public async Task Test1()
{
var host = new GenericHost();
host.OnConfigure += app => app.Run(ctx => {
ctx.Response.StatusCode = 204;
return(Task.CompletedTask);
});
await host.InitializeAsync();
var response = await host.HttpClient.GetAsync("/test");
response.StatusCode.Should().Be(204);
}
public DynamicProvidersTests()
{
_idp1 = new GenericHost("https://idp1");
_idp1.OnConfigureServices += services =>
{
services.AddRouting();
services.AddAuthorization();
services.AddIdentityServer()
.AddInMemoryClients(new Client[] {
new Client
{
ClientId = "client",
ClientSecrets = { new Secret("secret".Sha256()) },
AllowedGrantTypes = GrantTypes.Code,
RedirectUris = { "https://server/federation/idp1/signin" },
PostLogoutRedirectUris = { "https://server/federation/idp1/signout-callback" },
FrontChannelLogoutUri = "https://server/federation/idp1/signout",
AllowedScopes = { "openid" }
}
})
.AddInMemoryIdentityResources(new IdentityResource[] {
new IdentityResources.OpenId(),
})
.AddDeveloperSigningCredential(persistKey: false);
services.AddLogging(options =>
{
options.AddFilter("Duende", LogLevel.Debug);
});
};
_idp1.OnConfigure += app =>
{
app.UseRouting();
app.UseIdentityServer();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapGet("/signin", async ctx =>
{
await ctx.SignInAsync(new IdentityServerUser("1").CreatePrincipal());
});
endpoints.MapGet("/account/logout", async ctx =>
{
var isis = ctx.RequestServices.GetRequiredService <IIdentityServerInteractionService>();
var logoutCtx = await isis.GetLogoutContextAsync(ctx.Request.Query["logoutId"]);
Idp1FrontChannelLogoutUri = logoutCtx.SignOutIFrameUrl;
await ctx.SignOutAsync();
});
});
};
_idp1.InitializeAsync().Wait();
_idp2 = new GenericHost("https://idp2");
_idp2.OnConfigureServices += services =>
{
services.AddRouting();
services.AddAuthorization();
services.AddIdentityServer()
.AddInMemoryClients(new Client[] {
new Client
{
ClientId = "client",
ClientSecrets = { new Secret("secret".Sha256()) },
AllowedGrantTypes = GrantTypes.Code,
RedirectUris = { "https://server/signin-oidc" },
PostLogoutRedirectUris = { "https://server/signout-callback-oidc" },
FrontChannelLogoutUri = "https://server/signout-oidc",
AllowedScopes = { "openid" }
}
})
.AddInMemoryIdentityResources(new IdentityResource[] {
new IdentityResources.OpenId(),
})
.AddDeveloperSigningCredential(persistKey: false);
services.AddLogging(options =>
{
options.AddFilter("Duende", LogLevel.Debug);
});
};
_idp2.OnConfigure += app =>
{
app.UseRouting();
app.UseIdentityServer();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapGet("/signin", async ctx =>
{
await ctx.SignInAsync(new IdentityServerUser("2").CreatePrincipal());
});
});
};
_idp2.InitializeAsync().Wait();
_host = new GenericHost("https://server");
_host.OnConfigureServices += services =>
{
services.AddRouting();
services.AddAuthorization();
services.AddIdentityServer()
.AddInMemoryClients(new Client[] { })
.AddInMemoryIdentityResources(new IdentityResource[] { })
.AddInMemoryOidcProviders(_oidcProviders)
.AddInMemoryCaching()
.AddIdentityProviderStoreCache <InMemoryOidcProviderStore>()
.AddDeveloperSigningCredential(persistKey: false);
services.ConfigureAll <OpenIdConnectOptions>(options =>
{
options.BackchannelHttpHandler = _idp1.Server.CreateHandler();
});
services.AddAuthentication()
.AddOpenIdConnect("idp2", options =>
{
options.SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme;
options.Authority = "https://idp2";
options.ClientId = "client";
options.ClientSecret = "secret";
options.ResponseType = "code";
options.ResponseMode = "query";
options.Scope.Clear();
options.Scope.Add("openid");
options.SecurityTokenValidator = new JwtSecurityTokenHandler
{
MapInboundClaims = false
};
options.BackchannelHttpHandler = _idp2.Server.CreateHandler();
});
services.AddLogging(options =>
{
options.AddFilter("Duende", LogLevel.Debug);
});
};
_host.OnConfigure += app =>
{
app.UseRouting();
app.UseIdentityServer();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapGet("/user", async ctx =>
{
var session = await ctx.AuthenticateAsync(IdentityServerConstants.DefaultCookieAuthenticationScheme);
if (session.Succeeded)
{
await ctx.Response.WriteAsync(session.Principal.FindFirst("sub").Value);
}
else
{
ctx.Response.StatusCode = 401;
}
});
endpoints.MapGet("/callback", async ctx =>
{
var session = await ctx.AuthenticateAsync(IdentityServerConstants.ExternalCookieAuthenticationScheme);
if (session.Succeeded)
{
await ctx.SignInAsync(session.Principal, session.Properties);
await ctx.SignOutAsync(IdentityServerConstants.ExternalCookieAuthenticationScheme);
await ctx.Response.WriteAsync(session.Principal.FindFirst("sub").Value);
}
else
{
ctx.Response.StatusCode = 401;
}
});
endpoints.MapGet("/challenge", async ctx =>
{
await ctx.ChallengeAsync(ctx.Request.Query["scheme"],
new AuthenticationProperties {
RedirectUri = "/callback"
});
});
endpoints.MapGet("/logout", async ctx =>
{
await ctx.SignOutAsync(ctx.Request.Query["scheme"]);
});
});
};
_host.InitializeAsync().Wait();
}