private IDictionary <string, string> ValidateRedirectCore(Uri redirectUri, OpenIdConnectRequestType requestType, string[] parametersToValidate) { var errors = new List <string>(); // Validate the authority ValidateExpectedAuthority(redirectUri.AbsoluteUri, errors, requestType); // Convert query to dictionary var queryDict = string.IsNullOrEmpty(redirectUri.Query) ? new Dictionary <string, string>() : redirectUri.Query.TrimStart('?').Split('&').Select(part => part.Split('=')).ToDictionary(parts => parts[0], parts => parts[1]); // Validate the query string parameters ValidateParameters(queryDict, parametersToValidate, errors, htmlEncoded: true); if (errors.Any()) { var buf = new StringBuilder(); buf.AppendLine($"The redirect uri is not valid."); buf.AppendLine(redirectUri.AbsoluteUri); foreach (var error in errors) { buf.AppendLine(error); } Debug.WriteLine(buf.ToString()); Assert.True(false, buf.ToString()); } return(queryDict); }
public async Task ChallengeSettingMessage(string challenge, OpenIdConnectRequestType requestType) { var configuration = new OpenIdConnectConfiguration { AuthorizationEndpoint = ExpectedAuthorizeRequest, EndSessionEndpoint = ExpectedLogoutRequest }; var queryValues = new ExpectedQueryValues(DefaultAuthority, configuration) { RequestType = requestType }; var server = CreateServer(SetProtocolMessageOptions); var transaction = await SendAsync(server, DefaultHost + challenge); transaction.Response.StatusCode.ShouldBe(HttpStatusCode.Redirect); queryValues.CheckValues(transaction.Response.Headers.Location.AbsoluteUri, new string[] {}); }
private void ValidateExpectedAuthority(string absoluteUri, ICollection <string> errors, OpenIdConnectRequestType requestType) { string expectedAuthority; switch (requestType) { case OpenIdConnectRequestType.Token: expectedAuthority = _options.Configuration?.TokenEndpoint ?? _options.Authority + @"/oauth2/token"; break; case OpenIdConnectRequestType.Logout: expectedAuthority = _options.Configuration?.EndSessionEndpoint ?? _options.Authority + @"/oauth2/logout"; break; default: expectedAuthority = _options.Configuration?.AuthorizationEndpoint ?? _options.Authority + @"/oauth2/authorize"; break; } if (!absoluteUri.StartsWith(expectedAuthority)) { errors.Add($"ExpectedAuthority: {expectedAuthority}"); } }