/// <summary>
/// Returns an action resultKind to the controller's action.
/// 1). Redirect to the consent screen if the user is authenticated AND the request doesn't contain a login prompt.
/// 2). Do nothing
/// </summary>
/// <param name="authorizationParameter">The parameter</param>
/// <param name="resourceOwnerPrincipal">Resource owner principal</param>
/// <param name="code">Encrypted parameter</param>
/// <param name="issuerName"></param>
/// <param name="cancellationToken">The <see cref="CancellationToken"/> for the async operation.</param>
/// <returns>Action resultKind to the controller's action</returns>
public async Task <EndpointResult> Execute(
AuthorizationParameter authorizationParameter,
ClaimsPrincipal?resourceOwnerPrincipal,
string?code,
string?issuerName,
CancellationToken cancellationToken)
{
var resourceOwnerIsAuthenticated = resourceOwnerPrincipal.IsAuthenticated();
var promptParameters = authorizationParameter.Prompt.ParsePrompts();
// 1).
if (resourceOwnerIsAuthenticated &&
!promptParameters.Contains(PromptParameters.Login))
{
var subject = resourceOwnerPrincipal.GetSubject() !;
var claims = resourceOwnerPrincipal !.Claims.ToArray();
return(await _authenticateHelper.ProcessRedirection(
authorizationParameter,
code,
subject,
claims,
issuerName,
cancellationToken)
.ConfigureAwait(false));
}
// 2).
return(EndpointResult.CreateAnEmptyActionResultWithNoEffect());
}
public async Task When_No_Resource_Owner_Is_Passed_Then_Redirect_To_Index_Page()
{
var authorizationParameter = new AuthorizationParameter();
var result = await _authenticateResourceOwnerOpenIdAction.Execute(authorizationParameter, null, null, null, CancellationToken.None)
.ConfigureAwait(false);
Assert.Equal(
JsonConvert.SerializeObject(EndpointResult.CreateAnEmptyActionResultWithNoEffect()),
JsonConvert.SerializeObject(result));
}
public async Task When_Prompt_Parameter_Contains_Login_Value_Then_Redirect_To_Index_Page()
{
var authorizationParameter = new AuthorizationParameter
{
Prompt = "login",
ClientId = "client",
Scope = "scope"
};
var claimsIdentity = new ClaimsIdentity("authServer");
var claimsPrincipal = new ClaimsPrincipal(claimsIdentity);
var result = await _authenticateResourceOwnerOpenIdAction.Execute(
authorizationParameter,
claimsPrincipal,
null,
null,
CancellationToken.None)
.ConfigureAwait(false);
Assert.Equal(
JsonConvert.SerializeObject(EndpointResult.CreateAnEmptyActionResultWithNoEffect()),
JsonConvert.SerializeObject(result));
}
