public async Task OnRedirectToIdentityProvider_DefaultUserFlow_DoesntUpdateContext()
{
var errorAccessor = Substitute.For <ILoginErrorAccessor>();
var options = new MicrosoftIdentityOptions()
{
SignUpSignInPolicyId = DefaultUserFlow
};
var handler = new AzureADB2COpenIDConnectEventHandlers(OpenIdConnectDefaults.AuthenticationScheme, options, errorAccessor);
var httpContext = HttpContextUtilities.CreateHttpContext();
var authProperties = new AuthenticationProperties();
authProperties.Items.Add(OidcConstants.PolicyKey, DefaultUserFlow);
var context = new RedirectContext(httpContext, _authScheme, new OpenIdConnectOptions(), authProperties)
{
ProtocolMessage = new OpenIdConnectMessage()
{
IssuerAddress = _defaultIssuer
}
};
await handler.OnRedirectToIdentityProvider(context).ConfigureAwait(false);
errorAccessor.DidNotReceive().SetMessage(httpContext, Arg.Any <string>());
Assert.Null(context.ProtocolMessage.Scope);
Assert.Null(context.ProtocolMessage.ResponseType);
Assert.Equal(_defaultIssuer, context.ProtocolMessage.IssuerAddress);
Assert.True(context.Properties.Items.ContainsKey(OidcConstants.PolicyKey));
}
public async void OnRedirectToIdentityProvider_CustomUserFlow_UpdatesContext()
{
var options = new MicrosoftIdentityOptions()
{
SignUpSignInPolicyId = DefaultUserFlow
};
var handler = new AzureADB2COpenIDConnectEventHandlers(OpenIdConnectDefaults.AuthenticationScheme, options);
var httpContext = HttpContextUtilities.CreateHttpContext();
var authProperties = new AuthenticationProperties();
authProperties.Items.Add(OidcConstants.PolicyKey, CustomUserFlow);
var context = new RedirectContext(httpContext, _authScheme, new OpenIdConnectOptions(), authProperties)
{
ProtocolMessage = new OpenIdConnectMessage()
{
IssuerAddress = _defaultIssuer
}
};
await handler.OnRedirectToIdentityProvider(context).ConfigureAwait(false);
Assert.Equal(OpenIdConnectScope.OpenIdProfile, context.ProtocolMessage.Scope);
Assert.Equal(OpenIdConnectResponseType.IdToken, context.ProtocolMessage.ResponseType);
Assert.Equal(_customIssuer, context.ProtocolMessage.IssuerAddress, true);
Assert.False(context.Properties.Items.ContainsKey(OidcConstants.PolicyKey));
}
public async Task OnRedirectToIdentityProvider_CustomUserFlow_UpdatesContext(bool hasClientCredentials)
{
var errorAccessor = Substitute.For <ILoginErrorAccessor>();
var options = new MicrosoftIdentityOptions()
{
SignUpSignInPolicyId = DefaultUserFlow
};
if (hasClientCredentials)
{
options.ClientSecret = TestConstants.ClientSecret;
}
var handler = new AzureADB2COpenIDConnectEventHandlers(OpenIdConnectDefaults.AuthenticationScheme, options, errorAccessor);
var httpContext = HttpContextUtilities.CreateHttpContext();
var authProperties = new AuthenticationProperties();
authProperties.Items.Add(OidcConstants.PolicyKey, CustomUserFlow);
var context = new RedirectContext(httpContext, _authScheme, new OpenIdConnectOptions(), authProperties)
{
ProtocolMessage = new OpenIdConnectMessage()
{
IssuerAddress = _defaultIssuer,
Scope = TestConstants.Scopes,
},
};
await handler.OnRedirectToIdentityProvider(context).ConfigureAwait(false);
errorAccessor.DidNotReceive().SetMessage(httpContext, Arg.Any <string>());
Assert.Equal(TestConstants.Scopes, context.ProtocolMessage.Scope);
Assert.Equal(_customIssuer, context.ProtocolMessage.IssuerAddress, true);
Assert.False(context.Properties.Items.ContainsKey(OidcConstants.PolicyKey));
if (hasClientCredentials)
{
Assert.Equal(OpenIdConnectResponseType.CodeIdToken, context.ProtocolMessage.ResponseType);
}
else
{
Assert.Equal(OpenIdConnectResponseType.IdToken, context.ProtocolMessage.ResponseType);
}
}
public async Task OnRedirectToIdentityProviderHandler_UpdatesRequestForOtherPolicies()
{
// Arrange
var handlers = new AzureADB2COpenIDConnectEventHandlers(
AzureADB2CDefaults.AuthenticationScheme,
new AzureADB2COptions()
{
SignUpSignInPolicyId = "B2C_1_SiUpIn"
});
var authenticationProperties = new AuthenticationProperties(new Dictionary <string, string>
{
[AzureADB2CDefaults.PolicyKey] = "B2C_1_EP"
});
var redirectContext = new RedirectContext(
new DefaultHttpContext(),
new AuthenticationScheme(AzureADB2CDefaults.AuthenticationScheme, "", typeof(OpenIdConnectHandler)),
new OpenIdConnectOptions(),
authenticationProperties)
{
ProtocolMessage = new OpenIdConnectMessage
{
Scope = OpenIdConnectScope.OpenId,
ResponseType = OpenIdConnectResponseType.Code,
IssuerAddress = "https://login.microsoftonline.com/tfp/domain.onmicrosoft.com/B2C_1_EP/v2.0"
}
};
// Act
await handlers.OnRedirectToIdentityProvider(redirectContext);
// Assert
Assert.Equal(OpenIdConnectScope.OpenIdProfile, redirectContext.ProtocolMessage.Scope);
Assert.Equal(OpenIdConnectResponseType.IdToken, redirectContext.ProtocolMessage.ResponseType);
Assert.Equal(
"https://login.microsoftonline.com/tfp/domain.onmicrosoft.com/b2c_1_ep/v2.0",
redirectContext.ProtocolMessage.IssuerAddress);
Assert.False(authenticationProperties.Items.ContainsKey(AzureADB2CDefaults.PolicyKey));
}
