public static AuthorizeRequestValidator CreateAuthorizeRequestValidator(
IdentityServerOptions options = null,
IScopeStore scopes = null,
IClientStore clients = null,
IProfileService profile = null,
ICustomRequestValidator customValidator = null,
IRedirectUriValidator uriValidator = null,
ScopeValidator scopeValidator = null,
IDictionary<string, object> environment = null)
{
if (options == null)
{
options = TestIdentityServerOptions.Create();
}
if (scopes == null)
{
scopes = new InMemoryScopeStore(TestScopes.Get());
}
if (clients == null)
{
clients = new InMemoryClientStore(TestClients.Get());
}
if (customValidator == null)
{
customValidator = new DefaultCustomRequestValidator();
}
if (uriValidator == null)
{
uriValidator = new StrictRedirectUriValidator();
}
if (scopeValidator == null)
{
scopeValidator = new ScopeValidator(scopes, new LoggerFactory());
}
var sessionCookie = new SessionCookie(IdentityServerContextHelper.Create(null, options));
return new AuthorizeRequestValidator(
options,
clients,
customValidator,
uriValidator,
scopeValidator,
sessionCookie,
new Logger<AuthorizeRequestValidator>(new LoggerFactory())
);
}
public TokenRequestValidator(IdentityServerOptions options, IAuthorizationCodeStore authorizationCodes, IRefreshTokenStore refreshTokens, IUserService users, CustomGrantValidator customGrantValidator, ICustomRequestValidator customRequestValidator, ScopeValidator scopeValidator, IEventService events, ILoggerFactory loggerFactory)
{
_logger = loggerFactory.CreateLogger<TokenRequestValidator>();
_options = options;
_authorizationCodes = authorizationCodes;
_refreshTokens = refreshTokens;
_users = users;
_customGrantValidator = customGrantValidator;
_customRequestValidator = customRequestValidator;
_scopeValidator = scopeValidator;
_events = events;
}
public TokenRequestValidator(IdentityServerOptions options, IAuthorizationCodeStore authorizationCodes, IRefreshTokenStore refreshTokens, IUserService users, CustomGrantValidator customGrantValidator, ICustomRequestValidator customRequestValidator, ScopeValidator scopeValidator, IEventService events, ILoggerFactory loggerFactory)
{
_logger = loggerFactory.CreateLogger <TokenRequestValidator>();
_options = options;
_authorizationCodes = authorizationCodes;
_refreshTokens = refreshTokens;
_users = users;
_customGrantValidator = customGrantValidator;
_customRequestValidator = customRequestValidator;
_scopeValidator = scopeValidator;
_events = events;
}
public TokenRequestValidator(IdentityServerOptions options, IAuthorizationCodeStore authorizationCodes, IRefreshTokenStore refreshTokens, IResourceOwnerPasswordValidator resourceOwnerValidator, IProfileService profile, CustomGrantValidator customGrantValidator, ICustomRequestValidator customRequestValidator, ScopeValidator scopeValidator, IEventService events, ILoggerFactory loggerFactory)
{
_logger = loggerFactory.CreateLogger<TokenRequestValidator>();
_options = options;
_authorizationCodes = authorizationCodes;
_refreshTokens = refreshTokens;
_resourceOwnerValidator = resourceOwnerValidator;
_profile = profile;
_customGrantValidator = customGrantValidator;
_customRequestValidator = customRequestValidator;
_scopeValidator = scopeValidator;
_events = events;
}
public TokenRequestValidator(IdentityServerOptions options, IAuthorizationCodeStore authorizationCodes, IRefreshTokenStore refreshTokens, IResourceOwnerPasswordValidator resourceOwnerValidator, IProfileService profile, CustomGrantValidator customGrantValidator, ICustomRequestValidator customRequestValidator, ScopeValidator scopeValidator, IEventService events, ILoggerFactory loggerFactory)
{
_logger = loggerFactory.CreateLogger <TokenRequestValidator>();
_options = options;
_authorizationCodes = authorizationCodes;
_refreshTokens = refreshTokens;
_resourceOwnerValidator = resourceOwnerValidator;
_profile = profile;
