private void WvLogin_Navigating(object sender, WebNavigatingEventArgs e) { if (e.Url.Contains("https://xamarin-oidc-sample/redirect")) { wvLogin.IsVisible = false; // parse response _authResponse = new AuthorizeResponse(e.Url); // CSRF check var state = _authResponse.Values["state"]; if (state != _currentCSRFToken) { txtResult.Text = "CSRF token doesn't match"; return; } string decodedTokens = ""; // decode tokens if (!string.IsNullOrWhiteSpace(_authResponse.IdentityToken)) { decodedTokens += "Identity token \r\n"; decodedTokens += DecodeToken(_authResponse.IdentityToken) + "\r\n"; } if (!string.IsNullOrWhiteSpace(_authResponse.AccessToken)) { decodedTokens += "Access token \r\n"; decodedTokens += DecodeToken(_authResponse.AccessToken); } txtResult.Text = decodedTokens; } }
private async Task StartFlowAsync(string responseType, string scope) { Exception exception = null; try { _response = await WebAuthentication.DoImplicitFlowAsync( new Uri(Constants.AuthorizeEndpoint), "implicitclient", responseType, scope); Output.Text = _response.Raw; ParseResponse(); } catch (Exception ex) { exception = ex; } if (exception != null) { var md = new MessageDialog(exception.ToString()); await md.ShowAsync(); } }
public async Task signout_callback_with_mismatched_id_token_hint_should_not_pass_along_logout_message() { await _mockPipeline.LoginAsync("bob"); var url = _mockPipeline.CreateAuthorizeUrl( clientId: "client1", responseType: "id_token", scope: "openid", redirectUri: "https://client1/callback", state: "123_state", nonce: "123_nonce"); _mockPipeline.BrowserClient.AllowAutoRedirect = false; var response = await _mockPipeline.BrowserClient.GetAsync(url); var authorization = new IdentityModel.Client.AuthorizeResponse(response.Headers.Location.ToString()); var id_token = authorization.IdentityToken; await _mockPipeline.LoginAsync("alice"); _mockPipeline.BrowserClient.AllowAutoRedirect = true; response = await _mockPipeline.BrowserClient.GetAsync(IdentityServerPipeline.EndSessionEndpoint + "?id_token_hint=" + id_token + "&post_logout_redirect_uri=https://client1/signout-callback"); _mockPipeline.LogoutRequest.ClientId.Should().BeNull(); _mockPipeline.LogoutRequest.PostLogoutRedirectUri.Should().BeNull(); }
public async Task login_response_and_consent_response_should_receive_authorization_response() { _mockPipeline.Subject = IdentityServerPrincipal.Create("bob", "Bob Loblaw"); _mockPipeline.SignInResponse = new SignInResponse(); _mockPipeline.ConsentResponse = new ConsentResponse() { ScopesConsented = new string[] { "openid", "api1", "profile" } }; _browser.StopRedirectingAfter = 4; var url = CreateAuthorizeUrl( clientId: "client2", responseType: "id_token token", scope: "openid profile api1 api2", redirectUri: "https://client2/callback", state: "123_state", nonce: "123_nonce"); var response = await _client.GetAsync(url); response.StatusCode.Should().Be(HttpStatusCode.Redirect); response.Headers.Location.ToString().Should().StartWith("https://client2/callback"); var authorization = new IdentityModel.Client.AuthorizeResponse(response.Headers.Location.ToString()); authorization.IsError.Should().BeFalse(); authorization.IdentityToken.Should().NotBeNull(); authorization.State.Should().Be("123_state"); var scopes = authorization.Scope.Split(' '); scopes.ShouldAllBeEquivalentTo(new string[] { "profile", "api1", "openid" }); }
