Exemplo n.º 1
0
        public async Task OnRedirectToIdentityProvider_DefaultUserFlow_DoesntUpdateContext()
        {
            var errorAccessor = Substitute.For <ILoginErrorAccessor>();
            var options       = new MicrosoftIdentityOptions()
            {
                SignUpSignInPolicyId = DefaultUserFlow
            };
            var handler        = new AzureADB2COpenIDConnectEventHandlers(OpenIdConnectDefaults.AuthenticationScheme, options, errorAccessor);
            var httpContext    = HttpContextUtilities.CreateHttpContext();
            var authProperties = new AuthenticationProperties();

            authProperties.Items.Add(OidcConstants.PolicyKey, DefaultUserFlow);
            var context = new RedirectContext(httpContext, _authScheme, new OpenIdConnectOptions(), authProperties)
            {
                ProtocolMessage = new OpenIdConnectMessage()
                {
                    IssuerAddress = _defaultIssuer
                }
            };

            await handler.OnRedirectToIdentityProvider(context).ConfigureAwait(false);

            errorAccessor.DidNotReceive().SetMessage(httpContext, Arg.Any <string>());
            Assert.Null(context.ProtocolMessage.Scope);
            Assert.Null(context.ProtocolMessage.ResponseType);
            Assert.Equal(_defaultIssuer, context.ProtocolMessage.IssuerAddress);
            Assert.True(context.Properties.Items.ContainsKey(OidcConstants.PolicyKey));
        }
        public async void OnRedirectToIdentityProvider_CustomUserFlow_UpdatesContext()
        {
            var options = new MicrosoftIdentityOptions()
            {
                SignUpSignInPolicyId = DefaultUserFlow
            };
            var handler        = new AzureADB2COpenIDConnectEventHandlers(OpenIdConnectDefaults.AuthenticationScheme, options);
            var httpContext    = HttpContextUtilities.CreateHttpContext();
            var authProperties = new AuthenticationProperties();

            authProperties.Items.Add(OidcConstants.PolicyKey, CustomUserFlow);
            var context = new RedirectContext(httpContext, _authScheme, new OpenIdConnectOptions(), authProperties)
            {
                ProtocolMessage = new OpenIdConnectMessage()
                {
                    IssuerAddress = _defaultIssuer
                }
            };

            await handler.OnRedirectToIdentityProvider(context).ConfigureAwait(false);

            Assert.Equal(OpenIdConnectScope.OpenIdProfile, context.ProtocolMessage.Scope);
            Assert.Equal(OpenIdConnectResponseType.IdToken, context.ProtocolMessage.ResponseType);
            Assert.Equal(_customIssuer, context.ProtocolMessage.IssuerAddress, true);
            Assert.False(context.Properties.Items.ContainsKey(OidcConstants.PolicyKey));
        }
Exemplo n.º 3
0
        public async Task OnRedirectToIdentityProvider_CustomUserFlow_UpdatesContext(bool hasClientCredentials)
        {
            var errorAccessor = Substitute.For <ILoginErrorAccessor>();
            var options       = new MicrosoftIdentityOptions()
            {
                SignUpSignInPolicyId = DefaultUserFlow
            };

            if (hasClientCredentials)
            {
                options.ClientSecret = TestConstants.ClientSecret;
            }

            var handler        = new AzureADB2COpenIDConnectEventHandlers(OpenIdConnectDefaults.AuthenticationScheme, options, errorAccessor);
            var httpContext    = HttpContextUtilities.CreateHttpContext();
            var authProperties = new AuthenticationProperties();

            authProperties.Items.Add(OidcConstants.PolicyKey, CustomUserFlow);
            var context = new RedirectContext(httpContext, _authScheme, new OpenIdConnectOptions(), authProperties)
            {
                ProtocolMessage = new OpenIdConnectMessage()
                {
                    IssuerAddress = _defaultIssuer,
                    Scope         = TestConstants.Scopes,
                },
            };

            await handler.OnRedirectToIdentityProvider(context).ConfigureAwait(false);

            errorAccessor.DidNotReceive().SetMessage(httpContext, Arg.Any <string>());
            Assert.Equal(TestConstants.Scopes, context.ProtocolMessage.Scope);
            Assert.Equal(_customIssuer, context.ProtocolMessage.IssuerAddress, true);
            Assert.False(context.Properties.Items.ContainsKey(OidcConstants.PolicyKey));
            if (hasClientCredentials)
            {
                Assert.Equal(OpenIdConnectResponseType.CodeIdToken, context.ProtocolMessage.ResponseType);
            }
            else
            {
                Assert.Equal(OpenIdConnectResponseType.IdToken, context.ProtocolMessage.ResponseType);
            }
        }
Exemplo n.º 4
0
    public async Task OnRedirectToIdentityProviderHandler_UpdatesRequestForOtherPolicies()
    {
        // Arrange

        var handlers = new AzureADB2COpenIDConnectEventHandlers(
            AzureADB2CDefaults.AuthenticationScheme,
            new AzureADB2COptions()
        {
            SignUpSignInPolicyId = "B2C_1_SiUpIn"
        });

        var authenticationProperties = new AuthenticationProperties(new Dictionary <string, string>
        {
            [AzureADB2CDefaults.PolicyKey] = "B2C_1_EP"
        });
        var redirectContext = new RedirectContext(
            new DefaultHttpContext(),
            new AuthenticationScheme(AzureADB2CDefaults.AuthenticationScheme, "", typeof(OpenIdConnectHandler)),
            new OpenIdConnectOptions(),
            authenticationProperties)
        {
            ProtocolMessage = new OpenIdConnectMessage
            {
                Scope         = OpenIdConnectScope.OpenId,
                ResponseType  = OpenIdConnectResponseType.Code,
                IssuerAddress = "https://login.microsoftonline.com/tfp/domain.onmicrosoft.com/B2C_1_EP/v2.0"
            }
        };

        // Act
        await handlers.OnRedirectToIdentityProvider(redirectContext);

        // Assert
        Assert.Equal(OpenIdConnectScope.OpenIdProfile, redirectContext.ProtocolMessage.Scope);
        Assert.Equal(OpenIdConnectResponseType.IdToken, redirectContext.ProtocolMessage.ResponseType);
        Assert.Equal(
            "https://login.microsoftonline.com/tfp/domain.onmicrosoft.com/b2c_1_ep/v2.0",
            redirectContext.ProtocolMessage.IssuerAddress);
        Assert.False(authenticationProperties.Items.ContainsKey(AzureADB2CDefaults.PolicyKey));
    }