public async Task ExecuteResultAsync_InvokesSignInAsyncOnConfiguredScheme()
{
// Arrange
var principal = new ClaimsPrincipal();
var authProperties = new AuthenticationProperties();
var authenticationManager = new Mock<AuthenticationManager>();
authenticationManager
.Setup(c => c.SignInAsync("Scheme1", principal, authProperties))
.Returns(TaskCache.CompletedTask)
.Verifiable();
var httpContext = new Mock<HttpContext>();
httpContext.Setup(c => c.RequestServices).Returns(CreateServices());
httpContext.Setup(c => c.Authentication).Returns(authenticationManager.Object);
var result = new SignInResult("Scheme1", principal, authProperties);
var routeData = new RouteData();
var actionContext = new ActionContext(
httpContext.Object,
routeData,
new ActionDescriptor());
// Act
await result.ExecuteResultAsync(actionContext);
// Assert
authenticationManager.Verify();
}
public async Task <IActionResult> Accept()
{
ApplicationUser au = await _userManager.GetUserAsync(HttpContext.User);
if (au == null)
{
return(LocalRedirect("/error"));
}
OpenIdConnectRequest request = HttpContext.GetOpenIdConnectRequest();
AuthorizeViewModel avm = await FillFromRequest(request);
if (avm == null)
{
return(LocalRedirect("/error"));
}
AuthenticationTicket ticket = TicketCounter.MakeClaimsForInteractive(au, avm);
Microsoft.AspNetCore.Mvc.SignInResult sr = SignIn(ticket.Principal, ticket.Properties, ticket.AuthenticationScheme);
return(sr);
}
public async Task <IActionResult> Accept(CancellationToken cancellationToken)
{
ApplicationUser au = await _userManager.GetUserAsync(HttpContext.User);
if (au == null)
{
return(View("Error", new AuthorizeErrorViewModel()
{
Error = "No such user",
ErrorDescription = "Failed to find specified user"
}));
}
OpenIdConnectRequest request = HttpContext.GetOpenIdConnectRequest();
ClaimsIdentity identity = new ClaimsIdentity(OpenIdConnectServerDefaults.AuthenticationScheme, OpenIdConnectConstants.Claims.Name, OpenIdConnectConstants.Claims.Role);
// We serialize the user_id so we can determine which user the caller of this token is
string userid = _userManager.GetUserId(HttpContext.User);
identity.AddClaim(
new Claim(OpenIdConnectConstants.Claims.Subject, userid)
.SetDestinations(OpenIdConnectConstants.Destinations.AccessToken, OpenIdConnectConstants.Destinations.IdentityToken));
// We serialize the grant_type so we can user discriminate rate-limits. AuthorizationCode grants have the highest rate-limit allowance
identity.AddClaim(
new Claim("grant_type", OpenIdConnectConstants.GrantTypes.AuthorizationCode)
.SetDestinations(OpenIdConnectConstants.Destinations.AccessToken, OpenIdConnectConstants.Destinations.IdentityToken));
// We serialize the client_id so we can monitor for usage patterns of a given app, and also to allow for app-based token revokes.
identity.AddClaim(
new Claim("client_id", request.ClientId)
.SetDestinations(OpenIdConnectConstants.Destinations.AccessToken, OpenIdConnectConstants.Destinations.IdentityToken));
RegisteredApplication ra = await(from entity in _mockifyContext.Applications
where entity.ClientId == request.ClientId
select entity).SingleOrDefaultAsync(cancellationToken);
if (ra == null)
{
return(View("Error", new AuthorizeErrorViewModel {
Error = OpenIdConnectConstants.Errors.InvalidClient,
ErrorDescription = "Details concerning the calling client " +
"application cannot be found in the database"
}));
}
AuthenticationTicket ticket = new AuthenticationTicket(new ClaimsPrincipal(identity), new AuthenticationProperties(), OpenIdConnectServerDefaults.AuthenticationScheme);
List <string> scopesToAdd = new List <string>()
{
OpenIdConnectConstants.Scopes.OpenId,
OpenIdConnectConstants.Scopes.OfflineAccess,
SpotifyScope.Public.Name,
};
if (!String.IsNullOrWhiteSpace(request.Scope))
{
foreach (string scope in request.Scope.Split(','))
{
if (SpotifyScope.IdMap.ContainsKey(scope) && !scopesToAdd.Contains(scope))
{
scopesToAdd.Add(scope);
}
}
}
ticket.SetScopes(scopesToAdd);
ticket.SetResources("resource_server"); // ?? what is this
Microsoft.AspNetCore.Mvc.SignInResult sr = SignIn(ticket.Principal, ticket.Properties, ticket.AuthenticationScheme);
return(sr);
}
