public static async Task AssertLoginAsync(this IdentityServerPipeline idSvrPipeline, string username, string password) { var old = idSvrPipeline.BrowserClient.AllowAutoRedirect; try { var loginResponse = await idSvrPipeline.BrowserClient.GetAsync(IdentityServerPipeline.PermissionsPage); var html = await loginResponse.Content.ReadAsStringAsync(); var model = await loginResponse.GetModelAsync <LoginViewModel>(); var values = new Dictionary <string, string>(); values.Add("username", username); values.Add("password", password); values.Add(model.AntiForgery.Name, model.AntiForgery.Value); var postResponse = await idSvrPipeline.BrowserClient.PostAsync(IdentityServerPipeline.Authority + model.LoginUrl, new FormUrlEncodedContent(values)); postResponse.StatusCode.Should().Be(HttpStatusCode.OK); await postResponse.AssertPageAsync("permissions"); } finally { idSvrPipeline.BrowserClient.AllowAutoRedirect = old; } }
public ConnectivityTests() { _idSvrPipeline = new IdentityServerPipeline(); _idSvrPipeline.Clients.AddRange(new IdentityServer3.Core.Models.Client[] { _client = new IdentityServer3.Core.Models.Client { ClientId = ClientId, Flow = Flows.ResourceOwner, ClientSecrets = new List <Secret> { new Secret(ClientSecret.Sha256()) }, AllowedScopes = new List <string> { "openid", "profile", "email", "roles", "api1" } } }); _idSvrPipeline.Scopes.AddRange(new IdentityServer3.Core.Models.Scope[] { IdentityServer3.Core.Models.StandardScopes.OpenId, IdentityServer3.Core.Models.StandardScopes.Profile, IdentityServer3.Core.Models.StandardScopes.Email, IdentityServer3.Core.Models.StandardScopes.Roles, new IdentityServer3.Core.Models.Scope { Name = "api1", Type = ScopeType.Resource, ScopeSecrets = new List <IdentityServer3.Core.Models.Secret> { new IdentityServer3.Core.Models.Secret("secret".Sha256()) }, Claims = new List <IdentityServer3.Core.Models.ScopeClaim> { new IdentityServer3.Core.Models.ScopeClaim("role") } } }); _idSvrPipeline.Users.Add(new IdentityServer3.Core.Services.InMemory.InMemoryUser { Subject = "123", Username = Username, Password = Password, Claims = new Claim[] { new Claim("email", "*****@*****.**"), new Claim("role", "Admin") } }); _idSvrPipeline.Initialize(); _webApiPipeline = new WebApiPipeline(_idSvrPipeline.Handler); _webApiPipeline.Initialize(); }
public static async Task <AuthorizeResponse> GetAuthorizeResponseAsync(this IdentityServerPipeline idSvrPipeline, string clientId, string redirectUri, string responseType, string scope, string state = "state", string nonce = "nonce") { var old = idSvrPipeline.BrowserClient.AllowAutoRedirect; try { idSvrPipeline.BrowserClient.AllowAutoRedirect = false; var authorization = new AuthorizeRequest(IdentityServerPipeline.AuthorizeEndpoint); var url = authorization.CreateAuthorizeUrl(clientId, responseType, scope, redirectUri, state, nonce); var authorizeResponse = await idSvrPipeline.BrowserClient.GetAsync(url); authorizeResponse.StatusCode.Should().Be(HttpStatusCode.Found); var location = authorizeResponse.Headers.Location.ToString(); return(new AuthorizeResponse(location)); } finally { idSvrPipeline.BrowserClient.AllowAutoRedirect = old; } }