public async Task OnGeneratingClaims_DoesNothing_IfChallengeNotPresent()
{
// Arrange
var context = new TokenGeneratingContext(
new ClaimsPrincipal(),
new ClaimsPrincipal(),
new OpenIdConnectMessage(new Dictionary <string, string[]>
{
[ProofOfKeyForCodeExchangeParameterNames.CodeChallengeMethod] = new[] { "S256" },
}),
new RequestGrants());
context.InitializeForToken(TokenTypes.AuthorizationCode);
var provider = new ProofOfKeyForCodeExchangeTokenClaimsProvider();
// Act
await provider.OnGeneratingClaims(context);
// Assert
Assert.Empty(context.CurrentClaims);
}
public async Task OnGeneratingClaims_AddsCodeChallengeAndChallengeMethod_ToTheAuthorizationCode()
{
// Arrange
var context = new TokenGeneratingContext(
new ClaimsPrincipal(),
new ClaimsPrincipal(),
new OpenIdConnectMessage(new Dictionary <string, string[]>
{
[ProofOfKeyForCodeExchangeParameterNames.CodeChallenge] = new[] { "challenge" },
[ProofOfKeyForCodeExchangeParameterNames.CodeChallengeMethod] = new[] { "S256" },
}),
new RequestGrants());
context.InitializeForToken(TokenTypes.AuthorizationCode);
var provider = new ProofOfKeyForCodeExchangeTokenClaimsProvider();
// Act
await provider.OnGeneratingClaims(context);
// Assert
Assert.Contains(context.CurrentClaims, c => c.Type == IdentityServiceClaimTypes.CodeChallenge && c.Value == "challenge");
Assert.Contains(context.CurrentClaims, c => c.Type == IdentityServiceClaimTypes.CodeChallengeMethod && c.Value == "S256");
}
