public static void ConfigureServices(IServiceCollection services) { services .AddLogging(configure => configure.AddConsole().SetMinimumLevel(LogLevel.Debug)) .AddHttpMessageSigning( new KeyId("e0e8dcd638334c409e1b88daf821d135"), provider => new SigningSettings { SignatureAlgorithm = SignatureAlgorithm.CreateForSigning("yumACY64r%hm"), DigestHashAlgorithm = HashAlgorithmName.SHA256, Expires = TimeSpan.FromMinutes(1), Headers = new [] { (HeaderName)"Dalion-App-Id" } }) .AddHttpMessageSignatureVerification(provider => { var clientStore = new InMemoryClientStore(); clientStore.Register(new Client( new KeyId("e0e8dcd638334c409e1b88daf821d135"), "HttpMessageSigningSampleHMAC", SignatureAlgorithm.CreateForVerification("yumACY64r%hm"), TimeSpan.FromMinutes(5), new Claim(SignedHttpRequestClaimTypes.Role, "users.read"))); return(clientStore); }); }
private void ConfigureServices(IServiceCollection services) { var keyId = new KeyId("e0e8dcd638334c409e1b88daf821d135"); services .AddHttpMessageSigning( keyId, provider => new SigningSettings { SignatureAlgorithm = SignatureAlgorithm.CreateForSigning("yumACY64r%hm"), DigestHashAlgorithm = HashAlgorithmName.SHA256, Expires = TimeSpan.FromMinutes(1), Headers = new[] { (HeaderName)"Dalion-App-Id" }, Events = new RequestSigningEvents { OnRequestSigned = OnRequestSigned } }) .AddHttpMessageSignatureVerification(provider => { var clientStore = new InMemoryClientStore(); clientStore.Register(new Client( keyId, "HttpMessageSigningSampleHMAC", SignatureAlgorithm.CreateForVerification("yumACY64r%hm"), TimeSpan.FromMinutes(5), new Claim(SignedHttpRequestClaimTypes.Role, "users.read"))); return(clientStore); }) .AddHttpClient <SenderService>(config => config.BaseAddress = new Uri("https://httpbin.org")) .AddHttpMessageHandler(provider => new HttpRequestSigningHandler(provider.GetRequiredService <IRequestSignerFactory>().CreateFor(keyId))) .AddHttpMessageHandler(() => new FakeDelegatingHandler(new HttpResponseMessage(HttpStatusCode.Created))) .Services .AddTransient <HttpRequestSigningHandler>(); }
protected void Init() { clients = TestClients.Get(); var clientStore = new InMemoryClientStore(clients); var scopeStore = new InMemoryScopeStore(TestScopes.Get()); var factory = new IdentityServerServiceFactory { ScopeStore = Registration.RegisterFactory <IScopeStore>(() => scopeStore), ClientStore = Registration.RegisterFactory <IClientStore>(() => clientStore) }; server = TestServer.Create(app => { appBuilder = app; mockUserService = new Mock <InMemoryUserService>(TestUsers.Get()); mockUserService.CallBase = true; factory.UserService = Registration.RegisterFactory <IUserService>(() => mockUserService.Object); options = TestIdentityServerOptions.Create(); options.Factory = factory; options.AuthenticationOptions.IdentityProviders = OverrideIdentityProviderConfiguration ?? ConfigureAdditionalIdentityProviders; protector = options.DataProtector; app.UseIdentityServer(options); ticketFormatter = new TicketDataFormat( new DataProtectorAdapter(protector, options.AuthenticationOptions.CookieOptions.Prefix + Constants.PartialSignInAuthenticationType)); }); client = server.HttpClient; }
public static IdentityServerServiceFactory Configure(AppConfiguration config) { var factory = new IdentityServerServiceFactory(); var scopeStore = new InMemoryScopeStore(Scopes.Get()); factory.ScopeStore = new Registration <IScopeStore>(scopeStore); var clientStore = new InMemoryClientStore(Clients.Get(config)); factory.ClientStore = new Registration <IClientStore>(clientStore); var efConfig = new EntityFrameworkServiceOptions { ConnectionString = "Iws.DefaultConnection", Schema = "Identity" }; factory.RegisterOperationalServices(efConfig); var cleanup = new TokenCleanup(efConfig); cleanup.Start(); return(factory); }
public static IdentityServerServiceFactory UseInMemoryClients(this IdentityServerServiceFactory factory, IEnumerable <Client> clients) { var clientStore = new InMemoryClientStore(clients); factory.ClientStore = new Registration <IClientStore>(clientStore); return(factory); }
