From 899a3a2e88d14124fe4155aaeab7c174197c1655 Mon Sep 17 00:00:00 2001 From: Hao Kung Date: Thu, 26 Jul 2018 14:50:52 -0700 Subject: [PATCH] Refactor common tests --- .../CookieTests.cs | 428 +-------------- .../FacebookTests.cs | 493 +---------------- .../GoogleTests.cs | 451 +--------------- .../JwtBearerTests.cs | 434 +-------------- .../MicrosoftAccountTests.cs | 451 +--------------- .../OAuthTests.cs | 441 +-------------- .../RemoteAuthenticationTests.cs | 92 ++++ .../SharedAuthenticationTests.cs | 510 ++++++++++++++++++ .../TwitterTests.cs | 445 +-------------- 9 files changed, 737 insertions(+), 3008 deletions(-) create mode 100644 test/Microsoft.AspNetCore.Authentication.Test/RemoteAuthenticationTests.cs create mode 100644 test/Microsoft.AspNetCore.Authentication.Test/SharedAuthenticationTests.cs diff --git a/test/Microsoft.AspNetCore.Authentication.Test/CookieTests.cs b/test/Microsoft.AspNetCore.Authentication.Test/CookieTests.cs index 766d1e2e53..107fc5db1e 100644 --- a/test/Microsoft.AspNetCore.Authentication.Test/CookieTests.cs +++ b/test/Microsoft.AspNetCore.Authentication.Test/CookieTests.cs @@ -10,7 +10,6 @@ using System.Security.Principal; using System.Text; using System.Threading.Tasks; using System.Xml.Linq; -using Microsoft.AspNetCore.Authentication.Tests; using Microsoft.AspNetCore.Builder; using Microsoft.AspNetCore.DataProtection; using Microsoft.AspNetCore.Hosting; @@ -22,431 +21,16 @@ using Xunit; namespace Microsoft.AspNetCore.Authentication.Cookies { - public class CookieTests + public class CookieTests : SharedAuthenticationTests { private TestClock _clock = new TestClock(); - [Fact] - public async Task CanForwardDefault() + protected override string DefaultScheme => CookieAuthenticationDefaults.AuthenticationScheme; + protected override Type HandlerType => typeof(CookieAuthenticationHandler); + + protected override void RegisterAuth(AuthenticationBuilder services, Action configure) { - var services = new ServiceCollection().AddLogging(); - - services.AddAuthentication(o => - { - o.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme; - o.AddScheme("auth1", "auth1"); - }) - .AddCookie(o => o.ForwardDefault = "auth1"); - - var forwardDefault = new TestHandler(); - services.AddSingleton(forwardDefault); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - Assert.Equal(0, forwardDefault.AuthenticateCount); - Assert.Equal(0, forwardDefault.ForbidCount); - Assert.Equal(0, forwardDefault.ChallengeCount); - Assert.Equal(0, forwardDefault.SignInCount); - Assert.Equal(0, forwardDefault.SignOutCount); - - await context.AuthenticateAsync(); - Assert.Equal(1, forwardDefault.AuthenticateCount); - - await context.ForbidAsync(); - Assert.Equal(1, forwardDefault.ForbidCount); - - await context.ChallengeAsync(); - Assert.Equal(1, forwardDefault.ChallengeCount); - - await context.SignOutAsync(); - Assert.Equal(1, forwardDefault.SignOutCount); - - await context.SignInAsync(new ClaimsPrincipal()); - Assert.Equal(1, forwardDefault.SignInCount); - } - - [Fact] - public async Task ForwardSignInWinsOverDefault() - { - var services = new ServiceCollection().AddLogging(); - - services.AddAuthentication(o => - { - o.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme; - o.AddScheme("auth1", "auth1"); - o.AddScheme("specific", "specific"); - }) - .AddCookie(o => - { - o.ForwardDefault = "auth1"; - o.ForwardSignIn = "specific"; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await context.SignInAsync(new ClaimsPrincipal()); - Assert.Equal(1, specific.SignInCount); - Assert.Equal(0, specific.AuthenticateCount); - Assert.Equal(0, specific.ForbidCount); - Assert.Equal(0, specific.ChallengeCount); - Assert.Equal(0, specific.SignOutCount); - - Assert.Equal(0, forwardDefault.AuthenticateCount); - Assert.Equal(0, forwardDefault.ForbidCount); - Assert.Equal(0, forwardDefault.ChallengeCount); - Assert.Equal(0, forwardDefault.SignInCount); - Assert.Equal(0, forwardDefault.SignOutCount); - } - - [Fact] - public async Task ForwardSignOutWinsOverDefault() - { - var services = new ServiceCollection().AddLogging(); - - services.AddAuthentication(o => - { - o.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme; - o.AddScheme("auth1", "auth1"); - o.AddScheme("specific", "specific"); - }) - .AddCookie(o => - { - o.ForwardDefault = "auth1"; - o.ForwardSignOut = "specific"; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await context.SignOutAsync(); - Assert.Equal(1, specific.SignOutCount); - Assert.Equal(0, specific.AuthenticateCount); - Assert.Equal(0, specific.ForbidCount); - Assert.Equal(0, specific.ChallengeCount); - Assert.Equal(0, specific.SignInCount); - - Assert.Equal(0, forwardDefault.AuthenticateCount); - Assert.Equal(0, forwardDefault.ForbidCount); - Assert.Equal(0, forwardDefault.ChallengeCount); - Assert.Equal(0, forwardDefault.SignInCount); - Assert.Equal(0, forwardDefault.SignOutCount); - } - - [Fact] - public async Task ForwardForbidWinsOverDefault() - { - var services = new ServiceCollection().AddLogging(); - - services.AddAuthentication(o => - { - o.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme; - o.AddScheme("auth1", "auth1"); - o.AddScheme("specific", "specific"); - }) - .AddCookie(o => - { - o.ForwardDefault = "auth1"; - o.ForwardForbid = "specific"; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await context.ForbidAsync(); - Assert.Equal(0, specific.SignOutCount); - Assert.Equal(0, specific.AuthenticateCount); - Assert.Equal(1, specific.ForbidCount); - Assert.Equal(0, specific.ChallengeCount); - Assert.Equal(0, specific.SignInCount); - - Assert.Equal(0, forwardDefault.AuthenticateCount); - Assert.Equal(0, forwardDefault.ForbidCount); - Assert.Equal(0, forwardDefault.ChallengeCount); - Assert.Equal(0, forwardDefault.SignInCount); - Assert.Equal(0, forwardDefault.SignOutCount); - } - - [Fact] - public async Task ForwardAuthenticateWinsOverDefault() - { - var services = new ServiceCollection().AddLogging(); - - services.AddAuthentication(o => - { - o.