public async Task consent_response_should_allow_successful_authorization_response() { await _mockPipeline.LoginAsync("bob"); _mockPipeline.ConsentResponse = new ConsentResponse() { ScopesConsented = new string[] { "openid", "api2" } }; _mockPipeline.BrowserClient.StopRedirectingAfter = 2; var url = _mockPipeline.CreateAuthorizeUrl( clientId: "client2", responseType: "id_token token", scope: "openid profile api1 api2", redirectUri: "https://client2/callback", state: "123_state", nonce: "123_nonce"); var response = await _mockPipeline.BrowserClient.GetAsync(url); response.StatusCode.Should().Be(HttpStatusCode.Redirect); response.Headers.Location.ToString().Should().StartWith("https://client2/callback"); var authorization = new IdentityModel.Client.AuthorizeResponse(response.Headers.Location.ToString()); authorization.IsError.Should().BeFalse(); authorization.IdentityToken.Should().NotBeNull(); authorization.State.Should().Be("123_state"); var scopes = authorization.Scope.Split(' '); scopes.ShouldAllBeEquivalentTo(new string[] { "api2", "openid" }); }
private void webView_Navigating(object sender, NavigatingCancelEventArgs e) { if (e.Uri.ToString().StartsWith(_callbackUri.AbsoluteUri)) { if (e.Uri.AbsoluteUri.Contains("#")) { AuthorizeResponse = new AuthorizeResponse(e.Uri.AbsoluteUri); } else { var document = (IHTMLDocument3)((WebBrowser)sender).Document; var inputElements = document.getElementsByTagName("INPUT").OfType<IHTMLElement>(); var resultUrl = "?"; foreach (var input in inputElements) { resultUrl += input.getAttribute("name") + "="; resultUrl += input.getAttribute("value") + "&"; } resultUrl = resultUrl.TrimEnd('&'); AuthorizeResponse = new AuthorizeResponse(resultUrl); } e.Cancel = true; this.Visibility = Visibility.Hidden; if (Done != null) { Done.Invoke(this, AuthorizeResponse); } } }
public async Task consent_response_missing_required_scopes_should_error() { await _mockPipeline.LoginAsync("bob"); _mockPipeline.ConsentResponse = new ConsentResponse() { ScopesValuesConsented = new string[] { "api2" } }; _mockPipeline.BrowserClient.StopRedirectingAfter = 2; var url = _mockPipeline.CreateAuthorizeUrl( clientId: "client2", responseType: "id_token token", scope: "openid profile api1 api2", redirectUri: "https://client2/callback", state: "123_state", nonce: "123_nonce"); var response = await _mockPipeline.BrowserClient.GetAsync(url); response.StatusCode.Should().Be(HttpStatusCode.Redirect); response.Headers.Location.ToString().Should().StartWith("https://client2/callback"); var authorization = new IdentityModel.Client.AuthorizeResponse(response.Headers.Location.ToString()); authorization.IsError.Should().BeTrue(); authorization.Error.Should().Be("access_denied"); authorization.State.Should().Be("123_state"); }
public async Task Request_with_response_type_code_supported() { await _mockPipeline.LoginAsync("bob"); var metadata = await _mockPipeline.BackChannelClient.GetAsync(IdentityServerPipeline.DiscoveryEndpoint); metadata.StatusCode.Should().Be(HttpStatusCode.OK); var state = Guid.NewGuid().ToString(); var nonce = Guid.NewGuid().ToString(); var url = _mockPipeline.CreateAuthorizeUrl( clientId: "code_client", responseType: "code", scope: "openid", redirectUri: "https://code_client/callback", state: state, nonce: nonce); var response = await _mockPipeline.BrowserClient.GetAsync(url); response.StatusCode.Should().Be(HttpStatusCode.Found); var authorization = new IdentityModel.Client.AuthorizeResponse(response.Headers.Location.ToString()); authorization.IsError.Should().BeFalse(); authorization.Code.Should().NotBeNull(); authorization.State.Should().Be(state); }
