private ITokenRequestFactory CreateRequestFactory(ITokenManager tokenManager)
{
var clientIdValidatorMock = new Mock <IClientIdValidator>();
clientIdValidatorMock
.Setup(m => m.ValidateClientIdAsync(It.IsAny <string>()))
.ReturnsAsync(true);
clientIdValidatorMock
.Setup(m => m.ValidateClientCredentialsAsync(It.IsAny <string>(), It.IsAny <string>()))
.ReturnsAsync(true);
var redirectUriValidatorMock = new Mock <IRedirectUriResolver>();
redirectUriValidatorMock
.Setup(m => m.ResolveRedirectUriAsync(It.IsAny <string>(), It.IsAny <string>()))
.ReturnsAsync((string clientId, string redirectUrl) => RedirectUriResolutionResult.Valid(redirectUrl));
var scopeValidatorMock = new Mock <IScopeResolver>();
scopeValidatorMock
.Setup(m => m.ResolveScopesAsync(It.IsAny <string>(), It.IsAny <IEnumerable <string> >()))
.ReturnsAsync(
(string clientId, IEnumerable <string> scopes) =>
ScopeResolutionResult.Valid(scopes.Select(s => ApplicationScope.CanonicalScopes.TryGetValue(s, out var parsedScope) ? parsedScope : new ApplicationScope(clientId, s))));
return(new TokenRequestFactory(
clientIdValidatorMock.Object,
redirectUriValidatorMock.Object,
scopeValidatorMock.Object,
Enumerable.Empty <ITokenRequestValidator>(),
tokenManager,
new TimeStampManager(),
new ProtocolErrorProvider()));
}
private static IAuthorizationRequestFactory CreateAuthorizationRequestFactory(bool validClientId = true, bool validRedirectUri = true, bool validScopes = true)
{
var clientIdValidator = new Mock <IClientIdValidator>();
clientIdValidator
.Setup(c => c.ValidateClientIdAsync(It.IsAny <string>()))
.ReturnsAsync(validClientId);
var redirectUriValidatorMock = new Mock <IRedirectUriResolver>();
redirectUriValidatorMock
.Setup(m => m.ResolveRedirectUriAsync(It.IsAny <string>(), It.IsAny <string>()))
.ReturnsAsync((string clientId, string redirectUrl) => validRedirectUri ?
RedirectUriResolutionResult.Valid(redirectUrl ?? "http://www.example.com/registered") :
RedirectUriResolutionResult.Invalid(ProtocolErrorProvider.InvalidRedirectUri(redirectUrl)));
var scopeValidatorMock = new Mock <IScopeResolver>();
scopeValidatorMock
.Setup(m => m.ResolveScopesAsync(It.IsAny <string>(), It.IsAny <IEnumerable <string> >()))
.ReturnsAsync(
(string clientId, IEnumerable <string> scopes) => validScopes ?
ScopeResolutionResult.Valid(scopes.Select(s => ApplicationScope.CanonicalScopes.TryGetValue(s, out var parsedScope) ? parsedScope : new ApplicationScope(clientId, s))) :
ScopeResolutionResult.Invalid(ProtocolErrorProvider.InvalidScope(scopes.First())));
return(new AuthorizationRequestFactory(
clientIdValidator.Object,
redirectUriValidatorMock.Object,
scopeValidatorMock.Object,
Enumerable.Empty <IAuthorizationRequestValidator>(),
new ProtocolErrorProvider()));
}
public async Task <RedirectUriResolutionResult> ResolveRedirectUriAsync(string clientId, string redirectUrl)
{
if (clientId == null)
{
throw new ArgumentNullException(nameof(clientId));
}
var app = await _applicationManager.FindByClientIdAsync(clientId);
if (app == null)
{
return(RedirectUriResolutionResult.Invalid(_errorProvider.InvalidClientId(clientId)));
}
var redirectUris = await _applicationManager.FindRegisteredUrisAsync(app);
if (redirectUrl == null && redirectUris.Count() == 1)
{
return(RedirectUriResolutionResult.Valid(redirectUris.Single()));
}
foreach (var uri in redirectUris)
{
if (string.Equals(uri, redirectUrl, StringComparison.Ordinal))
{
return(RedirectUriResolutionResult.Valid(redirectUrl));
}
}
return(RedirectUriResolutionResult.Invalid(_errorProvider.InvalidRedirectUri(redirectUrl)));
}
public async Task <RedirectUriResolutionResult> ResolveLogoutUriAsync(string clientId, string logoutUrl)
{
if (logoutUrl == null)
{
return(RedirectUriResolutionResult.Valid(logoutUrl));
}
var sessions = await _sessionManager.GetCurrentSessions();
if (clientId == null)
{
foreach (var identity in sessions.Identities)
{
if (identity.HasClaim(IdentityServiceClaimTypes.LogoutRedirectUri, logoutUrl))
{
return(RedirectUriResolutionResult.Valid(logoutUrl));
}
}
return(RedirectUriResolutionResult.Invalid(null));
}
foreach (var identity in sessions.Identities)
{
if (identity.HasClaim(IdentityServiceClaimTypes.ClientId, clientId) &&
identity.HasClaim(IdentityServiceClaimTypes.LogoutRedirectUri, logoutUrl))
{
return(RedirectUriResolutionResult.Valid(logoutUrl));
}
}
return(RedirectUriResolutionResult.Invalid(null));
}
private IRedirectUriResolver GetRedirectUriValidator(bool isRedirectUriValid)
{
var mock = new Mock <IRedirectUriResolver>();
mock.Setup(m => m.ResolveRedirectUriAsync(It.IsAny <string>(), It.IsAny <string>()))
.ReturnsAsync((string clientId, string redirectUri) => isRedirectUriValid ?
RedirectUriResolutionResult.Valid(redirectUri) :
RedirectUriResolutionResult.Invalid(ProtocolErrorProvider.MissingRequiredParameter(OpenIdConnectParameterNames.RedirectUri)));
return(mock.Object);
}