public void Constructor_CreatesWithUniqueIdAndProvidedInfo() { var target = new IdentifiedUser("01019098765", "pseudo-id-1"); target.Id.Should().NotBeEmpty(); target.NationalIdentifier.Should().Be("01019098765".Some()); target.Pseudonym.Should().Be("pseudo-id-1"); }
public void GetCustomClaims_ReturnsNationalIdAndPseudonym() { var target = new IdentifiedUser("01019098765", "pseudo-id-1"); var customClaims = target.GetCustomClaims().ToList(); customClaims.Should().Contain(x => x.Type == InternalClaims.NationalIdentifier && x.Value == "01019098765"); customClaims.Should().Contain(x => x.Type == InternalClaims.Pseudonym && x.Value == "pseudo-id-1"); }
public async Task ProcessExternalAuthentication_SuccessfulResultNativeClientButRedirectNotEnabled_ReturnsResultWithoutNativeRedirect() { //Arrange var user = new ClaimsPrincipal(new ClaimsIdentity(new Claim[0])); var authProps = new AuthenticationProperties { Items = { { "scheme", "ext-scheme" }, { "returnUrl", "~/authorize?requestId=123" } } }; var authTicket = new AuthenticationTicket(user, authProps, "ext-scheme"); var successfulAuthResult = AuthenticateResult.Success(authTicket); var newInternalUser = new IdentifiedUser("08089403198", "pseudo-1"); var automocker = new AutoMocker(); automocker.Setup <IMediator, Task <IdentifiedUser> >(x => x.Send(It.IsAny <CreateFromExternalAuthentication.Command>(), It.IsAny <CancellationToken>())) .ReturnsAsync(newInternalUser); automocker .Setup <IOptions <InteractionConfig>, InteractionConfig>(x => x.Value) .Returns(new InteractionConfig { RequireAuthorizationRequest = false, UseNativeRedirect = false }); automocker.Setup <IIdentityServerInteractionService, Task <AuthorizationRequest> >(x => x.GetAuthorizationContextAsync("~/authorize?requestId=123")) .ReturnsAsync(new AuthorizationRequest { RedirectUri = "native-scheme://some-path", Client = new Client { ClientId = "client-a" } }); var target = automocker.CreateInstance <ExternalService>(); //Act var result = await target.ProcessExternalAuthentication(successfulAuthResult); //Assert result.HasValue.Should().BeTrue(); var innerResult = result.ValueOrFailure(); innerResult.UseNativeClientRedirect.Should().BeFalse(); }
public async Task ProcessExternalAuthentication_SuccessfulResult_ReturnsAuthResultForCreatedInternalUser() { //Arrange var claims = new [] { new Claim("ident", "08089403198"), }; var user = new ClaimsPrincipal(new ClaimsIdentity(claims)); var authProps = new AuthenticationProperties { Items = { { "scheme", "ext-scheme" }, { "returnUrl", "http://return.me.here/please" } } }; var authTicket = new AuthenticationTicket(user, authProps, "ext-scheme"); var successfulAuthResult = AuthenticateResult.Success(authTicket); var newInternalUser = new IdentifiedUser("08089403198", "pseudo-1"); var automocker = new AutoMocker(); automocker .Setup <IOptions <InteractionConfig>, InteractionConfig>(x => x.Value) .Returns(new InteractionConfig { RequireAuthorizationRequest = false, UseNativeRedirect = true }); automocker.Setup <IMediator, Task <IdentifiedUser> >(x => x.Send(It.Is <CreateFromExternalAuthentication.Command>(c => c.Provider == "ext-scheme" && claims.All(c1 => c.ExternalClaims.Any(c2 => c2.Type == c1.Type)) ), It.IsAny <CancellationToken>())) .ReturnsAsync(newInternalUser); var target = automocker.CreateInstance <ExternalService>(); //Act var result = await target.ProcessExternalAuthentication(successfulAuthResult); //Assert result.HasValue.Should().BeTrue(); var innerResult = result.ValueOrFailure(); innerResult.IsUser.SubjectId.Should().Be(newInternalUser.Id.ToString()); innerResult.UseNativeClientRedirect.Should().BeFalse(); }