public async Task get_request_should_redirect_to_configured_logout_path() { _mockPipeline.Options.UserInteraction.LogoutUrl = "/logout"; _mockPipeline.Options.UserInteraction.LogoutIdParameter = "id"; await _mockPipeline.LoginAsync("bob"); var url = _mockPipeline.CreateAuthorizeUrl( clientId: "client1", responseType: "id_token", scope: "openid", redirectUri: "https://client1/callback", state: "123_state", nonce: "123_nonce"); _mockPipeline.BrowserClient.AllowAutoRedirect = false; var response = await _mockPipeline.BrowserClient.GetAsync(url); var authorization = new IdentityModel.Client.AuthorizeResponse(response.Headers.Location.ToString()); var id_token = authorization.IdentityToken; response = await _mockPipeline.BrowserClient.GetAsync(IdentityServerPipeline.EndSessionEndpoint + "?id_token_hint=" + id_token + "&post_logout_redirect_uri=https://client1/signout-callback"); response.StatusCode.Should().Be(HttpStatusCode.Redirect); response.Headers.Location.ToString().Should().StartWith("https://server/logout?id="); }
private void webView_Navigating(object sender, NavigatingCancelEventArgs e) { if (e.Uri.ToString().StartsWith(_callbackUri.AbsoluteUri)) { AuthorizeResponse = new AuthorizeResponse(e.Uri.AbsoluteUri); e.Cancel = true; this.Visibility = System.Windows.Visibility.Hidden; if (Done != null) { Done.Invoke(this, AuthorizeResponse); } } }
public async Task Restricted_implicit_client_can_request_IdToken() { await _mockPipeline.LoginAsync(_user); var url = _mockPipeline.CreateAuthorizeUrl("client2", "id_token", "openid", "https://client2/callback", "state", "nonce"); _mockPipeline.BrowserClient.AllowAutoRedirect = false; var response = await _mockPipeline.BrowserClient.GetAsync(url); response.StatusCode.Should().Be(HttpStatusCode.Found); response.Headers.Location.AbsoluteUri.Should().StartWith("https://client2/callback"); var authorization = new IdentityModel.Client.AuthorizeResponse(response.Headers.Location.ToString()); authorization.IdentityToken.Should().NotBeNull(); authorization.AccessToken.Should().BeNull(); }
public async Task login_response_and_consent_response_should_receive_authorization_response(Type storeType) { if (storeType != null) { _mockPipeline.OnPostConfigureServices += services => { services.AddTransient(typeof(IAuthorizationParametersMessageStore), storeType); }; _mockPipeline.Initialize(); } _mockPipeline.Subject = new IdentityServerUser("bob").CreatePrincipal(); _mockPipeline.ConsentResponse = new ConsentResponse() { ScopesValuesConsented = new string[] { "openid", "api1", "profile" } }; _mockPipeline.BrowserClient.StopRedirectingAfter = 4; var url = _mockPipeline.CreateAuthorizeUrl( clientId: "client2", responseType: "id_token token", scope: "openid profile api1 api2", redirectUri: "https://client2/callback", state: "123_state", nonce: "123_nonce"); var response = await _mockPipeline.BrowserClient.GetAsync(url); response.StatusCode.Should().Be(HttpStatusCode.Redirect); response.Headers.Location.ToString().Should().StartWith("https://client2/callback"); var authorization = new IdentityModel.Client.AuthorizeResponse(response.Headers.Location.ToString()); authorization.IsError.Should().BeFalse(); authorization.IdentityToken.Should().NotBeNull(); authorization.State.Should().Be("123_state"); var scopes = authorization.Scope.Split(' '); scopes.Should().BeEquivalentTo(new string[] { "profile", "api1", "openid" }); }
