public async Task RemoteAuthenticationService_SignIn_DoesNotUpdateUserOnOtherResult(RemoteAuthenticationStatus value)
    {
        // Arrange
        var testJsRuntime = new TestJsRuntime();
        var options       = CreateOptions();
        var runtime       = new RemoteAuthenticationService <RemoteAuthenticationState, RemoteUserAccount, OidcProviderOptions>(
            testJsRuntime,
            options,
            new TestNavigationManager(),
            new AccountClaimsPrincipalFactory <RemoteUserAccount>(Mock.Of <IAccessTokenProviderAccessor>()));

        var state = new RemoteAuthenticationState();

        testJsRuntime.SignInResult = new InternalRemoteAuthenticationResult <RemoteAuthenticationState>
        {
            Status = value.ToString()
        };

        // Act
        await runtime.SignInAsync(new RemoteAuthenticationContext <RemoteAuthenticationState> {
            State = state
        });

        // Assert
        Assert.Equal(
            new[] { "AuthenticationService.init", "AuthenticationService.signIn" },
            testJsRuntime.PastInvocations.Select(i => i.identifier).ToArray());
    }
    public async Task RemoteAuthenticationService_CompleteSignInAsync_UpdatesUserOnSuccess()
    {
        // Arrange
        var testJsRuntime = new TestJsRuntime();
        var options       = CreateOptions();
        var runtime       = new RemoteAuthenticationService <RemoteAuthenticationState, RemoteUserAccount, OidcProviderOptions>(
            testJsRuntime,
            options,
            new TestNavigationManager(),
            new AccountClaimsPrincipalFactory <RemoteUserAccount>(Mock.Of <IAccessTokenProviderAccessor>()));

        var state = new RemoteAuthenticationState();

        testJsRuntime.CompleteSignInResult = new InternalRemoteAuthenticationResult <RemoteAuthenticationState>
        {
            State  = state,
            Status = RemoteAuthenticationStatus.Success.ToString()
        };

        // Act
        await runtime.CompleteSignInAsync(new RemoteAuthenticationContext <RemoteAuthenticationState> {
            Url = "https://www.example.com/base/login-callback"
        });

        // Assert
        Assert.Equal(
            new[] { "AuthenticationService.init", "AuthenticationService.completeSignIn", "AuthenticationService.getUser" },
            testJsRuntime.PastInvocations.Select(i => i.identifier).ToArray());
    }
Exemplo n.º 3
0
    public async Task RemoteAuthenticationService_SignOut_UpdatesUserOnSuccess()
    {
        // Arrange
        var testJsRuntime = new TestJsRuntime();
        var options       = CreateOptions();
        var runtime       = new RemoteAuthenticationService <RemoteAuthenticationState, RemoteUserAccount, OidcProviderOptions>(
            testJsRuntime,
            options,
            new TestNavigationManager(),
            new AccountClaimsPrincipalFactory <RemoteUserAccount>(Mock.Of <IAccessTokenProviderAccessor>()),
            null);

        var state = new RemoteAuthenticationState();

        testJsRuntime.SignOutResult = new RemoteAuthenticationResult <RemoteAuthenticationState>
        {
            State  = state,
            Status = RemoteAuthenticationStatus.Success
        };

        // Act
        await runtime.SignOutAsync(new RemoteAuthenticationContext <RemoteAuthenticationState> {
            State = state
        });

        // Assert
        Assert.Equal(
            new[] { "AuthenticationService.init", "AuthenticationService.signOut", "AuthenticationService.getUser" },
            testJsRuntime.PastInvocations.Select(i => i.identifier).ToArray());
    }
Exemplo n.º 4
0
        public async Task OnLogInSucceeded(RemoteAuthenticationState remoteState)
        {
            ///Workaround to avoid the framwework bug of invoking this up to 3 times
            var       authState = await AuthenticationStateTask;
            UserModel userModel = new()
            {
                EmailAddress       = authState.User.Claims.GetUserEmails()[0],
                FullName           = authState.User.Claims.GetDisplayName(),
                AzureAdB2cobjectId = Guid.Parse(authState.User.Claims.GetAzureAdB2CUserObjectId())
            };
            var authorizedHttpClient = this.HttpClientService.CreateAuthorizedClient();
            var response             = await authorizedHttpClient.PostAsJsonAsync <UserModel>("api/User/UserLoggedIn", userModel);

            if (!response.IsSuccessStatusCode)
            {
                var error = await response.Content.ReadAsStringAsync();

