public void AllowClientCredentialsFlow_ClientCredentialsFlowIsAddedToGrantTypes()
        {
            // Arrange
            var services = CreateServices();
            var builder  = new OpenIddictBuilder(services);

            // Act
            builder.AllowClientCredentialsFlow();

            var options = GetOptions(services);

            // Assert
            Assert.Contains(OpenIdConnectConstants.GrantTypes.ClientCredentials, options.GrantTypes);
        }
        public void AllowCustomFlow_CustomFlowIsAddedToGrantTypes()
        {
            // Arrange
            var services = CreateServices();
            var builder  = new OpenIddictBuilder(services);

            // Act
            builder.AllowCustomFlow("urn:ietf:params:oauth:grant-type:custom_grant");

            var options = GetOptions(services);

            // Assert
            Assert.Contains("urn:ietf:params:oauth:grant-type:custom_grant", options.GrantTypes);
        }
        public void AddEphemeralSigningKey_SigningKeyIsCorrectlyAdded()
        {
            // Arrange
            var services = CreateServices();
            var builder  = new OpenIddictBuilder(services);

            // Act
            builder.AddEphemeralSigningKey();

            var options = GetOptions(services);

            // Assert
            Assert.Equal(1, options.SigningCredentials.Count);
        }
        public void AllowAuthorizationCodeFlow_CodeFlowIsAddedToGrantTypes()
        {
            // Arrange
            var services = CreateServices();
            var builder  = new OpenIddictBuilder(services);

            // Act
            builder.AllowAuthorizationCodeFlow();

            var options = GetOptions(services);

            // Assert
            Assert.Contains(OpenIdConnectConstants.GrantTypes.AuthorizationCode, options.GrantTypes);
        }
        public void DisableTokenRevocation_TokenRevocationIsDisabled()
        {
            // Arrange
            var services = CreateServices();
            var builder  = new OpenIddictBuilder(services);

            // Act
            builder.DisableTokenRevocation();

            var options = GetOptions(services);

            // Assert
            Assert.True(options.DisableTokenRevocation);
        }
        public void EnableRevocationEndpoint_RevocationEndpointIsEnabled()
        {
            // Arrange
            var services = CreateServices();
            var builder  = new OpenIddictBuilder(services);

            // Act
            builder.EnableRevocationEndpoint("/endpoint-path");

            var options = GetOptions(services);

            // Assert
            Assert.Equal("/endpoint-path", options.RevocationEndpointPath);
        }
        public void UseReferenceTokens_ReferenceTokensAreEnabled()
        {
            // Arrange
            var services = CreateServices();
            var builder  = new OpenIddictBuilder(services);

            // Act
            builder.UseReferenceTokens();

            var options = GetOptions(services);

            // Assert
            Assert.True(options.UseReferenceTokens);
        }
        public void DisableCryptographyEndpoint_CryptographyEndpointIsDisabled()
        {
            // Arrange
            var services = CreateServices();
            var builder  = new OpenIddictBuilder(services);

            // Act
            builder.DisableCryptographyEndpoint();

            var options = GetOptions(services);

            // Assert
            Assert.Equal(PathString.Empty, options.CryptographyEndpointPath);
        }
        public void UseDataProtectionProvider_DefaultProviderIsReplaced()
        {
            // Arrange
            var services = CreateServices();
            var builder  = new OpenIddictBuilder(services);

            // Act
            builder.UseDataProtectionProvider(new EphemeralDataProtectionProvider(new LoggerFactory()));

            var options = GetOptions(services);

            // Assert
            Assert.IsType <EphemeralDataProtectionProvider>(options.DataProtectionProvider);
        }
        public void UseJsonWebTokens_AccessTokenHandlerIsCorrectlySet()
        {
            // Arrange
            var services = CreateServices();
            var builder  = new OpenIddictBuilder(services);

            // Act
            builder.UseJsonWebTokens();

            var options = GetOptions(services);

            // Assert
            Assert.IsType <JwtSecurityTokenHandler>(options.AccessTokenHandler);
        }
        public void AddDevelopmentSigningCertificate_ThrowsAnExceptionForNullSubject()
        {
            // Arrange
            var services = CreateServices();
            var builder  = new OpenIddictBuilder(services);

