public async Task WhenAuthCalledThenTokenIsValidated()
{
var token = "token";
var claims = new List <Claim>
{
new Claim("customerId", "customerId"),
new Claim("email", "email"),
new Claim("given_name", "given_name"),
new Claim("family_name", "family_name"),
new Claim("exp", DateTimeOffset.Now.AddHours(2).ToUnixTimeSeconds().ToString()),
};
A.CallTo(() => authClient.ValidateToken(token)).Returns(new JwtSecurityToken("test", "test", claims));
using var controller = new AuthController(authClient, log, defaultsettings, defaultVersionedFiles, defaultConfiguration, baseUrlService)
{
ControllerContext = new ControllerContext
{
HttpContext = defaultContext,
},
};
controller.Url = new UrlHelper(
new ActionContext(defaultContext, new RouteData(),
new ActionDescriptor())
);
await controller.Auth(token).ConfigureAwait(false);
A.CallTo(() => authClient.ValidateToken(token)).MustHaveHappened();
}
public async Task <IActionResult> Auth(string id_token)
{
JwtSecurityToken validatedToken;
try
{
validatedToken = await authClient.ValidateToken(id_token);
}
catch (Exception ex)
{
logger.LogError(ex, "Failed to validate auth token.");
return(Redirect($"{settings.DefaultRedirectUrl}/error"));
}
var claims = new List <Claim>
{
new Claim("CustomerId", validatedToken.Claims.FirstOrDefault(claim => claim.Type == "customerId")?.Value),
new Claim(ClaimTypes.Email, validatedToken.Claims.FirstOrDefault(claim => claim.Type == "email")?.Value),
new Claim(ClaimTypes.GivenName, validatedToken.Claims.FirstOrDefault(claim => claim.Type == "given_name")?.Value),
new Claim(ClaimTypes.Surname, validatedToken.Claims.FirstOrDefault(claim => claim.Type == "family_name")?.Value),
new Claim("DssToken", id_token),
};
var expiryTime = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc);
expiryTime = expiryTime.AddSeconds(double.Parse(validatedToken.Claims.First(claim => claim.Type == "exp").Value, new DateTimeFormatInfo()));
var authProperties = new AuthenticationProperties()
{
AllowRefresh = false,
ExpiresUtc = expiryTime,
IsPersistent = true,
};
await HttpContext.SignInAsync(
new ClaimsPrincipal(
new ClaimsIdentity(
new List <Claim>
{
new Claim("bearer", CreateChildAppToken(claims, expiryTime)),
new Claim(ClaimTypes.Name, $"{validatedToken.Claims.FirstOrDefault(claim => claim.Type == "given_name")?.Value} {validatedToken.Claims.FirstOrDefault(claim => claim.Type == "family_name")?.Value}"),
},
CookieAuthenticationDefaults.AuthenticationScheme)), authProperties);
return(Redirect(GetAndResetRedirectUrl()));
}
