public async Task Authenticated_User_with_allowed_current_Idp_must_not_SignIn()
{
var users = new Mock <IUserService>();
users.Setup(x => x.IsActiveAsync(It.IsAny <ClaimsPrincipal>())).Returns(Task.FromResult <bool>(true));
var generator = new AuthorizeInteractionResponseGenerator(null, users.Object, new DefaultLocalizationService());
var request = new ValidatedAuthorizeRequest
{
ClientId = "foo",
Subject = IdentityServerPrincipal.Create("123", "dom"),
Client = new Client
{
IdentityProviderRestrictions = new List <string>
{
Constants.BuiltInIdentityProvider
}
}
};
var result = await generator.ProcessClientLoginAsync(request);
result.IsLogin.Should().BeFalse();
}
public AuthorizeInteractionResponseGeneratorTests_Consent()
{
_subject = new AuthorizeInteractionResponseGenerator(
TestLogger.Create <AuthorizeInteractionResponseGenerator>(),
_mockConsent,
_fakeUserService);
}
public async Task Authenticated_User_with_local_Idp_must_SignIn_when_client_options_does_not_allow_local_logins()
{
options.AuthenticationOptions.EnableLocalLogin = true;
var users = new Mock <IUserService>();
users.Setup(x => x.IsActiveAsync(It.IsAny <ClaimsPrincipal>())).Returns(Task.FromResult <bool>(true));
var generator = new AuthorizeInteractionResponseGenerator(options, null, users.Object, new DefaultLocalizationService());
var request = new ValidatedAuthorizeRequest
{
ClientId = "foo",
Subject = IdentityServerPrincipal.Create("123", "dom"),
Client = new Client
{
ClientId = "foo",
EnableLocalLogin = false
}
};
var principal = IdentityServerPrincipal.Create("123", "dom");
var result = await generator.ProcessClientLoginAsync(request);
result.IsLogin.Should().BeTrue();
}
public AuthorizeInteractionResponseGeneratorTests_Login()
{
_subject = new AuthorizeInteractionResponseGenerator(
TestLogger.Create <AuthorizeInteractionResponseGenerator>(),
_mockConsentService,
new MockProfileService());
}
public async Task Authenticated_User_with_restricted_current_Idp_must_SignIn()
{
var users = new Mock <IUserService>();
users.Setup(x => x.IsActiveAsync(It.IsAny <ClaimsPrincipal>())).Returns(Task.FromResult <bool>(true));
var generator = new AuthorizeInteractionResponseGenerator(null, users.Object);
var request = new ValidatedAuthorizeRequest
{
ClientId = "foo",
Subject = IdentityServerPrincipal.Create("123", "dom"),
Client = new Client
{
IdentityProviderRestrictions = new List <string>
{
"some_idp"
}
}
};
var result = await generator.ProcessClientLoginAsync(request);
Assert.IsTrue(result.IsLogin);
}
public AuthorizeInteractionResponseGeneratorTests_Consent()
{
options = new IdentityServerOptions();
mockConsent = new Mock <IConsentService>();
mockUserService = new Mock <IUserService>();
subject = new AuthorizeInteractionResponseGenerator(options, mockConsent.Object, mockUserService.Object, new DefaultLocalizationService());
}
public AuthorizeInteractionResponseGeneratorTests_Consent()
{
_subject = new AuthorizeInteractionResponseGenerator(
new FakeLogger <AuthorizeInteractionResponseGenerator>(),
_options,
_mockConsent,
_fakeUserService,
_fakeLocalizationService);
}
public AuthorizeInteractionResponseGeneratorTests_Login()
{
_subject = new AuthorizeInteractionResponseGenerator(
new FakeLogger <AuthorizeInteractionResponseGenerator>(),
_options,
_mockConsentService,
new FakeProfileService(),
new FakeLocalizationService());
}
public async Task Anonymous_User_must_SignIn()
{
var generator = new AuthorizeInteractionResponseGenerator(null, null, new DefaultLocalizationService());
var request = new ValidatedAuthorizeRequest
{
ClientId = "foo"
};
var result = await generator.ProcessLoginAsync(request, Principal.Anonymous);
result.IsLogin.Should().BeTrue();
}
public async Task Anonymous_User_must_SignIn()
{
var generator = new AuthorizeInteractionResponseGenerator(null, null);
var request = new ValidatedAuthorizeRequest
{
ClientId = "foo"
};
var result = await generator.ProcessLoginAsync(request, Principal.Anonymous);
Assert.IsTrue(result.IsLogin);
}
/// <summary>
/// Initializes a new instance of the <see cref="AuthorizeEndpointController"/> class.