public static AuthorizeRequestValidator CreateAuthorizeValidator( IdentityServerOptions options = null, IScopeStore scopes = null, IClientStore clients = null, IUserService users = null, ICustomRequestValidator customValidator = null) { if (options == null) { options = Thinktecture.IdentityServer.Tests.TestIdentityServerOptions.Create(); } if (scopes == null) { scopes = new InMemoryScopeStore(TestScopes.Get()); } if (clients == null) { clients = new InMemoryClientStore(TestClients.Get()); } if (customValidator == null) { customValidator = new DefaultCustomRequestValidator(); } return(new AuthorizeRequestValidator(options, scopes, clients, customValidator)); }
public void Configuration(IAppBuilder app) { // tracing Log.Logger = new LoggerConfiguration() .WriteTo.Trace() .CreateLogger(); // in-memory datenhaltung für users, scopes, clients und CORS policys var users = new InMemoryUserService(Users.Get()); var scopes = new InMemoryScopeStore(Scopes.Get()); var clients = new InMemoryClientStore(Clients.Get()); var cors = new InMemoryCorsPolicyService(Clients.Get()); // konfigurieren der factory var factory = new IdentityServerServiceFactory(); factory.UserService = new Registration <IUserService>(users); factory.ScopeStore = new Registration <IScopeStore>(scopes); factory.ClientStore = new Registration <IClientStore>(clients); factory.CorsPolicyService = new Registration <ICorsPolicyService>(cors); // identityserver3 middleware einbinden app.UseIdentityServer(new IdentityServerOptions { Factory = factory, SiteName = "DotNetPro IdentityServer", SigningCertificate = Certificate.Get() }); }
public static IdentityServerServiceFactory Create( IEnumerable <InMemoryUser> users = null, IEnumerable <Client> clients = null, IEnumerable <Scope> scopes = null) { var factory = new IdentityServerServiceFactory(); if (users != null) { var userService = new InMemoryUserService(users); factory.UserService = Registration.RegisterFactory <IUserService>(() => userService); } if (clients != null) { var clientStore = new InMemoryClientStore(clients); factory.ClientStore = Registration.RegisterFactory <IClientStore>(() => clientStore); } if (scopes != null) { var scopeStore = new InMemoryScopeStore(scopes); factory.ScopeStore = Registration.RegisterFactory <IScopeStore>(() => scopeStore); } return(factory); }
public void CanSerializeAndDeserializeAClient() { var client = new Client { ClientId = "123", Enabled = true, AbsoluteRefreshTokenLifetime = 5, AccessTokenLifetime = 10, AccessTokenType = AccessTokenType.Jwt, AllowRememberConsent = true, RedirectUris = new System.Collections.Generic.List <Uri> { new Uri("http://foo.com") } }; var clientStore = new InMemoryClientStore(new Client[] { client }); var converter = new ClientConverter(clientStore); var settings = new JsonSerializerSettings(); settings.Converters.Add(converter); var json = JsonConvert.SerializeObject(client, settings); var result = JsonConvert.DeserializeObject <Client>(json, settings); Assert.AreSame(client, result); }
private void ConfigureServices(IServiceCollection services) { services .AddHttpMessageSigning( new KeyId("e0e8dcd638334c409e1b88daf821d135"), provider => new SigningSettings { SignatureAlgorithm = SignatureAlgorithm.CreateForSigning("yumACY64r%hm"), DigestHashAlgorithm = HashAlgorithmName.SHA256, Expires = TimeSpan.FromMinutes(1), Headers = new[] { (HeaderName)"Dalion-App-Id" }, Events = new RequestSigningEvents { OnRequestSigning = (message, settings) => { UpdateNonceEnabled(settings); return(Task.CompletedTask); } } }) .AddHttpMessageSignatureVerification(provider => { var clientStore = new InMemoryClientStore(); clientStore.Register(new Client( new KeyId("e0e8dcd638334c409e1b88daf821d135"), "HttpMessageSigningSampleHMAC", SignatureAlgorithm.CreateForVerification("yumACY64r%hm"), TimeSpan.FromMinutes(5), new Claim(SignedHttpRequestClaimTypes.Role, "users.read"))); return(clientStore); }); }
