public async Task RemoteAuthenticationService_GetAccessToken_PassesDownOptions() { // Arrange var testJsRuntime = new TestJsRuntime(); var options = CreateOptions(); var runtime = new RemoteAuthenticationService <RemoteAuthenticationState, RemoteUserAccount, OidcProviderOptions>( testJsRuntime, options, new TestNavigationManager(), new AccountClaimsPrincipalFactory <RemoteUserAccount>(Mock.Of <IAccessTokenProviderAccessor>())); var state = new RemoteAuthenticationState(); testJsRuntime.GetAccessTokenResult = new InternalAccessTokenResult { Status = "requiresRedirect", }; var tokenOptions = new AccessTokenRequestOptions { Scopes = new[] { "something" } }; var expectedRedirectUrl = "https://www.example.com/base/login?returnUrl=https%3A%2F%2Fwww.example.com%2Fbase%2Fadd-product"; // Act var result = await runtime.RequestAccessToken(tokenOptions); // Assert Assert.Equal( new[] { "AuthenticationService.init", "AuthenticationService.getAccessToken" }, testJsRuntime.PastInvocations.Select(i => i.identifier).ToArray()); Assert.False(result.TryGetToken(out var token)); Assert.Null(token); Assert.Equal(result.Status, Enum.Parse <AccessTokenResultStatus>(testJsRuntime.GetAccessTokenResult.Status, ignoreCase: true)); Assert.Equal(expectedRedirectUrl, result.RedirectUrl); Assert.Equal(tokenOptions, (AccessTokenRequestOptions)testJsRuntime.PastInvocations[^ 1].args[0]);
/// <summary> /// Configures this handler to authorize outbound HTTP requests using an access token. The access token is only attached if at least one of /// <paramref name="authorizedUrls" /> is a base of <see cref="HttpRequestMessage.RequestUri" />. /// </summary> /// <param name="authorizedUrls">The base addresses of endpoint URLs to which the token will be attached.</param> /// <param name="scopes">The list of scopes to use when requesting an access token.</param> /// <param name="returnUrl">The return URL to use in case there is an issue provisioning the token and a redirection to the /// identity provider is necessary. /// </param> /// <returns>This <see cref="AuthorizationMessageHandler"/>.</returns> public AuthorizationMessageHandler ConfigureHandler( IEnumerable <string> authorizedUrls, IEnumerable <string> scopes = null, string returnUrl = null) { if (_authorizedUris != null) { throw new InvalidOperationException("Handler already configured."); } if (authorizedUrls == null) { throw new ArgumentNullException(nameof(authorizedUrls)); } var uris = authorizedUrls.Select(uri => new Uri(uri, UriKind.Absolute)).ToArray(); if (uris.Length == 0) { throw new ArgumentException("At least one URL must be configured.", nameof(authorizedUrls)); } _authorizedUris = uris; var scopesList = scopes?.ToArray(); if (scopesList != null || returnUrl != null) { _tokenOptions = new AccessTokenRequestOptions { Scopes = scopesList, ReturnUrl = returnUrl }; } return(this); }
/// <inheritdoc /> public virtual async ValueTask <AccessTokenResult> RequestAccessToken(AccessTokenRequestOptions options) { if (options is null) { throw new ArgumentNullException(nameof(options)); } await EnsureAuthService(); var result = await JsRuntime.InvokeAsync <InternalAccessTokenResult>("AuthenticationService.getAccessToken", options); if (!Enum.TryParse <AccessTokenResultStatus>(result.Status, ignoreCase: true, out var parsedStatus)) { throw new InvalidOperationException($"Invalid access token result status '{result.Status ?? "(null)"}'"); } if (parsedStatus == AccessTokenResultStatus.RequiresRedirect) { var redirectUrl = GetRedirectUrl(options.ReturnUrl); result.RedirectUrl = redirectUrl.ToString(); } return(new AccessTokenResult(parsedStatus, result.Token, result.RedirectUrl)); }