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme; - o.AddScheme("auth1", "auth1"); - o.AddScheme("specific", "specific"); - }) - .AddCookie(o => - { - o.ForwardDefault = "auth1"; - o.ForwardAuthenticate = "specific"; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await context.AuthenticateAsync(); - Assert.Equal(0, specific.SignOutCount); - Assert.Equal(1, specific.AuthenticateCount); - Assert.Equal(0, specific.ForbidCount); - Assert.Equal(0, specific.ChallengeCount); - Assert.Equal(0, specific.SignInCount); - - Assert.Equal(0, forwardDefault.AuthenticateCount); - Assert.Equal(0, forwardDefault.ForbidCount); - Assert.Equal(0, forwardDefault.ChallengeCount); - Assert.Equal(0, forwardDefault.SignInCount); - Assert.Equal(0, forwardDefault.SignOutCount); - } - - [Fact] - public async Task ForwardChallengeWinsOverDefault() - { - var services = new ServiceCollection().AddLogging(); - services.AddAuthentication(o => - { - o.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme; - o.AddScheme("specific", "specific"); - o.AddScheme("auth1", "auth1"); - }) - .AddCookie(o => - { - o.ForwardDefault = "auth1"; - o.ForwardChallenge = "specific"; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await context.ChallengeAsync(); - Assert.Equal(0, specific.SignOutCount); - Assert.Equal(0, specific.AuthenticateCount); - Assert.Equal(0, specific.ForbidCount); - Assert.Equal(1, specific.ChallengeCount); - Assert.Equal(0, specific.SignInCount); - - Assert.Equal(0, forwardDefault.AuthenticateCount); - Assert.Equal(0, forwardDefault.ForbidCount); - Assert.Equal(0, forwardDefault.ChallengeCount); - Assert.Equal(0, forwardDefault.SignInCount); - Assert.Equal(0, forwardDefault.SignOutCount); - } - - [Fact] - public async Task ForwardSelectorWinsOverDefault() - { - var services = new ServiceCollection().AddLogging(); - services.AddAuthentication(o => - { - o.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme; - o.AddScheme("auth1", "auth1"); - o.AddScheme("selector", "selector"); - o.AddScheme("specific", "specific"); - }) - .AddCookie(o => - { - o.ForwardDefault = "auth1"; - o.ForwardDefaultSelector = _ => "selector"; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - var selector = new TestHandler3(); - services.AddSingleton(selector); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await context.AuthenticateAsync(); - Assert.Equal(1, selector.AuthenticateCount); - - await context.ForbidAsync(); - Assert.Equal(1, selector.ForbidCount); - - await context.ChallengeAsync(); - Assert.Equal(1, selector.ChallengeCount); - - await context.SignOutAsync(); - Assert.Equal(1, selector.SignOutCount); - - await context.SignInAsync(new ClaimsPrincipal()); - Assert.Equal(1, selector.SignInCount); - - Assert.Equal(0, forwardDefault.AuthenticateCount); - Assert.Equal(0, forwardDefault.ForbidCount); - Assert.Equal(0, forwardDefault.ChallengeCount); - Assert.Equal(0, forwardDefault.SignInCount); - Assert.Equal(0, forwardDefault.SignOutCount); - Assert.Equal(0, specific.AuthenticateCount); - Assert.Equal(0, specific.ForbidCount); - Assert.Equal(0, specific.ChallengeCount); - Assert.Equal(0, specific.SignInCount); - Assert.Equal(0, specific.SignOutCount); - } - - [Fact] - public async Task NullForwardSelectorUsesDefault() - { - var services = new ServiceCollection().AddLogging(); - services.AddAuthentication(o => - { - o.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme; - o.AddScheme("auth1", "auth1"); - o.AddScheme("selector", "selector"); - o.AddScheme("specific", "specific"); - }) - .AddCookie(o => - { - o.ForwardDefault = "auth1"; - o.ForwardDefaultSelector = _ => null; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - var selector = new TestHandler3(); - services.AddSingleton(selector); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await context.AuthenticateAsync(); - Assert.Equal(1, forwardDefault.AuthenticateCount); - - await context.ForbidAsync(); - Assert.Equal(1, forwardDefault.ForbidCount); - - await context.ChallengeAsync(); - Assert.Equal(1, forwardDefault.ChallengeCount); - - await context.SignOutAsync(); - Assert.Equal(1, forwardDefault.SignOutCount); - - await context.SignInAsync(new ClaimsPrincipal()); - Assert.Equal(1, forwardDefault.SignInCount); - - Assert.Equal(0, selector.AuthenticateCount); - Assert.Equal(0, selector.ForbidCount); - Assert.Equal(0, selector.ChallengeCount); - Assert.Equal(0, selector.SignInCount); - Assert.Equal(0, selector.SignOutCount); - Assert.Equal(0, specific.AuthenticateCount); - Assert.Equal(0, specific.ForbidCount); - Assert.Equal(0, specific.ChallengeCount); - Assert.Equal(0, specific.SignInCount); - Assert.Equal(0, specific.SignOutCount); - } - - [Fact] - public async Task SpecificForwardWinsOverSelectorAndDefault() - { - var services = new ServiceCollection().AddLogging(); - services.AddAuthentication(o => - { - o.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme; - o.AddScheme("auth1", "auth1"); - o.AddScheme("selector", "selector"); - o.AddScheme("specific", "specific"); - }) - .AddCookie(o => - { - o.ForwardDefault = "auth1"; - o.ForwardDefaultSelector = _ => "selector"; - o.ForwardAuthenticate = "specific"; - o.ForwardChallenge = "specific"; - o.ForwardSignIn = "specific"; - o.ForwardSignOut = "specific"; - o.ForwardForbid = "specific"; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - var selector = new TestHandler3(); - services.AddSingleton(selector); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await context.AuthenticateAsync(); - Assert.Equal(1, specific.AuthenticateCount); - - await context.ForbidAsync(); - Assert.Equal(1, specific.ForbidCount); - - await context.ChallengeAsync(); - Assert.Equal(1, specific.ChallengeCount); - - await context.SignOutAsync(); - Assert.Equal(1, specific.SignOutCount); - - await context.SignInAsync(new ClaimsPrincipal()); - Assert.Equal(1, specific.SignInCount); - - Assert.Equal(0, forwardDefault.AuthenticateCount); - Assert.Equal(0, forwardDefault.ForbidCount); - Assert.Equal(0, forwardDefault.ChallengeCount); - Assert.Equal(0, forwardDefault.SignInCount); - Assert.Equal(0, forwardDefault.SignOutCount); - Assert.Equal(0, selector.AuthenticateCount); - Assert.Equal(0, selector.ForbidCount); - Assert.Equal(0, selector.ChallengeCount); - Assert.Equal(0, selector.SignInCount); - Assert.Equal(0, selector.SignOutCount); - } - - [Fact] - public