public void Constructor_CreatesWithUniqueIdAndProvidedInfo()
{
var target = new IdentifiedUser("01019098765", "pseudo-id-1");
target.Id.Should().NotBeEmpty();
target.NationalIdentifier.Should().Be("01019098765".Some());
target.Pseudonym.Should().Be("pseudo-id-1");
}
public void GetCustomClaims_ReturnsNationalIdAndPseudonym()
{
var target = new IdentifiedUser("01019098765", "pseudo-id-1");
var customClaims = target.GetCustomClaims().ToList();
customClaims.Should().Contain(x => x.Type == InternalClaims.NationalIdentifier && x.Value == "01019098765");
customClaims.Should().Contain(x => x.Type == InternalClaims.Pseudonym && x.Value == "pseudo-id-1");
}
public async Task ProcessExternalAuthentication_SuccessfulResultNativeClientButRedirectNotEnabled_ReturnsResultWithoutNativeRedirect()
{
//Arrange
var user = new ClaimsPrincipal(new ClaimsIdentity(new Claim[0]));
var authProps = new AuthenticationProperties
{
Items =
{
{ "scheme", "ext-scheme" },
{ "returnUrl", "~/authorize?requestId=123" }
}
};
var authTicket = new AuthenticationTicket(user, authProps, "ext-scheme");
var successfulAuthResult = AuthenticateResult.Success(authTicket);
var newInternalUser = new IdentifiedUser("08089403198", "pseudo-1");
var automocker = new AutoMocker();
automocker.Setup <IMediator, Task <IdentifiedUser> >(x =>
x.Send(It.IsAny <CreateFromExternalAuthentication.Command>(), It.IsAny <CancellationToken>()))
.ReturnsAsync(newInternalUser);
automocker
.Setup <IOptions <InteractionConfig>, InteractionConfig>(x => x.Value)
.Returns(new InteractionConfig
{
RequireAuthorizationRequest = false,
UseNativeRedirect = false
});
automocker.Setup <IIdentityServerInteractionService, Task <AuthorizationRequest> >(x =>
x.GetAuthorizationContextAsync("~/authorize?requestId=123"))
.ReturnsAsync(new AuthorizationRequest
{
RedirectUri = "native-scheme://some-path",
Client = new Client
{
ClientId = "client-a"
}
});
var target = automocker.CreateInstance <ExternalService>();
//Act
var result = await target.ProcessExternalAuthentication(successfulAuthResult);
//Assert
result.HasValue.Should().BeTrue();
var innerResult = result.ValueOrFailure();
innerResult.UseNativeClientRedirect.Should().BeFalse();
}
public async Task ProcessExternalAuthentication_SuccessfulResult_ReturnsAuthResultForCreatedInternalUser()
{
//Arrange
var claims = new []
{
new Claim("ident", "08089403198"),
};
var user = new ClaimsPrincipal(new ClaimsIdentity(claims));
var authProps = new AuthenticationProperties
{
Items =
{
{ "scheme", "ext-scheme" },
{ "returnUrl", "http://return.me.here/please" }
}
};
var authTicket = new AuthenticationTicket(user, authProps, "ext-scheme");
var successfulAuthResult = AuthenticateResult.Success(authTicket);
var newInternalUser = new IdentifiedUser("08089403198", "pseudo-1");
var automocker = new AutoMocker();
automocker
.Setup <IOptions <InteractionConfig>, InteractionConfig>(x => x.Value)
.Returns(new InteractionConfig
{
RequireAuthorizationRequest = false,
UseNativeRedirect = true
});
automocker.Setup <IMediator, Task <IdentifiedUser> >(x =>
x.Send(It.Is <CreateFromExternalAuthentication.Command>(c =>
c.Provider == "ext-scheme" &&
claims.All(c1 => c.ExternalClaims.Any(c2 => c2.Type == c1.Type))
), It.IsAny <CancellationToken>()))
.ReturnsAsync(newInternalUser);
var target = automocker.CreateInstance <ExternalService>();
//Act
var result = await target.ProcessExternalAuthentication(successfulAuthResult);
//Assert
result.HasValue.Should().BeTrue();