/// </summary>
/// <param name="viewService">The view service.</param>
/// <param name="validator">The validator.</param>
/// <param name="responseGenerator">The response generator.</param>
/// <param name="interactionGenerator">The interaction generator.</param>
/// <param name="options">The options.</param>
public AuthorizeEndpointController(
IViewService viewService,
AuthorizeRequestValidator validator,
AuthorizeResponseGenerator responseGenerator,
AuthorizeInteractionResponseGenerator interactionGenerator,
IdentityServerOptions options)
{
_viewService = viewService;
_options = options;
_responseGenerator = responseGenerator;
_interactionGenerator = interactionGenerator;
_validator = validator;
}
public async Task Authenticated_User_must_not_SignIn()
{
var users = new Mock <IUserService>();
var generator = new AuthorizeInteractionResponseGenerator(options, null, users.Object, new DefaultLocalizationService());
var request = new ValidatedAuthorizeRequest
{
ClientId = "foo",
Client = new Client()
};
var principal = IdentityServerPrincipal.Create("123", "dom");
var result = await generator.ProcessLoginAsync(request, principal);
result.IsLogin.Should().BeFalse();
}
public async Task Authenticated_User_must_not_SignIn()
{
var users = new Mock <IUserService>();
users.Setup(x => x.IsActiveAsync(It.IsAny <ClaimsPrincipal>())).Returns(Task.FromResult <bool>(true));
var generator = new AuthorizeInteractionResponseGenerator(null, users.Object);
var request = new ValidatedAuthorizeRequest
{
ClientId = "foo",
};
var principal = IdentityServerPrincipal.Create("123", "dom");
var result = await generator.ProcessLoginAsync(request, principal);
Assert.IsFalse(result.IsLogin);
}
public async Task Authenticated_User_with_allowed_requested_Idp_must_not_SignIn()
{
var users = new Mock <IUserService>();
users.Setup(x => x.IsActiveAsync(It.IsAny <ClaimsPrincipal>())).Returns(Task.FromResult <bool>(true));
var generator = new AuthorizeInteractionResponseGenerator(null, users.Object);
var request = new ValidatedAuthorizeRequest
{
ClientId = "foo",
LoginHint = "idp:" + Constants.BuiltInIdentityProvider
};
var principal = IdentityServerPrincipal.Create("123", "dom");
var result = await generator.ProcessLoginAsync(request, principal);
result.IsLogin.Should().BeFalse();
}
public async Task Authenticated_User_with_different_requested_Idp_must_SignIn()
{
var users = new Mock <IUserService>();
var generator = new AuthorizeInteractionResponseGenerator(options, null, users.Object, new DefaultLocalizationService());
var request = new ValidatedAuthorizeRequest
{
ClientId = "foo",
Client = new Client(),
AuthenticationContextReferenceClasses = new List <string> {
"idp:some_idp"
},
};
var principal = IdentityServerPrincipal.Create("123", "dom");
var result = await generator.ProcessLoginAsync(request, principal);
result.IsLogin.Should().BeTrue();
}
public async Task Authenticated_User_with_different_requested_Idp_must_SignIn()
{
var users = new Mock <IUserService>();
users.Setup(x => x.IsActiveAsync(It.IsAny <ClaimsPrincipal>())).Returns(Task.FromResult <bool>(true));
var generator = new AuthorizeInteractionResponseGenerator(null, users.Object, new DefaultLocalizationService());
var request = new ValidatedAuthorizeRequest
{
ClientId = "foo",
LoginHint = "idp:some_idp"
};
var principal = IdentityServerPrincipal.Create("123", "dom");
var result = await generator.ProcessLoginAsync(request, principal);
result.IsLogin.Should().BeTrue();
}
/// <summary>
/// Initializes a new instance of the <see cref="AuthorizeEndpointController" /> class.
/// </summary>
/// <param name="viewService">The view service.</param>
/// <param name="validator">The validator.</param>
/// <param name="responseGenerator">The response generator.</param>
/// <param name="interactionGenerator">The interaction generator.</param>
/// <param name="options">The options.</param>
/// <param name="localizationService">The localization service.</param>
/// <param name="events">The event service.</param>
/// <param name="antiForgeryToken">The anti forgery token.</param>
public AuthorizeEndpointController(
IViewService viewService,
AuthorizeRequestValidator validator,
AuthorizeResponseGenerator responseGenerator,
AuthorizeInteractionResponseGenerator interactionGenerator,
IdentityServerOptions options,
ILocalizationService localizationService,
IEventService events,
AntiForgeryToken antiForgeryToken)
{
_viewService = viewService;
_options = options;
_responseGenerator = responseGenerator;
_interactionGenerator = interactionGenerator;
_validator = validator;
_localizationService = localizationService;
_events = events;
_antiForgeryToken = antiForgeryToken;
}
public async Task Authenticated_User_with_restricted_current_Idp_must_SignIn()
{
var users = new Mock <IUserService>();
var generator = new AuthorizeInteractionResponseGenerator(options, null, users.Object, new DefaultLocalizationService());
var request = new ValidatedAuthorizeRequest
{
ClientId = "foo",
Subject = IdentityServerPrincipal.Create("123", "dom"),
Client = new Client
{
IdentityProviderRestrictions = new List <string>
{
"some_idp"
}
}
};
var result = await generator.ProcessClientLoginAsync(request);
result.IsLogin.Should().BeTrue();
}
public void Init()
{
mockConsent = new Mock <IConsentService>();
subject = new AuthorizeInteractionResponseGenerator(mockConsent.Object);
}
public AuthorizeInteractionResponseGeneratorTests_Consent()
{
mockConsent = new Mock <IConsentService>();
mockUserService = new Mock <IUserService>();
subject = new AuthorizeInteractionResponseGenerator(mockConsent.Object, mockUserService.Object);
}