async Task VerifySchemeDefaults() - { - var services = new ServiceCollection(); - services.AddAuthentication().AddCookie(); - var sp = services.BuildServiceProvider(); - var schemeProvider = sp.GetRequiredService(); - var scheme = await schemeProvider.GetSchemeAsync(CookieAuthenticationDefaults.AuthenticationScheme); - Assert.NotNull(scheme); - Assert.Equal("CookieAuthenticationHandler", scheme.HandlerType.Name); - Assert.Null(scheme.DisplayName); + services.AddCookie(configure); } [Fact] diff --git a/test/Microsoft.AspNetCore.Authentication.Test/FacebookTests.cs b/test/Microsoft.AspNetCore.Authentication.Test/FacebookTests.cs index b909be9fdc..6802c60e70 100644 --- a/test/Microsoft.AspNetCore.Authentication.Test/FacebookTests.cs +++ b/test/Microsoft.AspNetCore.Authentication.Test/FacebookTests.cs @@ -1,17 +1,8 @@ // Copyright (c) .NET Foundation. All rights reserved. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. -using System; -using System.Linq; -using System.Net; -using System.Net.Http; -using System.Security.Claims; -using System.Text; -using System.Text.Encodings.Web; -using System.Threading.Tasks; using Microsoft.AspNetCore.Authentication.Cookies; using Microsoft.AspNetCore.Authentication.OAuth; -using Microsoft.AspNetCore.Authentication.Tests; using Microsoft.AspNetCore.Builder; using Microsoft.AspNetCore.DataProtection; using Microsoft.AspNetCore.Hosting; @@ -20,478 +11,40 @@ using Microsoft.AspNetCore.TestHost; using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.Logging.Abstractions; using Newtonsoft.Json; +using System; +using System.Linq; +using System.Net; +using System.Net.Http; +using System.Text; +using System.Text.Encodings.Web; +using System.Threading.Tasks; using Xunit; namespace Microsoft.AspNetCore.Authentication.Facebook { - public class FacebookTests + public class FacebookTests : RemoteAuthenticationTests { - private void ConfigureDefaults(FacebookOptions o) + protected override string DefaultScheme => FacebookDefaults.AuthenticationScheme; + protected override Type HandlerType => typeof(FacebookHandler); + protected override bool SupportsSignIn { get => false; } + protected override bool SupportsSignOut { get => false; } + + protected override void RegisterAuth(AuthenticationBuilder services, Action configure) + { + services.AddFacebook(o => + { + ConfigureDefaults(o); + configure.Invoke(o); + }); + } + + protected override void ConfigureDefaults(FacebookOptions o) { o.AppId = "whatever"; o.AppSecret = "whatever"; o.SignInScheme = "auth1"; } - [Fact] - public async Task CanForwardDefault() - { - var services = new ServiceCollection().AddLogging(); - - services.AddAuthentication(o => - { - o.DefaultScheme = FacebookDefaults.AuthenticationScheme; - o.AddScheme("auth1", "auth1"); - }) - .AddFacebook(o => - { - ConfigureDefaults(o); - o.ForwardDefault = "auth1"; - }); - - var forwardDefault = new TestHandler(); - services.AddSingleton(forwardDefault); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - Assert.Equal(0, forwardDefault.AuthenticateCount); - Assert.Equal(0, forwardDefault.ForbidCount); - Assert.Equal(0, forwardDefault.ChallengeCount); - Assert.Equal(0, forwardDefault.SignInCount); - Assert.Equal(0, forwardDefault.SignOutCount); - - await context.AuthenticateAsync(); - Assert.Equal(1, forwardDefault.AuthenticateCount); - - await context.ForbidAsync(); - Assert.Equal(1, forwardDefault.ForbidCount); - - await context.ChallengeAsync(); - Assert.Equal(1, forwardDefault.ChallengeCount); - - await Assert.ThrowsAsync(() => context.SignOutAsync()); - await Assert.ThrowsAsync(() => context.SignInAsync(new ClaimsPrincipal())); - } - - [Fact] - public async Task ForwardSignInThrows() - { - var services = new ServiceCollection().AddLogging(); - - services.AddAuthentication(o => - { - o.DefaultScheme = FacebookDefaults.AuthenticationScheme; - o.AddScheme("auth1", "auth1"); - o.AddScheme("specific", "specific"); - }) - .AddFacebook(o => - { - ConfigureDefaults(o); - o.ForwardDefault = "auth1"; - o.ForwardSignOut = "specific"; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await Assert.ThrowsAsync(() => context.SignInAsync(new ClaimsPrincipal())); - } - - [Fact] - public async Task ForwardSignOutThrows() - { - var services = new ServiceCollection().AddLogging(); - - services.AddAuthentication(o => - { - o.DefaultScheme = FacebookDefaults.AuthenticationScheme; - o.AddScheme("auth1", "auth1"); - o.AddScheme("specific", "specific"); - }) - .AddFacebook(o => - { - ConfigureDefaults(o); - o.ForwardDefault = "auth1"; - o.ForwardSignOut = "specific"; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await Assert.ThrowsAsync(() => context.SignOutAsync()); - } - - [Fact] - public async Task ForwardForbidWinsOverDefault() - { - var services = new ServiceCollection().AddLogging(); - - services.AddAuthentication(o => - { - o.DefaultScheme = FacebookDefaults.AuthenticationScheme; - o.AddScheme("auth1", "auth1"); - o.AddScheme("specific", "specific"); - }) - .AddFacebook(o => - { - ConfigureDefaults(o); - o.ForwardDefault = "auth1"; - o.ForwardForbid = "specific"; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await context.ForbidAsync(); - Assert.Equal(0, specific.SignOutCount); - Assert.Equal(0, specific.AuthenticateCount); - Assert.Equal(1, specific.ForbidCount); - Assert.Equal(0, specific.ChallengeCount); - Assert.Equal(0, specific.SignInCount); - - Assert.Equal(0, forwardDefault.AuthenticateCount); - Assert.Equal(0, forwardDefault.ForbidCount); - Assert.Equal(0, forwardDefault.ChallengeCount); - Assert.Equal(0, forwardDefault.SignInCount); - Assert.Equal(0, forwardDefault.SignOutCount); - } - - [Fact] - public async Task ForwardAuthenticateWinsOverDefault() - { - var services = new ServiceCollection().AddLogging(); - - services.AddAuthentication(o => - { - o.DefaultScheme = FacebookDefaults.AuthenticationScheme; - o.AddScheme("auth1", "auth1"); - o.AddScheme("specific", "specific"); - }) - .AddFacebook(o => - { - ConfigureDefaults(o); - o.ForwardDefault = "auth1"; - o.ForwardAuthenticate = "specific"; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await context.AuthenticateAsync(); - Assert.Equal(0, specific.SignOutCount); - Assert.Equal(1, specific.AuthenticateCount); - Assert.Equal(0, specific.ForbidCount); - Assert.Equal(0, specific.ChallengeCount); - Assert.Equal(0, specific.SignInCount); - - Assert.Equal(0, forwardDefault.AuthenticateCount); - Assert.Equal(0, forwardDefault.ForbidCount); - Assert.Equal(0, forwardDefault.ChallengeCount); - Assert.Equal(0, forwardDefault.SignInCount); - Assert.Equal(0, forwardDefault.SignOutCount); - } - - [Fact] - public async Task ForwardChallengeWinsOverDefault() - { - var services = new ServiceCollection().AddLogging(); - services.AddAuthentication(o => - { - o.DefaultScheme = FacebookDefaults.AuthenticationScheme; - o.AddScheme("specific", "specific"); - o.AddScheme("auth1", "auth1"); - }) - .AddFacebook(o => - { - ConfigureDefaults(o); - o.ForwardDefault = "auth1"; - o.ForwardChallenge = "specific"; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await context.ChallengeAsync(); - Assert.Equal(0, specific.SignOutCount); - Assert.Equal(0, specific.AuthenticateCount); - Assert.Equal(0, specific.ForbidCount); - Assert.Equal(1, specific.ChallengeCount); - Assert.Equal(0, specific.SignInCount); - - Assert.Equal(0, forwardDefault.AuthenticateCount); - Assert.Equal(0, forwardDefault.ForbidCount); - Assert.Equal(0, forwardDefault.ChallengeCount); - Assert.Equal(0, forwardDefault.SignInCount); - Assert.Equal(0, forwardDefault.SignOutCount); - } - - [Fact] - public async Task ForwardSelectorWinsOverDefault() - { - var services = new ServiceCollection().AddLogging(); - services.AddAuthentication(o => - { - o.DefaultScheme = FacebookDefaults.AuthenticationScheme; - o.AddScheme("auth1", "auth1"); - o.AddScheme("selector", "selector"); - o.AddScheme("specific", "specific"); - }) - .AddFacebook(o => - { - ConfigureDefaults(o); - o.ForwardDefault = "auth1"; - o.ForwardDefaultSelector = _ => "selector"; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - var selector = new TestHandler3(); - services.AddSingleton(selector); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await context.AuthenticateAsync(); - Assert.Equal(1, selector.AuthenticateCount); - - await context.ForbidAsync(); - Assert.Equal(1, selector.ForbidCount); - - await context.ChallengeAsync(); - Assert.Equal(1, selector.ChallengeCount); - - await Assert.ThrowsAsync(() => context.SignOutAsync()); - await Assert.ThrowsAsync(() => context.SignInAsync(new ClaimsPrincipal())); - - Assert.Equal(0, forwardDefault.AuthenticateCount); - Assert.Equal(0, forwardDefault.ForbidCount); - Assert.Equal(0, forwardDefault.ChallengeCount); - Assert.Equal(0, forwardDefault.SignInCount); - Assert.Equal(0, forwardDefault.SignOutCount); - Assert.Equal(0, specific.AuthenticateCount); - Assert.Equal(0, specific.ForbidCount); - Assert.Equal(0, specific.ChallengeCount); - Assert.Equal(0, specific.SignInCount); - Assert.Equal(0, specific.SignOutCount); - } - - [Fact] - public async Task NullForwardSelectorUsesDefault() - { - var services = new ServiceCollection().AddLogging(); - services.AddAuthentication(o => - { - o.DefaultScheme = FacebookDefaults.AuthenticationScheme; - o.AddScheme("auth1", "auth1"); - o.AddScheme("selector", "selector"); - o.AddScheme("specific", "specific"); - }) - .AddFacebook(o => - { - ConfigureDefaults(o); - o.ForwardDefault = "auth1"; - o.ForwardDefaultSelector = _ => null; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - var selector = new TestHandler3(); - services.AddSingleton(selector); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await context.AuthenticateAsync(); - Assert.Equal(1, forwardDefault.AuthenticateCount); - - await context.ForbidAsync(); - Assert.Equal(1, forwardDefault.ForbidCount); - - await context.ChallengeAsync(); - Assert.Equal(1, forwardDefault.ChallengeCount); - - await Assert.ThrowsAsync(() => context.SignOutAsync()); - await Assert.ThrowsAsync(() => context.SignInAsync(new ClaimsPrincipal())); - - Assert.Equal(0, selector.AuthenticateCount); - Assert.Equal(0, selector.ForbidCount); - Assert.Equal(0, selector.ChallengeCount); - Assert.Equal(0, selector.SignInCount); - Assert.Equal(0, selector.SignOutCount); - Assert.Equal(0, specific.AuthenticateCount); - Assert.Equal(0, specific.ForbidCount); - Assert.Equal(0, specific.ChallengeCount); - Assert.Equal(0, specific.SignInCount); - Assert.Equal(0, specific.SignOutCount); - } - - [Fact] - public async Task SpecificForwardWinsOverSelectorAndDefault() - { - var services = new ServiceCollection().AddLogging(); - services.AddAuthentication(o => - { - o.DefaultScheme = FacebookDefaults.AuthenticationScheme; - o.AddScheme("auth1", "auth1"); - o.AddScheme("selector", "selector"); - o.AddScheme("specific", "specific"); - }) - .AddFacebook(o => - { - ConfigureDefaults(o); - o.ForwardDefault = "auth1"; - o.ForwardDefaultSelector = _ => "selector"; - o.ForwardAuthenticate = "specific"; - o.ForwardChallenge = "specific"; - o.ForwardSignIn = "specific"; - o.ForwardSignOut = "specific"; - o.ForwardForbid = "specific"; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - var selector = new TestHandler3(); - services.AddSingleton(selector); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await context.AuthenticateAsync(); - Assert.Equal(1, specific.AuthenticateCount); - - await context.ForbidAsync(); - Assert.Equal(1, specific.ForbidCount); - - await context.ChallengeAsync(); - Assert.Equal(1, specific.ChallengeCount); - - await Assert.ThrowsAsync(() => context.SignOutAsync()); - await Assert.ThrowsAsync(() => context.SignInAsync(new ClaimsPrincipal())); - - Assert.Equal(0, forwardDefault.AuthenticateCount); - Assert.Equal(0, forwardDefault.ForbidCount); - Assert.Equal(0, forwardDefault.ChallengeCount); - Assert.Equal(0, forwardDefault.SignInCount); - Assert.Equal(0, forwardDefault.SignOutCount); - Assert.Equal(0, selector.AuthenticateCount); - Assert.Equal(0, selector.ForbidCount); - Assert.Equal(0, selector.ChallengeCount); - Assert.Equal(0, selector.SignInCount); - Assert.Equal(0, selector.SignOutCount); - } - - [Fact] - public async Task