var innerResult = result.ValueOrFailure();
innerResult.IsUser.SubjectId.Should().Be(newInternalUser.Id.ToString());
innerResult.UseNativeClientRedirect.Should().BeFalse();
}
public async Task ProcessExternalAuthentication_AuthRequestRequiredButNotAvailable_ReturnsErrorResult()
{
//Arrange
var user = new ClaimsPrincipal(new ClaimsIdentity(new Claim[0]));
var authProps = new AuthenticationProperties
{
Items =
{
{ "scheme", "ext-scheme" },
{ "returnUrl", "~/authorize?requestId=123" }
}
};
var authTicket = new AuthenticationTicket(user, authProps, "ext-scheme");
var successfulAuthResult = AuthenticateResult.Success(authTicket);
var newInternalUser = new IdentifiedUser("08089403198", "pseudo-1");
var automocker = new AutoMocker();
automocker.Setup <IMediator, Task <IdentifiedUser> >(x =>
x.Send(It.IsAny <CreateFromExternalAuthentication.Command>(), It.IsAny <CancellationToken>()))
.ReturnsAsync(newInternalUser);
automocker
.Setup <IOptions <InteractionConfig>, InteractionConfig>(x => x.Value)
.Returns(new InteractionConfig
{
RequireAuthorizationRequest = true
});
automocker.Setup <IIdentityServerInteractionService, Task <AuthorizationRequest> >(x =>
x.GetAuthorizationContextAsync("~/authorize?requestId=123"))
.ReturnsAsync((AuthorizationRequest)null);
var target = automocker.CreateInstance <ExternalService>();
//Act
var result = await target.ProcessExternalAuthentication(successfulAuthResult);
//Assert
result.Should().Be(Option.None <ExtAuthenticationResult, string>("A valid authorization request is required for login."));
}
public async Task ProcessExternalAuthentication_SuccessfulResultWithExtInfo_AddsRelevantInfoAsClaims()
{
//Arrange
var idToken = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c";
var sessionId = "session-1";
var claims = new[]
{
new Claim(JwtClaimTypes.SessionId, sessionId)
};
var user = new ClaimsPrincipal(new ClaimsIdentity(claims));
var authProps = new AuthenticationProperties
{
Items =
{
{ "scheme", "ext-scheme" },
{ "returnUrl", "~/authorize?requestId=123" },
{ ".Token.id_token", idToken }
}
};
var authTicket = new AuthenticationTicket(user, authProps, "ext-scheme");
var successfulAuthResult = AuthenticateResult.Success(authTicket);
var newInternalUser = new IdentifiedUser("08089403198", "pseudo-1");
var automocker = new AutoMocker();
automocker.Setup <IMediator, Task <IdentifiedUser> >(x =>
x.Send(It.IsAny <CreateFromExternalAuthentication.Command>(), It.IsAny <CancellationToken>()))
.ReturnsAsync(newInternalUser);
automocker
.Setup <IOptions <InteractionConfig>, InteractionConfig>(x => x.Value)
.Returns(new InteractionConfig
{
RequireAuthorizationRequest = false
});
automocker.Setup <IIdentityServerInteractionService, Task <AuthorizationRequest> >(x =>
x.GetAuthorizationContextAsync("~/authorize?requestId=123"))
.ReturnsAsync(new AuthorizationRequest
{
RedirectUri = "native-scheme://some-path",
Client = new Client
{
ClientId = "client-a"
}
});
var target = automocker.CreateInstance <ExternalService>();
//Act
var result = await target.ProcessExternalAuthentication(successfulAuthResult);
//Assert
result.HasValue.Should().BeTrue();
var innerResult = result.ValueOrFailure();
innerResult.ExternalIdToken.Should().Be(idToken.Some());
innerResult.IsUser.AdditionalClaims.Should()
.Contain(c => c.Type == JwtClaimTypes.SessionId && c.Value == sessionId);
}
public void IsPinVerified_ShouldBeFalse()
{
var target = new IdentifiedUser("01019098765", "pseudo-id-1");
target.IsPinVerified.Should().BeFalse();
}
