public void OriginalCallbackUri_Not_Changed() { // arrange #pragma warning disable CS0618 // Type or member is obsolete var options = new OpenIDConnectOptions(); #pragma warning restore CS0618 // Type or member is obsolete var requestContext = OwinTestHelpers.CreateRequest("GET", string.Empty); // act var redirectUri = UriUtility.CalculateFullRedirectUri(options, requestContext.Request); // assert Assert.StartsWith(options.AuthDomain, redirectUri); Assert.Contains("response_type=code", redirectUri); Assert.Contains("scope=openid", redirectUri); Assert.EndsWith("redirect_uri=" + WebUtility.UrlEncode("http://localhost/signin-oidc"), redirectUri); }
public void Configure_ObsoleteVersion_NoServiceInfo_ReturnsDefaults() { // arrange #pragma warning disable CS0618 // Type or member is obsolete var opts = new OpenIDConnectOptions(); #pragma warning restore CS0618 // Type or member is obsolete string authURL = "http://" + CloudFoundryDefaults.OAuthServiceUrl; // act OpenIdConnectConfigurer.Configure(null, opts); // assert Assert.Equal("PivotalSSO", opts.AuthenticationType); Assert.Equal(CloudFoundryDefaults.ClientId, opts.ClientId); Assert.Equal(CloudFoundryDefaults.ClientSecret, opts.ClientSecret); Assert.Equal(new PathString("/signin-oidc"), opts.CallbackPath); Assert.Equal(authURL + CloudFoundryDefaults.CheckTokenUri, opts.TokenInfoUrl); Assert.True(opts.ValidateCertificates); }
public void ConfigureServices(IServiceCollection services) { // Configuring the database connection services.AddDbContext <Context>(options => { options.UseMySql(this._Config.GetConnectionString("Database")); }); // Configuring the authentication var oidcOpt = new OpenIDConnectOptions(); this._Config.GetSection("OIDC") .Bind(oidcOpt); services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme) .AddJwtBearer(JwtBearerDefaults.AuthenticationScheme, opt => { opt.TokenValidationParameters = new TokenValidationParameters { ClockSkew = TimeSpan.FromMinutes(5), RequireSignedTokens = true, RequireExpirationTime = true, ValidateLifetime = true, ValidateAudience = true, ValidateIssuer = true }; if (oidcOpt.ValidAudiences != null) { opt.TokenValidationParameters.ValidAudiences = oidcOpt.ValidAudiences; } if (oidcOpt.ValidIssuers != null) { opt.TokenValidationParameters.ValidIssuers = oidcOpt.ValidIssuers; } if (oidcOpt.IssuerSigningKeys != null) { opt.TokenValidationParameters.IssuerSigningKeys = oidcOpt.IssuerSigningKeys.Select( k => new JsonWebKey(k)); } if (oidcOpt.Configuration != null) { opt.ConfigurationManager = new ConfigurationManager <OpenIdConnectConfiguration>( oidcOpt.Configuration, new OpenIdConnectConfigurationRetriever()); } }); // Configuring the endpoint controllers services.AddControllers(opt => { // Any request to any controller shall require an authenticated // user. (The AllowAnonymousAttribute may override this.) var policy = new AuthorizationPolicyBuilder() .RequireAuthenticatedUser() .Build(); opt.Filters.Add(new AuthorizeFilter(policy)); }) .AddJsonOptions(opt => { opt.JsonSerializerOptions.Converters.Add( new JsonStringEnumConverter()); }); }