public void UsesContextFromFirstMembership() { var validator = new AuthorizeRequestValidator(); var app = _testConfig.FindApplication("test"); var request = new AuthorizeRequest { client_id = "implicitclient", response_type = "token", scope = "membership", redirect_uri = "https://test2.local", context = "" }; var memberships = new List <IdentityMembership>(); memberships.Add(new IdentityMembership() { IsPrimaryMember = false, MembershipID = 11234 }); memberships.Add(new IdentityMembership() { IsPrimaryMember = false, MembershipID = 6578 }); var result = validator.Validate(app, memberships, request); Assert.AreEqual("11234", result.context); Assert.IsFalse(result.HasClaimedMembership); }
public void UsesContextThatIsPrimaryIfNoneInRequest() { var validator = new AuthorizeRequestValidator(); var app = _testConfig.FindApplication("test"); var request = new AuthorizeRequest { client_id = "implicitclient", response_type = "token", scope = "membership", redirect_uri = "https://test2.local", context = "" }; var memberships = new List <IdentityMembership>(); memberships.Add(new IdentityMembership() { CanAccessNeeds = true, MembershipID = 11234 }); memberships.Add(new IdentityMembership() { IsPrimaryMember = true, MembershipID = 6578 }); var result = validator.Validate(app, memberships, request); Assert.AreEqual("6578", result.context); }
public void ValidRequestMultipleScope() { var validator = new AuthorizeRequestValidator(); var app = _testConfig.FindApplication("test"); var request = new AuthorizeRequest { client_id = "implicitclient", response_type = "token", scope = "read browse", redirect_uri = "https://test2.local" }; var result = validator.Validate(app, request); }
public Authorize_ProtocolValidation_Resources() { _subject = new AuthorizeRequestValidator( _options, new TestIssuerNameService("https://sts"), new InMemoryClientStore(_clients), new DefaultCustomAuthorizeRequestValidator(), new StrictRedirectUriValidator(), _mockResourceValidator, _mockUserSession, new JwtRequestValidator("aud", TestLogger.Create <JwtRequestValidator>()), new MockJwtRequestUriHttpClient(), TestLogger.Create <AuthorizeRequestValidator>()); }
/// <summary> /// Initializes a new instance of the <see cref="AuthorizeEndpointController"/> class. /// </summary> /// <param name="viewService">The view service.</param> /// <param name="validator">The validator.</param> /// <param name="responseGenerator">The response generator.</param> /// <param name="interactionGenerator">The interaction generator.</param> /// <param name="options">The options.</param> public AuthorizeEndpointController( IViewService viewService, AuthorizeRequestValidator validator, AuthorizeResponseGenerator responseGenerator, AuthorizeInteractionResponseGenerator interactionGenerator, IdentityServerOptions options) { _viewService = viewService; _options = options; _responseGenerator = responseGenerator; _interactionGenerator = interactionGenerator; _validator = validator; }
public void ValidRequestMultipleScope() { var validator = new AuthorizeRequestValidator(); var app = _testConfig.FindApplication("test"); var request = new AuthorizeRequest { client_id = "codeclient", response_type = "code", scope = "read search", redirect_uri = "https://prod.local" }; var result = validator.Validate(app, request); }
public void ValidRequestSingleScope() { var validator = new AuthorizeRequestValidator(); var app = _testConfig.FindApplication("test"); var request = new AuthorizeRequest { client_id = "codeclient", response_type = "code", scope = "read", redirect_uri = "https://prod.local" }; var result = validator.Validate(app, new List <IdentityMembership>(), request); }
public void NoParameters() { var validator = new AuthorizeRequestValidator(); var app = _testConfig.FindApplication("test"); try { var result = validator.Validate(app, null); } catch (AuthorizeRequestResourceOwnerException ex) { // todo: inspect exception return; } Assert.Fail("No exception thrown."); }
public void NeedsDenied() { var validator = new AuthorizeRequestValidator(); var app = _testConfig.FindApplication("test"); var request = new AuthorizeRequest { client_id = "implicitclient", response_type = "token", scope = "needs", redirect_uri = "https://test2.local", context = "11234" }; var result = validator.Validate(app, new List <IdentityMembership>(), request); Assert.AreEqual("11234", result.context); Assert.AreEqual(0, result.Scopes.Count); }
/// <summary> /// Initializes a new instance of the <see cref="AuthorizeEndpointController" /> class. /// </summary> /// <param name="viewService">The view service.</param> /// <param name="validator">The validator.</param> /// <param name="responseGenerator">The response generator.</param> /// <param name="interactionGenerator">The interaction generator.</param> /// <param name="options">The options.</param> /// <param name="localizationService">The localization service.</param> /// <param name="events">The event service.</param> /// <param name="antiForgeryToken">The anti forgery token.</param> public AuthorizeEndpointController( IViewService viewService, AuthorizeRequestValidator validator, AuthorizeResponseGenerator responseGenerator, AuthorizeInteractionResponseGenerator interactionGenerator, IdentityServerOptions options, ILocalizationService localizationService, IEventService events, AntiForgeryToken antiForgeryToken) { _viewService = viewService; _options = options; _responseGenerator = responseGenerator; _interactionGenerator = interactionGenerator; _validator = validator; _localizationService = localizationService; _events = events; _antiForgeryToken = antiForgeryToken; }
