From 3c277090def1e4b8efef95371c00862801d98108 Mon Sep 17 00:00:00 2001 From: Hao Kung Date: Thu, 25 Sep 2014 14:57:50 -0700 Subject: [PATCH] Use ApplicationCookie options in more places - Remove ClaimsIdentity.AuthenticationType now that ApplicationCookie.AuthenticationType is available - Also set Expires on a cookies that need them --- .../ClaimsIdentityFactory.cs | 28 ++++--- .../ClaimsIdentityOptions.cs | 2 - .../IClaimsIdentityFactory.cs | 3 +- .../IdentityOptions.cs | 13 +++- .../SignInManager.cs | 11 +-- .../ClaimsIdentityFactoryTest.cs | 23 +++--- .../IdentityOptionsTest.cs | 3 - .../SignInManagerTest.cs | 36 +++++---- test/Shared/UserManagerTestBase.cs | 73 ------------------- 9 files changed, 66 insertions(+), 126 deletions(-) diff --git a/src/Microsoft.AspNet.Identity/ClaimsIdentityFactory.cs b/src/Microsoft.AspNet.Identity/ClaimsIdentityFactory.cs index a76c130aa2..a458b464b8 100644 --- a/src/Microsoft.AspNet.Identity/ClaimsIdentityFactory.cs +++ b/src/Microsoft.AspNet.Identity/ClaimsIdentityFactory.cs @@ -1,6 +1,7 @@ // Copyright (c) Microsoft Open Technologies, Inc. All rights reserved. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. +using Microsoft.Framework.OptionsModel; using System; using System.Security.Claims; using System.Threading; @@ -16,7 +17,8 @@ namespace Microsoft.AspNet.Identity where TUser : class where TRole : class { - public ClaimsIdentityFactory(UserManager userManager, RoleManager roleManager) + public ClaimsIdentityFactory(UserManager userManager, RoleManager roleManager, + IOptionsAccessor optionsAccessor) { if (userManager == null) { @@ -26,12 +28,18 @@ namespace Microsoft.AspNet.Identity { throw new ArgumentNullException("roleManager"); } + if (optionsAccessor == null || optionsAccessor.Options == null) + { + throw new ArgumentNullException(nameof(optionsAccessor)); + } UserManager = userManager; RoleManager = roleManager; + Options = optionsAccessor.Options; } public UserManager UserManager { get; private set; } public RoleManager RoleManager { get; private set; } + public IdentityOptions Options { get; private set; } /// /// CreateAsync a ClaimsIdentity from a user @@ -41,26 +49,22 @@ namespace Microsoft.AspNet.Identity /// /// /// - public virtual async Task CreateAsync(TUser user, ClaimsIdentityOptions options, + public virtual async Task CreateAsync(TUser user, CancellationToken cancellationToken = default(CancellationToken)) { if (user == null) { throw new ArgumentNullException("user"); } - if (options == null) - { - throw new ArgumentNullException("options"); - } var userId = await UserManager.GetUserIdAsync(user, cancellationToken); var userName = await UserManager.GetUserNameAsync(user, cancellationToken); - var id = new ClaimsIdentity(options.AuthenticationType, options.UserNameClaimType, - options.RoleClaimType); - id.AddClaim(new Claim(options.UserIdClaimType, userId)); - id.AddClaim(new Claim(options.UserNameClaimType, userName, ClaimValueTypes.String)); + var id = new ClaimsIdentity(Options.ApplicationCookie.AuthenticationType, Options.ClaimsIdentity.UserNameClaimType, + Options.ClaimsIdentity.RoleClaimType); + id.AddClaim(new Claim(Options.ClaimsIdentity.UserIdClaimType, userId)); + id.AddClaim(new Claim(Options.ClaimsIdentity.UserNameClaimType, userName, ClaimValueTypes.String)); if (UserManager.SupportsUserSecurityStamp) { - id.AddClaim(new Claim(options.SecurityStampClaimType, + id.AddClaim(new Claim(Options.ClaimsIdentity.SecurityStampClaimType, await UserManager.GetSecurityStampAsync(user, cancellationToken))); } if (UserManager.SupportsUserRole) @@ -68,7 +72,7 @@ namespace Microsoft.AspNet.Identity var roles = await UserManager.GetRolesAsync(user, cancellationToken); foreach (var roleName in roles) { - id.AddClaim(new