public async Task signout_should_support_POST() { await _mockPipeline.LoginAsync("bob"); var url = _mockPipeline.CreateAuthorizeUrl( clientId: "client1", responseType: "id_token", scope: "openid", redirectUri: "https://client1/callback", state: "123_state", nonce: "123_nonce"); _mockPipeline.BrowserClient.AllowAutoRedirect = false; var response = await _mockPipeline.BrowserClient.GetAsync(url); var authorization = new IdentityModel.Client.AuthorizeResponse(response.Headers.Location.ToString()); var id_token = authorization.IdentityToken; _mockPipeline.BrowserClient.AllowAutoRedirect = true; var values = new List <KeyValuePair <string, string> >(); values.Add(new KeyValuePair <string, string>("id_token_hint", id_token)); values.Add(new KeyValuePair <string, string>("post_logout_redirect_uri", "https://client1/signout-callback")); var content = new FormUrlEncodedContent(values); response = await _mockPipeline.BrowserClient.PostAsync(IdentityServerPipeline.EndSessionEndpoint, content); _mockPipeline.LogoutWasCalled.Should().BeTrue(); _mockPipeline.LogoutRequest.Should().NotBeNull(); _mockPipeline.LogoutRequest.ClientId.Should().Be("client1"); _mockPipeline.LogoutRequest.PostLogoutRedirectUri.Should().Be("https://client1/signout-callback"); var parts = _mockPipeline.LogoutRequest.SignOutIFrameUrl.Split('?'); parts[0].Should().Be(IdentityServerPipeline.EndSessionCallbackEndpoint); var iframeUrl = QueryHelpers.ParseNullableQuery(parts[1]); iframeUrl["endSessionId"].FirstOrDefault().Should().NotBeNull(); }
private async Task LoginUsingUsernameAndPasswordAsync() { const string responseType = "code id_token"; //implicit flow: "id_token token" // Space-separated list of scopes we want to receive var scopes = $"openid email profile offline_access {TimesheetConstants.ApiScope}"; var nonce = GenerateNonce(); // Unique token for the authorization request. try { var redirectUri = WebAuthenticationBroker.GetCurrentApplicationCallbackUri(); var request = new AuthorizeRequest(TimesheetConstants.AuthorizeEndpoint); var authUrl = request.CreateAuthorizeUrl(TimesheetConstants.ClientId, responseType, scopes, redirectUri.ToString(), nonce: nonce); var requestUri = new Uri(authUrl); var result = await WebAuthenticationBroker.AuthenticateAsync(WebAuthenticationOptions.None, requestUri, redirectUri); if (result.ResponseStatus == WebAuthenticationStatus.Success) { // Successful authentication, but we only have the ID token. var response = new AuthorizeResponse(result.ResponseData); // We need to ask for the access token and refresh tokens now. var tokenResponse = await GetAuthTokenAsync(response); // Store the tokens in the password vault ApiService.StoreTokenInVault(tokenResponse); // And finish the login process await FinishLoginAsync(tokenResponse); } } catch (Exception ex) { var dlg = new MessageDialog(ex.Message, "Error"); await dlg.ShowAsync(); } }
public async Task consent_response_of_temporarily_unavailable_should_return_error_to_client(Type storeType) { if (storeType != null) { _mockPipeline.OnPostConfigureServices += services => { services.AddTransient(typeof(IAuthorizationParametersMessageStore), storeType); }; _mockPipeline.Initialize(); } await _mockPipeline.LoginAsync("bob"); _mockPipeline.ConsentResponse = new ConsentResponse() { Error = AuthorizationError.TemporarilyUnavailable, ErrorDescription = "some description" }; _mockPipeline.BrowserClient.StopRedirectingAfter = 2; var url = _mockPipeline.CreateAuthorizeUrl( clientId: "client2", responseType: "id_token token", scope: "openid profile api1 api2", redirectUri: "https://client2/callback", state: "123_state", nonce: "123_nonce"); var response = await _mockPipeline.BrowserClient.GetAsync(url); response.StatusCode.Should().Be(HttpStatusCode.Redirect); response.Headers.Location.ToString().Should().StartWith("https://client2/callback"); var authorization = new IdentityModel.Client.AuthorizeResponse(response.Headers.Location.ToString()); authorization.IsError.Should().BeTrue(); authorization.Error.Should().Be("temporarily_unavailable"); authorization.ErrorDescription.Should().Be("some description"); }