            // Act and assert
            var exception = Assert.Throws <ArgumentNullException>(delegate
            {
                builder.AddDevelopmentSigningCertificate(subject: null);
            });

            Assert.Equal("subject", exception.ParamName);
        }
        public void SetIssuer_AddressIsReplaced()
        {
            // Arrange
            var services = CreateServices();
            var builder  = new OpenIddictBuilder(services);

            // Act
            builder.SetIssuer(new Uri("http://www.fabrikam.com/"));

            var options = GetOptions(services);

            // Assert
            Assert.Equal(new Uri("http://www.fabrikam.com/"), options.Issuer);
        }
        public void SetRefreshTokenLifetime_DefaultRefreshTokenLifetimeIsReplaced()
        {
            // Arrange
            var services = CreateServices();
            var builder  = new OpenIddictBuilder(services);

            // Act
            builder.SetRefreshTokenLifetime(TimeSpan.FromMinutes(42));

            var options = GetOptions(services);

            // Assert
            Assert.Equal(TimeSpan.FromMinutes(42), options.RefreshTokenLifetime);
        }
        public void RequireClientIdentification_ClientIdentificationIsEnforced()
        {
            // Arrange
            var services = CreateServices();
            var builder  = new OpenIddictBuilder(services);

            // Act
            builder.RequireClientIdentification();

            var options = GetOptions(services);

            // Assert
            Assert.True(options.RequireClientIdentification);
        }
    public void AddServer_RegistersDefaultHandler(OpenIddictServerHandlerDescriptor descriptor)
    {
        // Arrange
        var services = new ServiceCollection();
        var builder  = new OpenIddictBuilder(services);

        // Act
        builder.AddServer();

        // Assert
        Assert.Contains(services, service => service.Lifetime == descriptor.ServiceDescriptor.Lifetime &&
                        service.ServiceType == descriptor.ServiceDescriptor.ServiceType &&
                        service.ImplementationType == descriptor.ServiceDescriptor.ImplementationType);
    }
        public void AllowRefreshTokenFlow_RefreshTokenFlowIsAddedToGrantTypes()
        {
            // Arrange
            var services = CreateServices();
            var builder  = new OpenIddictBuilder(services);

            // Act
            builder.AllowRefreshTokenFlow();

            var options = GetOptions(services);

            // Assert
            Assert.Contains(OpenIdConnectConstants.GrantTypes.RefreshToken, options.GrantTypes);
        }
    public void AddServer_RegistersRequiredSingletons(Type type)
    {
        // Arrange
        var services = new ServiceCollection();
        var builder  = new OpenIddictBuilder(services);

        // Act
        builder.AddServer();

        // Assert
        Assert.Contains(services, service => service.ServiceType == type &&
                        service.ImplementationType == type &&
                        service.Lifetime == ServiceLifetime.Singleton);
    }
        public void DisableSlidingExpiration_SlidingExpirationIsDisabled()
        {
            // Arrange
            var services = CreateServices();
            var builder  = new OpenIddictBuilder(services);

            // Act
            builder.DisableSlidingExpiration();

            var options = GetOptions(services);

            // Assert
            Assert.False(options.UseSlidingExpiration);
        }
    public void AddServer_RegistersServerFactory()
    {
        // Arrange
        var services = new ServiceCollection();
        var builder  = new OpenIddictBuilder(services);

        // Act
        builder.AddServer();

        // Assert
        Assert.Contains(services, service => service.ServiceType == typeof(IOpenIddictServerFactory) &&
                        service.ImplementationType == typeof(OpenIddictServerFactory) &&
                        service.Lifetime == ServiceLifetime.Scoped);
    }
        public void EnableRequestCaching_RequestCachingIsEnabled()
        {
            // Arrange
            var services = CreateServices();
            var builder  = new OpenIddictBuilder(services);

            // Act
            builder.EnableRequestCaching();

            var options = GetOptions(services);