Claim(options.RoleClaimType, roleName, ClaimValueTypes.String)); + id.AddClaim(new Claim(Options.ClaimsIdentity.RoleClaimType, roleName, ClaimValueTypes.String)); if (RoleManager.SupportsRoleClaims) { var role = await RoleManager.FindByNameAsync(roleName); diff --git a/src/Microsoft.AspNet.Identity/ClaimsIdentityOptions.cs b/src/Microsoft.AspNet.Identity/ClaimsIdentityOptions.cs index 165faf5eac..dce5fb4240 100644 --- a/src/Microsoft.AspNet.Identity/ClaimsIdentityOptions.cs +++ b/src/Microsoft.AspNet.Identity/ClaimsIdentityOptions.cs @@ -13,8 +13,6 @@ namespace Microsoft.AspNet.Identity public static readonly string DefaultTwoFactorRememberMeAuthenticationType = typeof(ClaimsIdentityOptions).Namespace + ".TwoFactorRememberMe"; public static readonly string DefaultTwoFactorUserIdAuthenticationType = typeof(ClaimsIdentityOptions).Namespace + ".TwoFactorUserId"; - public string AuthenticationType { get; set; } = DefaultAuthenticationType; - /// /// Claim type used for role claims /// diff --git a/src/Microsoft.AspNet.Identity/IClaimsIdentityFactory.cs b/src/Microsoft.AspNet.Identity/IClaimsIdentityFactory.cs index 9be8991d47..a59826a713 100644 --- a/src/Microsoft.AspNet.Identity/IClaimsIdentityFactory.cs +++ b/src/Microsoft.AspNet.Identity/IClaimsIdentityFactory.cs @@ -21,7 +21,6 @@ namespace Microsoft.AspNet.Identity /// /// /// - Task CreateAsync(TUser user, ClaimsIdentityOptions options, - CancellationToken cancellationToken = default(CancellationToken)); + Task CreateAsync(TUser user, CancellationToken cancellationToken = default(CancellationToken)); } } \ No newline at end of file diff --git a/src/Microsoft.AspNet.Identity/IdentityOptions.cs b/src/Microsoft.AspNet.Identity/IdentityOptions.cs index 86517657c6..c5cbc525f6 100644 --- a/src/Microsoft.AspNet.Identity/IdentityOptions.cs +++ b/src/Microsoft.AspNet.Identity/IdentityOptions.cs @@ -37,6 +37,7 @@ namespace Microsoft.AspNet.Identity public CookieAuthenticationOptions ApplicationCookie { get; set; } = new CookieAuthenticationOptions { AuthenticationType = ClaimsIdentityOptions.DefaultAuthenticationType, + //CookieName = ".AspNet.Identity." + ClaimsIdentityOptions.DefaultAuthenticationType, LoginPath = new PathString("/Account/Login"), Notifications = new CookieAuthenticationNotifications { @@ -51,20 +52,24 @@ namespace Microsoft.AspNet.Identity public CookieAuthenticationOptions ExternalCookie { get; set; } = new CookieAuthenticationOptions { AuthenticationType = ClaimsIdentityOptions.DefaultExternalLoginAuthenticationType, - AuthenticationMode = AuthenticationMode.Passive + AuthenticationMode = AuthenticationMode.Passive, + CookieName = ClaimsIdentityOptions.DefaultExternalLoginAuthenticationType, + ExpireTimeSpan = TimeSpan.FromMinutes(5), }; public CookieAuthenticationOptions TwoFactorRememberMeCookie { get; set; } = new CookieAuthenticationOptions { AuthenticationType = ClaimsIdentityOptions.DefaultTwoFactorRememberMeAuthenticationType, - AuthenticationMode = AuthenticationMode.Passive + AuthenticationMode = AuthenticationMode.Passive, + CookieName = ClaimsIdentityOptions.DefaultTwoFactorRememberMeAuthenticationType }; public CookieAuthenticationOptions TwoFactorUserIdCookie { get; set; } = new CookieAuthenticationOptions { AuthenticationType = ClaimsIdentityOptions.DefaultTwoFactorUserIdAuthenticationType, - AuthenticationMode = AuthenticationMode.Passive - + AuthenticationMode = AuthenticationMode.Passive, + CookieName = ClaimsIdentityOptions.DefaultTwoFactorUserIdAuthenticationType, + ExpireTimeSpan = TimeSpan.FromMinutes(5), }; } } \ No newline at end of file diff --git a/src/Microsoft.AspNet.Identity/SignInManager.cs b/src/Microsoft.AspNet.Identity/SignInManager.cs index 576f357eae..5aa7521ab2 100644 --- a/src/Microsoft.AspNet.Identity/SignInManager.cs +++ b/src/Microsoft.AspNet.Identity/SignInManager.cs @@ -53,7 +53,7 @@ namespace Microsoft.AspNet.Identity public virtual async Task CreateUserIdentityAsync(TUser user, CancellationToken cancellationToken = default(CancellationToken)) { - return await ClaimsFactory.CreateAsync(user, Options.ClaimsIdentity); + return await ClaimsFactory.CreateAsync(user); } //public virtual async Task CanSignInAsync(TUser user, @@ -74,6 +74,8 @@ namespace Microsoft.AspNet.Identity CancellationToken cancellationToken = default(CancellationToken)) { var userIdentity = await CreateUserIdentityAsync(user); + // Always clear any external login cookies when signing in for real + Context.Response.SignOut(Options.ExternalCookie.AuthenticationType); if (authenticationMethod != null) { userIdentity.AddClaim(new Claim(ClaimTypes.AuthenticationMethod, authenticationMethod)); @@ -84,8 +86,7 @@ namespace Microsoft.AspNet.Identity // TODO: Should this be async? public virtual void SignOut() { - // REVIEW: need a new home for this option config? - Context.Response.SignOut(Options.ClaimsIdentity.AuthenticationType); + Context.Response.SignOut(Options.ApplicationCookie.AuthenticationType); } private async Task IsLockedOut(TUser user, CancellationToken token) @@ -184,7 +185,7 @@ namespace Microsoft.AspNet.Identity { var userId = await UserManager.GetUserIdAsync(user, cancellationToken); var result = - await Context.AuthenticateAsync(ClaimsIdentityOptions.DefaultTwoFactorRememberMeAuthenticationType); + await Context.AuthenticateAsync(Options.TwoFactorRememberMeCookie.AuthenticationType); return (result != null && result.Identity != null && result.Identity.Name == userId); } @@ -199,7 +200,7 @@ namespace Microsoft.AspNet.Identity public virtual Task ForgetTwoFactorClientAsync() { - Context.Response.SignOut(ClaimsIdentityOptions.DefaultTwoFactorRememberMeAuthenticationType); + Context.Response.SignOut(Options.TwoFactorRememberMeCookie.AuthenticationType); return Task.FromResult(0); } diff --git a/test/Microsoft.AspNet.Identity.Test/ClaimsIdentityFactoryTest.cs b/test/Microsoft.AspNet.Identity.Test/ClaimsIdentityFactoryTest.cs index 2a873390bd..aa2c333e38 100644 --- a/test/Microsoft.AspNet.Identity.Test/ClaimsIdentityFactoryTest.cs +++ b/test/Microsoft.AspNet.Identity.Test/ClaimsIdentityFactoryTest.cs @@ -8,6 +8,7 @@ using System.Threading; using System.Threading.Tasks; using Moq; using Xunit; +using Microsoft.Framework.OptionsModel; namespace Microsoft.AspNet.Identity.Test { @@ -18,15 +19,16 @@ namespace Microsoft.AspNet.Identity.Test { var userManager = MockHelpers.MockUserManager().Object; var roleManager = MockHelpers.MockRoleManager().Object; - var factory = new ClaimsIdentityFactory(userManager, roleManager); + var options = new Mock>(); + Assert.Throws("optionsAccessor", + () => new ClaimsIdentityFactory(userManager, roleManager, options.Object)); + var identityOptions = new IdentityOptions(); + options.Setup(a => a.Options).Returns(identityOptions); + var factory = new ClaimsIdentityFactory(userManager, roleManager, options.Object); await Assert.ThrowsAsync("user", - async () => await factory.CreateAsync(null, new ClaimsIdentityOptions())); - await Assert.ThrowsAsync("options", - async () => await factory.CreateAsync(new TestUser(), null)); + async () => await factory.CreateAsync(null)); } -#if ASPNET50 - //TODO: Mock fails in K (this works fine in net45) [Theory] [InlineData(false, false, false)] [InlineData(false, true, false)] @@ -69,15 +71,19 @@ namespace Microsoft.AspNet.Identity.Test roleManager.Setup(m => m.GetClaimsAsync(local, CancellationToken.None)).ReturnsAsync(localClaims); } - var factory = new ClaimsIdentityFactory(userManager.Object, roleManager.Object); + var options = new Mock>(); + var