public async Task SignOutWith_Specific_RedirectUri_From_Authentication_Properites() { var configuration = TestServerBuilder.CreateDefaultOpenIdConnectConfiguration(); var stateFormat = new PropertiesDataFormat(new EphemeralDataProtectionProvider(NullLoggerFactory.Instance).CreateProtector("OIDCTest")); var server = TestServerBuilder.CreateServer(o => { o.Authority = TestServerBuilder.DefaultAuthority; o.StateDataFormat = stateFormat; o.ClientId = "Test Id"; o.Configuration = configuration; o.SignedOutRedirectUri = "https://example.com/postlogout"; }); var transaction = await server.SendAsync("https://example.com/signout_with_specific_redirect_uri"); Assert.Equal(HttpStatusCode.Redirect, transaction.Response.StatusCode); var query = transaction.Response.Headers.Location.Query.Substring(1).Split('&') .Select(each => each.Split('=')) .ToDictionary(pair => pair[0], pair => pair[1]); string redirectUri; Assert.True(query.TryGetValue("post_logout_redirect_uri", out redirectUri)); Assert.Equal(UrlEncoder.Default.Encode("https://example.com/signout-callback-oidc"), redirectUri, true); string state; Assert.True(query.TryGetValue("state", out state)); var properties = stateFormat.Unprotect(state); Assert.Equal("http://www.example.com/specific_redirect_uri", properties.RedirectUri, true); }
public async Task EndSessionRequestDoesNotIncludeTelemetryParametersWhenDisabled() { var configuration = TestServerBuilder.CreateDefaultOpenIdConnectConfiguration(); var setting = new TestSettings(opt => { opt.ClientId = "Test Id"; opt.Configuration = configuration; opt.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme; opt.DisableTelemetry = true; }); var server = setting.CreateTestServer(); var transaction = await server.SendAsync(DefaultHost + TestServerBuilder.Signout); var res = transaction.Response; Assert.Equal(HttpStatusCode.Redirect, res.StatusCode); Assert.DoesNotContain(OpenIdConnectParameterNames.SkuTelemetry, res.Headers.Location.Query); Assert.DoesNotContain(OpenIdConnectParameterNames.VersionTelemetry, res.Headers.Location.Query); setting.ValidateSignoutRedirect(transaction.Response.Headers.Location); }