//public static ClientValidator CreateClientValidator( // IClientStore clients = null, // IClientSecretValidator secretValidator = null) //{ // if (clients == null) // { // clients = new InMemoryClientStore(ClientValidationTestClients.Get()); // } // if (secretValidator == null) // { // secretValidator = new HashedClientSecretValidator(); // } // var owin = new OwinEnvironmentService(new OwinContext()); // return new ClientValidator(clients, secretValidator, owin); //} public static TokenRequestValidator CreateTokenRequestValidator( IdentityServerOptions options = null, IScopeStore scopes = null, IAuthorizationCodeStore authorizationCodeStore = null, IRefreshTokenStore refreshTokens = null, IUserService userService = null, IEnumerable<ICustomGrantValidator> customGrantValidators = null, ICustomRequestValidator customRequestValidator = null, ScopeValidator scopeValidator = null) { if (options == null) { options = TestIdentityServerOptions.Create(); } if (scopes == null) { scopes = new InMemoryScopeStore(TestScopes.Get()); } if (userService == null) { userService = new TestUserService(); } if (customRequestValidator == null) { customRequestValidator = new DefaultCustomRequestValidator(); } CustomGrantValidator aggregateCustomValidator; if (customGrantValidators == null) { aggregateCustomValidator = new CustomGrantValidator(new [] { new TestGrantValidator() }); } else { aggregateCustomValidator = new CustomGrantValidator(customGrantValidators); } if (refreshTokens == null) { refreshTokens = new InMemoryRefreshTokenStore(); } if (scopeValidator == null) { scopeValidator = new ScopeValidator(scopes); } return new TokenRequestValidator( options, authorizationCodeStore, refreshTokens, userService, aggregateCustomValidator, customRequestValidator, scopeValidator, new DefaultEventService()); }
private async Task <bool> ValidateRequestedScopesAsync(NameValueCollection parameters) { var scopes = parameters.Get(Constants.TokenRequest.Scope); if (scopes.IsMissingOrTooLong(_options.InputLengthRestrictions.Scope)) { Logger.Warn("Scopes missing or too long"); return(false); } var requestedScopes = ScopeValidator.ParseScopesString(scopes); if (requestedScopes == null) { return(false); } if (!_scopeValidator.AreScopesAllowed(_validatedRequest.Client, requestedScopes)) { return(false); } if (!await _scopeValidator.AreScopesValidAsync(requestedScopes)) { return(false); } _validatedRequest.Scopes = requestedScopes; _validatedRequest.ValidatedScopes = _scopeValidator; return(true); }
public AuthorizeRequestValidator(IdentityServerOptions options, IClientStore clients, ICustomRequestValidator customValidator, IRedirectUriValidator uriValidator, ScopeValidator scopeValidator, SessionCookie sessionCookie) { _options = options; _clients = clients; _customValidator = customValidator; _uriValidator = uriValidator; _scopeValidator = scopeValidator; _sessionCookie = sessionCookie; }
public TokenRequestValidator(IdentityServerOptions options, IAuthorizationCodeStore authorizationCodes, IRefreshTokenStore refreshTokens, IUserService users, CustomGrantValidator customGrantValidator, ICustomRequestValidator customRequestValidator, ScopeValidator scopeValidator, IEventService events) { _options = options; _authorizationCodes = authorizationCodes; _refreshTokens = refreshTokens; _users = users; _customGrantValidator = customGrantValidator; _customRequestValidator = customRequestValidator; _scopeValidator = scopeValidator; _events = events; }
public TokenRequestValidator(IdentityServerOptions options, IAuthorizationCodeStore authorizationCodes, IRefreshTokenStore refreshTokens, IUserService users, CustomGrantValidator customGrantValidator, ICustomRequestValidator customRequestValidator, ScopeValidator scopeValidator, IEventService events) : this(options, authorizationCodes, refreshTokens, (IBasicUserService)users, customGrantValidator, customRequestValidator, scopeValidator, events) { }
public static AuthorizeRequestValidator CreateAuthorizeRequestValidator( IdentityServerOptions options = null, IScopeStore scopes = null, IClientStore clients = null, IUserService users = null, ICustomRequestValidator customValidator = null, IRedirectUriValidator uriValidator = null, ScopeValidator scopeValidator = null, IDictionary<string, object> environment = null) { if (options == null) { options = TestIdentityServerOptions.Create(); } if (scopes == null) { scopes = new InMemoryScopeStore(TestScopes.Get()); } if (clients == null) { clients = new InMemoryClientStore(TestClients.Get()); } if (customValidator == null) { customValidator = new DefaultCustomRequestValidator(); } if (uriValidator == null) { uriValidator = new DefaultRedirectUriValidator(); } if (scopeValidator == null) { scopeValidator = new ScopeValidator(scopes); } var mockSessionCookie = new Mock<SessionCookie>((IOwinContext)null, (IdentityServerOptions)null); mockSessionCookie.CallBase = false; mockSessionCookie.Setup(x => x.GetSessionId()).Returns((string)null); return new AuthorizeRequestValidator(options, clients, customValidator, uriValidator, scopeValidator, mockSessionCookie.Object); }
public async Task Contains_Identity_Scopes_Only() { var scopes = ScopeValidator.ParseScopesString("openid email"); var validator = new ScopeValidator(_store); var result = await validator.AreScopesValidAsync(scopes); result.Should().BeTrue(); validator.ContainsOpenIdScopes.Should().BeTrue(); validator.ContainsResourceScopes.Should().BeFalse(); }
public void Restricted_Scopes() { var scopes = ScopeValidator.ParseScopesString("openid email resource1 resource2"); var validator = new ScopeValidator(_store); var result = validator.AreScopesAllowed(_restrictedClient, scopes); result.Should().BeFalse(); }
public void All_Scopes_Allowed_For_Restricted_Client() { var scopes = ScopeValidator.ParseScopesString("openid resource1"); var validator = new ScopeValidator(_store); var result = validator.AreScopesAllowed(_restrictedClient, scopes); result.Should().BeTrue(); }
public async Task Disabled_Scope() { var scopes = ScopeValidator.ParseScopesString("openid email resource1 resource2 disabled"); var validator = new ScopeValidator(_store); var result = await validator.AreScopesValidAsync(scopes); result.Should().BeFalse(); }
public async Task All_Scopes_Valid() { var scopes = ScopeValidator.ParseScopesString("openid email resource1 resource2"); var validator = new ScopeValidator(_store); var result = await validator.AreScopesValidAsync(scopes); result.Should().BeTrue(); }