public static IClientSecretValidator CreateClientSecretValidator(IClientStore clients = null, SecretParser parser = null, SecretValidator validator = null, IdentityServerOptions options = null) { options = options ?? TestIdentityServerOptions.Create(); if (clients == null) { clients = new InMemoryClientStore(TestClients.Get()); } if (parser == null) { var parsers = new List <ISecretParser> { new BasicAuthenticationSecretParser(options, TestLogger.Create <BasicAuthenticationSecretParser>()), new PostBodySecretParser(options, TestLogger.Create <PostBodySecretParser>()) }; parser = new SecretParser(parsers, TestLogger.Create <SecretParser>()); } if (validator == null) { var validators = new List <ISecretValidator> { new HashedSharedSecretValidator(TestLogger.Create <HashedSharedSecretValidator>()), new PlainTextSharedSecretValidator(TestLogger.Create <PlainTextSharedSecretValidator>()) }; validator = new SecretValidator(new StubClock(), validators, TestLogger.Create <SecretValidator>()); } return(new ClientSecretValidator(clients, parser, validator, new TestEventService(), TestLogger.Create <ClientSecretValidator>())); }
public void Configuration(IAppBuilder app) { var scope = new InMemoryScopeStore(Scopes.Get()); var client = new InMemoryClientStore(Clients.Get()); var users = new InMemoryUserService(Users.Get()); var factory = new IdentityServerServiceFactory { UserService = new Registration <IUserService>(users), ScopeStore = new Registration <IScopeStore>(scope), ClientStore = new Registration <IClientStore>(client) }; var options = new IdentityServerOptions { RequireSsl = false, Factory = factory, SiteName = "My Test Provider", AuthenticationOptions = new AuthenticationOptions { IdentityProviders = ConfigureIpds }, SigningCertificate = X509.LocalMachine.My.SubjectDistinguishedName.Find("CN=testcert", false).First() }; app.UseIdentityServer(options); app.UseWelcomePage(); }
public static IdentityServerServiceFactory Configure() { var factory = new IdentityServerServiceFactory(); var scopeStore = new InMemoryScopeStore(Scopes.Get()); factory.ScopeStore = new Registration <IScopeStore>(resolver => scopeStore); var clientStore = new InMemoryClientStore(Clients.Get()); factory.ClientStore = new Registration <IClientStore>(resolver => clientStore); factory.CorsPolicyService = new Registration <ICorsPolicyService>(new DefaultCorsPolicyService { AllowAll = true }); var viewOptions = new DefaultViewServiceOptions(); viewOptions.Stylesheets.Add("/Content/wts.css"); viewOptions.CacheViews = false; factory.ConfigureDefaultViewService(viewOptions); return(factory); }
public static IdentityServerServiceFactory Configure(AppConfiguration config) { var factory = new IdentityServerServiceFactory(); var scopeStore = new InMemoryScopeStore(Scopes.Get()); factory.ScopeStore = new Registration <IScopeStore>(scopeStore); var clientStore = new InMemoryClientStore(Clients.Get(config)); factory.ClientStore = new Registration <IClientStore>(clientStore); var efConfig = new EntityFrameworkServiceOptions { ConnectionString = "Weee.DefaultConnection", Schema = "Identity" }; factory.RegisterOperationalServices(efConfig); var cleanup = new TokenCleanup(efConfig); cleanup.Start(); string connectionString = System.Configuration.ConfigurationManager.ConnectionStrings["Weee.DefaultConnection"].ConnectionString; var auditSecurityEventService = new SecurityEventDatabaseAuditor(connectionString); SecurityEventService eventService = new SecurityEventService(auditSecurityEventService); factory.Register <ISecurityEventAuditor>(new Registration <ISecurityEventAuditor>(auditSecurityEventService)); factory.EventService = new Registration <IEventService>(eventService); return(factory); }
