public async Task user_endpoint_when_sliding_flag_is_passed_cookie_should_not_slide()
{
await BffHost.BffLoginAsync("alice");
var sessions = await _sessionStore.GetUserSessionsAsync(new UserSessionsFilter { SubjectId = "alice" });
sessions.Count().Should().Be(1);
var session = sessions.Single();
var ticketStore = BffHost.Resolve <IServerTicketStore>();
var firstTicket = await ticketStore.RetrieveAsync(session.Key);
firstTicket.Should().NotBeNull();
_clock.UtcNow = _clock.UtcNow.AddMinutes(8);
(await BffHost.GetIsUserLoggedInAsync("slide=false")).Should().BeTrue();
var secondTicket = await ticketStore.RetrieveAsync(session.Key);
secondTicket.Should().NotBeNull();
(secondTicket.Properties.IssuedUtc == firstTicket.Properties.IssuedUtc).Should().BeTrue();
(secondTicket.Properties.ExpiresUtc == firstTicket.Properties.ExpiresUtc).Should().BeTrue();
}
public async Task backchannel_logout_endpoint_should_signout()
{
await BffHost.BffLoginAsync("alice", "sid123");
await IdentityServerHost.RevokeSessionCookieAsync();
(await BffHost.GetIsUserLoggedInAsync()).Should().BeFalse();
}
public async Task logout_endpoint_should_signout()
{
await BffHost.BffLoginAsync("alice", "sid123");
await BffHost.BffLogoutAsync("sid123");
(await BffHost.GetIsUserLoggedInAsync()).Should().BeFalse();
}
public async Task logout_endpoint_should_redirect_to_external_signout_and_return_to_root()
{
await BffHost.BffLoginAsync("alice", "sid123");
await BffHost.BffLogoutAsync("sid123");
BffHost.BrowserClient.CurrentUri.ToString().ToLowerInvariant().Should().Be(BffHost.Url("/"));
(await BffHost.GetIsUserLoggedInAsync()).Should().BeFalse();
}
public async Task user_endpoint_when_uservalidate_renews_and_sliding_flag_is_passed_cookie_should_not_slide()
{
var shouldRenew = false;
#if NET6_0_OR_GREATER
BffHost.OnConfigureServices += services =>
{
services.Configure <CookieAuthenticationOptions>("cookie", options =>
{
options.Events.OnCheckSlidingExpiration = ctx =>
{
ctx.ShouldRenew = shouldRenew;
return(Task.CompletedTask);
};
});
};
#else
BffHost.OnConfigureServices += services =>
{
services.Configure <CookieAuthenticationOptions>("cookie", options =>
{
options.Events.OnValidatePrincipal = ctx =>
{
ctx.ShouldRenew = shouldRenew;
return(Task.CompletedTask);
};
});
};
#endif
await BffHost.InitializeAsync();
await BffHost.BffLoginAsync("alice");
var sessions = await _sessionStore.GetUserSessionsAsync(new UserSessionsFilter { SubjectId = "alice" });
sessions.Count().Should().Be(1);
var session = sessions.Single();
var ticketStore = BffHost.Resolve <IServerTicketStore>();
var firstTicket = await ticketStore.RetrieveAsync(session.Key);
firstTicket.Should().NotBeNull();
shouldRenew = true;
_clock.UtcNow = _clock.UtcNow.AddSeconds(1);
(await BffHost.GetIsUserLoggedInAsync("slide=false")).Should().BeTrue();
var secondTicket = await ticketStore.RetrieveAsync(session.Key);
secondTicket.Should().NotBeNull();
(secondTicket.Properties.IssuedUtc == firstTicket.Properties.IssuedUtc).Should().BeTrue();
(secondTicket.Properties.ExpiresUtc == firstTicket.Properties.ExpiresUtc).Should().BeTrue();
}
public async Task backchannel_logout_endpoint_for_incorrect_sid_should_not_logout_user()
{
await BffHost.BffLoginAsync("alice", "sid123");
await IdentityServerHost.CreateIdentityServerSessionCookieAsync("alice", "sid999");
await IdentityServerHost.RevokeSessionCookieAsync();
(await BffHost.GetIsUserLoggedInAsync()).Should().BeTrue();
}
public async Task logout_endpoint_for_authenticated_should_require_sid()
{
await BffHost.BffLoginAsync("alice", "sid123");
Func <Task> f = () => BffHost.BffLogoutAsync();
f.Should().Throw <Exception>();
(await BffHost.GetIsUserLoggedInAsync()).Should().BeTrue();
}