            // Assert
            Assert.True(options.EnableRequestCaching);
        }
        public void Configure_OptionsAreCorrectlyAmended()
        {
            // Arrange
            var services = CreateServices();
            var builder  = new OpenIddictBuilder(services);

            // Act
            builder.Configure(configuration => configuration.AccessTokenLifetime = TimeSpan.FromDays(1));

            var options = GetOptions(services);

            // Assert
            Assert.Equal(TimeSpan.FromDays(1), options.AccessTokenLifetime);
        }
        public void EnableScopeValidation_ScopeValidationIsDisabled()
        {
            // Arrange
            var services = CreateServices();
            var builder  = new OpenIddictBuilder(services);

            // Act
            builder.EnableScopeValidation();

            var options = GetOptions(services);

            // Assert
            Assert.True(options.EnableScopeValidation);
        }
Пример #23
0
        public static OpenIddictBuilder AddUIStore(
            this OpenIddictBuilder builder,
            Action <OpenIddictUIStoreOptions> storeOptionsAction = null
            )
        {
            builder.Services.AddInfrastructureServices();

            var coreBuilder = new OpenIddictCoreBuilder(builder.Services)
                              .UseEFCoreUIStore <OpenIddictUIContext>();

            builder.Services
            .AddOpenIddictUIStore <OpenIddictUIContext>(storeOptionsAction);

            return(builder);
        }
Пример #24
0
        public void AddEphemeralSigningKey_SigningCredentialsUseSpecifiedAlgorithm(string algorithm)
        {
            // Arrange
            var services = CreateServices();
            var builder  = new OpenIddictBuilder(services);

            // Act
            builder.AddEphemeralSigningKey(algorithm);

            var options     = GetOptions(services);
            var credentials = options.SigningCredentials[0];

            // Assert
            Assert.Equal(algorithm, credentials.Algorithm);
        }
Пример #25
0
        /// <summary>
        /// Register the Api for the EF based UI Store.
        /// </summary>
        public static OpenIddictBuilder AddUIApis <TApplicationUser>(
            this OpenIddictBuilder builder,
            Action <OpenIddictUIApiOptions> uiApiOptions = null
            ) where TApplicationUser : IdentityUser, new()
        {
            builder.Services
            .AddOpenIddictUIApiServices <TApplicationUser>(uiApiOptions);

            var options = new OpenIddictUIApiOptions();

            uiApiOptions?.Invoke(options);
            builder.AddOpenIddictUIRoutePrefix(options.RoutePrefix);

            return(builder);
        }
        public void RegisterScopes_ScopesAreAdded()
        {
            // Arrange
            var services = CreateServices();
            var builder  = new OpenIddictBuilder(services);

            // Act
            builder.RegisterScopes("custom_scope_1", "custom_scope_2");

            var options = GetOptions(services);

            // Assert
            Assert.Contains("custom_scope_1", options.Scopes);
            Assert.Contains("custom_scope_2", options.Scopes);
        }
Пример #27
0
    /// <summary>
    /// Registers the OpenIddict client services in the DI container.
    /// </summary>
    /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
    /// <remarks>This extension can be safely called multiple times.</remarks>
    /// <returns>The <see cref="OpenIddictClientBuilder"/>.</returns>
    public static OpenIddictClientBuilder AddClient(this OpenIddictBuilder builder)
    {
        if (builder is null)
        {
            throw new ArgumentNullException(nameof(builder));
        }

        builder.Services.AddLogging();
        builder.Services.AddOptions();

        builder.Services.TryAddScoped <IOpenIddictClientDispatcher, OpenIddictClientDispatcher>();
        builder.Services.TryAddScoped <IOpenIddictClientFactory, OpenIddictClientFactory>();
        builder.Services.TryAddSingleton <OpenIddictClientService>();