public void AuthorizationCodePersists() { var subClaim = new Claim("sub", "*****@*****.**"); var emailClaim = new Claim("email", "*****@*****.**"); var code = new AuthorizationCode { Client = new Client { ClientId = "cid" }, RequestedScopes = new List <Scope> { new Scope { Description = "this is description", Enabled = true, Name = "sname", DisplayName = "This is Name!" } }, Subject = new ClaimsPrincipal(new ClaimsIdentity(new List <Claim> { subClaim, emailClaim })) }; var clients = new List <Client> { new Client { ClientId = "cid", ClientName = "cname", Enabled = true, SlidingRefreshTokenLifetime = 100, AccessTokenType = AccessTokenType.Jwt, Flow = Flows.Implicit } }; var clientStore = new InMemoryClientStore(clients); var scopes = new List <Scope> { new Scope { Description = "sdescription", Name = "sname", Enabled = true, Emphasize = false, IncludeAllClaimsForUser = true, Required = false, Type = ScopeType.Identity } }; var scopeStore = new InMemoryScopeStore(scopes); var store = new RedisAuthorizationCodeStore(clientStore, scopeStore, RedisServer); store.StoreAsync("key1", code).Wait(); var result = store.GetAsync("key1").Result; Assert.Equal(code.SubjectId, result.SubjectId); Assert.Equal(code.ClientId, result.ClientId); }
public static ClientValidator CreateClientValidator( IClientStore clients = null) { if (clients == null) { clients = new InMemoryClientStore(TestClients.Get()); } return(new ClientValidator(clients)); }
public static AuthorizeRequestValidator CreateAuthorizeRequestValidator( IdentityServerOptions options = null, IScopeStore scopes = null, IClientStore clients = null, IUserService users = null, ICustomRequestValidator customValidator = null, IRedirectUriValidator uriValidator = null, ScopeValidator scopeValidator = null, IDictionary <string, object> environment = null) { if (options == null) { options = TestIdentityServerOptions.Create(); } if (scopes == null) { scopes = new InMemoryScopeStore(TestScopes.Get()); } if (clients == null) { clients = new InMemoryClientStore(TestClients.Get()); } if (customValidator == null) { customValidator = new DefaultCustomRequestValidator(); } if (uriValidator == null) { uriValidator = new DefaultRedirectUriValidator(); } if (scopeValidator == null) { scopeValidator = new ScopeValidator(scopes); } IOwinContext context; if (environment == null) { context = new OwinContext(new Dictionary <string, object>()); } else { context = new OwinContext(environment); } return(new AuthorizeRequestValidator(options, clients, customValidator, uriValidator, scopeValidator, context)); }
public static AuthorizeRequestValidator CreateAuthorizeRequestValidator( IdentityServerOptions options = null, IScopeStore scopes = null, IClientStore clients = null, IUserService users = null, ICustomRequestValidator customValidator = null, IRedirectUriValidator uriValidator = null, ScopeValidator scopeValidator = null, IDictionary <string, object> environment = null) { if (options == null) { options = TestIdentityServerOptions.Create(); } if (scopes == null) { scopes = new InMemoryScopeStore(TestScopes.Get()); } if (clients == null) { clients = new InMemoryClientStore(TestClients.Get()); } if (customValidator == null) { customValidator = new DefaultCustomRequestValidator(); } if (uriValidator == null) { uriValidator = new StrictRedirectUriValidator(); } if (scopeValidator == null) { scopeValidator = new ScopeValidator(scopes, new LoggerFactory()); } var sessionCookie = new SessionCookie(IdentityServerContextHelper.Create(null, options)); return(new AuthorizeRequestValidator( options, clients, customValidator, uriValidator, scopeValidator, sessionCookie, new Logger <AuthorizeRequestValidator>(new LoggerFactory()) )); }
public static IdentityServerServiceFactory Create() { var scopes = new InMemoryScopeStore(TestScopes.Get()); var clients = new InMemoryClientStore(TestClients.Get()); var fact = new IdentityServerServiceFactory { ScopeStore = Registration.RegisterFactory <IScopeStore>((resolver) => scopes), ClientStore = Registration.RegisterFactory <IClientStore>((resolver) => clients) }; return(fact); }
