public async Task WhenAuthCalledThenTokenIsValidated() { var token = "token"; var claims = new List <Claim> { new Claim("customerId", "customerId"), new Claim("email", "email"), new Claim("given_name", "given_name"), new Claim("family_name", "family_name"), new Claim("exp", DateTimeOffset.Now.AddHours(2).ToUnixTimeSeconds().ToString()), }; A.CallTo(() => authClient.ValidateToken(token)).Returns(new JwtSecurityToken("test", "test", claims)); using var controller = new AuthController(authClient, log, defaultsettings, defaultVersionedFiles, defaultConfiguration, baseUrlService) { ControllerContext = new ControllerContext { HttpContext = defaultContext, }, }; controller.Url = new UrlHelper( new ActionContext(defaultContext, new RouteData(), new ActionDescriptor()) ); await controller.Auth(token).ConfigureAwait(false); A.CallTo(() => authClient.ValidateToken(token)).MustHaveHappened(); }
public async Task <IActionResult> Auth(string id_token) { JwtSecurityToken validatedToken; try { validatedToken = await authClient.ValidateToken(id_token); } catch (Exception ex) { logger.LogError(ex, "Failed to validate auth token."); return(Redirect($"{settings.DefaultRedirectUrl}/error")); } var claims = new List <Claim> { new Claim("CustomerId", validatedToken.Claims.FirstOrDefault(claim => claim.Type == "customerId")?.Value), new Claim(ClaimTypes.Email, validatedToken.Claims.FirstOrDefault(claim => claim.Type == "email")?.Value), new Claim(ClaimTypes.GivenName, validatedToken.Claims.FirstOrDefault(claim => claim.Type == "given_name")?.Value), new Claim(ClaimTypes.Surname, validatedToken.Claims.FirstOrDefault(claim => claim.Type == "family_name")?.Value), new Claim("DssToken", id_token), }; var expiryTime = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc); expiryTime = expiryTime.AddSeconds(double.Parse(validatedToken.Claims.First(claim => claim.Type == "exp").Value, new DateTimeFormatInfo())); var authProperties = new AuthenticationProperties() { AllowRefresh = false, ExpiresUtc = expiryTime, IsPersistent = true, }; await HttpContext.SignInAsync( new ClaimsPrincipal( new ClaimsIdentity( new List <Claim> { new Claim("bearer", CreateChildAppToken(claims, expiryTime)), new Claim(ClaimTypes.Name, $"{validatedToken.Claims.FirstOrDefault(claim => claim.Type == "given_name")?.Value} {validatedToken.Claims.FirstOrDefault(claim => claim.Type == "family_name")?.Value}"), }, CookieAuthenticationDefaults.AuthenticationScheme)), authProperties); return(Redirect(GetAndResetRedirectUrl())); }