public async Task user_endpoint_for_authenticated_user_without_csrf_header_should_fail() { await BffHost.IssueSessionCookieAsync(new Claim("sub", "alice"), new Claim("foo", "foo1"), new Claim("foo", "foo2")); var req = new HttpRequestMessage(HttpMethod.Get, BffHost.Url("/bff/user")); var response = await BffHost.BrowserClient.SendAsync(req); response.StatusCode.Should().Be(401); }
public async Task logout_endpoint_for_authenticated_user_without_sid_should_succeed() { await BffHost.IssueSessionCookieAsync("alice"); var response = await BffHost.BrowserClient.GetAsync(BffHost.Url("/bff/logout")); response.StatusCode.Should().Be(302); // endsession response.Headers.Location.ToString().ToLowerInvariant().Should().StartWith(IdentityServerHost.Url("/connect/endsession")); }
public async Task user_endpoint_for_authenticated_user_should_return_claims() { await BffHost.IssueSessionCookieAsync(new Claim("sub", "alice"), new Claim("foo", "foo1"), new Claim("foo", "foo2")); var claims = await BffHost.GetUserClaimsAsync(); claims.Length.Should().Be(3); claims.Should().Contain(new ClaimRecord("sub", "alice")); claims.Should().Contain(new ClaimRecord("foo", "foo1")); claims.Should().Contain(new ClaimRecord("foo", "foo2")); }
public async Task logout_endpoint_for_authenticated_user_without_sid_should_succeed() { // workaround for RevokeUserRefreshTokenAsync throwing when no RT in session BffHost.BffOptions.RevokeRefreshTokenOnLogout = false; await BffHost.InitializeAsync(); await BffHost.IssueSessionCookieAsync("alice"); var response = await BffHost.BrowserClient.GetAsync(BffHost.Url("/bff/logout")); response.StatusCode.Should().Be(302); // endsession response.Headers.Location.ToString().ToLowerInvariant().Should().StartWith(IdentityServerHost.Url("/connect/endsession")); }
public async Task user_endpoint_for_authenticated_user_with_sid_should_return_claims_including_logout() { await BffHost.IssueSessionCookieAsync( new Claim("sub", "alice"), new Claim("sid", "123")); var data = await BffHost.CallUserEndpointAsync(); data.Count.Should().Be(4); data.First(d => d.type == "sub").value.GetString().Should().Be("alice"); data.First(d => d.type == "sid").value.GetString().Should().Be("123"); data.First(d => d.type == Constants.ClaimTypes.LogoutUrl).value.GetString().Should().Be("/bff/logout?sid=123"); data.First(d => d.type == Constants.ClaimTypes.SessionExpiresIn).value.GetInt32().Should().BePositive(); }
public async Task user_endpoint_for_authenticated_user_should_return_claims() { await BffHost.IssueSessionCookieAsync( new Claim("sub", "alice"), new Claim("foo", "foo1"), new Claim("foo", "foo2")); var data = await BffHost.CallUserEndpointAsync(); data.Count.Should().Be(4); data.First(d => d.type == "sub").value.GetString().Should().Be("alice"); var foos = data.Where(d => d.type == "foo"); foos.Count().Should().Be(2); foos.First().value.GetString().Should().Be("foo1"); foos.Skip(1).First().value.GetString().Should().Be("foo2"); data.First(d => d.type == Constants.ClaimTypes.SessionExpiresIn).value.GetInt32().Should().BePositive(); }