public void PostConfigure_AddIdentityResourcesScopesToClients()
{
// Arrange
var configureClientScopes = new ConfigureClientScopes(new TestLogger <ConfigureClientScopes>());
var options = new ApiAuthorizationOptions();
options.Clients.AddRange(
ClientBuilder
.IdentityServerSPA("TestSPA")
.FromConfiguration()
.Build(),
ClientBuilder
.NativeApp("NativeApp")
.FromConfiguration()
.Build());
options.ApiResources.AddRange(
ApiResourceBuilder.ApiResource("ResourceAPI")
.FromConfiguration()
.AllowAllClients()
.Build());
// Act
configureClientScopes.PostConfigure(Options.DefaultName, options);
// Assert
var spaClient = Assert.Single(options.Clients, c => c.ClientId == "TestSPA");
Assert.Equal(new[] { "openid", "profile", "ResourceAPI" }.OrderBy(id => id).ToArray(), spaClient.AllowedScopes.OrderBy(id => id).ToArray());
var nativeApp = Assert.Single(options.Clients, c => c.ClientId == "NativeApp");
Assert.Equal(new[] { "offline_access", "openid", "profile", "ResourceAPI" }.OrderBy(id => id).ToArray(), nativeApp.AllowedScopes.OrderBy(id => id).ToArray());
}
/// <summary>
/// Creates a new API that coexists with an authorization server.
/// </summary>
/// <param name="name">The name of the API.</param>
/// <param name="configure">The <see cref="Func{ApiResourceBuilder, ApiResource}"/> to configure the identity server jwt API.</param>
public void AddIdentityServerJwt(string name, Action <ApiResourceBuilder> configure)
{
var apiResource = ApiResourceBuilder.IdentityServerJwt(name);
configure(apiResource);
Add(apiResource.Build());
}
public void PostConfigure_AddResourcesScopesToClients()
{
// Arrange
var configureClientScopes = new ConfigureClientScopes(new TestLogger <ConfigureClientScopes>());
var options = new ApiAuthorizationOptions();
options.Clients.AddRange(
ClientBuilder
.IdentityServerSPA("TestSPA")
.FromConfiguration()
.Build(),
ClientBuilder
.NativeApp("NativeApp")
.FromConfiguration()
.Build());
options.ApiResources.AddRange(
ApiResourceBuilder.ApiResource("ResourceApi")
.FromConfiguration()
.AllowAllClients()
.Build());
// Act
configureClientScopes.PostConfigure(Options.DefaultName, options);
// Assert
foreach (var client in options.Clients)
{
Assert.Contains("ResourceApi", client.AllowedScopes);
}
}
/// <summary>
/// Adds a new externally registered API.
/// </summary>
/// <param name="name">The name of the API.</param>
/// <param name="configure">The <see cref="Action{ApiResourceBuilder}"/> to configure the externally registered API.</param>
public void AddApiResource(string name, Action <ApiResourceBuilder> configure)
{
var apiResource = ApiResourceBuilder.ApiResource(name);
configure(apiResource);
Add(apiResource.Build());
}
private static ApiResource GetAPI(string name, ResourceDefinition definition) =>
ApiResourceBuilder.ApiResource(name)
.FromConfiguration()
.WithAllowedClients(ApplicationProfilesPropertyValues.AllowAllApplications)
.ReplaceScopes(ParseScopes(definition.Scopes) ?? new[] { name })
.Build();