public static IdentityServerServiceFactory Configure() { var factory = new IdentityServerServiceFactory(); var scopeStore = new InMemoryScopeStore(Scopes.Get()); factory.ScopeStore = new Registration <IScopeStore>(scopeStore); var clientStore = new InMemoryClientStore(Clients.Get()); factory.ClientStore = new Registration <IClientStore>(clientStore); return(factory); }
public static AuthorizeRequestValidator CreateAuthorizeRequestValidator( IdentityServerOptions options = null, IResourceStore resourceStore = null, IClientStore clients = null, IProfileService profile = null, ICustomAuthorizeRequestValidator customValidator = null, IRedirectUriValidator uriValidator = null, ScopeValidator scopeValidator = null) { if (options == null) { options = TestIdentityServerOptions.Create(); } if (resourceStore == null) { resourceStore = new InMemoryResourcesStore(TestScopes.GetIdentity(), TestScopes.GetApis()); } if (clients == null) { clients = new InMemoryClientStore(TestClients.Get()); } if (customValidator == null) { customValidator = new DefaultCustomAuthorizeRequestValidator(); } if (uriValidator == null) { uriValidator = new StrictRedirectUriValidator(); } if (scopeValidator == null) { scopeValidator = new ScopeValidator(resourceStore, new LoggerFactory().CreateLogger <ScopeValidator>()); } var sessionId = new MockSessionIdService(); return(new AuthorizeRequestValidator( options, clients, customValidator, uriValidator, scopeValidator, sessionId, TestLogger.Create <AuthorizeRequestValidator>())); }
public static IdentityServerServiceFactory Configure(string connString) { var factory = new IdentityServerServiceFactory(); factory.UserService = Registration <IUserService> .RegisterFactory(() => MembershipRebootUserServiceFactory.Factory(connString)); var scopeStore = new InMemoryScopeStore(Scopes.Get()); factory.ScopeStore = Registration.RegisterFactory <IScopeStore>(() => scopeStore); var clientStore = new InMemoryClientStore(Clients.Get()); factory.ClientStore = Registration.RegisterFactory <IClientStore>(() => clientStore); return(factory); }
public static IAppBuilder UseIdentityServer(this IAppBuilder app) { // uncomment to enable HSTS headers for the host // see: https://developer.mozilla.org/en-US/docs/Web/Security/HTTP_strict_transport_security //app.UseHsts(); app.Map("/core", coreApp => { //var factory = new IdentityServerServiceFactory() // .UseInMemoryUsers(Users.Get()) // .UseInMemoryClients(Clients.Get()) // .UseInMemoryScopes(Scopes.Get()); var factory = new IdentityServerServiceFactory(); var scopeStore = new InMemoryScopeStore(Scopes.Get()); factory.ScopeStore = new Registration <IScopeStore>(scopeStore); var clientStore = new InMemoryClientStore(Clients.Get()); factory.ClientStore = new Registration <IClientStore>(clientStore); factory.UseInMemoryUsers(Users.Get()); factory.CorsPolicyService = new Registration <ICorsPolicyService>(new DefaultCorsPolicyService { AllowAll = true }); factory.ConfigureClientStoreCache(); factory.ConfigureScopeStoreCache(); factory.ConfigureUserServiceCache(); var idsrvOptions = new IdentityServerOptions { Factory = factory, SigningCertificate = Cert.Load(), RequireSsl = false, AuthenticationOptions = new AuthenticationOptions { IdentityProviders = ConfigureIdentityProviders, }, }; coreApp.UseIdentityServer(idsrvOptions); }); return(app); }
public DefaultBackchannelAuthenticationInteractionServiceTests() { _clients.Add(_client = new Client { ClientId = "client", }); _clientStore = new InMemoryClientStore(_clients); _subject = new DefaultBackchannelAuthenticationInteractionService( _mockStore, _clientStore, _mockUserSession, _mockResourceValidator, _mockSystemClock, TestLogger.Create <DefaultBackchannelAuthenticationInteractionService>()); }
