예제 #1
0
        public async Task Preserves_query_parameters_in_redirect_uri()
        {
            await _mockPipeline.LoginAsync("bob");

            var nonce = Guid.NewGuid().ToString();
            var state = Guid.NewGuid().ToString();

            _mockPipeline.BrowserClient.AllowAutoRedirect = false;
            var url = _mockPipeline.CreateAuthorizeUrl(
                clientId: "code_client",
                responseType: "code",
                scope: "openid",
                redirectUri: "https://code_client/callback?foo=bar&baz=quux",
                state: state,
                nonce: nonce);
            var response = await _mockPipeline.BrowserClient.GetAsync(url);

            response.StatusCode.Should().Be(HttpStatusCode.Redirect);
            response.Headers.Location.ToString().Should().StartWith("https://code_client/callback?");
            var authorization = _mockPipeline.ParseAuthorizationResponseUrl(response.Headers.Location.ToString());

            authorization.Code.Should().NotBeNull();
            authorization.State.Should().Be(state);
            var query = response.Headers.Location.ParseQueryString();

            query["foo"].ToString().Should().Be("bar");
            query["baz"].ToString().Should().Be("quux");
        }
예제 #2
0
        public async Task Token_endpoint_supports_client_authentication_with_basic_authentication_with_POST()
        {
            await _pipeline.LoginAsync("bob");

            var nonce = Guid.NewGuid().ToString();

            _pipeline.BrowserClient.AllowAutoRedirect = false;
            var url = _pipeline.CreateAuthorizeUrl(
                clientId: "code_pipeline.Client",
                responseType: "code",
                scope: "openid",
                redirectUri: "https://code_pipeline.Client/callback?foo=bar&baz=quux",
                nonce: nonce);
            var response = await _pipeline.BrowserClient.GetAsync(url);

            var authorization = _pipeline.ParseAuthorizationResponseUrl(response.Headers.Location.ToString());

            authorization.Code.Should().NotBeNull();

            var code = authorization.Code;

            // backchannel client
            var wrapper     = new MessageHandlerWrapper(_pipeline.Handler);
            var tokenClient = new TokenClient(MockIdSvrUiPipeline.TokenEndpoint, "code_pipeline.Client", "secret", wrapper);
            var tokenResult = await tokenClient.RequestAuthorizationCodeAsync(code, "https://code_pipeline.Client/callback?foo=bar&baz=quux");

            tokenResult.IsError.Should().BeFalse();
            tokenResult.HttpErrorReason.Should().BeNull();
            tokenResult.TokenType.Should().Be("Bearer");
            tokenResult.AccessToken.Should().NotBeNull();
            tokenResult.ExpiresIn.Should().BeGreaterThan(0);
            tokenResult.IdentityToken.Should().NotBeNull();

            wrapper.Response.Headers.CacheControl.NoCache.Should().BeTrue();
            wrapper.Response.Headers.CacheControl.NoStore.Should().BeTrue();
        }