VerifySignInSchemeCannotBeSetToSelf() - { - var server = CreateServer( - app => { }, - services => services.AddAuthentication().AddFacebook(o => - { - o.AppId = "whatever"; - o.AppSecret = "whatever"; - o.SignInScheme = FacebookDefaults.AuthenticationScheme; - }), - async context => - { - await context.ChallengeAsync("Facebook"); - return true; - }); - var error = await Assert.ThrowsAsync(() => server.SendAsync("https://example.com/challenge")); - Assert.Contains("cannot be set to itself", error.Message); - } - - [Fact] - public async Task VerifySignInSchemeCannotBeSetToSelfUsingDefaultScheme() - { - var server = CreateServer( - app => { }, - services => services.AddAuthentication(o => o.DefaultScheme = FacebookDefaults.AuthenticationScheme).AddFacebook(o => - { - o.AppId = "whatever"; - o.AppSecret = "whatever"; - }), - async context => - { - await context.ChallengeAsync("Facebook"); - return true; - }); - var error = await Assert.ThrowsAsync(() => server.SendAsync("https://example.com/challenge")); - Assert.Contains("cannot be set to itself", error.Message); - } - - [Fact] - public async Task VerifySignInSchemeCannotBeSetToSelfUsingDefaultSignInScheme() - { - var server = CreateServer( - app => { }, - services => services.AddAuthentication(o => o.DefaultSignInScheme = FacebookDefaults.AuthenticationScheme).AddFacebook(o => - { - o.AppId = "whatever"; - o.AppSecret = "whatever"; - }), - async context => - { - await context.ChallengeAsync("Facebook"); - return true; - }); - var error = await Assert.ThrowsAsync(() => server.SendAsync("https://example.com/challenge")); - Assert.Contains("cannot be set to itself", error.Message); - } - - [Fact] - public async Task VerifySchemeDefaults() - { - var services = new ServiceCollection(); - services.AddAuthentication().AddFacebook(); - var sp = services.BuildServiceProvider(); - var schemeProvider = sp.GetRequiredService(); - var scheme = await schemeProvider.GetSchemeAsync(FacebookDefaults.AuthenticationScheme); - Assert.NotNull(scheme); - Assert.Equal("FacebookHandler", scheme.HandlerType.Name); - Assert.Equal(FacebookDefaults.AuthenticationScheme, scheme.DisplayName); - } - [Fact] public async Task ThrowsIfAppIdMissing() { diff --git a/test/Microsoft.AspNetCore.Authentication.Test/GoogleTests.cs b/test/Microsoft.AspNetCore.Authentication.Test/GoogleTests.cs index 511a658ff4..19d7d898b7 100644 --- a/test/Microsoft.AspNetCore.Authentication.Test/GoogleTests.cs +++ b/test/Microsoft.AspNetCore.Authentication.Test/GoogleTests.cs @@ -1,16 +1,6 @@ // Copyright (c) .NET Foundation. All rights reserved. See License.txt in the project root for license information. -using System; -using System.Collections.Generic; -using System.Linq; -using System.Net; -using System.Net.Http; -using System.Security.Claims; -using System.Text; -using System.Text.Encodings.Web; -using System.Threading.Tasks; using Microsoft.AspNetCore.Authentication.OAuth; -using Microsoft.AspNetCore.Authentication.Tests; using Microsoft.AspNetCore.Builder; using Microsoft.AspNetCore.DataProtection; using Microsoft.AspNetCore.Hosting; @@ -20,433 +10,42 @@ using Microsoft.AspNetCore.WebUtilities; using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.Logging.Abstractions; using Newtonsoft.Json; +using System; +using System.Collections.Generic; +using System.Linq; +using System.Net; +using System.Net.Http; +using System.Security.Claims; +using System.Text; +using System.Text.Encodings.Web; +using System.Threading.Tasks; using Xunit; namespace Microsoft.AspNetCore.Authentication.Google { - public class GoogleTests + public class GoogleTests : RemoteAuthenticationTests { - private void ConfigureDefaults(GoogleOptions o) + protected override string DefaultScheme => GoogleDefaults.AuthenticationScheme; + protected override Type HandlerType => typeof(GoogleHandler); + protected override bool SupportsSignIn { get => false; } + protected override bool SupportsSignOut { get => false; } + + protected override void RegisterAuth(AuthenticationBuilder services, Action configure) + { + services.AddGoogle(o => + { + ConfigureDefaults(o); + configure.Invoke(o); + }); + } + + protected override void ConfigureDefaults(GoogleOptions o) { o.ClientId = "whatever"; o.ClientSecret = "whatever"; o.SignInScheme = "auth1"; } - [Fact] - public async Task CanForwardDefault() - { - var services = new ServiceCollection().AddLogging(); - - services.AddAuthentication(o => - { - o.DefaultScheme = GoogleDefaults.AuthenticationScheme; - o.AddScheme("auth1", "auth1"); - }) - .AddGoogle(o => - { - ConfigureDefaults(o); - o.ForwardDefault = "auth1"; - }); - - var forwardDefault = new TestHandler(); - services.AddSingleton(forwardDefault); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - Assert.Equal(0, forwardDefault.AuthenticateCount); - Assert.Equal(0, forwardDefault.ForbidCount); - Assert.Equal(0, forwardDefault.ChallengeCount); - Assert.Equal(0, forwardDefault.SignInCount); - Assert.Equal(0, forwardDefault.SignOutCount); - - await context.AuthenticateAsync(); - Assert.Equal(1, forwardDefault.AuthenticateCount); - - await context.ForbidAsync(); - Assert.Equal(1, forwardDefault.ForbidCount); - - await context.ChallengeAsync(); - Assert.Equal(1, forwardDefault.ChallengeCount); - - await Assert.ThrowsAsync(() => context.SignOutAsync()); - await Assert.ThrowsAsync(() => context.SignInAsync(new ClaimsPrincipal())); - } - - [Fact] - public async Task ForwardSignInThrows() - { - var services = new ServiceCollection().AddLogging(); - - services.AddAuthentication(o => - { - o.DefaultScheme = GoogleDefaults.AuthenticationScheme; - o.AddScheme("auth1", "auth1"); - o.AddScheme("specific", "specific"); - }) - .AddGoogle(o => - { - ConfigureDefaults(o); - o.ForwardDefault = "auth1"; - o.ForwardSignOut = "specific"; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await Assert.ThrowsAsync(() => context.SignInAsync(new ClaimsPrincipal())); - } - - [Fact] - public async Task ForwardSignOutThrows() - { - var services = new ServiceCollection().AddLogging(); - - services.AddAuthentication(o => - { - o.DefaultScheme = GoogleDefaults.AuthenticationScheme; - o.AddScheme("auth1", "auth1"); - o.AddScheme("specific", "specific"); - }) - .AddGoogle(o => - { - ConfigureDefaults(o); - o.ForwardDefault = "auth1"; - o.ForwardSignOut = "specific"; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await Assert.ThrowsAsync(() => context.SignOutAsync()); - } - - [Fact] - public async Task ForwardForbidWinsOverDefault() - { - var services = new ServiceCollection().AddLogging(); - - services.AddAuthentication(o => - { - o.DefaultScheme = GoogleDefaults.AuthenticationScheme; - o.AddScheme("auth1", "auth1"); - o.AddScheme("specific", "specific"); - }) - .AddGoogle(o => - { - ConfigureDefaults(o); - o.ForwardDefault = "auth1"; - o.ForwardForbid = "specific"; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await context.ForbidAsync(); - Assert.Equal(0, specific.SignOutCount); - Assert.Equal(0, specific.AuthenticateCount); - Assert.Equal(1, specific.ForbidCount); - Assert.Equal(0, specific.ChallengeCount); - Assert.Equal(0, specific.SignInCount); - - Assert.Equal(0, forwardDefault.AuthenticateCount); - Assert.Equal(0, forwardDefault.ForbidCount); - Assert.Equal(0, forwardDefault.ChallengeCount); - Assert.Equal(0, forwardDefault.SignInCount); - Assert.Equal(0, forwardDefault.SignOutCount); - } - - [Fact] - public async Task ForwardAuthenticateWinsOverDefault() - { - var services = new ServiceCollection().AddLogging(); - - services.AddAuthentication(o => - { - o.DefaultScheme = GoogleDefaults.AuthenticationScheme; - o.AddScheme("auth1", "auth1"); - o.AddScheme("specific", "specific"); - }) - .AddGoogle(o => - { - ConfigureDefaults(o); - o.ForwardDefault = "auth1"; - o.ForwardAuthenticate = "specific"; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await context.AuthenticateAsync(); - Assert.Equal(0, specific.SignOutCount); - Assert.Equal(1, specific.AuthenticateCount); - Assert.Equal(0, specific.ForbidCount); - Assert.Equal(0, specific.ChallengeCount); - Assert.Equal(0, specific.SignInCount); - - Assert.Equal(0, forwardDefault.AuthenticateCount); - Assert.Equal(0, forwardDefault.ForbidCount); - Assert.Equal(0, forwardDefault.ChallengeCount); - Assert.Equal(0, forwardDefault.SignInCount); - Assert.Equal(0, forwardDefault.SignOutCount); - } - - [Fact] - public async Task ForwardChallengeWinsOverDefault() - { - var services = new ServiceCollection().AddLogging(); - services.AddAuthentication(o => - { - o.DefaultScheme = GoogleDefaults.AuthenticationScheme; - o.AddScheme("specific", "specific"); - o.AddScheme("auth1", "auth1"); - }) - .AddGoogle(o => - { - ConfigureDefaults(o); - o.ForwardDefault = "auth1"; - o.ForwardChallenge = "specific"; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await context.ChallengeAsync(); - Assert.Equal(0, specific.SignOutCount); - Assert.Equal(0, specific.AuthenticateCount); - Assert.Equal(0, specific.ForbidCount); - Assert.Equal(1, specific.ChallengeCount); - Assert.Equal(0, specific.SignInCount); - - Assert.Equal(0, forwardDefault.AuthenticateCount); - Assert.Equal(0, forwardDefault.ForbidCount); - Assert.Equal(0, forwardDefault.ChallengeCount); - Assert.Equal(0, forwardDefault.SignInCount); - Assert.Equal(0, forwardDefault.SignOutCount); - } - - [Fact] - public async Task ForwardSelectorWinsOverDefault() - { - var services = new ServiceCollection().AddLogging(); - services.AddAuthentication(o => - { - o.DefaultScheme = GoogleDefaults.AuthenticationScheme; - o.AddScheme("auth1", "auth1"); - o.AddScheme("selector", "selector"); - o.AddScheme("specific", "specific"); - }) - .AddGoogle(o => - { - ConfigureDefaults(o); - o.ForwardDefault = "auth1"; - o.ForwardDefaultSelector = _ => "selector"; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - var selector = new TestHandler3(); - services.AddSingleton(selector); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await context.AuthenticateAsync(); - Assert.Equal(1, selector.AuthenticateCount); - - await context.ForbidAsync(); - Assert.Equal(1, selector.ForbidCount); - - await context.ChallengeAsync(); - Assert.Equal(1, selector.ChallengeCount); - - await Assert.ThrowsAsync(() => context.SignOutAsync()); - await Assert.ThrowsAsync(() => context.SignInAsync(new ClaimsPrincipal())); - - Assert.Equal(0, forwardDefault.AuthenticateCount); - Assert.Equal(0, forwardDefault.ForbidCount); - Assert.Equal(0, forwardDefault.ChallengeCount); - Assert.Equal(0, forwardDefault.SignInCount); - Assert.Equal(0, forwardDefault.SignOutCount); - Assert.Equal(0, specific.AuthenticateCount); - Assert.Equal(0, specific.ForbidCount); - Assert.Equal(0, specific.ChallengeCount); - Assert.Equal(0, specific.SignInCount); - Assert.Equal(0, specific.SignOutCount); - } - - [Fact] - public async Task NullForwardSelectorUsesDefault() - { - var services = new ServiceCollection().AddLogging(); - services.AddAuthentication(o => - { - o.DefaultScheme = GoogleDefaults.AuthenticationScheme; - o.AddScheme("auth1", "auth1"); - o.AddScheme("selector", "selector"); - o.AddScheme("specific", "specific"); - }) - .AddGoogle(o => - { - ConfigureDefaults(o); - o.ForwardDefault = "auth1"; - o.ForwardDefaultSelector = _ => null; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - var selector = new TestHandler3(); - services.AddSingleton(selector); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await context.AuthenticateAsync(); - Assert.Equal(1, forwardDefault.AuthenticateCount); - - await context.ForbidAsync(); - Assert.Equal(1, forwardDefault.ForbidCount); - - await context.ChallengeAsync(); - Assert.Equal(1, forwardDefault.ChallengeCount); - - await Assert.ThrowsAsync(() => context.SignOutAsync()); - await Assert.ThrowsAsync(() => context.SignInAsync(new ClaimsPrincipal())); - - Assert.Equal(0, selector.AuthenticateCount); - Assert.Equal(0, selector.ForbidCount); - Assert.Equal(0, selector.ChallengeCount); - Assert.Equal(0, selector.SignInCount); - Assert.Equal(0, selector.SignOutCount); - Assert.Equal(0, specific.AuthenticateCount); - Assert.Equal(0, specific.ForbidCount); - Assert.Equal(0, specific.ChallengeCount); - Assert.Equal(0, specific.SignInCount); - Assert.Equal(0, specific.SignOutCount); - } - - [Fact] - public async Task SpecificForwardWinsOverSelectorAndDefault() - { - var