public async void ExchangeCodeAsync_SendsTokenRequest_ReturnsErrorResponse()
{
var handler = new TestMessageHandler();
var response = new HttpResponseMessage(System.Net.HttpStatusCode.BadRequest)
{
Content = new StringContent(string.Empty)
};
handler.Response = response;
var client = new HttpClient(handler);
var opts = new CloudFoundryOAuthOptions()
{
Backchannel = client
};
var testHandler = GetTestHandler(opts);
var resp = await testHandler.TestExchangeCodeAsync("code", "http://redirectUri");
Assert.NotNull(handler.LastRequest);
Assert.Equal(HttpMethod.Post, handler.LastRequest.Method);
Assert.Equal(opts.TokenEndpoint.ToLowerInvariant(), handler.LastRequest.RequestUri.ToString().ToLowerInvariant());
Assert.NotNull(resp);
Assert.NotNull(resp.Error);
Assert.Contains("OAuth token endpoint failure", resp.Error.Message);
}
public void BuildChallengeUrl_CreatesCorrectUrl()
{
TestMessageHandler handler = new TestMessageHandler();
var response = new HttpResponseMessage(System.Net.HttpStatusCode.OK)
{
Content = new StringContent(TestHelpers.GetValidTokenRequestResponse())
};
handler.Response = response;
HttpClient client = new HttpClient(handler);
var opts = new CloudFoundryOAuthOptions()
{
Backchannel = client
};
MyTestCloudFoundryHandler testHandler = GetTestHandler(opts);
var logger = new LoggerFactory().CreateLogger("ExchangeCodeAsync_SendsTokenRequest");
AuthenticationProperties props = new AuthenticationProperties();
string result = testHandler.TestBuildChallengeUrl(props, "http://foo.bar/redirect");
Assert.Equal("http://Default_OAuthServiceUrl/oauth/authorize?response_type=code&client_id=Default_ClientId&redirect_uri=http%3A%2F%2Ffoo.bar%2Fredirect&scope=", result);
}
public async void ExchangeCodeAsync_SendsTokenRequest_ReturnsValidTokenInfo()
{
var handler = new TestMessageHandler();
var response = new HttpResponseMessage(System.Net.HttpStatusCode.OK)
{
Content = new StringContent(TestHelpers.GetValidTokenRequestResponse())
};
handler.Response = response;
var client = new HttpClient(handler);
var opts = new CloudFoundryOAuthOptions()
{
Backchannel = client
};
var testHandler = GetTestHandler(opts);
var resp = await testHandler.TestExchangeCodeAsync("code", "redirectUri");
Assert.NotNull(handler.LastRequest);
Assert.Equal(HttpMethod.Post, handler.LastRequest.Method);
Assert.Equal(opts.TokenEndpoint.ToLowerInvariant(), handler.LastRequest.RequestUri.ToString().ToLowerInvariant());
Assert.NotNull(resp);
Assert.NotNull(resp.Response);
Assert.Equal("bearer", resp.TokenType);
Assert.NotNull(resp.AccessToken);
Assert.NotNull(resp.RefreshToken);
}
public async void CreateTicketAsync_SendsTokenInfoRequest_ReturnsValidTokenInfo()
{
var handler = new TestMessageHandler();
var response = new HttpResponseMessage(System.Net.HttpStatusCode.OK)
{
Content = new StringContent(TestHelpers.GetValidTokenInfoRequestResponse())
};
handler.Response = response;
var client = new HttpClient(handler);
var opts = new CloudFoundryOAuthOptions()
{
Backchannel = client
};
var testHandler = GetTestHandler(opts);
var identity = new ClaimsIdentity();
var payload = JsonDocument.Parse(TestHelpers.GetValidTokenInfoRequestResponse());
var tokens = OAuthTokenResponse.Success(payload);
var resp = await testHandler.TestCreateTicketAsync(identity, new AuthenticationProperties(), tokens);
Assert.NotNull(handler.LastRequest);
Assert.Equal(HttpMethod.Post, handler.LastRequest.Method);
