private static TestServer CreateServer(UmaIntrospectionOptions umaIntrospectionOptions) { var builder = new WebHostBuilder() .ConfigureServices((services) => { InitializeServices(services, umaIntrospectionOptions); }) .UseStartup(typeof(FakeStartup)); return(new TestServer(builder)); }
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory) { loggerFactory.AddConsole(); app.UseStatusCodePages(); // I. ENABLE USER INFORMATION AUTHENTICATION /* * var options = new UserInformationOptions * { * UserInformationEndPoint = "http://localhost:5000/userinfo" * }; * app.UseAuthenticationWithUserInformation(options); */ // II. ENABLE INTROSPECTION ENDPOINT /* * var options = new Oauth2IntrospectionOptions * { * InstrospectionEndPoint = "http://localhost:5000/introspect", * ClientId = "MyBlog", * ClientSecret = "MyBlog" * }; * app.UseAuthenticationWithIntrospection(options); */ // III. ENABLE UMA AUTHENTICATION var options = new UmaIntrospectionOptions { OpenIdWellKnownConfigurationUrl = "https://localhost:5443/.well-known/openid-configuration", ResourcesUrl = "https://localhost:5444/api/vs/resources", UmaConfigurationUrl = "https://localhost:5445/.well-known/uma-configuration" }; app.UseAuthenticationWithUmaIntrospection(options); app.UseMvc(routes => { routes.MapRoute( name: "default", template: "{controller}/{action}/{id?}"); }); }
public async Task When_Passing_Invalid_ResourceUrl_Then_Exception_Is_Thrown() { // ARRANGE var umaIntrospectionOptions = new UmaIntrospectionOptions { UmaConfigurationUrl = "http://localhost", ResourcesUrl = "invalid_url" }; var createServer = CreateServer(umaIntrospectionOptions); var httpRequestMessage = new HttpRequestMessage { Method = HttpMethod.Get, RequestUri = new Uri("http://localhost/operation") }; httpRequestMessage.Headers.Add("Authorization", "Bearer RPT"); var client = createServer.CreateClient(); // ACT & ASSERTS var exception = await Assert.ThrowsAsync <ArgumentException>(async() => await client.SendAsync(httpRequestMessage)).ConfigureAwait(false); Assert.True(exception.Message == $"url {umaIntrospectionOptions.ResourcesUrl} is not well formatted"); }
public async Task When_Permissions_Are_Returned_Then_Claims_Are_Added() { // ARRANGE var introspectionResponse = new IntrospectionResponse { IsActive = true, Permissions = new List <PermissionResponse> { new PermissionResponse { ResourceSetId = "resource_set_id", Scopes = new List <string> { "execute" } } } }; var searchOperationResponse = new List <ResourceResponse> { new ResourceResponse { ResourceSetId = "resource_set_id" } // ApplicationName = "application_name", // OperationName = "operation_name" }; var stubIdentityServerUmaClientFactory = new Mock <IIdentityServerUmaClientFactory>(); var stubIntrospectionClient = new Mock <IIntrospectionClient>(); stubIntrospectionClient .Setup(s => s.GetByResolution(It.IsAny <string>(), It.IsAny <string>())) .ReturnsAsync(introspectionResponse); stubIdentityServerUmaClientFactory .Setup(s => s.GetIntrospectionClient()) .Returns(() => stubIntrospectionClient.Object); var stubIdentityServerUmaManagerClientFactory = new Mock <IIdentityServerUmaManagerClientFactory>(); var stubOperationClient = new Mock <IResourceClient>(); stubOperationClient.Setup(s => s.SearchResources(It.IsAny <SearchResourceRequest>(), It.IsAny <Uri>(), It.IsAny <string>())) .ReturnsAsync(searchOperationResponse); stubIdentityServerUmaManagerClientFactory.Setup(s => s.GetResourceClient()) .Returns(stubOperationClient.Object); var umaIntrospectionOptions = new UmaIntrospectionOptions { UmaConfigurationUrl = "http://localhost/uma", ResourcesUrl = "http://localhost/resources", IdentityServerUmaManagerClientFactory = stubIdentityServerUmaManagerClientFactory.Object, IdentityServerUmaClientFactory = stubIdentityServerUmaClientFactory.Object }; var createServer = CreateServer(umaIntrospectionOptions); var httpRequestMessage = new HttpRequestMessage { Method = HttpMethod.Get, RequestUri = new Uri("http://localhost/operation") }; httpRequestMessage.Headers.Add("Authorization", "Bearer RPT"); var client = createServer.CreateClient(); // ACT var result = await client.SendAsync(httpRequestMessage).ConfigureAwait(false); // ASSERT Assert.True(result.StatusCode == HttpStatusCode.OK); }
private static void InitializeServices(IServiceCollection services, UmaIntrospectionOptions options) { services.AddSingleton(options); }