services = new ServiceCollection().AddLogging(); - services.AddAuthentication(o => - { - o.DefaultScheme = GoogleDefaults.AuthenticationScheme; - o.AddScheme("auth1", "auth1"); - o.AddScheme("selector", "selector"); - o.AddScheme("specific", "specific"); - }) - .AddGoogle(o => - { - ConfigureDefaults(o); - o.ForwardDefault = "auth1"; - o.ForwardDefaultSelector = _ => "selector"; - o.ForwardAuthenticate = "specific"; - o.ForwardChallenge = "specific"; - o.ForwardSignIn = "specific"; - o.ForwardSignOut = "specific"; - o.ForwardForbid = "specific"; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - var selector = new TestHandler3(); - services.AddSingleton(selector); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await context.AuthenticateAsync(); - Assert.Equal(1, specific.AuthenticateCount); - - await context.ForbidAsync(); - Assert.Equal(1, specific.ForbidCount); - - await context.ChallengeAsync(); - Assert.Equal(1, specific.ChallengeCount); - - await Assert.ThrowsAsync(() => context.SignOutAsync()); - await Assert.ThrowsAsync(() => context.SignInAsync(new ClaimsPrincipal())); - - Assert.Equal(0, forwardDefault.AuthenticateCount); - Assert.Equal(0, forwardDefault.ForbidCount); - Assert.Equal(0, forwardDefault.ChallengeCount); - Assert.Equal(0, forwardDefault.SignInCount); - Assert.Equal(0, forwardDefault.SignOutCount); - Assert.Equal(0, selector.AuthenticateCount); - Assert.Equal(0, selector.ForbidCount); - Assert.Equal(0, selector.ChallengeCount); - Assert.Equal(0, selector.SignInCount); - Assert.Equal(0, selector.SignOutCount); - } - - [Fact] - public async Task VerifySignInSchemeCannotBeSetToSelf() - { - var server = CreateServer(o => - { - o.ClientId = "Test Id"; - o.ClientSecret = "Test Secret"; - o.SignInScheme = GoogleDefaults.AuthenticationScheme; - }); - var error = await Assert.ThrowsAsync(() => server.SendAsync("https://example.com/challenge")); - Assert.Contains("cannot be set to itself", error.Message); - } - - [Fact] - public async Task VerifySchemeDefaults() - { - var services = new ServiceCollection(); - services.AddAuthentication().AddGoogle(); - var sp = services.BuildServiceProvider(); - var schemeProvider = sp.GetRequiredService(); - var scheme = await schemeProvider.GetSchemeAsync(GoogleDefaults.AuthenticationScheme); - Assert.NotNull(scheme); - Assert.Equal("GoogleHandler", scheme.HandlerType.Name); - Assert.Equal(GoogleDefaults.AuthenticationScheme, scheme.DisplayName); - } - [Fact] public async Task ChallengeWillTriggerRedirection() { diff --git a/test/Microsoft.AspNetCore.Authentication.Test/JwtBearerTests.cs b/test/Microsoft.AspNetCore.Authentication.Test/JwtBearerTests.cs index d7fcdb4cad..ad77803cde 100644 --- a/test/Microsoft.AspNetCore.Authentication.Test/JwtBearerTests.cs +++ b/test/Microsoft.AspNetCore.Authentication.Test/JwtBearerTests.cs @@ -1,6 +1,12 @@ // Copyright (c) .NET Foundation. All rights reserved. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. +using Microsoft.AspNetCore.Builder; +using Microsoft.AspNetCore.Hosting; +using Microsoft.AspNetCore.Http; +using Microsoft.AspNetCore.TestHost; +using Microsoft.Extensions.DependencyInjection; +using Microsoft.IdentityModel.Tokens; using System; using System.IdentityModel.Tokens.Jwt; using System.Linq; @@ -11,428 +17,30 @@ using System.Security.Claims; using System.Text; using System.Threading.Tasks; using System.Xml.Linq; -using Microsoft.AspNetCore.Authentication.Tests; -using Microsoft.AspNetCore.Builder; -using Microsoft.AspNetCore.Hosting; -using Microsoft.AspNetCore.Http; -using Microsoft.AspNetCore.TestHost; -using Microsoft.AspNetCore.Testing.xunit; -using Microsoft.Extensions.DependencyInjection; -using Microsoft.IdentityModel.Tokens; using Xunit; namespace Microsoft.AspNetCore.Authentication.JwtBearer { - public class JwtBearerTests + public class JwtBearerTests : SharedAuthenticationTests { + protected override string DefaultScheme => JwtBearerDefaults.AuthenticationScheme; + protected override Type HandlerType => typeof(JwtBearerHandler); + protected override bool SupportsSignIn { get => false; } + protected override bool SupportsSignOut { get => false; } + + protected override void RegisterAuth(AuthenticationBuilder services, Action configure) + { + services.AddJwtBearer(o => + { + ConfigureDefaults(o); + configure.Invoke(o); + }); + } + private void ConfigureDefaults(JwtBearerOptions o) { } - [Fact] - public async Task CanForwardDefault() - { - var services = new ServiceCollection().AddLogging(); - - services.AddAuthentication(o => - { - o.DefaultScheme = JwtBearerDefaults.AuthenticationScheme; - o.AddScheme("auth1", "auth1"); - }) - .AddJwtBearer(o => - { - ConfigureDefaults(o); - o.ForwardDefault = "auth1"; - }); - - var forwardDefault = new TestHandler(); - services.AddSingleton(forwardDefault); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - Assert.Equal(0, forwardDefault.AuthenticateCount); - Assert.Equal(0, forwardDefault.ForbidCount); - Assert.Equal(0, forwardDefault.ChallengeCount); - Assert.Equal(0, forwardDefault.SignInCount); - Assert.Equal(0, forwardDefault.SignOutCount); - - await context.AuthenticateAsync(); - Assert.Equal(1, forwardDefault.AuthenticateCount); - - await context.ForbidAsync(); - Assert.Equal(1, forwardDefault.ForbidCount); - - await context.ChallengeAsync(); - Assert.Equal(1, forwardDefault.ChallengeCount); - - await Assert.ThrowsAsync(() => context.SignOutAsync()); - await Assert.ThrowsAsync(() => context.SignInAsync(new ClaimsPrincipal())); - } - - [Fact] - public async Task ForwardSignInThrows() - { - var services = new ServiceCollection().AddLogging(); - - services.AddAuthentication(o => - { - o.DefaultScheme = JwtBearerDefaults.AuthenticationScheme; - o.AddScheme("auth1", "auth1"); - o.AddScheme("specific", "specific"); - }) - .AddJwtBearer(o => - { - ConfigureDefaults(o); - o.ForwardDefault = "auth1"; - o.ForwardSignOut = "specific"; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await Assert.ThrowsAsync(() => context.SignInAsync(new ClaimsPrincipal())); - } - - [Fact] - public async Task ForwardSignOutThrows() - { - var services = new