public async Task ProcessExternalAuthentication_AuthRequestRequiredButNotAvailable_ReturnsErrorResult() { //Arrange var user = new ClaimsPrincipal(new ClaimsIdentity(new Claim[0])); var authProps = new AuthenticationProperties { Items = { { "scheme", "ext-scheme" }, { "returnUrl", "~/authorize?requestId=123" } } }; var authTicket = new AuthenticationTicket(user, authProps, "ext-scheme"); var successfulAuthResult = AuthenticateResult.Success(authTicket); var newInternalUser = new IdentifiedUser("08089403198", "pseudo-1"); var automocker = new AutoMocker(); automocker.Setup <IMediator, Task <IdentifiedUser> >(x => x.Send(It.IsAny <CreateFromExternalAuthentication.Command>(), It.IsAny <CancellationToken>())) .ReturnsAsync(newInternalUser); automocker .Setup <IOptions <InteractionConfig>, InteractionConfig>(x => x.Value) .Returns(new InteractionConfig { RequireAuthorizationRequest = true }); automocker.Setup <IIdentityServerInteractionService, Task <AuthorizationRequest> >(x => x.GetAuthorizationContextAsync("~/authorize?requestId=123")) .ReturnsAsync((AuthorizationRequest)null); var target = automocker.CreateInstance <ExternalService>(); //Act var result = await target.ProcessExternalAuthentication(successfulAuthResult); //Assert result.Should().Be(Option.None <ExtAuthenticationResult, string>("A valid authorization request is required for login.")); }
public async Task ProcessExternalAuthentication_SuccessfulResultWithExtInfo_AddsRelevantInfoAsClaims() { //Arrange var idToken = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c"; var sessionId = "session-1"; var claims = new[] { new Claim(JwtClaimTypes.SessionId, sessionId) }; var user = new ClaimsPrincipal(new ClaimsIdentity(claims)); var authProps = new AuthenticationProperties { Items = { { "scheme", "ext-scheme" }, { "returnUrl", "~/authorize?requestId=123" }, { ".Token.id_token", idToken } } }; var authTicket = new AuthenticationTicket(user, authProps, "ext-scheme"); var successfulAuthResult = AuthenticateResult.Success(authTicket); var newInternalUser = new IdentifiedUser("08089403198", "pseudo-1"); var automocker = new AutoMocker(); automocker.Setup <IMediator, Task <IdentifiedUser> >(x => x.Send(It.IsAny <CreateFromExternalAuthentication.Command>(), It.IsAny <CancellationToken>())) .ReturnsAsync(newInternalUser); automocker .Setup <IOptions <InteractionConfig>, InteractionConfig>(x => x.Value) .Returns(new InteractionConfig { RequireAuthorizationRequest = false }); automocker.Setup <IIdentityServerInteractionService, Task <AuthorizationRequest> >(x => x.GetAuthorizationContextAsync("~/authorize?requestId=123")) .ReturnsAsync(new AuthorizationRequest { RedirectUri = "native-scheme://some-path", Client = new Client { ClientId = "client-a" } }); var target = automocker.CreateInstance <ExternalService>(); //Act var result = await target.ProcessExternalAuthentication(successfulAuthResult); //Assert result.HasValue.Should().BeTrue(); var innerResult = result.ValueOrFailure(); innerResult.ExternalIdToken.Should().Be(idToken.Some()); innerResult.IsUser.AdditionalClaims.Should() .Contain(c => c.Type == JwtClaimTypes.SessionId && c.Value == sessionId); }
public void IsPinVerified_ShouldBeFalse() { var target = new IdentifiedUser("01019098765", "pseudo-id-1"); target.IsPinVerified.Should().BeFalse(); }