private OpenIdConnectOptions GetOptions(List <string> parameters, ExpectedQueryValues queryValues, ISecureDataFormat <AuthenticationProperties> secureDataFormat = null)
{
var options = new OpenIdConnectOptions();
foreach (var param in parameters)
{
if (param.Equals(OpenIdConnectParameterNames.ClientId))
{
options.ClientId = queryValues.ClientId;
}
else if (param.Equals(OpenIdConnectParameterNames.Resource))
{
options.Resource = queryValues.Resource;
}
else if (param.Equals(OpenIdConnectParameterNames.Scope))
{
options.Scope.Clear();
foreach (var scope in queryValues.Scope.Split(' '))
{
options.Scope.Add(scope);
}
}
}
options.Authority = queryValues.Authority;
options.Configuration = queryValues.Configuration;
options.StateDataFormat = secureDataFormat ?? new AuthenticationPropertiesFormaterKeyValue();
return(options);
}
public static ExpectedQueryValues Defaults(string authority)
{
var result = new ExpectedQueryValues(authority);
result.Scope = OpenIdConnectScope.OpenIdProfile;
result.ResponseType = OpenIdConnectResponseType.CodeIdToken;
return result;
}
public static ExpectedQueryValues Defaults(string authority)
{
var result = new ExpectedQueryValues(authority);
result.Scope = OpenIdConnectScopes.OpenIdProfile;
result.ResponseType = OpenIdConnectResponseTypes.CodeIdToken;
return(result);
}
public async Task ChallengeWillUseOptionsProperties()
{
var queryValues = new ExpectedQueryValues(DefaultAuthority);
var server = CreateServer(GetOptions(DefaultParameters(), queryValues));
var transaction = await SendAsync(server, DefaultHost + Challenge);
Assert.Equal(HttpStatusCode.Redirect, transaction.Response.StatusCode);
queryValues.CheckValues(transaction.Response.Headers.Location.AbsoluteUri, DefaultParameters());
}
public async Task ChallengeWillSetDefaults()
{
var stateDataFormat = new AuthenticationPropertiesFormaterKeyValue();
var queryValues = ExpectedQueryValues.Defaults(DefaultAuthority);
queryValues.State = OpenIdConnectDefaults.AuthenticationPropertiesKey + "=" + stateDataFormat.Protect(new AuthenticationProperties());
var server = CreateServer(GetOptions(DefaultParameters(), queryValues));
var transaction = await SendAsync(server, DefaultHost + Challenge);
Assert.Equal(HttpStatusCode.Redirect, transaction.Response.StatusCode);
queryValues.CheckValues(transaction.Response.Headers.Location.AbsoluteUri, DefaultParameters());
}
public async Task SignOutSettingMessage()
{
var configuration = new OpenIdConnectConfiguration
{
EndSessionEndpoint = ExpectedLogoutRequest
};
var queryValues = new ExpectedQueryValues(DefaultAuthority, configuration)
{
RequestType = OpenIdConnectRequestType.LogoutRequest
};
var server = CreateServer(GetProtocolMessageOptions());
var transaction = await SendAsync(server, DefaultHost + Signout);
Assert.Equal(HttpStatusCode.Redirect, transaction.Response.StatusCode);
queryValues.CheckValues(transaction.Response.Headers.Location.AbsoluteUri, new string[] { });
}
public async Task ChallengeSettingState(string userState, string challenge)
{
var queryValues = new ExpectedQueryValues(DefaultAuthority);
var stateDataFormat = new AuthenticationPropertiesFormaterKeyValue();
var properties = new AuthenticationProperties();
if (challenge == ChallengeWithProperties)
{
properties.Items.Add("item1", Guid.NewGuid().ToString());
}
var options = GetOptions(DefaultParameters(new string[] { OpenIdConnectParameterNames.State }), queryValues, stateDataFormat);
options.AutomaticChallenge = challenge.Equals(ChallengeWithOutContext);
options.Events = new OpenIdConnectEvents()
{
OnRedirectToIdentityProvider = context =>
{
context.ProtocolMessage.State = userState;
context.ProtocolMessage.RedirectUri = queryValues.RedirectUri;
return(Task.FromResult <object>(null));
}
};
var server = CreateServer(options, null, properties);
var transaction = await SendAsync(server, DefaultHost + challenge);
Assert.Equal(HttpStatusCode.Redirect, transaction.Response.StatusCode);
if (challenge != ChallengeWithProperties)
{
if (userState != null)
{
properties.Items.Add(OpenIdConnectDefaults.UserstatePropertiesKey, userState);
}
properties.Items.Add(OpenIdConnectDefaults.RedirectUriForCodePropertiesKey, queryValues.RedirectUri);
}
queryValues.State = stateDataFormat.Protect(properties);
queryValues.CheckValues(transaction.Response.Headers.Location.AbsoluteUri, DefaultParameters(new string[] { OpenIdConnectParameterNames.State }));
}
public async Task ChallengeWillUseEvents()
{
var queryValues = new ExpectedQueryValues(DefaultAuthority);
var queryValuesSetInEvent = new ExpectedQueryValues(DefaultAuthority);
var options = GetOptions(DefaultParameters(), queryValues);
options.Events = new OpenIdConnectEvents()
{
OnRedirectToIdentityProvider = context =>
{
