public void Should_Spport_Third_Party_Initiated_Login() { rpid = "rp-support_3rd_party_init_login"; // given OIDCThirdPartyLoginRequest thirdPartyRequest = new OIDCThirdPartyLoginRequest(); thirdPartyRequest.Iss = GetBaseUrl("/"); WebRequest webRequest = WebRequest.Create(clientInformation.InitiateLoginUri + "?" + thirdPartyRequest.SerializeToQueryString()); OIDCAuthorizationRequestMessage requestMessage = new OIDCAuthorizationRequestMessage(); requestMessage.ClientId = clientInformation.ClientId; requestMessage.Scope = new List<MessageScope>{ MessageScope.Openid }; requestMessage.ResponseType = new List<ResponseType>() { ResponseType.Code }; requestMessage.RedirectUri = clientInformation.RedirectUris[0]; requestMessage.Validate(); request = requestMessage.SerializeToQueryString(); param = providerMetadata.AuthorizationEndpoint; OpenIdRelyingParty rp = new OpenIdRelyingParty(); // when WebOperations.GetUrlContent(webRequest); semaphore.WaitOne(); OIDCAuthCodeResponseMessage response = rp.ParseAuthCodeResponse(result); // then response.Validate(); }
/// <summary> /// Method that sends authentication request to the OP. /// </summary> /// <param name="AuthenticateUrl">The URL to be used for the authentication request.</param> /// <param name="RequestMessage">The reuqest message to be sent to the OP.</param> /// <param name="Certificate">The certificate to be used, in case of a self-issued authentication.</param> /// <returns>The authentication response from the OP.</returns> public OIDCAuthImplicitResponseMessage Authenticate(string AuthenticateUrl, OIDCAuthorizationRequestMessage RequestMessage, X509Certificate2 Certificate = null) { if (new Uri(AuthenticateUrl).Scheme == "openid") { // we are dealing with a Self-Issued OpenID provider Dictionary<string, object> response = PerformSelfIssuedAuthentication(RequestMessage, Certificate); OIDCAuthImplicitResponseMessage responseMessage = new OIDCAuthImplicitResponseMessage(); responseMessage.DeserializeFromDictionary(response); return responseMessage; } else { string login_url = AuthenticateUrl + "?" + RequestMessage.SerializeToQueryString(); WebOperations.GetUrlContent(WebRequest.Create(login_url)); return null; } }
/// <summary> /// Method to perform third party initiated login. /// </summary> /// <param name="queryString">The query string representation of the authentication request</param> /// <param name="authEndpoint">The OP authorization endpoint</param> public void ThirdPartyInitiatedLogin(OIDCAuthorizationRequestMessage requestMessage, string authEndpoint) { string login_url = authEndpoint + "?" + requestMessage.SerializeToQueryString(); WebOperations.GetUrlContent(WebRequest.Create(login_url)); }
public void Should_Authenticate_With_IdToken_Token_Response_Type_Post() { rpid = "rp-response_mode-form_post"; // given OIDCAuthorizationRequestMessage requestMessage = new OIDCAuthorizationRequestMessage(); requestMessage.ClientId = clientInformation.ClientId; requestMessage.Scope = new List<MessageScope>() { MessageScope.Openid }; requestMessage.ResponseType = new List<ResponseType>() { ResponseType.IdToken, ResponseType.Token }; requestMessage.ResponseMode = "form_post"; requestMessage.RedirectUri = clientInformation.RedirectUris[1]; requestMessage.Nonce = WebOperations.RandomString(); requestMessage.State = WebOperations.RandomString(); requestMessage.Validate(); string login_url = GetBaseUrl("/authorization") + "?" + requestMessage.SerializeToQueryString(); OpenIdRelyingParty rp = new OpenIdRelyingParty(); // when Dictionary<string, object> html = WebOperations.GetUrlContent(WebRequest.Create(login_url), false); // then Assert.NotNull(html); CollectionAssert.Contains(html.Keys, "body"); string textHtml = (string)html["body"]; Assert.NotNull(textHtml); HtmlDocument document = new HtmlDocument(); document.LoadHtml(textHtml); HtmlNode formNode = document.DocumentNode.SelectNodes("//form")[0]; Assert.NotNull(formNode); Assert.AreEqual(formNode.Attributes["method"].Value.ToLower(), "post"); Assert.AreEqual(formNode.Attributes["action"].Value.ToLower(), requestMessage.RedirectUri); bool hasIdTokenInput = false; foreach (HtmlNode innode in formNode.SelectNodes("//input")) { if (innode.Attributes["name"].Value.Equals("access_token")) { hasIdTokenInput = true; } } Assert.IsTrue(hasIdTokenInput); }