public async Task IsRedirectUriValidAsync_CallsBaseAndFails_ForInvalidRedirectUrisOnRegularClients()
{
// Arrange
var providedFullUrl = "https://localhost:5001/notregistered";
var expectedClient = new Client
{
RedirectUris = { "https://localhost:5001/authenticate" },
};
var factory = new TestUrlFactory();
var redirectUriValidator = new RelativeRedirectUriValidator(factory);
// Act
var validator = await redirectUriValidator.IsRedirectUriValidAsync(providedFullUrl, expectedClient);
// Assert
Assert.False(validator);
}
public async Task IsPostLogoutRedirectUriValidAsync_CallsBaseAndSucceeds_ForValidPostLogoutRedirectUrisOnRegularClients()
{
// Arrange
var providedFullUrl = "https://localhost:5001/logout";
var expectedClient = new Client
{
PostLogoutRedirectUris = { "https://localhost:5001/logout" },
};
var factory = new TestUrlFactory();
var redirectUriValidator = new RelativeRedirectUriValidator(factory);
// Act
var validator = await redirectUriValidator.IsPostLogoutRedirectUriValidAsync(providedFullUrl, expectedClient);
// Assert
Assert.True(validator);
}
public async Task IsRedirectUriValidAsync_RejectsIfTheRelativeUriIsNotRegistered_ForLocalSPAsAsync()
{
// Arrange
var expectedRelativeUri = "/authenticate";
var providedFullUrl = "https://localhost:5001/notregistered";
var expectedClient = new Client
{
RedirectUris = { expectedRelativeUri },
Properties = new Dictionary <string, string>
{
[ApplicationProfilesPropertyNames.Profile] = ApplicationProfiles.IdentityServerSPA,
}
};
var factory = new TestUrlFactory();
var redirectUriValidator = new RelativeRedirectUriValidator(factory);
// Act
var validator = await redirectUriValidator.IsRedirectUriValidAsync(providedFullUrl, expectedClient);
// Assert
Assert.False(validator);
}
public async Task IsPostLogoutRedirectUriValidAsync_ConvertsRelativeUrisIntoAbsoluteUris_ForLocalSPAsAsync()
{
// Arrange
var expectedRelativeUri = "/logout";
var providedFullUrl = "https://localhost:5001/logout";
var expectedClient = new Client
{
PostLogoutRedirectUris = { expectedRelativeUri },
Properties = new Dictionary <string, string>
{
[ApplicationProfilesPropertyNames.Profile] = ApplicationProfiles.IdentityServerSPA,
}
};
var factory = new TestUrlFactory(expectedRelativeUri, providedFullUrl);
var redirectUriValidator = new RelativeRedirectUriValidator(factory);
// Act
var validator = await redirectUriValidator.IsPostLogoutRedirectUriValidAsync(providedFullUrl, expectedClient);
// Assert
Assert.True(validator);
}
