public async Task ExecuteResultAsync_InvokesSignInAsyncOnConfiguredScheme() { // Arrange var principal = new ClaimsPrincipal(); var authProperties = new AuthenticationProperties(); var authenticationManager = new Mock<AuthenticationManager>(); authenticationManager .Setup(c => c.SignInAsync("Scheme1", principal, authProperties)) .Returns(TaskCache.CompletedTask) .Verifiable(); var httpContext = new Mock<HttpContext>(); httpContext.Setup(c => c.RequestServices).Returns(CreateServices()); httpContext.Setup(c => c.Authentication).Returns(authenticationManager.Object); var result = new SignInResult("Scheme1", principal, authProperties); var routeData = new RouteData(); var actionContext = new ActionContext( httpContext.Object, routeData, new ActionDescriptor()); // Act await result.ExecuteResultAsync(actionContext); // Assert authenticationManager.Verify(); }
public async Task <IActionResult> Accept() { ApplicationUser au = await _userManager.GetUserAsync(HttpContext.User); if (au == null) { return(LocalRedirect("/error")); } OpenIdConnectRequest request = HttpContext.GetOpenIdConnectRequest(); AuthorizeViewModel avm = await FillFromRequest(request); if (avm == null) { return(LocalRedirect("/error")); } AuthenticationTicket ticket = TicketCounter.MakeClaimsForInteractive(au, avm); Microsoft.AspNetCore.Mvc.SignInResult sr = SignIn(ticket.Principal, ticket.Properties, ticket.AuthenticationScheme); return(sr); }
public async Task <IActionResult> Accept(CancellationToken cancellationToken) { ApplicationUser au = await _userManager.GetUserAsync(HttpContext.User); if (au == null) { return(View("Error", new AuthorizeErrorViewModel() { Error = "No such user", ErrorDescription = "Failed to find specified user" })); } OpenIdConnectRequest request = HttpContext.GetOpenIdConnectRequest(); ClaimsIdentity identity = new ClaimsIdentity(OpenIdConnectServerDefaults.AuthenticationScheme, OpenIdConnectConstants.Claims.Name, OpenIdConnectConstants.Claims.Role); // We serialize the user_id so we can determine which user the caller of this token is string userid = _userManager.GetUserId(HttpContext.User); identity.AddClaim( new Claim(OpenIdConnectConstants.Claims.Subject, userid) .SetDestinations(OpenIdConnectConstants.Destinations.AccessToken, OpenIdConnectConstants.Destinations.IdentityToken)); // We serialize the grant_type so we can user discriminate rate-limits. AuthorizationCode grants have the highest rate-limit allowance identity.AddClaim( new Claim("grant_type", OpenIdConnectConstants.GrantTypes.AuthorizationCode) .SetDestinations(OpenIdConnectConstants.Destinations.AccessToken, OpenIdConnectConstants.Destinations.IdentityToken)); // We serialize the client_id so we can monitor for usage patterns of a given app, and also to allow for app-based token revokes. identity.AddClaim( new Claim("client_id", request.ClientId) .SetDestinations(OpenIdConnectConstants.Destinations.AccessToken, OpenIdConnectConstants.Destinations.IdentityToken)); RegisteredApplication ra = await(from entity in _mockifyContext.Applications where entity.ClientId == request.ClientId select entity).SingleOrDefaultAsync(cancellationToken); if (ra == null) { return(View("Error", new AuthorizeErrorViewModel { Error = OpenIdConnectConstants.Errors.InvalidClient, ErrorDescription = "Details concerning the calling client " + "application cannot be found in the database" })); } AuthenticationTicket ticket = new AuthenticationTicket(new ClaimsPrincipal(identity), new AuthenticationProperties(), OpenIdConnectServerDefaults.AuthenticationScheme); List <string> scopesToAdd = new List <string>() { OpenIdConnectConstants.Scopes.OpenId, OpenIdConnectConstants.Scopes.OfflineAccess, SpotifyScope.Public.Name, }; if (!String.IsNullOrWhiteSpace(request.Scope)) { foreach (string scope in request.Scope.Split(',')) { if (SpotifyScope.IdMap.ContainsKey(scope) && !scopesToAdd.Contains(scope)) { scopesToAdd.Add(scope); } } } ticket.SetScopes(scopesToAdd); ticket.SetResources("resource_server"); // ?? what is this Microsoft.AspNetCore.Mvc.SignInResult sr = SignIn(ticket.Principal, ticket.Properties, ticket.AuthenticationScheme); return(sr); }