identityOptions = new IdentityOptions(); + options.Setup(a => a.Options).Returns(identityOptions); + var factory = new ClaimsIdentityFactory(userManager.Object, roleManager.Object, options.Object); // Act - var identity = await factory.CreateAsync(user, new ClaimsIdentityOptions()); + var identity = await factory.CreateAsync(user); // Assert var manager = userManager.Object; Assert.NotNull(identity); Assert.Equal(ClaimsIdentityOptions.DefaultAuthenticationType, identity.AuthenticationType); + Assert.Equal(identityOptions.ApplicationCookie.AuthenticationType, identity.AuthenticationType); var claims = identity.Claims.ToList(); Assert.NotNull(claims); Assert.True( @@ -100,6 +106,5 @@ namespace Microsoft.AspNet.Identity.Test userManager.VerifyAll(); roleManager.VerifyAll(); } -#endif } } diff --git a/test/Microsoft.AspNet.Identity.Test/IdentityOptionsTest.cs b/test/Microsoft.AspNet.Identity.Test/IdentityOptionsTest.cs index 3c6b9d66b2..2b7fb5030f 100644 --- a/test/Microsoft.AspNet.Identity.Test/IdentityOptionsTest.cs +++ b/test/Microsoft.AspNet.Identity.Test/IdentityOptionsTest.cs @@ -45,11 +45,9 @@ namespace Microsoft.AspNet.Identity.Test const string usernameClaimType = "namez"; const string useridClaimType = "idz"; const string securityStampClaimType = "stampz"; - const string authType = "auth"; var dic = new Dictionary { - {"identity:claimsidentity:authENTICATIONType", authType}, {"identity:claimsidentity:roleclaimtype", roleClaimType}, {"identity:claimsidentity:usernameclaimtype", usernameClaimType}, {"identity:claimsidentity:useridclaimtype", useridClaimType}, @@ -71,7 +69,6 @@ namespace Microsoft.AspNet.Identity.Test var accessor = services.BuildServiceProvider().GetService>(); Assert.NotNull(accessor); var options = accessor.Options; - Assert.Equal(authType, options.ClaimsIdentity.AuthenticationType); Assert.Equal(roleClaimType, options.ClaimsIdentity.RoleClaimType); Assert.Equal(useridClaimType, options.ClaimsIdentity.UserIdClaimType); Assert.Equal(usernameClaimType, options.ClaimsIdentity.UserNameClaimType); diff --git a/test/Microsoft.AspNet.Identity.Test/SignInManagerTest.cs b/test/Microsoft.AspNet.Identity.Test/SignInManagerTest.cs index d61935f0b3..17275cae00 100644 --- a/test/Microsoft.AspNet.Identity.Test/SignInManagerTest.cs +++ b/test/Microsoft.AspNet.Identity.Test/SignInManagerTest.cs @@ -122,10 +122,10 @@ namespace Microsoft.AspNet.Identity.Test var contextAccessor = new Mock>(); contextAccessor.Setup(a => a.Value).Returns(context.Object); var roleManager = MockHelpers.MockRoleManager(); - var claimsFactory = new Mock>(manager.Object, roleManager.Object); var identityOptions = new IdentityOptions(); var options = new Mock>(); options.Setup(a => a.Options).Returns(identityOptions); + var claimsFactory = new Mock>(manager.Object, roleManager.Object, options.Object); var helper = new SignInManager(manager.Object, contextAccessor.Object, claimsFactory.Object, options.Object); // Act @@ -156,10 +156,10 @@ namespace Microsoft.AspNet.Identity.Test contextAccessor.Setup(a => a.Value).Returns(context.Object); var roleManager = MockHelpers.MockRoleManager(); var identityOptions = new IdentityOptions(); - var claimsFactory = new Mock>(manager.Object, roleManager.Object); - claimsFactory.Setup(m => m.CreateAsync(user, identityOptions.ClaimsIdentity, CancellationToken.None)).ReturnsAsync(new ClaimsIdentity("Microsoft.AspNet.Identity")).Verifiable(); var options = new Mock>(); options.Setup(a => a.Options).Returns(identityOptions); + var claimsFactory = new Mock>(manager.Object, roleManager.Object, options.Object); + claimsFactory.Setup(m => m.CreateAsync(user, CancellationToken.None)).ReturnsAsync(new ClaimsIdentity("Microsoft.AspNet.Identity")).Verifiable(); var helper = new