示例#1
0
        public async Task OnGeneratingClaims_DoesNothing_IfChallengeNotPresent()
        {
            // Arrange
            var context = new TokenGeneratingContext(
                new ClaimsPrincipal(),
                new ClaimsPrincipal(),
                new OpenIdConnectMessage(new Dictionary <string, string[]>
            {
                [ProofOfKeyForCodeExchangeParameterNames.CodeChallengeMethod] = new[] { "S256" },
            }),
                new RequestGrants());

            context.InitializeForToken(TokenTypes.AuthorizationCode);

            var provider = new ProofOfKeyForCodeExchangeTokenClaimsProvider();

            // Act
            await provider.OnGeneratingClaims(context);

            // Assert
            Assert.Empty(context.CurrentClaims);
        }
示例#2
0
        public async Task OnGeneratingClaims_AddsCodeChallengeAndChallengeMethod_ToTheAuthorizationCode()
        {
            // Arrange
            var context = new TokenGeneratingContext(
                new ClaimsPrincipal(),
                new ClaimsPrincipal(),
                new OpenIdConnectMessage(new Dictionary <string, string[]>
            {
                [ProofOfKeyForCodeExchangeParameterNames.CodeChallenge]       = new[] { "challenge" },
                [ProofOfKeyForCodeExchangeParameterNames.CodeChallengeMethod] = new[] { "S256" },
            }),
                new RequestGrants());

            context.InitializeForToken(TokenTypes.AuthorizationCode);

            var provider = new ProofOfKeyForCodeExchangeTokenClaimsProvider();

            // Act
            await provider.OnGeneratingClaims(context);

            // Assert
            Assert.Contains(context.CurrentClaims, c => c.Type == IdentityServiceClaimTypes.CodeChallenge && c.Value == "challenge");
            Assert.Contains(context.CurrentClaims, c => c.Type == IdentityServiceClaimTypes.CodeChallengeMethod && c.Value == "S256");
        }