public async Task valid_id_token_hint_but_no_post_logout_redirect_uri_should_not_use_any_of_multiple_registered_post_logout_redirect_uri() { await _mockPipeline.LoginAsync("bob"); _mockPipeline.BrowserClient.AllowAutoRedirect = false; var url = _mockPipeline.CreateAuthorizeUrl( clientId: "client2", responseType: "id_token", scope: "openid", redirectUri: "https://client2/callback", state: "123_state", nonce: "123_nonce"); var response = await _mockPipeline.BrowserClient.GetAsync(url); var authorization = new IdentityModel.Client.AuthorizeResponse(response.Headers.Location.ToString()); var id_token = authorization.IdentityToken; _mockPipeline.BrowserClient.AllowAutoRedirect = true; response = await _mockPipeline.BrowserClient.GetAsync(IdentityServerPipeline.EndSessionEndpoint + "?id_token_hint=" + id_token); _mockPipeline.LogoutRequest.PostLogoutRedirectUri.Should().BeNull(); }
public async Task signin_response_should_allow_successful_authorization_response() { _mockPipeline.Subject = new IdentityServerUser("bob").CreatePrincipal(); _mockPipeline.BrowserClient.StopRedirectingAfter = 2; var url = _mockPipeline.CreateAuthorizeUrl( clientId: "client1", responseType: "id_token", scope: "openid", redirectUri: "https://client1/callback", state: "123_state", nonce: "123_nonce"); var response = await _mockPipeline.BrowserClient.GetAsync(url); response.StatusCode.Should().Be(HttpStatusCode.Redirect); response.Headers.Location.ToString().Should().StartWith("https://client1/callback"); var authorization = new IdentityModel.Client.AuthorizeResponse(response.Headers.Location.ToString()); authorization.IsError.Should().BeFalse(); authorization.IdentityToken.Should().NotBeNull(); authorization.State.Should().Be("123_state"); }
public async Task authenticated_user_with_valid_request_should_receive_authorization_response() { await _mockPipeline.LoginAsync("bob"); _mockPipeline.BrowserClient.AllowAutoRedirect = false; var url = _mockPipeline.CreateAuthorizeUrl( clientId: "client1", responseType: "id_token", scope: "openid", redirectUri: "https://client1/callback", state: "123_state", nonce: "123_nonce"); var response = await _mockPipeline.BrowserClient.GetAsync(url); response.StatusCode.Should().Be(HttpStatusCode.Redirect); response.Headers.Location.ToString().Should().StartWith("https://client1/callback"); var authorization = new IdentityModel.Client.AuthorizeResponse(response.Headers.Location.ToString()); authorization.IsError.Should().BeFalse(); authorization.IdentityToken.Should().NotBeNull(); authorization.State.Should().Be("123_state"); }
private Task<AuthorizeResult> ParseResponse(string webViewResponse, AuthorizeResult result) { var response = new AuthorizeResponse(webViewResponse); if (response.IsError) { result.Error = response.Error; return Task.FromResult(result); } if (string.IsNullOrEmpty(response.Code)) { result.Error = "Missing authorization code"; return Task.FromResult(result); } if (string.IsNullOrEmpty(response.IdentityToken)) { result.Error = "Missing identity token"; return Task.FromResult(result); } result.IdentityToken = response.IdentityToken; result.Code = response.Code; result.IsError = false; return Task.FromResult(result); }
