public void TestOpenIDExpiredToken()
{
if (_storageType != StorageEngineTypes.SQLite)
{
return;
}
var remoteUri = new Uri($"http://{GetReplicationServer ()}:{GetReplicationPort ()}/openid_db");
Assert.IsTrue(OpenIDAuthenticator.ForgetIDTokens(remoteUri));
var callbackInvoked = false;
var auth = (OpenIDAuthenticator)AuthenticatorFactory.CreateOpenIDAuthenticator(manager, (login, authBase, cont) =>
{
AssertValidOIDCLogin(login, authBase, remoteUri);
Assert.IsFalse(callbackInvoked);
callbackInvoked = true;
cont(null, null);
});
// Set bogus ID and refresh tokens, so first the session check will fail, then the attempt
// to refresh the ID token will fail. Finally the callback above will be called.
auth.IDToken = "BOGUS_ID";
auth.RefreshToken = "BOGUS_REFRESH";
var pullError = PullWithOIDCAuth(remoteUri, auth);
Assert.IsTrue(callbackInvoked);
Assert.IsNotNull(pullError);
Assert.IsInstanceOf(typeof(OperationCanceledException), pullError);
}
protected override void OnNewIntent(Intent intent)
{
// Called when the activity receives the URL from the custom tabs
base.OnNewIntent(intent);
var callback = OpenIDAuthenticator.GetLoginContinuation(Continuation);
var url = new Uri(intent.Data.ToString());
callback(url, null);
OpenIDAuthenticator.UnregisterLoginContinuation(Continuation);
}
public void TestOpenIDConnect()
{
if (_storageType != StorageEngineTypes.SQLite)
{
return;
}
var remoteUri = new Uri($"http://{GetReplicationServer()}:{GetReplicationPort()}/openid_db");
Assert.IsTrue(OpenIDAuthenticator.ForgetIDTokens(remoteUri));
var auth = (OpenIDAuthenticator)AuthenticatorFactory.CreateOpenIDAuthenticator(manager, (login, authBase, cont) =>
{
AssertValidOIDCLogin(login, authBase, remoteUri);
// Fake a form submission to the OIDC test provider, to get an auth URL redirect:
var authURL = LoginToOIDCTestProvider(remoteUri);
Trace.WriteLine("**** Callback handing control back to authenticator...");
cont(authURL, null);
});
var authError = PullWithOIDCAuth(remoteUri, auth);
Assert.IsNull(authError);
// The username I gave is "pupshaw," but SG namespaces it by prefixing it with the provider's
// registered issuer (as given in the SG config file.)
Assert.IsTrue(auth.Username.EndsWith("_pupshaw", StringComparison.InvariantCulture));
// Now try again; this should use the ID token from storage and/or a session cookie:
Trace.WriteLine("**** Second replication...");
bool callbackInvoked = false;
auth = (OpenIDAuthenticator)AuthenticatorFactory.CreateOpenIDAuthenticator(manager, (login, authBase, cont) =>
{
AssertValidOIDCLogin(login, authBase, remoteUri);
Assert.IsFalse(callbackInvoked);
callbackInvoked = true;
cont(null, null); // cancel
});
authError = PullWithOIDCAuth(remoteUri, auth);
Assert.IsNull(authError);
Assert.IsFalse(callbackInvoked);
}
public void TestOpenIDConnect()
{
if (_storageType != StorageEngineTypes.SQLite)
{
return;
}
var remoteUri = new Uri($"http://{GetReplicationServer()}:{GetReplicationPort()}/openid_db");
var auth = (OpenIDAuthenticator)AuthenticatorFactory.CreateOpenIDAuthenticator(manager, (login, authBase, cont) =>
{
AssertValidOIDCLogin(login, authBase, remoteUri);
// Fake a form submission to the OIDC test provider, to get an auth URL redirect:
var authURL = LoginToOIDCTestProvider(remoteUri);
Trace.WriteLine("**** Callback handing control back to authenticator...");
cont(authURL, null);
});
OpenIDAuthenticator.ForgetIDTokens(remoteUri);
var authError = PullWithOIDCAuth(remoteUri, auth, "pupshaw");
Assert.IsNull(authError);
// Now try again; this should use the ID token from storage and/or a session cookie:
Trace.WriteLine("**** Second replication...");
bool callbackInvoked = false;
auth = (OpenIDAuthenticator)AuthenticatorFactory.CreateOpenIDAuthenticator(manager, (login, authBase, cont) =>
{
AssertValidOIDCLogin(login, authBase, remoteUri);
Assert.IsFalse(callbackInvoked);
callbackInvoked = true;
cont(null, null); // cancel
});
authError = PullWithOIDCAuth(remoteUri, auth, "pupshaw");
Assert.IsNull(authError);
Assert.IsFalse(callbackInvoked);
Assert.IsTrue(auth.RemoveStoredCredentials());
}
