public async Task When_Passing_Null_Parameters_To_The_Action_ExternalUserAuthentication_Then_Exception_Is_Thrown()
{
// ARRANGE
InitializeFakeObjects();
var claims = new List <Claim>
{
new Claim("sub", "subject")
};
var authorizationParameter = new AuthorizationParameter();
// ACTS & ASSERTS
await Assert.ThrowsAsync <ArgumentNullException>(() => _authenticateActions.ExternalOpenIdUserAuthentication(null, null, null));
await Assert.ThrowsAsync <ArgumentNullException>(() => _authenticateActions.ExternalOpenIdUserAuthentication(claims, null, null));
await Assert.ThrowsAsync <ArgumentNullException>(() => _authenticateActions.ExternalOpenIdUserAuthentication(claims, authorizationParameter, null));
}
public async Task <ActionResult> LoginCallbackOpenId(string code, string error)
{
if (string.IsNullOrWhiteSpace(code))
{
throw new ArgumentNullException("code");
}
// 1 : retrieve the request from the cookie
var cookieName = string.Format(ExternalAuthenticateCookieName, code);
var request = Request.Cookies[string.Format(ExternalAuthenticateCookieName, code)];
if (request == null)
{
throw new IdentityServerException(Core.Errors.ErrorCodes.UnhandledExceptionCode,
Core.Errors.ErrorDescriptions.TheRequestCannotBeExtractedFromTheCookie);
}
// 2 : remove the cookie
Response.Cookies.Append(cookieName, string.Empty,
new CookieOptions {
Expires = DateTime.UtcNow.AddDays(-1)
});
// 3 : Raise an exception is there's an authentication error
if (!string.IsNullOrWhiteSpace(error))
{
throw new IdentityServerException(
Core.Errors.ErrorCodes.UnhandledExceptionCode,
string.Format(Core.Errors.ErrorDescriptions.AnErrorHasBeenRaisedWhenTryingToAuthenticate, error));
}
// 4. Check if the user is authenticated
var authenticatedUser = await this.GetAuthenticatedUserExternal();
if (authenticatedUser == null ||
!authenticatedUser.Identity.IsAuthenticated ||
!(authenticatedUser.Identity is ClaimsIdentity))
{
throw new IdentityServerException(
Core.Errors.ErrorCodes.UnhandledExceptionCode,
Core.Errors.ErrorDescriptions.TheUserNeedsToBeAuthenticated);
}
// 5. Rerieve the claims
var claimsIdentity = authenticatedUser.Identity as ClaimsIdentity;
var claims = claimsIdentity.Claims.ToList();
// 6. Try to authenticate the resource owner & returns the claims.
var authorizationRequest = _dataProtector.Unprotect <AuthorizationRequest>(request);
var actionResult = await _authenticateActions.ExternalOpenIdUserAuthentication(
claims,
authorizationRequest.ToParameter(),
request);
// 7. Store claims into new cookie
if (actionResult.ActionResult != null)
{
var authenticationManager = this.GetAuthenticationManager();
await SetLocalCookie(authenticationManager, actionResult.Claims);
await authenticationManager.SignOutAsync(Authentication.Middleware.Constants.CookieName);
await LogAuthenticateUser(actionResult.ActionResult, authorizationRequest.ProcessId);
return(this.CreateRedirectionFromActionResult(actionResult.ActionResult,
authorizationRequest));
}
return(RedirectToAction("OpenId", "Authenticate", new { code = code }));
}