private static void ConfigureServices(IServiceCollection services) { services .AddHttpMessageSigning() .AddHttpMessageSignatureVerification(provider => { var clientStore = new InMemoryClientStore(); clientStore.Register(new Client( new KeyId("e0e8dcd638334c409e1b88daf821d135"), "HttpMessageSigningSampleHMAC", SignatureAlgorithm.CreateForVerification("yumACY64r%hm"), TimeSpan.FromMinutes(5), TimeSpan.FromMinutes(1), new Claim(SignedHttpRequestClaimTypes.Role, "users.read"))); return(clientStore); }); }
public static ClientValidator CreateClientValidator( IClientStore clients = null, IClientSecretValidator secretValidator = null) { if (clients == null) { clients = new InMemoryClientStore(ClientValidationTestClients.Get()); } if (secretValidator == null) { secretValidator = new HashedClientSecretValidator(); } return(new ClientValidator(clients, secretValidator)); }
public static IdentityServerServiceFactory Configure(string connString) { var factory = new IdentityServerServiceFactory(); factory.UserService = new Registration <IUserService>(resolver => AspNetIdentityUserServiceFactory.Factory(connString)); var scopeStore = new InMemoryScopeStore(Scopes.Get()); factory.ScopeStore = new Registration <IScopeStore>(resolver => scopeStore); var clientStore = new InMemoryClientStore(Clients.Get()); factory.ClientStore = new Registration <IClientStore>(resolver => clientStore); return(factory); }
public EndSessionRequestValidatorTests() { _user = IdentityServerPrincipal.Create("alice", "Alice"); _clientStore = new InMemoryClientStore(new Client[0]); _options = TestIdentityServerOptions.Create(); _subject = new EndSessionRequestValidator( _context, _options, _stubTokenValidator, _stubRedirectUriValidator, _userSession, _clientStore, _mockEndSessionMessageStore, TestLogger.Create <EndSessionRequestValidator>()); }
public static AuthorizeRequestValidator CreateAuthorizeRequestValidator( IdentityServerOptions options = null, IScopeStore scopes = null, IClientStore clients = null, IUserService users = null, ICustomRequestValidator customValidator = null, IRedirectUriValidator uriValidator = null, ScopeValidator scopeValidator = null, IDictionary <string, object> environment = null) { if (options == null) { options = TestIdentityServerOptions.Create(); } if (scopes == null) { scopes = new InMemoryScopeStore(TestScopes.Get()); } if (clients == null) { clients = new InMemoryClientStore(TestClients.Get()); } if (customValidator == null) { customValidator = new DefaultCustomRequestValidator(); } if (uriValidator == null) { uriValidator = new DefaultRedirectUriValidator(); } if (scopeValidator == null) { scopeValidator = new ScopeValidator(scopes); } var mockSessionCookie = new Mock <SessionCookie>((IOwinContext)null, (IdentityServerOptions)null); mockSessionCookie.CallBase = false; mockSessionCookie.Setup(x => x.GetSessionId()).Returns((string)null); return(new AuthorizeRequestValidator(options, clients, customValidator, uriValidator, scopeValidator, mockSessionCookie.Object)); }
public static IdentityServerServiceFactory Configure() { var factory = new IdentityServerServiceFactory(); var scopeStore = new InMemoryScopeStore(Scopes.Get()); factory.ScopeStore = new Registration <IScopeStore>(scopeStore); var clientStore = new InMemoryClientStore(Clients.Get()); factory.ClientStore = new Registration <IClientStore>(clientStore); factory.CorsPolicyService = new Registration <ICorsPolicyService>(new DefaultCorsPolicyService { AllowAll = true }); return(factory); }
public void CanSerializeAndDeserializeAClient() { var client = new Client { ClientId = "123", Enabled = true, AbsoluteRefreshTokenLifetime = 5, AccessTokenLifetime = 10, AccessTokenType = AccessTokenType.Jwt, AllowRememberConsent = true, RedirectUris = new List<string> { "http://foo.com" } }; var clientStore = new InMemoryClientStore(new Client[] { client }); var converter = new ClientConverter(clientStore); var settings = new JsonSerializerSettings(); settings.Converters.Add(converter); var json = JsonConvert.SerializeObject(client, settings); var result = JsonConvert.DeserializeObject<Client>(json, settings); Assert.Same(client, result); }