SignInManager(manager.Object, contextAccessor.Object, claimsFactory.Object, options.Object); // Act @@ -191,10 +191,10 @@ namespace Microsoft.AspNet.Identity.Test var contextAccessor = new Mock>(); contextAccessor.Setup(a => a.Value).Returns(context.Object); var roleManager = MockHelpers.MockRoleManager(); - var claimsFactory = new Mock>(manager.Object, roleManager.Object); var identityOptions = new IdentityOptions(); var options = new Mock>(); options.Setup(a => a.Options).Returns(identityOptions); + var claimsFactory = new Mock>(manager.Object, roleManager.Object, options.Object); var helper = new SignInManager(manager.Object, contextAccessor.Object, claimsFactory.Object, options.Object); // Act @@ -239,7 +239,7 @@ namespace Microsoft.AspNet.Identity.Test var identityOptions = new IdentityOptions(); var options = new Mock>(); options.Setup(a => a.Options).Returns(identityOptions); - var helper = new SignInManager(manager.Object, contextAccessor.Object, new ClaimsIdentityFactory(manager.Object, roleManager.Object), options.Object); + var helper = new SignInManager(manager.Object, contextAccessor.Object, new ClaimsIdentityFactory(manager.Object, roleManager.Object, options.Object), options.Object); // Act var result = await helper.PasswordSignInAsync(user.UserName, "password", false, false); @@ -280,10 +280,11 @@ namespace Microsoft.AspNet.Identity.Test contextAccessor.Setup(a => a.Value).Returns(context.Object); var roleManager = MockHelpers.MockRoleManager(); var identityOptions = new IdentityOptions(); - var claimsFactory = new Mock>(manager.Object, roleManager.Object); - claimsFactory.Setup(m => m.CreateAsync(user, identityOptions.ClaimsIdentity, CancellationToken.None)).ReturnsAsync(new ClaimsIdentity("Microsoft.AspNet.Identity")).Verifiable(); + response.Setup(r => r.SignOut(identityOptions.ExternalCookie.AuthenticationType)).Verifiable(); var options = new Mock>(); options.Setup(a => a.Options).Returns(identityOptions); + var claimsFactory = new Mock>(manager.Object, roleManager.Object, options.Object); + claimsFactory.Setup(m => m.CreateAsync(user, CancellationToken.None)).ReturnsAsync(new ClaimsIdentity("Microsoft.AspNet.Identity")).Verifiable(); var helper = new SignInManager(manager.Object, contextAccessor.Object, claimsFactory.Object, options.Object); // Act @@ -340,10 +341,10 @@ namespace Microsoft.AspNet.Identity.Test var id = SignInManager.StoreTwoFactorInfo(user.Id, externalLogin ? loginProvider : null); var authResult = new AuthenticationResult(id, new AuthenticationProperties(), new AuthenticationDescription()); var roleManager = MockHelpers.MockRoleManager(); - var claimsFactory = new ClaimsIdentityFactory(manager.Object, roleManager.Object); var identityOptions = new IdentityOptions(); var options = new Mock>(); options.Setup(a => a.Options).Returns(identityOptions); + var claimsFactory = new ClaimsIdentityFactory(manager.Object, roleManager.Object, options.Object); if (externalLogin) { response.Setup(r => r.SignIn( @@ -364,6 +365,7 @@ namespace Microsoft.AspNet.Identity.Test It.Is(i => i.FindFirstValue(ClaimTypes.Name) == user.Id && i.AuthenticationType == ClaimsIdentityOptions.DefaultTwoFactorRememberMeAuthenticationType))).Verifiable(); } + response.Setup(r => r.SignOut(identityOptions.ExternalCookie.AuthenticationType)).Verifiable(); context.Setup(c => c.Response).Returns(response.Object).Verifiable(); context.Setup(c => c.AuthenticateAsync(ClaimsIdentityOptions.DefaultTwoFactorUserIdAuthenticationType)).ReturnsAsync(authResult).Verifiable(); contextAccessor.Setup(a => a.Value).Returns(context.Object); @@ -390,9 +392,10 @@ namespace Microsoft.AspNet.Identity.Test var response = new Mock(); var contextAccessor = new Mock>(); var roleManager = MockHelpers.MockRoleManager(); - var