context.ProtocolMessage.ClientId = queryValuesSetInEvent.ClientId;
context.ProtocolMessage.RedirectUri = queryValuesSetInEvent.RedirectUri;
context.ProtocolMessage.Resource = queryValuesSetInEvent.Resource;
context.ProtocolMessage.Scope = queryValuesSetInEvent.Scope;
return(Task.FromResult <object>(null));
}
};
var server = CreateServer(options);
var transaction = await SendAsync(server, DefaultHost + Challenge);
Assert.Equal(HttpStatusCode.Redirect, transaction.Response.StatusCode);
queryValuesSetInEvent.CheckValues(transaction.Response.Headers.Location.AbsoluteUri, DefaultParameters());
}
public async Task ChallengeWillUseOptionsProperties()
{
var queryValues = new ExpectedQueryValues(DefaultAuthority);
var server = CreateServer(GetOptions(DefaultParameters(), queryValues));
var transaction = await SendAsync(server, DefaultHost + Challenge);
Assert.Equal(HttpStatusCode.Redirect, transaction.Response.StatusCode);
queryValues.CheckValues(transaction.Response.Headers.Location.AbsoluteUri, DefaultParameters());
}
private OpenIdConnectOptions GetOptions(List<string> parameters, ExpectedQueryValues queryValues, ISecureDataFormat<AuthenticationProperties> secureDataFormat = null)
{
var options = new OpenIdConnectOptions();
foreach (var param in parameters)
{
if (param.Equals(OpenIdConnectParameterNames.ClientId))
options.ClientId = queryValues.ClientId;
else if (param.Equals(OpenIdConnectParameterNames.Resource))
options.Resource = queryValues.Resource;
else if (param.Equals(OpenIdConnectParameterNames.Scope)) {
options.Scope.Clear();
foreach (var scope in queryValues.Scope.Split(' ')) {
options.Scope.Add(scope);
}
}
}
options.Authority = queryValues.Authority;
options.Configuration = queryValues.Configuration;
options.StateDataFormat = secureDataFormat ?? new AuthenticationPropertiesFormaterKeyValue();
return options;
}
public async Task ChallengeWillUseEvents()
{
var queryValues = new ExpectedQueryValues(DefaultAuthority);
var queryValuesSetInEvent = new ExpectedQueryValues(DefaultAuthority);
var options = GetOptions(DefaultParameters(), queryValues);
options.Events = new OpenIdConnectEvents()
{
OnRedirectToIdentityProvider = context =>
{
context.ProtocolMessage.ClientId = queryValuesSetInEvent.ClientId;
context.ProtocolMessage.RedirectUri = queryValuesSetInEvent.RedirectUri;
context.ProtocolMessage.Resource = queryValuesSetInEvent.Resource;
context.ProtocolMessage.Scope = queryValuesSetInEvent.Scope;
return Task.FromResult<object>(null);
}
};
var server = CreateServer(options);
var transaction = await SendAsync(server, DefaultHost + Challenge);
Assert.Equal(HttpStatusCode.Redirect, transaction.Response.StatusCode);
queryValuesSetInEvent.CheckValues(transaction.Response.Headers.Location.AbsoluteUri, DefaultParameters());
}
public async Task ChallengeSettingState(string userState, string challenge)
{
var queryValues = new ExpectedQueryValues(DefaultAuthority);
var stateDataFormat = new AuthenticationPropertiesFormaterKeyValue();
var properties = new AuthenticationProperties();
if (challenge == ChallengeWithProperties)
{
properties.Items.Add("item1", Guid.NewGuid().ToString());
}
var options = GetOptions(DefaultParameters(new string[] { OpenIdConnectParameterNames.State }), queryValues, stateDataFormat);
options.AutomaticChallenge = challenge.Equals(ChallengeWithOutContext);
options.Events = new OpenIdConnectEvents()
{
OnRedirectToIdentityProvider = context =>
{
context.ProtocolMessage.State = userState;
context.ProtocolMessage.RedirectUri = queryValues.RedirectUri;
return Task.FromResult<object>(null);
}
};
var server = CreateServer(options, null, properties);
var transaction = await SendAsync(server, DefaultHost + challenge);
Assert.Equal(HttpStatusCode.Redirect, transaction.Response.StatusCode);
if (challenge != ChallengeWithProperties)
{
if (userState != null)
{
properties.Items.Add(OpenIdConnectDefaults.UserstatePropertiesKey, userState);
}
properties.Items.Add(OpenIdConnectDefaults.RedirectUriForCodePropertiesKey, queryValues.RedirectUri);
}
queryValues.State = stateDataFormat.Protect(properties);
queryValues.CheckValues(transaction.Response.Headers.Location.AbsoluteUri, DefaultParameters(new string[] { OpenIdConnectParameterNames.State }));
}
public async Task SignOutSettingMessage()
{
var configuration = new OpenIdConnectConfiguration
{
EndSessionEndpoint = ExpectedLogoutRequest
};
var queryValues = new ExpectedQueryValues(DefaultAuthority, configuration)
{
RequestType = OpenIdConnectRequestType.Logout
};
var server = CreateServer(GetProtocolMessageOptions());
var transaction = await SendAsync(server, DefaultHost + Signout);
Assert.Equal(HttpStatusCode.Redirect, transaction.Response.StatusCode);
queryValues.CheckValues(transaction.Response.Headers.Location.AbsoluteUri, new string[] { });
}
