public async Task RemoteAuthenticationService_GetAccessToken_PassesDownOptions()
{
// Arrange
var testJsRuntime = new TestJsRuntime();
var options = CreateOptions();
var runtime = new RemoteAuthenticationService <RemoteAuthenticationState, RemoteUserAccount, OidcProviderOptions>(
testJsRuntime,
options,
new TestNavigationManager(),
new AccountClaimsPrincipalFactory <RemoteUserAccount>(Mock.Of <IAccessTokenProviderAccessor>()));
var state = new RemoteAuthenticationState();
testJsRuntime.GetAccessTokenResult = new InternalAccessTokenResult
{
Status = "requiresRedirect",
};
var tokenOptions = new AccessTokenRequestOptions
{
Scopes = new[] { "something" }
};
var expectedRedirectUrl = "https://www.example.com/base/login?returnUrl=https%3A%2F%2Fwww.example.com%2Fbase%2Fadd-product";
// Act
var result = await runtime.RequestAccessToken(tokenOptions);
// Assert
Assert.Equal(
new[] { "AuthenticationService.init", "AuthenticationService.getAccessToken" },
testJsRuntime.PastInvocations.Select(i => i.identifier).ToArray());
Assert.False(result.TryGetToken(out var token));
Assert.Null(token);
Assert.Equal(result.Status, Enum.Parse <AccessTokenResultStatus>(testJsRuntime.GetAccessTokenResult.Status, ignoreCase: true));
Assert.Equal(expectedRedirectUrl, result.RedirectUrl);
Assert.Equal(tokenOptions, (AccessTokenRequestOptions)testJsRuntime.PastInvocations[^ 1].args[0]);
/// <summary>
/// Configures this handler to authorize outbound HTTP requests using an access token. The access token is only attached if at least one of
/// <paramref name="authorizedUrls" /> is a base of <see cref="HttpRequestMessage.RequestUri" />.
/// </summary>
/// <param name="authorizedUrls">The base addresses of endpoint URLs to which the token will be attached.</param>
/// <param name="scopes">The list of scopes to use when requesting an access token.</param>
/// <param name="returnUrl">The return URL to use in case there is an issue provisioning the token and a redirection to the
/// identity provider is necessary.
/// </param>
/// <returns>This <see cref="AuthorizationMessageHandler"/>.</returns>
public AuthorizationMessageHandler ConfigureHandler(
IEnumerable <string> authorizedUrls,
IEnumerable <string> scopes = null,
string returnUrl = null)
{
if (_authorizedUris != null)
{
throw new InvalidOperationException("Handler already configured.");
}
if (authorizedUrls == null)
{
throw new ArgumentNullException(nameof(authorizedUrls));
}
var uris = authorizedUrls.Select(uri => new Uri(uri, UriKind.Absolute)).ToArray();
if (uris.Length == 0)
{
throw new ArgumentException("At least one URL must be configured.", nameof(authorizedUrls));
}
_authorizedUris = uris;
var scopesList = scopes?.ToArray();
if (scopesList != null || returnUrl != null)
{
_tokenOptions = new AccessTokenRequestOptions
{
Scopes = scopesList,
ReturnUrl = returnUrl
};
}
return(this);
}
/// <inheritdoc />
public virtual async ValueTask <AccessTokenResult> RequestAccessToken(AccessTokenRequestOptions options)
{
if (options is null)
{
throw new ArgumentNullException(nameof(options));
}
await EnsureAuthService();
var result = await JsRuntime.InvokeAsync <InternalAccessTokenResult>("AuthenticationService.getAccessToken", options);
if (!Enum.TryParse <AccessTokenResultStatus>(result.Status, ignoreCase: true, out var parsedStatus))
{
throw new InvalidOperationException($"Invalid access token result status '{result.Status ?? "(null)"}'");
}
if (parsedStatus == AccessTokenResultStatus.RequiresRedirect)
{
var redirectUrl = GetRedirectUrl(options.ReturnUrl);
result.RedirectUrl = redirectUrl.ToString();
}
return(new AccessTokenResult(parsedStatus, result.Token, result.RedirectUrl));
}
