public async Task ValidateClientCredentialsAsync_DelegatesToApplicationManager() { // Arrange var options = new IdentityServiceOptions(); var store = new Mock <IApplicationStore <IdentityServiceApplication> >(); store.Setup(s => s.FindByClientIdAsync(It.IsAny <string>(), It.IsAny <CancellationToken>())) .ReturnsAsync(new IdentityServiceApplication()); store.As <IApplicationClientSecretStore <IdentityServiceApplication> >() .Setup(s => s.HasClientSecretAsync(It.IsAny <IdentityServiceApplication>(), It.IsAny <CancellationToken>())) .ReturnsAsync(false); var manager = new ApplicationManager <IdentityServiceApplication>( Options.Create(new ApplicationOptions()), store.Object, Mock.Of <IPasswordHasher <IdentityServiceApplication> >(), Array.Empty <IApplicationValidator <IdentityServiceApplication> >(), Mock.Of <ILogger <ApplicationManager <IdentityServiceApplication> > >(), new ApplicationErrorDescriber()); var clientValidator = new ClientApplicationValidator <IdentityServiceApplication>( Options.Create(options), GetSessionManager(), manager, new ProtocolErrorProvider()); // Act var validation = await clientValidator.ValidateClientCredentialsAsync("clientId", null); // Assert Assert.True(validation); }
private static IOptionsSnapshot <IdentityServiceOptions> CreateOptions() { var identityServiceOptions = new IdentityServiceOptions(); var optionsSetup = new IdentityServiceOptionsDefaultSetup(); optionsSetup.Configure(identityServiceOptions); SigningCredentials signingCredentials = new SigningCredentials(CryptoUtilities.CreateTestKey(), "RS256"); identityServiceOptions.SigningKeys.Add(signingCredentials); identityServiceOptions.Issuer = "http://server.example.com"; identityServiceOptions.IdTokenOptions.UserClaims.AddSingle( IdentityServiceClaimTypes.Subject, ClaimTypes.NameIdentifier); identityServiceOptions.RefreshTokenOptions.UserClaims.AddSingle( IdentityServiceClaimTypes.Subject, ClaimTypes.NameIdentifier); var mock = new Mock <IOptionsSnapshot <IdentityServiceOptions> >(); mock.Setup(m => m.Value).Returns(identityServiceOptions); mock.Setup(m => m.Get(It.IsAny <string>())).Returns(identityServiceOptions); return(mock.Object); }
public async Task ValidateClientIdAsync_ChecksThatTheClientIdExist(bool exists) { // Arrange var options = new IdentityServiceOptions(); var store = new Mock <IApplicationStore <IdentityServiceApplication> >(); store.Setup(s => s.FindByClientIdAsync(It.IsAny <string>(), It.IsAny <CancellationToken>())) .ReturnsAsync(exists ? new IdentityServiceApplication() : null); var manager = new ApplicationManager <IdentityServiceApplication>( Options.Create(new ApplicationOptions()), store.Object, Mock.Of <IPasswordHasher <IdentityServiceApplication> >(), Array.Empty <IApplicationValidator <IdentityServiceApplication> >(), Mock.Of <ILogger <ApplicationManager <IdentityServiceApplication> > >(), new ApplicationErrorDescriber()); var clientValidator = new ClientApplicationValidator <IdentityServiceApplication>( Options.Create(options), GetSessionManager(), manager, new ProtocolErrorProvider()); // Act var validation = await clientValidator.ValidateClientIdAsync("clientId"); // Assert Assert.Equal(exists, validation); }
public JwtIdTokenIssuer( ITokenClaimsManager claimsManager, ISigningCredentialsPolicyProvider credentialsProvider, JwtSecurityTokenHandler handler, IOptions <IdentityServiceOptions> options) { _claimsManager = claimsManager; _credentialsProvider = credentialsProvider; _handler = handler; _options = options.Value; }
private IOptions <IdentityServiceOptions> GetOptions() { var IdentityServiceOptions = new IdentityServiceOptions(); var optionsSetup = new IdentityServiceOptionsDefaultSetup(); optionsSetup.Configure(IdentityServiceOptions); var mock = new Mock <IOptions <IdentityServiceOptions> >(); mock.Setup(m => m.Value).Returns(IdentityServiceOptions); return(mock.Object); }
private IOptions <IdentityServiceOptions> GetOptions() { var IdentityServiceOptions = new IdentityServiceOptions() { Issuer = "http://www.example.com/issuer" }; IdentityServiceOptions.SigningKeys.Add(new SigningCredentials(CryptoUtilities.CreateTestKey(), "RS256")); var optionsSetup = new IdentityServiceOptionsDefaultSetup(); optionsSetup.Configure(IdentityServiceOptions); var mock = new Mock <IOptions <IdentityServiceOptions> >(); mock.Setup(m => m.Value).Returns(IdentityServiceOptions); return(mock.Object); }
private IOptions <IdentityServiceOptions> GetOptions() { var identityServiceOptions = new IdentityServiceOptions() { Issuer = "http://www.example.com/issuer" }; var optionsSetup = new IdentityServiceOptionsDefaultSetup(); optionsSetup.Configure(identityServiceOptions); identityServiceOptions.SigningKeys.Add(new SigningCredentials(CryptoUtilities.CreateTestKey(), "RS256")); identityServiceOptions.IdTokenOptions.UserClaims.AddSingle("sub", ClaimTypes.NameIdentifier); var mock = new Mock <IOptions <IdentityServiceOptions> >(); mock.Setup(m => m.Value).Returns(identityServiceOptions); return(mock.Object); }
public async Task GetCredentialsAsync_ReadsCredentialsFromOptions() { // Arrange var reference = new DateTimeOffset(2000, 01, 01, 00, 00, 00, TimeSpan.Zero); var identityServiceOptions = new IdentityServiceOptions(); identityServiceOptions.SigningKeys.Add(new SigningCredentials(CryptoUtilities.CreateTestKey("RSAKey"), "RS256")); identityServiceOptions.SigningKeys.Add(new SigningCredentials(new X509SecurityKey(GetCertificate(reference)), "RS256")); var mock = new Mock <IOptionsSnapshot <IdentityServiceOptions> >(); mock.Setup(m => m.Value).Returns(identityServiceOptions); mock.Setup(m => m.Get(It.IsAny <string>())).Returns(identityServiceOptions); var source = new DefaultSigningCredentialsSource(mock.Object, new TestTimeStampManager(reference)); // Act var credentials = (await source.GetCredentials()).ToList(); // Assert Assert.Equal(2, credentials.Count); var rsaDescriptor = Assert.Single(credentials, c => c.Id == "RSAKey"); Assert.Equal("RSA", rsaDescriptor.Algorithm); Assert.Equal(reference, rsaDescriptor.NotBefore); Assert.Equal(reference.AddDays(1), rsaDescriptor.Expires); Assert.Equal(identityServiceOptions.SigningKeys[0], rsaDescriptor.Credentials); Assert.True(rsaDescriptor.Metadata.ContainsKey("n")); Assert.True(rsaDescriptor.Metadata.ContainsKey("e")); var certificateDescriptor = Assert.Single(credentials, c => c.Id != "RSAKey"); Assert.Equal("RSA", certificateDescriptor.Algorithm); Assert.Equal(reference, certificateDescriptor.NotBefore); Assert.Equal(reference.AddHours(1), certificateDescriptor.Expires); Assert.Equal(identityServiceOptions.SigningKeys[1], certificateDescriptor.Credentials); Assert.True(certificateDescriptor.Metadata.ContainsKey("n")); Assert.True(certificateDescriptor.Metadata.ContainsKey("e")); }