public void HasScope_ReturnsExpectedResult(string scope, bool result) { // Arrange var request = new OpenIdConnectRequest(); request.Scope = scope; // Act and assert Assert.Equal(result, request.HasScope(OpenIdConnectConstants.Scopes.OpenId)); }
public void HasScope_ThrowsAnExceptionForNullOrEmptyScope(string scope) { // Arrange var request = new OpenIdConnectRequest(); // Act and assert var exception = Assert.Throws <ArgumentException>(delegate { request.HasScope(scope); }); Assert.Equal("scope", exception.ParamName); Assert.StartsWith("The scope cannot be null or empty.", exception.Message); }
private async Task <AuthenticationTicket> CreateTicket(OpenIdConnectRequest request, AuthenticationProperties properties = null) { //check if the client credentials exist var audience = await _audienceService.GetAudienceByIdSecret(request.ClientId, request.ClientSecret); if (audience == null) { return(null); } //var roles = audience.Channels?.Split(','); var principal = CreateClaims(request, audience.AppName); var ticket = new AuthenticationTicket(principal, properties, OpenIdConnectServerDefaults.AuthenticationScheme); string resources = audience.Resources; if (!request.IsRefreshTokenGrantType()) { foreach (var claim in principal.Claims) { switch (claim.Type) { case Claims.Email: if (request.HasScope(OpenIdConnectConstants.Scopes.Email)) { claim.SetDestinations(Destinations.IdentityToken); } break; case Claims.PhoneNumber: if (request.HasScope(OpenIdConnectConstants.Scopes.Phone)) { claim.SetDestinations(Destinations.IdentityToken); } break; case Claims.Picture: if (request.HasScope(OpenIdConnectConstants.Scopes.Profile)) { claim.SetDestinations(Destinations.IdentityToken); } break; case Claims.Region: break; default: claim.SetDestinations(Destinations.AccessToken, Destinations.IdentityToken); break; } } ticket.SetScopes(new[] { Scopes.OpenId, Scopes.Email, Scopes.Profile, Scopes.OfflineAccess, OpenIddictConstants.Scopes.Roles }.Intersect(request.GetScopes())); } ticket.SetResources(resources.Split(',')); return(ticket); }