                throw new Exception(error);
            }
            else
            {
                var role = authState.User.Claims.SingleOrDefault(p => p.Type == "Role").Value;
                switch (role)
                {
                case Constants.Roles.Admin:
                    remoteState.ReturnUrl = Constants.AdminPagesRoutes.AdminIndex;
                    break;

                case Constants.Roles.User:
                    remoteState.ReturnUrl = Constants.UserPagesRoutes.UserIndex;
                    break;
                }
            }
        }
        private string GetReturnUrl(RemoteAuthenticationState state, string defaultReturnUrl = null)
        {
            if (state?.ReturnUrl != null)
            {
                return(state.ReturnUrl);
            }

            var fromQuery = GetParameter(new Uri(Navigation.Uri).Query, "returnUrl");

            if (!string.IsNullOrWhiteSpace(fromQuery) && !fromQuery.StartsWith(Navigation.BaseUri))
            {
                // This is an extra check to prevent open redirects.
                throw new InvalidOperationException("Invalid return url. The return url needs to have the same origin as the current page.");
            }

            return(fromQuery ?? defaultReturnUrl ?? Navigation.BaseUri);
        }
    public async Task RemoteAuthenticationService_GetAccessToken_PassesDownOptions()
    {
        // Arrange
        var testJsRuntime = new TestJsRuntime();
        var options       = CreateOptions();
        var runtime       = new RemoteAuthenticationService <RemoteAuthenticationState, RemoteUserAccount, OidcProviderOptions>(
            testJsRuntime,
            options,
            new TestNavigationManager(),
            new AccountClaimsPrincipalFactory <RemoteUserAccount>(Mock.Of <IAccessTokenProviderAccessor>()));

        var state = new RemoteAuthenticationState();

        testJsRuntime.GetAccessTokenResult = new InternalAccessTokenResult
        {
            Status = "requiresRedirect",
        };

        var tokenOptions = new AccessTokenRequestOptions
        {
            Scopes = new[] { "something" }
        };

        var expectedRedirectUrl = "https://www.example.com/base/login?returnUrl=https%3A%2F%2Fwww.example.com%2Fbase%2Fadd-product";

        // Act
        var result = await runtime.RequestAccessToken(tokenOptions);

        // Assert
        Assert.Equal(
            new[] { "AuthenticationService.init", "AuthenticationService.getAccessToken" },
            testJsRuntime.PastInvocations.Select(i => i.identifier).ToArray());

        Assert.False(result.TryGetToken(out var token));
        Assert.Null(token);
        Assert.Equal(result.Status, Enum.Parse <AccessTokenResultStatus>(testJsRuntime.GetAccessTokenResult.Status, ignoreCase: true));
        Assert.Equal(expectedRedirectUrl, result.RedirectUrl);
        Assert.Equal(tokenOptions, (AccessTokenRequestOptions)testJsRuntime.PastInvocations[^ 1].args[0]);
    public async Task RemoteAuthenticationService_GetAccessToken_ReturnsAccessTokenResult()
    {
        // Arrange
        var testJsRuntime = new TestJsRuntime();
        var options       = CreateOptions();
        var runtime       = new RemoteAuthenticationService <RemoteAuthenticationState, RemoteUserAccount, OidcProviderOptions>(
            testJsRuntime,
            options,
            new TestNavigationManager(),
            new AccountClaimsPrincipalFactory <RemoteUserAccount>(Mock.Of <IAccessTokenProviderAccessor>()));

        var state = new RemoteAuthenticationState();

        testJsRuntime.GetAccessTokenResult = new InternalAccessTokenResult
        {
            Status = "success",
            Token  = new AccessToken
            {
                Value         = "1234",
                GrantedScopes = new[] { "All" },
                Expires       = new DateTimeOffset(2050, 5, 13, 0, 0, 0, TimeSpan.Zero)
            }
        };

        // Act
        var result = await runtime.RequestAccessToken();

        // Assert
        Assert.Equal(
            new[] { "AuthenticationService.init", "AuthenticationService.getAccessToken" },
            testJsRuntime.PastInvocations.Select(i => i.identifier).ToArray());

        Assert.True(result.TryGetToken(out var token));
        Assert.Equal(result.Status, Enum.Parse <AccessTokenResultStatus>(testJsRuntime.GetAccessTokenResult.Status, ignoreCase: true));
        Assert.Equal(result.RedirectUrl, testJsRuntime.GetAccessTokenResult.RedirectUrl);
        Assert.Equal(token, testJsRuntime.GetAccessTokenResult.Token);
    }