Пример #1
0
        public async Task Test1()
        {
            var host = new GenericHost();

            host.OnConfigure += app => app.Run(ctx => {
                ctx.Response.StatusCode = 204;
                return(Task.CompletedTask);
            });
            await host.InitializeAsync();

            var response = await host.HttpClient.GetAsync("/test");

            response.StatusCode.Should().Be(204);
        }
Пример #2
0
    public DynamicProvidersTests()
    {
        _idp1 = new GenericHost("https://idp1");
        _idp1.OnConfigureServices += services =>
        {
            services.AddRouting();
            services.AddAuthorization();

            services.AddIdentityServer()
            .AddInMemoryClients(new Client[] {
                new Client
                {
                    ClientId               = "client",
                    ClientSecrets          = { new Secret("secret".Sha256()) },
                    AllowedGrantTypes      = GrantTypes.Code,
                    RedirectUris           = { "https://server/federation/idp1/signin" },
                    PostLogoutRedirectUris = { "https://server/federation/idp1/signout-callback" },
                    FrontChannelLogoutUri  = "https://server/federation/idp1/signout",
                    AllowedScopes          = { "openid" }
                }
            })
            .AddInMemoryIdentityResources(new IdentityResource[] {
                new IdentityResources.OpenId(),
            })
            .AddDeveloperSigningCredential(persistKey: false);

            services.AddLogging(options =>
            {
                options.AddFilter("Duende", LogLevel.Debug);
            });
        };
        _idp1.OnConfigure += app =>
        {
            app.UseRouting();

            app.UseIdentityServer();
            app.UseAuthorization();

            app.UseEndpoints(endpoints =>
            {
                endpoints.MapGet("/signin", async ctx =>
                {
                    await ctx.SignInAsync(new IdentityServerUser("1").CreatePrincipal());
                });
                endpoints.MapGet("/account/logout", async ctx =>
                {
                    var isis                  = ctx.RequestServices.GetRequiredService <IIdentityServerInteractionService>();
                    var logoutCtx             = await isis.GetLogoutContextAsync(ctx.Request.Query["logoutId"]);
                    Idp1FrontChannelLogoutUri = logoutCtx.SignOutIFrameUrl;
                    await ctx.SignOutAsync();
                });
            });
        };
        _idp1.InitializeAsync().Wait();

        _idp2 = new GenericHost("https://idp2");
        _idp2.OnConfigureServices += services =>
        {
            services.AddRouting();
            services.AddAuthorization();

            services.AddIdentityServer()
            .AddInMemoryClients(new Client[] {
                new Client
                {
                    ClientId               = "client",
                    ClientSecrets          = { new Secret("secret".Sha256()) },
                    AllowedGrantTypes      = GrantTypes.Code,
                    RedirectUris           = { "https://server/signin-oidc" },
                    PostLogoutRedirectUris = { "https://server/signout-callback-oidc" },
                    FrontChannelLogoutUri  = "https://server/signout-oidc",
                    AllowedScopes          = { "openid" }
                }
            })
            .AddInMemoryIdentityResources(new IdentityResource[] {
                new IdentityResources.OpenId(),
            })
            .AddDeveloperSigningCredential(persistKey: false);

            services.AddLogging(options =>
            {
                options.AddFilter("Duende", LogLevel.Debug);
            });
        };
        _idp2.OnConfigure += app =>
        {
            app.UseRouting();

            app.UseIdentityServer();
            app.UseAuthorization();

            app.UseEndpoints(endpoints =>
            {
                endpoints.MapGet("/signin", async ctx =>
                {
                    await ctx.SignInAsync(new IdentityServerUser("2").CreatePrincipal());
                });
            });
        };
        _idp2.InitializeAsync().Wait();



        _host = new GenericHost("https://server");
        _host.OnConfigureServices += services =>
        {
            services.AddRouting();
            services.AddAuthorization();

            services.AddIdentityServer()
            .AddInMemoryClients(new Client[] { })
            .AddInMemoryIdentityResources(new IdentityResource[] { })
            .AddInMemoryOidcProviders(_oidcProviders)
            .AddInMemoryCaching()
            .AddIdentityProviderStoreCache <InMemoryOidcProviderStore>()
            .AddDeveloperSigningCredential(persistKey: false);

            services.ConfigureAll <OpenIdConnectOptions>(options =>
            {
                options.BackchannelHttpHandler = _idp1.Server.CreateHandler();
            });

            services.AddAuthentication()
            .AddOpenIdConnect("idp2", options =>
            {
                options.SignInScheme = IdentityServerConstants.ExternalCookieAuthenticationScheme;
                options.Authority    = "https://idp2";
                options.ClientId     = "client";
                options.ClientSecret = "secret";
                options.ResponseType = "code";
                options.ResponseMode = "query";
                options.Scope.Clear();
                options.Scope.Add("openid");
                options.SecurityTokenValidator = new JwtSecurityTokenHandler
                {
                    MapInboundClaims = false
                };
                options.BackchannelHttpHandler = _idp2.Server.CreateHandler();
            });

            services.AddLogging(options =>
            {
                options.AddFilter("Duende", LogLevel.Debug);
            });
        };
        _host.OnConfigure += app =>
        {
            app.UseRouting();

            app.UseIdentityServer();
            app.UseAuthorization();

            app.UseEndpoints(endpoints =>
            {
                endpoints.MapGet("/user", async ctx =>
                {
                    var session = await ctx.AuthenticateAsync(IdentityServerConstants.DefaultCookieAuthenticationScheme);
                    if (session.Succeeded)
                    {
                        await ctx.Response.WriteAsync(session.Principal.FindFirst("sub").Value);
                    }
                    else
                    {
                        ctx.Response.StatusCode = 401;
                    }
                });
                endpoints.MapGet("/callback", async ctx =>
                {
                    var session = await ctx.AuthenticateAsync(IdentityServerConstants.ExternalCookieAuthenticationScheme);
                    if (session.Succeeded)
                    {
                        await ctx.SignInAsync(session.Principal, session.Properties);
                        await ctx.SignOutAsync(IdentityServerConstants.ExternalCookieAuthenticationScheme);

                        await ctx.Response.WriteAsync(session.Principal.FindFirst("sub").Value);
                    }
                    else
                    {
                        ctx.Response.StatusCode = 401;
                    }
                });
                endpoints.MapGet("/challenge", async ctx =>
                {
                    await ctx.ChallengeAsync(ctx.Request.Query["scheme"],
                                             new AuthenticationProperties {
                        RedirectUri = "/callback"
                    });
                });
                endpoints.MapGet("/logout", async ctx =>
                {
                    await ctx.SignOutAsync(ctx.Request.Query["scheme"]);
                });
            });
        };

        _host.InitializeAsync().Wait();
    }