_customGrantValidator = customGrantValidator;
_customRequestValidator = customRequestValidator;
_scopeValidator = scopeValidator;
_events = events;
}
public AuthorizeRequestValidator(
IdentityServerOptions options,
IClientStore clients,
ICustomRequestValidator customValidator,
IRedirectUriValidator uriValidator,
ScopeValidator scopeValidator,
SessionCookie sessionCookie,
ILogger<AuthorizeRequestValidator> logger)
{
_options = options;
_clients = clients;
_customValidator = customValidator;
_uriValidator = uriValidator;
_scopeValidator = scopeValidator;
_sessionCookie = sessionCookie;
_logger = logger;
}
public AuthorizeRequestValidator(
IdentityServerOptions options,
IClientStore clients,
ICustomRequestValidator customValidator,
IRedirectUriValidator uriValidator,
ScopeValidator scopeValidator,
SessionCookie sessionCookie,
ILogger <AuthorizeRequestValidator> logger)
{
_options = options;
_clients = clients;
_customValidator = customValidator;
_uriValidator = uriValidator;
_scopeValidator = scopeValidator;
_sessionCookie = sessionCookie;
_logger = logger;
}
public static TokenRequestValidator CreateTokenRequestValidator(
IdentityServerOptions options = null,
IScopeStore scopes = null,
IAuthorizationCodeStore authorizationCodeStore = null,
IRefreshTokenStore refreshTokens = null,
IResourceOwnerPasswordValidator resourceOwnerValidator = null,
IProfileService profile = null,
IEnumerable<ICustomGrantValidator> customGrantValidators = null,
ICustomRequestValidator customRequestValidator = null,
ScopeValidator scopeValidator = null)
{
if (options == null)
{
options = TestIdentityServerOptions.Create();
}
if (scopes == null)
{
scopes = new InMemoryScopeStore(TestScopes.Get());
}
if (resourceOwnerValidator == null)
{
resourceOwnerValidator = new TestResourceOwnerPasswordValidator();
}
if (profile == null)
{
profile = new TestProfileService();
}
if (customRequestValidator == null)
{
customRequestValidator = new DefaultCustomRequestValidator();
}
CustomGrantValidator aggregateCustomValidator;
if (customGrantValidators == null)
{
aggregateCustomValidator = new CustomGrantValidator(new [] { new TestGrantValidator() }, new Logger<CustomGrantValidator>(new LoggerFactory()));
}
else
{
aggregateCustomValidator = new CustomGrantValidator(customGrantValidators, new Logger<CustomGrantValidator>(new LoggerFactory()));
}
if (refreshTokens == null)
{
refreshTokens = new InMemoryRefreshTokenStore();
}
if (scopeValidator == null)
{
scopeValidator = new ScopeValidator(scopes, new LoggerFactory());
}
return new TokenRequestValidator(
options,
authorizationCodeStore,
refreshTokens,
resourceOwnerValidator,
profile,
aggregateCustomValidator,
customRequestValidator,
scopeValidator,
new DefaultEventService(new LoggerFactory()),
new LoggerFactory());
}
public void ProcessConsentAsync_NoPromptMode_ConsentServiceRequiresConsent_ConsentGrantedButMissingRequiredScopes_ReturnsErrorResult()
{
RequiresConsent(true);
var client = new Client {};
var scopeValidator = new ScopeValidator(new InMemoryScopeStore(GetScopes()), new FakeLoggerFactory());
var request = new ValidatedAuthorizeRequest()
{
ResponseMode = OidcConstants.ResponseModes.Fragment,
State = "12345",
RedirectUri = "https://client.com/callback",
RequestedScopes = new List<string> { "openid", "read" },
ValidatedScopes = scopeValidator,
Client = client
};
var valid = scopeValidator.AreScopesValidAsync(request.RequestedScopes).Result;
var consent = new ConsentResponse
{
RememberConsent = false,
ScopesConsented = new string[] { "read" }
};
var result = _subject.ProcessConsentAsync(request, consent).Result;
result.IsError.Should().BeTrue();
result.Error.ErrorType.Should().Be(ErrorTypes.Client);
result.Error.Error.Should().Be(OidcConstants.AuthorizeErrors.AccessDenied);
AssertErrorReturnsRequestValues(result.Error, request);
AssertUpdateConsentNotCalled();
}