public async Task login_response_and_consent_response_should_receive_authorization_response() { _mockPipeline.Subject = IdentityServerPrincipal.Create("bob", "Bob Loblaw"); _mockPipeline.SignInResponse = new SignInResponse(); _mockPipeline.ConsentResponse = new ConsentResponse() { ScopesConsented = new string[] { "openid", "api1", "profile" } }; _mockPipeline.BrowserClient.StopRedirectingAfter = 4; var url = _mockPipeline.CreateAuthorizeUrl( clientId: "client2", responseType: "id_token token", scope: "openid profile api1 api2", redirectUri: "https://client2/callback", state: "123_state", nonce: "123_nonce"); var response = await _mockPipeline.BrowserClient.GetAsync(url); response.StatusCode.Should().Be(HttpStatusCode.Redirect); response.Headers.Location.ToString().Should().StartWith("https://client2/callback"); var authorization = new IdentityModel.Client.AuthorizeResponse(response.Headers.Location.ToString()); authorization.IsError.Should().BeFalse(); authorization.IdentityToken.Should().NotBeNull(); authorization.State.Should().Be("123_state"); var scopes = authorization.Scope.Split(' '); scopes.ShouldAllBeEquivalentTo(new string[] { "profile", "api1", "openid" }); }
public async Task consent_response_missing_required_scopes_should_error() { await _mockPipeline.LoginAsync("bob"); _mockPipeline.ConsentResponse = new ConsentResponse() { ScopesConsented = new string[] { "api2" } }; _mockPipeline.BrowserClient.StopRedirectingAfter = 2; var url = _mockPipeline.CreateAuthorizeUrl( clientId: "client2", responseType: "id_token token", scope: "openid profile api1 api2", redirectUri: "https://client2/callback", state: "123_state", nonce: "123_nonce"); var response = await _mockPipeline.BrowserClient.GetAsync(url); response.StatusCode.Should().Be(HttpStatusCode.Redirect); response.Headers.Location.ToString().Should().StartWith("https://client2/callback"); var authorization = new IdentityModel.Client.AuthorizeResponse(response.Headers.Location.ToString()); authorization.IsError.Should().BeTrue(); authorization.Error.Should().Be("access_denied"); authorization.State.Should().Be("123_state"); }
public async Task signin_response_should_allow_successful_authorization_response() { _mockPipeline.Subject = IdentityServerPrincipal.Create("bob", "Bob Loblaw"); _mockPipeline.SignInResponse = new SignInResponse(); _mockPipeline.BrowserClient.StopRedirectingAfter = 2; var url = _mockPipeline.CreateAuthorizeUrl( clientId: "client1", responseType: "id_token", scope: "openid", redirectUri: "https://client1/callback", state: "123_state", nonce: "123_nonce"); var response = await _mockPipeline.BrowserClient.GetAsync(url); response.StatusCode.Should().Be(HttpStatusCode.Redirect); response.Headers.Location.ToString().Should().StartWith("https://client1/callback"); var authorization = new IdentityModel.Client.AuthorizeResponse(response.Headers.Location.ToString()); authorization.IsError.Should().BeFalse(); authorization.IdentityToken.Should().NotBeNull(); authorization.State.Should().Be("123_state"); }
private async void _login_Done(object sender, AuthorizeResponse e) { _result = await ValidateResponseAsync(e); ShowTokenResult(); }
private async Task<LoginResult> ValidateResponseAsync(AuthorizeResponse response) { // id_token validieren var tokenClaims = ValidateIdentityToken(response.IdentityToken); if (tokenClaims == null) { return new LoginResult { ErrorMessage = "Invalid identity token." }; } // nonce validieren var nonce = tokenClaims.FirstOrDefault(c => c.Type == JwtClaimTypes.Nonce); if (nonce == null || !string.Equals(nonce.Value, _nonce, StringComparison.Ordinal)) { return new LoginResult { ErrorMessage = "Inalid nonce." }; } // c_hash validieren var c_hash = tokenClaims.FirstOrDefault(c => c.Type == JwtClaimTypes.AuthorizationCodeHash); if (c_hash == null || ValidateCodeHash(c_hash.Value, response.Code) == false) { return new LoginResult { ErrorMessage = "Invalid code." }; } _provider = JwkNetExtensions.CreateProvider(); var jwk = _provider.ToJsonWebKey(); // code eintauschen gegen tokens var tokenClient = new TokenClient( _config.TokenEndpoint, _settings.ClientId, _settings.ClientSecret); var tokenResponse = await tokenClient.RequestAuthorizationCodePopAsync( code: response.Code, redirectUri: _settings.RedirectUri, codeVerifier: _verifier, algorithm: jwk.Alg, key: jwk.ToJwkString()); if (tokenResponse.IsError) { return new LoginResult { ErrorMessage = tokenResponse.Error }; } // optional userinfo aufrufen var profileClaims = new List<Claim>(); if (_settings.LoadUserProfile) { var userInfoClient = new UserInfoClient( new Uri(_config.UserInfoEndpoint), tokenResponse.AccessToken); var userInfoResponse = await userInfoClient.GetAsync(); profileClaims = userInfoResponse.GetClaimsIdentity().Claims.ToList(); } var principal = CreatePrincipal(tokenClaims, profileClaims); return new LoginResult { Success = true, User = principal, IdentityToken = response.IdentityToken, AccessToken = tokenResponse.AccessToken, RefreshToken = tokenResponse.RefreshToken, AccessTokenExpiration = DateTime.Now.AddSeconds(tokenResponse.ExpiresIn) }; }
private async System.Threading.Tasks.Task<TokenResponse> GetAuthTokenAsync(AuthorizeResponse response) { var redirectUri = WebAuthenticationBroker.GetCurrentApplicationCallbackUri(); // Let's get the actual (short lived) access token using the authorization code. var tokenClient = new TokenClient( TimesheetConstants.TokenEndpoint, TimesheetConstants.ClientId, "mysupersecretkey"); return await tokenClient.RequestAuthorizationCodeAsync(response.Code, redirectUri.ToString()); }
void _login_Done(object sender, AuthorizeResponse e) { _response = e; Textbox1.Text = e.Raw; }
private async void webView_Navigating(object sender, NavigatingCancelEventArgs e) { AuthorizeResponse response; if (e.Uri.ToString().StartsWith(_settings.RedirectUri)) { if (e.Uri.AbsoluteUri.Contains("#")) { response = new AuthorizeResponse(e.Uri.AbsoluteUri); } // form_post support else { var document = (IHTMLDocument3)((WebBrowser)sender).Document; var inputElements = document.getElementsByTagName("INPUT").OfType<IHTMLElement>(); var resultUrl = "?"; foreach (var input in inputElements) { resultUrl += input.getAttribute("name") + "="; resultUrl += input.getAttribute("value") + "&"; } resultUrl = resultUrl.TrimEnd('&'); response = new AuthorizeResponse(resultUrl); } e.Cancel = true; this.Visibility = Visibility.Hidden; var loginResult = await ValidateResponseAsync(response); Done?.Invoke(this, loginResult); } }
public async Task consent_response_should_allow_successful_authorization_response() { await LoginAsync("bob"); _mockPipeline.ConsentResponse = new ConsentResponse() { ScopesConsented = new string[] { "openid", "api2" } }; _browser.StopRedirectingAfter = 2; var url = CreateAuthorizeUrl( clientId: "client2", responseType: "id_token token", scope: "openid profile api1 api2", redirectUri: "https://client2/callback", state: "123_state", nonce: "123_nonce"); var response = await _client.GetAsync(url); response.StatusCode.Should().Be(HttpStatusCode.Redirect); response.Headers.Location.ToString().Should().StartWith("https://client2/callback"); var authorization = new IdentityModel.Client.AuthorizeResponse(response.Headers.Location.ToString()); authorization.IsError.Should().BeFalse(); authorization.IdentityToken.Should().NotBeNull(); authorization.State.Should().Be("123_state"); var scopes = authorization.Scope.Split(' '); scopes.ShouldAllBeEquivalentTo(new string[] { "api2", "openid" }); }