        // Register the built-in filters used by the default OpenIddict client event handlers.
        builder.Services.TryAddSingleton <RequireAuthorizationCodeOrImplicitGrantType>();
        builder.Services.TryAddSingleton <RequireAuthorizationCodeValidated>();
        builder.Services.TryAddSingleton <RequireBackchannelAccessTokenValidated>();
        builder.Services.TryAddSingleton <RequireBackchannelIdentityTokenValidated>();
        builder.Services.TryAddSingleton <RequireBackchannelIdentityTokenPrincipal>();
        builder.Services.TryAddSingleton <RequireClientAssertionTokenGenerated>();
        builder.Services.TryAddSingleton <RequireFrontchannelAccessTokenValidated>();
        builder.Services.TryAddSingleton <RequireFrontchannelIdentityTokenValidated>();
        builder.Services.TryAddSingleton <RequireFrontchannelIdentityTokenPrincipal>();
        builder.Services.TryAddSingleton <RequireJsonWebTokenFormat>();
        builder.Services.TryAddSingleton <RequireRedirectionRequest>();
        builder.Services.TryAddSingleton <RequireRefreshTokenValidated>();
        builder.Services.TryAddSingleton <RequireStateTokenGenerated>();
        builder.Services.TryAddSingleton <RequireStateTokenPrincipal>();
        builder.Services.TryAddSingleton <RequireStateTokenValidated>();
        builder.Services.TryAddSingleton <RequireTokenEntryCreated>();
        builder.Services.TryAddSingleton <RequireTokenPayloadPersisted>();
        builder.Services.TryAddSingleton <RequireTokenRequest>();
        builder.Services.TryAddSingleton <RequireTokenStorageEnabled>();
        builder.Services.TryAddSingleton <RequireUserinfoRequest>();
        builder.Services.TryAddSingleton <RequireUserinfoTokenExtracted>();
        builder.Services.TryAddSingleton <RequireUserinfoTokenPrincipal>();

        // Register the built-in client event handlers used by the OpenIddict client components.
        // Note: the order used here is not important, as the actual order is set in the options.
        builder.Services.TryAdd(DefaultHandlers.Select(descriptor => descriptor.ServiceDescriptor));

        // Note: TryAddEnumerable() is used here to ensure the initializer is registered only once.
        builder.Services.TryAddEnumerable(ServiceDescriptor.Singleton <
                                              IPostConfigureOptions <OpenIddictClientOptions>, OpenIddictClientConfiguration>());

        return(new OpenIddictClientBuilder(builder.Services));
    }
Пример #28
0
    /// <summary>
    /// Registers the OpenIddict client services in the DI container.
    /// </summary>
    /// <param name="builder">The services builder used by OpenIddict to register new services.</param>
    /// <param name="configuration">The configuration delegate used to configure the client services.</param>
    /// <remarks>This extension can be safely called multiple times.</remarks>
    /// <returns>The <see cref="OpenIddictBuilder"/>.</returns>
    public static OpenIddictBuilder AddClient(this OpenIddictBuilder builder, Action <OpenIddictClientBuilder> configuration)
    {
        if (builder is null)
        {
            throw new ArgumentNullException(nameof(builder));
        }

        if (configuration is null)
        {
            throw new ArgumentNullException(nameof(configuration));
        }

        configuration(builder.AddClient());

        return(builder);
    }
        public void AddServer_RegistersAuthenticationScheme()
        {
            // Arrange
            var services = new ServiceCollection();
            var builder  = new OpenIddictBuilder(services);

            // Act
            builder.AddServer();

            // Assert
            var provider = services.BuildServiceProvider();
            var options  = provider.GetRequiredService <IOptions <AuthenticationOptions> >().Value;

            Assert.Contains(options.Schemes, scheme => scheme.Name == OpenIddictServerDefaults.AuthenticationScheme &&
                            scheme.HandlerType == typeof(OpenIddictServerHandler));
        }
        public void AddApplicationStore_ThrowsAnExceptionForInvalidStore()
        {
            // Arrange
            var services = new ServiceCollection();

            services.AddOptions();

            var builder = new OpenIddictBuilder(services);

            builder.ApplicationType = typeof(object);

            // Act and assert
            var exception = Assert.Throws <InvalidOperationException>(() => builder.AddApplicationStore(typeof(object)));

            Assert.Equal("The specified type is invalid.", exception.Message);
        }