claimsFactory = new ClaimsIdentityFactory(manager.Object, roleManager.Object); var identityOptions = new IdentityOptions(); var options = new Mock>(); + options.Setup(a => a.Options).Returns(identityOptions); + var claimsFactory = new ClaimsIdentityFactory(manager.Object, roleManager.Object, options.Object); manager.Setup(m => m.GetUserIdAsync(user, CancellationToken.None)).ReturnsAsync(user.Id).Verifiable(); context.Setup(c => c.Response).Returns(response.Object).Verifiable(); @@ -446,10 +449,11 @@ namespace Microsoft.AspNet.Identity.Test contextAccessor.Setup(a => a.Value).Returns(context.Object); var roleManager = MockHelpers.MockRoleManager(); var identityOptions = new IdentityOptions(); - var claimsFactory = new Mock>(manager.Object, roleManager.Object); - claimsFactory.Setup(m => m.CreateAsync(user, identityOptions.ClaimsIdentity, CancellationToken.None)).ReturnsAsync(new ClaimsIdentity(ClaimsIdentityOptions.DefaultAuthenticationType)).Verifiable(); + response.Setup(r => r.SignOut(identityOptions.ExternalCookie.AuthenticationType)).Verifiable(); var options = new Mock>(); options.Setup(a => a.Options).Returns(identityOptions); + var claimsFactory = new Mock>(manager.Object, roleManager.Object, options.Object); + claimsFactory.Setup(m => m.CreateAsync(user, CancellationToken.None)).ReturnsAsync(new ClaimsIdentity(identityOptions.ApplicationCookie.AuthenticationType)).Verifiable(); var helper = new SignInManager(manager.Object, contextAccessor.Object, claimsFactory.Object, options.Object); // Act @@ -478,11 +482,11 @@ namespace Microsoft.AspNet.Identity.Test var contextAccessor = new Mock>(); contextAccessor.Setup(a => a.Value).Returns(context.Object); var roleManager = MockHelpers.MockRoleManager(); - var claimsFactory = new Mock>(manager.Object, roleManager.Object); var identityOptions = new IdentityOptions(); var options = new Mock>(); options.Setup(a => a.Options).Returns(identityOptions); - identityOptions.ClaimsIdentity.AuthenticationType = authenticationType; + identityOptions.ApplicationCookie.AuthenticationType = authenticationType; + var claimsFactory = new Mock>(manager.Object, roleManager.Object, options.Object); var helper = new SignInManager(manager.Object, contextAccessor.Object, claimsFactory.Object, options.Object); // Act @@ -507,10 +511,10 @@ namespace Microsoft.AspNet.Identity.Test var contextAccessor = new Mock>(); contextAccessor.Setup(a => a.Value).Returns(context.Object); var roleManager = MockHelpers.MockRoleManager(); - var claimsFactory = new Mock>(manager.Object, roleManager.Object); var identityOptions = new IdentityOptions(); var options = new Mock>(); options.Setup(a => a.Options).Returns(identityOptions); + var claimsFactory = new Mock>(manager.Object, roleManager.Object, options.Object); var helper = new SignInManager(manager.Object, contextAccessor.Object, claimsFactory.Object, options.Object); // Act var result = await helper.PasswordSignInAsync(user.UserName, "bogus", false, false); @@ -530,10 +534,10 @@ namespace Microsoft.AspNet.Identity.Test var contextAccessor = new Mock>(); contextAccessor.Setup(a => a.Value).Returns(context.Object); var roleManager = MockHelpers.MockRoleManager(); - var claimsFactory = new Mock>(manager.Object, roleManager.Object); var identityOptions = new IdentityOptions(); var options = new Mock>(); options.Setup(a => a.Options).Returns(identityOptions); + var claimsFactory = new Mock>(manager.Object, roleManager.Object, options.Object); var helper = new SignInManager(manager.Object, contextAccessor.Object, claimsFactory.Object, options.Object); // Act @@ -564,10 +568,10 @@ namespace Microsoft.AspNet.Identity.Test var contextAccessor = new Mock>(); contextAccessor.Setup(a => a.Value).Returns(context.Object); var roleManager = MockHelpers.MockRoleManager(); - var claimsFactory = new Mock>(manager.Object, roleManager.Object); var identityOptions = new IdentityOptions(); var options = new Mock>(); options.Setup(a => a.Options).Returns(identityOptions); + var claimsFactory = new Mock>(manager.Object, roleManager.Object, options.Object); var helper = new SignInManager(manager.Object, contextAccessor.Object, claimsFactory.Object, options.Object); // Act diff --git a/test/Shared/UserManagerTestBase.cs b/test/Shared/UserManagerTestBase.cs index 44e34c0eeb..f17e77ba4f 100644 --- a/test/Shared/UserManagerTestBase.cs +++ b/test/Shared/UserManagerTestBase.cs @@ -419,79 +419,6 @@ namespace Microsoft.AspNet.Identity.Test Assert.Null(mgr.Users.FirstOrDefault(u => u.UserName == "bogus")); } - [Fact] - public async Task ClaimsIdentityCreatesExpectedClaims() - { - var context = CreateTestContext(); - var manager = CreateManager(context); - var role = CreateRoleManager(context); - var user = CreateTestUser(); - var admin = CreateRole("Admin"); - var local = CreateRole("local"); - IdentityResultAssert.IsSuccess(await manager.CreateAsync(user)); - IdentityResultAssert.IsSuccess(await role.CreateAsync(admin)); - IdentityResultAssert.IsSuccess(await role.CreateAsync(local)); - IdentityResultAssert.IsSuccess(await manager.AddToRoleAsync(user, admin.Name)); - IdentityResultAssert.IsSuccess(await manager.AddToRoleAsync(user, local.Name)); - Claim[] userClaims = - { - new Claim("Whatever", "Value"), - new Claim("Whatever2", "Value2") - }; - foreach (var c in userClaims) - { - IdentityResultAssert.IsSuccess(await manager.AddClaimAsync(user, c)); - } - Claim[] adminClaims = - { - new Claim("Admin", "Value"), - }; - foreach (var c in adminClaims) - { - IdentityResultAssert.IsSuccess(await role.AddClaimAsync(admin, c)); - } - Claim[] localClaims = - { - new Claim("Local", "Value"), - new Claim("Local2", "Value2") - }; - foreach (var c in localClaims) - { - IdentityResultAssert.IsSuccess(await role.AddClaimAsync(local, c)); - } - - var claimsFactory = new ClaimsIdentityFactory(manager, role); - var identity = await claimsFactory.CreateAsync(user, new ClaimsIdentityOptions()); - Assert.Equal(ClaimsIdentityOptions.DefaultAuthenticationType, identity.AuthenticationType); - var claims = identity.Claims.ToList(); - Assert.NotNull(claims); - Assert.True( - claims.Any(c => c.Type == manager.Options.ClaimsIdentity.UserNameClaimType && c.Value == user.UserName)); - Assert.True(claims.Any(c => c.Type == manager.Options.ClaimsIdentity.UserIdClaimType && c.Value == user.Id.ToString())); - Assert.True(claims.Any(c => c.Type == manager.Options.ClaimsIdentity.RoleClaimType && c.Value == admin.Name)); - Assert.True(claims.Any(c => c.Type == manager.Options.ClaimsIdentity.RoleClaimType && c.Value == local.Name)); - foreach (var cl in userClaims) - { - Assert.True(claims.Any(c => c.Type == cl.Type && c.Value == cl.Value)); - } - foreach (var cl in adminClaims) - { - Assert.True(claims.Any(c => c.Type == cl.Type && c.Value == cl.Value)); - } - foreach (var cl in localClaims) - { - Assert.True(claims.Any(c => c.Type == cl.Type && c.Value == cl.Value)); - } - - // Remove a role claim and make sure its not there - IdentityResultAssert.IsSuccess(await role.RemoveClaimAsync(local, localClaims[0])); - identity = await claimsFactory.CreateAsync(user, new ClaimsIdentityOptions()); - Assert.Equal(ClaimsIdentityOptions.DefaultAuthenticationType, identity.AuthenticationType); - claims = identity.Claims.ToList(); - Assert.False(claims.Any(c => c.Type == localClaims[0].Type && c.Value == localClaims[0].Value)); - Assert.True(claims.Any(c => c.Type == localClaims[1].Type && c.Value == localClaims[1].Value)); - } - [Fact] public async Task ConfirmEmailFalseByDefaultTest() {