Assert.Equal(opts.TokenInfoUrl.ToLowerInvariant(), handler.LastRequest.RequestUri.ToString().ToLowerInvariant());
Assert.Equal("testssouser", identity.Name);
Assert.Equal(4, identity.Claims.Count());
identity.HasClaim(ClaimTypes.Email, "*****@*****.**");
identity.HasClaim(ClaimTypes.NameIdentifier, "13bb6841-e4d6-4a9a-876c-9ef13aa61cc7");
identity.HasClaim(ClaimTypes.Name, "testssouser");
identity.HasClaim("openid", string.Empty);
}
public void GetTokenInfoRequestMessage_ReturnsCorrectly()
{
HttpClient client = new HttpClient(new TestMessageHandler());
var opts = new CloudFoundryOAuthOptions()
{
Backchannel = client
};
MyTestCloudFoundryHandler testHandler = GetTestHandler(opts);
#if NETCOREAPP3_0
var payload = JsonDocument.Parse(TestHelpers.GetValidTokenInfoRequestResponse());
var tokens = OAuthTokenResponse.Success(payload);
#else
var payload = JObject.Parse(TestHelpers.GetValidTokenInfoRequestResponse());
var tokens = OAuthTokenResponse.Success(payload);
#endif
var message = testHandler.GetTokenInfoRequestMessage(tokens);
Assert.NotNull(message);
var content = message.Content as FormUrlEncodedContent;
Assert.NotNull(content);
Assert.Equal(HttpMethod.Post, message.Method);
message.Headers.Accept.Contains(new MediaTypeWithQualityHeaderValue("application/json"));
}
private MyTestCloudFoundryHandler GetTestHandler(CloudFoundryOAuthOptions options)
{
var loggerFactory = new LoggerFactory();
IOptionsMonitor <CloudFoundryOAuthOptions> monitor = new MonitorWrapper <CloudFoundryOAuthOptions>(options);
var encoder = UrlEncoder.Default;
var clock = new TestClock();
var testHandler = new MyTestCloudFoundryHandler(monitor, loggerFactory, encoder, clock);
testHandler.InitializeAsync(
new AuthenticationScheme(CloudFoundryDefaults.AuthenticationScheme, CloudFoundryDefaults.AuthenticationScheme, typeof(CloudFoundryOAuthHandler)),
new DefaultHttpContext()).Wait();
return(testHandler);
}
public void GetTokenInfoRequestParameters_ReturnsCorrectly()
{
var client = new HttpClient(new TestMessageHandler());
var opts = new CloudFoundryOAuthOptions()
{
Backchannel = client
};
var testHandler = GetTestHandler(opts);
var payload = JsonDocument.Parse(TestHelpers.GetValidTokenInfoRequestResponse());
var tokens = OAuthTokenResponse.Success(payload);
var parameters = testHandler.GetTokenInfoRequestParameters(tokens);
Assert.NotNull(parameters);
Assert.Equal(parameters["token"], tokens.AccessToken);
}
public void DefaultConstructor_SetsupDefaultOptions()
{
CloudFoundryOAuthOptions opts = new CloudFoundryOAuthOptions();
string authURL = "http://" + CloudFoundryDefaults.OAuthServiceUrl;
Assert.Equal(CloudFoundryDefaults.AuthenticationScheme, opts.ClaimsIssuer);
Assert.Equal(CloudFoundryDefaults.ClientId, opts.ClientId);
Assert.Equal(CloudFoundryDefaults.ClientSecret, opts.ClientSecret);
Assert.Equal(new PathString("/signin-cloudfoundry"), opts.CallbackPath);
Assert.Equal(authURL + CloudFoundryDefaults.AuthorizationUri, opts.AuthorizationEndpoint);
Assert.Equal(authURL + CloudFoundryDefaults.AccessTokenUri, opts.TokenEndpoint);
Assert.Equal(authURL + CloudFoundryDefaults.UserInfoUri, opts.UserInformationEndpoint);
Assert.Equal(authURL + CloudFoundryDefaults.CheckTokenUri, opts.TokenInfoUrl);
Assert.True(opts.ValidateCertificates);
Assert.Equal(6, opts.ClaimActions.Count());
Assert.Equal(CookieAuthenticationDefaults.AuthenticationScheme, opts.SignInScheme);
