private async Task <StringValues> CreateAuthorizationCode(ITokenManager tokenManager) { var httpContext = new DefaultHttpContext(); httpContext.Request.QueryString = QueryString.FromUriComponent(@"?response_type=code&client_id=s6BhdRkqt3&redirect_uri=https%3A%2F%2Fclient.example.org%2Fcb&scope=openid%20profile%20email%20offline_access&nonce=n-0S6_WzA2Mj&state=af0ifjsldkj"); var requestParameters = httpContext.Request.Query.ToDictionary(kvp => kvp.Key, kvp => (string[])kvp.Value); var requestFactory = CreateAuthorizationRequestFactory(); var user = CreateUser("user"); var application = CreateApplication("s6BhdRkqt"); var queryExecutor = new QueryResponseGenerator(); // Act var result = await requestFactory.CreateAuthorizationRequestAsync(requestParameters); var authorization = result.Message; var tokenContext = result.CreateTokenGeneratingContext(user, application); await tokenManager.IssueTokensAsync(tokenContext); return(tokenContext.AuthorizationCode.SerializedValue); }
public async Task Spec_Code_Sample() { // Arrange var httpContext = new DefaultHttpContext(); httpContext.Request.QueryString = QueryString.FromUriComponent(@"?response_type=code&client_id=s6BhdRkqt3&redirect_uri=https%3A%2F%2Fclient.example.org%2Fcb&scope=openid%20profile%20email&nonce=n-0S6_WzA2Mj&state=af0ifjsldkj"); var requestParameters = httpContext.Request.Query.ToDictionary(kvp => kvp.Key, kvp => (string[])kvp.Value); var requestFactory = CreateRequestFactory(); var tokenIssuer = GetTokenIssuer(); var user = CreateUser("user"); var application = CreateApplication("s6BhdRkqt"); var responseFactory = CreateAuthorizationResponseFactory(); var queryExecutor = new QueryResponseGenerator(); // Act var result = await requestFactory.CreateAuthorizationRequestAsync(requestParameters); var authorization = result.Message; var tokenContext = result.CreateTokenGeneratingContext(user, application); await tokenIssuer.IssueTokensAsync(tokenContext); var response = await responseFactory.CreateAuthorizationResponseAsync(tokenContext); queryExecutor.GenerateResponse(httpContext, response.RedirectUri, response.Message.Parameters); // Assert Assert.Equal(StatusCodes.Status302Found, httpContext.Response.StatusCode); Assert.False(StringValues.IsNullOrEmpty(httpContext.Response.Headers[HeaderNames.Location])); var uri = new Uri(httpContext.Response.Headers[HeaderNames.Location]); Assert.False(string.IsNullOrEmpty(uri.Query)); var parameters = QueryHelpers.ParseQuery(uri.Query); Assert.Equal(2, parameters.Count); var idTokenKvp = Assert.Single(parameters, kvp => kvp.Key == "code"); var stateKvp = Assert.Single(parameters, kvp => kvp.Key == "state"); Assert.Equal("af0ifjsldkj", stateKvp.Value); }
public void GenerateResponse_EncodesParameters_OnTheQuery() { // Arrange var expectedLocation = "http://www.example.com/callback?state=%23%3F%26%3D&code=serializedcode"; var httpContext = new DefaultHttpContext(); var generator = new QueryResponseGenerator(); var redirectUri = "http://www.example.com/callback"; var parameters = new Dictionary <string, string[]> { ["state"] = new[] { "#?&=" }, ["code"] = new[] { "serializedcode" } }; var response = new OpenIdConnectMessage(parameters); response.RedirectUri = redirectUri; // Act generator.GenerateResponse(httpContext, response.RedirectUri, response.Parameters); // Assert Assert.Equal(StatusCodes.Status302Found, httpContext.Response.StatusCode); Assert.Equal(expectedLocation, httpContext.Response.Headers[HeaderNames.Location]); var uri = new Uri(httpContext.Response.Headers[HeaderNames.Location]); Assert.False(string.IsNullOrEmpty(uri.Query)); var queryParameters = QueryHelpers.ParseQuery(uri.Query); Assert.Equal(2, queryParameters.Count); var codeKvp = Assert.Single(queryParameters, kvp => kvp.Key == "code"); Assert.Equal("serializedcode", codeKvp.Value); var stateKvp = Assert.Single(queryParameters, kvp => kvp.Key == "state"); Assert.Equal("#?&=", stateKvp.Value); }