public IActionResult Challenge( string redirectUri, string scope, string loginHint, string domainHint, string claims, string policy, [FromRoute] string scheme) { scheme ??= OpenIdConnectDefaults.AuthenticationScheme; Dictionary <string, string?> items = new Dictionary <string, string?> { { Constants.Claims, claims }, { Constants.Policy, policy }, }; Dictionary <string, object?> parameters = new Dictionary <string, object?> { { Constants.LoginHint, loginHint }, { Constants.DomainHint, domainHint }, }; OAuthChallengeProperties oAuthChallengeProperties = new OAuthChallengeProperties(items, parameters); oAuthChallengeProperties.Scope = scope?.Split(" "); oAuthChallengeProperties.RedirectUri = redirectUri; return(Challenge( oAuthChallengeProperties, scheme)); }
public async Task RedirectToAuthorizeEndpoint_HasScopeAsOverwritten() { using var host = await CreateHost( s => s.AddAuthentication ().AddOAuth( "Weblie", opt => { ConfigureDefaults(opt); opt.Scope.Clear(); opt.Scope.Add("foo"); opt.Scope.Add("bar"); }), async ctx => { var properties = new OAuthChallengeProperties(); properties.SetScope("baz", "qux"); await ctx.ChallengeAsync("Weblie", properties); return(true); }); using var server = host.GetTestServer(); var transaction = await server.SendAsync("https://www.example.com/challenge"); var res = transaction.Response; Assert.Equal(HttpStatusCode.Redirect, res.StatusCode); Assert.Contains("scope=baz%20qux", res.Headers.Location.Query); }
public async Task ChallengeWillIncludeScopeAsOverwritten() { using var host = await CreateHost( app => app.UseAuthentication(), services => { services.AddAuthentication().AddFacebook(o => { o.AppId = "Test App Id"; o.AppSecret = "Test App Secret"; o.Scope.Clear(); o.Scope.Add("foo"); o.Scope.Add("bar"); }); }, async context => { var properties = new OAuthChallengeProperties(); properties.SetScope("baz", "qux"); await context.ChallengeAsync(FacebookDefaults.AuthenticationScheme, properties); return(true); }); using var server = host.GetTestServer(); var transaction = await server.SendAsync("http://example.com/challenge"); var res = transaction.Response; Assert.Equal(HttpStatusCode.Redirect, res.StatusCode); Assert.Contains("scope=baz,qux", res.Headers.Location.Query); }
private static TestServer CreateServer(Action <MicrosoftAccountOptions> configureOptions) { var builder = new WebHostBuilder() .Configure(app => { app.UseAuthentication(); app.Use(async(context, next) => { var req = context.Request; var res = context.Response; if (req.Path == new PathString("/challenge")) { await context.ChallengeAsync("Microsoft", new AuthenticationProperties() { RedirectUri = "/me" }); } else if (req.Path == new PathString("/challengeWithOtherScope")) { var properties = new OAuthChallengeProperties(); properties.SetScope("baz", "qux"); await context.ChallengeAsync("Microsoft", properties); } else if (req.Path == new PathString("/challengeWithOtherScopeWithBaseAuthenticationProperties")) { var properties = new AuthenticationProperties(); properties.SetParameter(OAuthChallengeProperties.ScopeKey, new string[] { "baz", "qux" }); await context.ChallengeAsync("Microsoft", properties); } else if (req.Path == new PathString("/me")) { await res.DescribeAsync(context.User); } else if (req.Path == new PathString("/signIn")) { await Assert.ThrowsAsync <InvalidOperationException>(() => context.SignInAsync("Microsoft", new ClaimsPrincipal())); } else if (req.Path == new PathString("/signOut")) { await Assert.ThrowsAsync <InvalidOperationException>(() => context.SignOutAsync("Microsoft")); } else if (req.Path == new PathString("/forbid")) { await Assert.ThrowsAsync <InvalidOperationException>(() => context.ForbidAsync("Microsoft")); } else { await next(); } }); }) .ConfigureServices(services => { services.AddAuthentication(TestExtensions.CookieAuthenticationScheme) .AddCookie(TestExtensions.CookieAuthenticationScheme, o => { }) .AddMicrosoftAccount(configureOptions); }); return(new TestServer(builder)); }
public void SetScope() { var properties = new OAuthChallengeProperties(); properties.SetScope("foo", "bar"); Assert.Equal(new string[] { "foo", "bar" }, properties.Scope); Assert.Equal(new string[] { "foo", "bar" }, properties.Parameters["scope"]); }
public IActionResult Login() { var properties = new OAuthChallengeProperties() { RedirectUri = new PathString("/"), }; return(Challenge(properties, "adobe")); }
public void ScopeProperty_NullValue() { var properties = new OAuthChallengeProperties(); properties.Parameters["scope"] = new string[] { "foo", "bar" }; Assert.Equal(new string[] { "foo", "bar" }, properties.Scope); properties.Scope = null; Assert.Null(properties.Scope); }
public void ScopeProperty() { var properties = new OAuthChallengeProperties { Scope = new string[] { "foo", "bar" } }; Assert.Equal(new string[] { "foo", "bar" }, properties.Scope); Assert.Equal(new string[] { "foo", "bar" }, properties.Parameters["scope"]); }
private static async Task <IHost> CreateHost(Action <MicrosoftAccountOptions> configureOptions) { var host = new HostBuilder() .ConfigureWebHost(builder => builder.UseTestServer() .Configure(app => { app.UseAuthentication(); app.Use(async(context, next) => { var req = context.Request; var res = context.Response; if (req.Path == new PathString("/challenge")) { await context.ChallengeAsync("Microsoft", new MicrosoftChallengeProperties { Prompt = "select_account", LoginHint = "username", DomainHint = "consumers", #pragma warning disable CS0618 // Type or member is obsolete ResponseMode = "query", #pragma warning restore CS0618 // Type or member is obsolete RedirectUri = "/me" }); } else if (req.Path == new PathString("/challengeWithOtherScope")) { var properties = new OAuthChallengeProperties(); properties.SetScope("baz", "qux"); await context.ChallengeAsync("Microsoft", properties); } else if (req.Path == new PathString("/challengeWithOtherScopeWithBaseAuthenticationProperties")) { var properties = new AuthenticationProperties(); properties.SetParameter(OAuthChallengeProperties.ScopeKey, new string[] { "baz", "qux" }); await context.ChallengeAsync("Microsoft", properties); } else if (req.Path == new PathString("/me")) { await res.DescribeAsync(context.User); } else if (req.Path == new PathString("/signIn")) { await Assert.ThrowsAsync <InvalidOperationException>(() => context.SignInAsync("Microsoft", new ClaimsPrincipal())); } else if (req.Path == new PathString("/signOut")) { await Assert.ThrowsAsync <InvalidOperationException>(() => context.SignOutAsync("Microsoft")); } else if (req.Path == new PathString("/forbid")) { await Assert.ThrowsAsync <InvalidOperationException>(() => context.ForbidAsync("Microsoft")); } else { await next(context); } }); }) .ConfigureServices(services => { services.AddAuthentication(TestExtensions.CookieAuthenticationScheme) .AddCookie(TestExtensions.CookieAuthenticationScheme, o => { }) .AddMicrosoftAccount(configureOptions); })) .Build(); await host.StartAsync(); return(host); }