Assert.True(opts.SaveTokens);
}
public void GetTokenRequestMessage_ReturnsCorrectly()
{
var opts = new CloudFoundryOAuthOptions()
{
Backchannel = new HttpClient(new TestMessageHandler())
};
MyTestCloudFoundryHandler testHandler = GetTestHandler(opts);
var message = testHandler.GetTokenRequestMessage("code", "redirectUri");
Assert.NotNull(message);
var content = message.Content as FormUrlEncodedContent;
Assert.NotNull(content);
Assert.Equal(HttpMethod.Post, message.Method);
message.Headers.Accept.Contains(new MediaTypeWithQualityHeaderValue("application/json"));
}
public void GetTokenRequestParameters_ReturnsCorrectly()
{
var opts = new CloudFoundryOAuthOptions()
{
Backchannel = new HttpClient(new TestMessageHandler())
};
MyTestCloudFoundryHandler testHandler = GetTestHandler(opts);
var parameters = testHandler.GetTokenRequestParameters("code", "redirectUri");
Assert.NotNull(parameters);
Assert.Equal(parameters["client_id"], opts.ClientId);
Assert.Equal("redirectUri", parameters["redirect_uri"]);
Assert.Equal(parameters["client_secret"], opts.ClientSecret);
Assert.Equal("code", parameters["code"]);
Assert.Equal("authorization_code", parameters["grant_type"]);
}
public void Configure_NoServiceInfo_ReturnsExpected()
{
var opts = new CloudFoundryOAuthOptions();
CloudFoundryOAuthConfigurer.Configure(null, opts);
var authURL = "http://" + CloudFoundryDefaults.OAuthServiceUrl;
Assert.Equal(CloudFoundryDefaults.AuthenticationScheme, opts.ClaimsIssuer);
Assert.Equal(CloudFoundryDefaults.ClientId, opts.ClientId);
Assert.Equal(CloudFoundryDefaults.ClientSecret, opts.ClientSecret);
Assert.Equal(new PathString("/signin-cloudfoundry"), opts.CallbackPath);
Assert.Equal(authURL + CloudFoundryDefaults.AuthorizationUri, opts.AuthorizationEndpoint);
Assert.Equal(authURL + CloudFoundryDefaults.AccessTokenUri, opts.TokenEndpoint);
Assert.Equal(authURL + CloudFoundryDefaults.UserInfoUri, opts.UserInformationEndpoint);
Assert.Equal(authURL + CloudFoundryDefaults.CheckTokenUri, opts.TokenInfoUrl);
Assert.True(opts.ValidateCertificates);
Assert.Equal(6, opts.ClaimActions.Count());
Assert.Equal(CookieAuthenticationDefaults.AuthenticationScheme, opts.SignInScheme);
Assert.True(opts.SaveTokens);
Assert.Null(opts.BackchannelHttpHandler);
}
public void Configure_WithServiceInfo_ReturnsExpected()
{
CloudFoundryOAuthOptions opts = new CloudFoundryOAuthOptions();
SsoServiceInfo info = new SsoServiceInfo("foobar", "clientId", "secret", "http://domain");
CloudFoundryOAuthConfigurer.Configure(info, opts);
string authURL = "http://domain";
Assert.Equal(CloudFoundryDefaults.AuthenticationScheme, opts.ClaimsIssuer);
Assert.Equal("clientId", opts.ClientId);
Assert.Equal("secret", opts.ClientSecret);
Assert.Equal(new PathString("/signin-cloudfoundry"), opts.CallbackPath);
Assert.Equal(authURL + CloudFoundryDefaults.AuthorizationUri, opts.AuthorizationEndpoint);
Assert.Equal(authURL + CloudFoundryDefaults.AccessTokenUri, opts.TokenEndpoint);
Assert.Equal(authURL + CloudFoundryDefaults.UserInfoUri, opts.UserInformationEndpoint);
Assert.Equal(authURL + CloudFoundryDefaults.CheckTokenUri, opts.TokenInfoUrl);
Assert.True(opts.ValidateCertificates);
Assert.Equal(6, opts.ClaimActions.Count());
Assert.Equal(CookieAuthenticationDefaults.AuthenticationScheme, opts.SignInScheme);
Assert.True(opts.SaveTokens);
Assert.Null(opts.BackchannelHttpHandler);
}