public void MissingClientId() { var validator = new AuthorizeRequestValidator(); var app = _testConfig.FindApplication("test"); var request = new AuthorizeRequest { response_type = "code", scope = "read", redirect_uri = "https://prod.local" }; try { var result = validator.Validate(app, new List <IdentityMembership>(), request); } catch (AuthorizeRequestResourceOwnerException ex) { // todo: check error code return; } Assert.Fail("No exception thrown."); }
public void MissingResponseType() { var validator = new AuthorizeRequestValidator(); var app = _testConfig.FindApplication("test"); var request = new AuthorizeRequest { client_id = "codeclient", scope = "read", redirect_uri = "https://prod.local" }; try { var result = validator.Validate(app, new List <IdentityMembership>(), request); } catch (AuthorizeRequestClientException ex) { Assert.AreEqual(OAuthConstants.Errors.InvalidRequest, ex.Error); return; } Assert.Fail("No exception thrown."); }
public void NeedsGranted() { var validator = new AuthorizeRequestValidator(); var app = _testConfig.FindApplication("test"); var request = new AuthorizeRequest { client_id = "implicitclient", response_type = "token", scope = "needs", redirect_uri = "https://test2.local", context = "11234" }; var memberships = new List <IdentityMembership>(); memberships.Add(new IdentityMembership() { CanAccessNeeds = true, MembershipID = 11234 }); var result = validator.Validate(app, new List <IdentityMembership>(), request); Assert.AreEqual("11234", result.context); }
public void DisabledClient() { var validator = new AuthorizeRequestValidator(); var app = _testConfig.FindApplication("test"); var request = new AuthorizeRequest { client_id = "disabledclient", response_type = "code", scope = "read", redirect_uri = "https://prod.local" }; try { var result = validator.Validate(app, request); } catch (AuthorizeRequestResourceOwnerException ex) { return; } Assert.Fail("No exception thrown."); }
public void MissingRedirectUri() { var validator = new AuthorizeRequestValidator(); var app = _testConfig.FindApplication("test"); var request = new AuthorizeRequest { client_id = "codeclient", response_type = "code", scope = "read" }; try { var result = validator.Validate(app, request); } catch (AuthorizeRequestResourceOwnerException ex) { // todo: check error code return; } Assert.Fail("No exception thrown."); }
public void MissingScope() { var validator = new AuthorizeRequestValidator(); var app = _testConfig.FindApplication("test"); var request = new AuthorizeRequest { client_id = "codeclient", response_type = "code", redirect_uri = "https://prod.local" }; try { var result = validator.Validate(app, request); } catch (AuthorizeRequestClientException ex) { Assert.IsTrue(ex.Error == OAuthConstants.Errors.InvalidScope); return; } Assert.Fail("No exception thrown."); }
public void UnauthorizedScopeSingle() { var validator = new AuthorizeRequestValidator(); var app = _testConfig.FindApplication("test"); var request = new AuthorizeRequest { client_id = "implicitclient", response_type = "token", scope = "write", redirect_uri = "https://test2.local" }; try { var result = validator.Validate(app, new List <IdentityMembership>(), request); } catch (AuthorizeRequestClientException ex) { Assert.AreEqual(OAuthConstants.Errors.InvalidScope, ex.Error); return; } Assert.Fail("No exception thrown."); }
public void UnauthorizedScopeMultiple() { var validator = new AuthorizeRequestValidator(_clientManager); var app = _testConfig.FindApplication("test"); var request = new AuthorizeRequest { client_id = "implicitclient", response_type = "token", scope = "read write", redirect_uri = "https://prod.local" }; try { var result = validator.Validate(app, request); } catch (AuthorizeRequestClientException ex) { Assert.AreEqual(OAuthConstants.Errors.InvalidScope, ex.Error); return; } Assert.Fail("No exception thrown."); }
public void NonSslRedirectUri() { var validator = new AuthorizeRequestValidator(_clientManager); var app = _testConfig.FindApplication("test"); var request = new AuthorizeRequest { client_id = "codeclient", response_type = "code", scope = "read", redirect_uri = "http://prod.local" }; try { var result = validator.Validate(app, request); } catch (AuthorizeRequestClientException ex) { Assert.AreEqual(OAuthConstants.Errors.InvalidRequest, ex.Error); return; } Assert.Fail("No exception thrown."); }
public void UnauthorizedResponseType() { var validator = new AuthorizeRequestValidator(); var app = _testConfig.FindApplication("test"); var request = new AuthorizeRequest { client_id = "implicitclient", response_type = "code", scope = "read", redirect_uri = "https://test2.local" }; try { var result = validator.Validate(app, request); } catch (AuthorizeRequestClientException ex) { Assert.AreEqual(OAuthConstants.Errors.UnsupportedResponseType, ex.Error); return; } Assert.Fail("No exception thrown."); }
public void UnauthorizedRedirectUri() { var validator = new AuthorizeRequestValidator(); var app = _testConfig.FindApplication("test"); var request = new AuthorizeRequest { client_id = "implicitclient", response_type = "token", scope = "read", redirect_uri = "https://unauthorized.com" }; try { var result = validator.Validate(app, request); } catch (AuthorizeRequestResourceOwnerException ex) { // todo: check error code return; } Assert.Fail("No exception thrown."); }
public void MalformedRedirectUri1() { var validator = new AuthorizeRequestValidator(_clientManager); var app = _testConfig.FindApplication("test"); var request = new AuthorizeRequest { client_id = "codeclient", response_type = "code", scope = "read", redirect_uri = "https:/prod.local" }; try { var result = validator.Validate(app, request); } catch (AuthorizeRequestResourceOwnerException ex) { // todo: check error code return; } Assert.Fail("No exception thrown."); }
public Authorize_ProtocolValidation_CustomValidator() { _subject = Factory.CreateAuthorizeRequestValidator(customValidator: _stubAuthorizeRequestValidator); }