예제 #1
0
        public void GetSupportedVersionShouldReturnNullIfScopeNotRecognised()
        {
            var versions = new SupportedVersions(null);

            var actual = versions.GetSupportedVersion("testest");

            Assert.IsNull(actual);
        }
예제 #2
0
        public void GetSupportedVersionShouldReturnVersionFromDefaultVersionsIfOpenidScopeNotFound()
        {
            var versions = new SupportedVersions(null);
            var expected = "mc_v1.2";

            var actual = versions.GetSupportedVersion("openid mc_authz");

            Assert.AreEqual(expected, actual);
        }
예제 #3
0
        public void GetSupportedVersionShouldReturnVersionForOpenidIfScopeNotFound()
        {
            var versions = new SupportedVersions(new Dictionary <string, string> {
                ["openid"] = "1.2", ["openid mc_authn"] = "2.0"
            });
            var expected = "1.2";

            var actual = versions.GetSupportedVersion("openid mc_authz");

            Assert.AreEqual(expected, actual);
        }
예제 #4
0
        /// <summary>
        /// Returns a modified scope value based on the version required. Depending on the version the value mc_authn may be added or removed
        /// </summary>
        /// <param name="scopeRequested">Request scope value</param>
        /// <param name="versions">SupportedVersions from ProviderMetadata, used for finding the supported version for the requested auth type</param>
        /// <param name="shouldUseAuthorize">If mc_authz should be used over mc_authn</param>
        /// <param name="version">Supported version of the scope selected to use</param>
        /// <returns>Returns a modified scope value with mc_authn removed or added</returns>
        private string CoerceAuthenticationScope(string scopeRequested, SupportedVersions versions, bool shouldUseAuthorize, out string version)
        {
            var requiredScope   = shouldUseAuthorize ? MobileConnectConstants.MOBILECONNECTAUTHORIZATION : MobileConnectConstants.MOBILECONNECTAUTHENTICATION;
            var disallowedScope = shouldUseAuthorize ? Constants.Scope.AUTHN : Constants.Scope.AUTHZ;

            versions = versions ?? new SupportedVersions(null);
            version  = versions.GetSupportedVersion(requiredScope);

            var splitScope = scopeRequested.Split().ToList();

            splitScope = Scope.CoerceOpenIdScope(splitScope, requiredScope);

            splitScope.RemoveAll(x => x.Equals(disallowedScope, StringComparison.OrdinalIgnoreCase));

            if (!shouldUseAuthorize && version == Constants.DefaultOptions.VERSION_MOBILECONNECTAUTHN)
            {
                splitScope.RemoveAll(x => x.Equals(Constants.Scope.AUTHN, StringComparison.OrdinalIgnoreCase));
            }

            return(Scope.CreateScope(splitScope));
        }