient.AllowAutoRedirect;
try
{
idSvrPipeline.BrowserClient.AllowAutoRedirect = false;
var authorization = new AuthorizeRequest(IdentityServerPipeline.AuthorizeEndpoint);
var url = authorization.CreateAuthorizeUrl(clientId, responseType, scope, redirectUri, state, nonce);
var authorizeResponse = await idSvrPipeline.BrowserClient.GetAsync(url);
authorizeResponse.StatusCode.Should().Be(HttpStatusCode.Found);
var location = authorizeResponse.Headers.Location.ToString();
return(new AuthorizeResponse(location));
}
finally
{
idSvrPipeline.BrowserClient.AllowAutoRedirect = old;
}
}