ServiceCollection().AddLogging(); - - services.AddAuthentication(o => - { - o.DefaultScheme = JwtBearerDefaults.AuthenticationScheme; - o.AddScheme("auth1", "auth1"); - o.AddScheme("specific", "specific"); - }) - .AddJwtBearer(o => - { - ConfigureDefaults(o); - o.ForwardDefault = "auth1"; - o.ForwardSignOut = "specific"; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await Assert.ThrowsAsync(() => context.SignOutAsync()); - } - - [Fact] - public async Task ForwardForbidWinsOverDefault() - { - var services = new ServiceCollection().AddLogging(); - - services.AddAuthentication(o => - { - o.DefaultScheme = JwtBearerDefaults.AuthenticationScheme; - o.DefaultSignInScheme = "auth1"; - o.AddScheme("auth1", "auth1"); - o.AddScheme("specific", "specific"); - }) - .AddJwtBearer(o => - { - ConfigureDefaults(o); - o.ForwardDefault = "auth1"; - o.ForwardForbid = "specific"; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await context.ForbidAsync(); - Assert.Equal(0, specific.SignOutCount); - Assert.Equal(0, specific.AuthenticateCount); - Assert.Equal(1, specific.ForbidCount); - Assert.Equal(0, specific.ChallengeCount); - Assert.Equal(0, specific.SignInCount); - - Assert.Equal(0, forwardDefault.AuthenticateCount); - Assert.Equal(0, forwardDefault.ForbidCount); - Assert.Equal(0, forwardDefault.ChallengeCount); - Assert.Equal(0, forwardDefault.SignInCount); - Assert.Equal(0, forwardDefault.SignOutCount); - } - - [Fact] - public async Task ForwardAuthenticateWinsOverDefault() - { - var services = new ServiceCollection().AddLogging(); - - services.AddAuthentication(o => - { - o.DefaultScheme = JwtBearerDefaults.AuthenticationScheme; - o.DefaultSignInScheme = "auth1"; - o.AddScheme("auth1", "auth1"); - o.AddScheme("specific", "specific"); - }) - .AddJwtBearer(o => - { - ConfigureDefaults(o); - o.ForwardDefault = "auth1"; - o.ForwardAuthenticate = "specific"; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await context.AuthenticateAsync(); - Assert.Equal(0, specific.SignOutCount); - Assert.Equal(1, specific.AuthenticateCount); - Assert.Equal(0, specific.ForbidCount); - Assert.Equal(0, specific.ChallengeCount); - Assert.Equal(0, specific.SignInCount); - - Assert.Equal(0, forwardDefault.AuthenticateCount); - Assert.Equal(0, forwardDefault.ForbidCount); - Assert.Equal(0, forwardDefault.ChallengeCount); - Assert.Equal(0, forwardDefault.SignInCount); - Assert.Equal(0, forwardDefault.SignOutCount); - } - - [Fact] - public async Task ForwardChallengeWinsOverDefault() - { - var services = new ServiceCollection().AddLogging(); - services.AddAuthentication(o => - { - o.DefaultScheme = JwtBearerDefaults.AuthenticationScheme; - o.DefaultSignInScheme = "auth1"; - o.AddScheme("specific", "specific"); - o.AddScheme("auth1", "auth1"); - }) - .AddJwtBearer(o => - { - ConfigureDefaults(o); - o.ForwardDefault = "auth1"; - o.ForwardChallenge = "specific"; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await context.ChallengeAsync(); - Assert.Equal(0, specific.SignOutCount); - Assert.Equal(0, specific.AuthenticateCount); - Assert.Equal(0, specific.ForbidCount); - Assert.Equal(1, specific.ChallengeCount); - Assert.Equal(0, specific.SignInCount); - - Assert.Equal(0, forwardDefault.AuthenticateCount); - Assert.Equal(0, forwardDefault.ForbidCount); - Assert.Equal(0, forwardDefault.ChallengeCount); - Assert.Equal(0, forwardDefault.SignInCount); - Assert.Equal(0, forwardDefault.SignOutCount); - } - - [Fact] - public async Task ForwardSelectorWinsOverDefault() - { - var services = new ServiceCollection().AddLogging(); - services.AddAuthentication(o => - { - o.DefaultScheme = JwtBearerDefaults.AuthenticationScheme; - o.AddScheme("auth1", "auth1"); - o.AddScheme("selector", "selector"); - o.AddScheme("specific", "specific"); - }) - .AddJwtBearer(o => - { - ConfigureDefaults(o); - o.ForwardDefault = "auth1"; - o.ForwardDefaultSelector = _ => "selector"; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - var selector = new TestHandler3(); - services.AddSingleton(selector); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await context.AuthenticateAsync(); - Assert.Equal(1, selector.AuthenticateCount); - - await context.ForbidAsync(); - Assert.Equal(1, selector.ForbidCount); - - await context.ChallengeAsync(); - Assert.Equal(1, selector.ChallengeCount); - - await Assert.ThrowsAsync(() => context.SignOutAsync()); - await Assert.ThrowsAsync(() => context.SignInAsync(new ClaimsPrincipal())); - - Assert.Equal(0, forwardDefault.AuthenticateCount); - Assert.Equal(0, forwardDefault.ForbidCount); - Assert.Equal(0, forwardDefault.ChallengeCount); - Assert.Equal(0, forwardDefault.SignInCount); - Assert.Equal(0, forwardDefault.SignOutCount); - Assert.Equal(0, specific.AuthenticateCount); - Assert.Equal(0, specific.ForbidCount); - Assert.Equal(0, specific.ChallengeCount); - Assert.Equal(0, specific.SignInCount); - Assert.Equal(0, specific.SignOutCount); - } - - [Fact] - public async Task NullForwardSelectorUsesDefault() - { - var services = new ServiceCollection().AddLogging(); - services.AddAuthentication(o => - { - o.DefaultScheme = JwtBearerDefaults.AuthenticationScheme; - o.AddScheme("auth1", "auth1"); - o.AddScheme("selector", "selector"); - o.AddScheme("specific", "specific"); - }) - .AddJwtBearer(o => - { - ConfigureDefaults(o); - o.ForwardDefault = "auth1"; - o.ForwardDefaultSelector = _ => null; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - var selector = new TestHandler3(); - services.AddSingleton(selector); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await context.AuthenticateAsync(); - Assert.Equal(1, forwardDefault.AuthenticateCount); - - await context.ForbidAsync(); - Assert.Equal(1, forwardDefault.ForbidCount); - - await context.ChallengeAsync(); - Assert.Equal(1, forwardDefault.ChallengeCount); - - await Assert.ThrowsAsync(() => context.SignOutAsync()); - await Assert.ThrowsAsync(() => context.SignInAsync(new ClaimsPrincipal())); - - Assert.Equal(0, selector.AuthenticateCount); - Assert.Equal(0, selector.ForbidCount); - Assert.Equal(0, selector.ChallengeCount); - Assert.Equal(0, selector.SignInCount); - Assert.Equal(0, selector.SignOutCount); - Assert.Equal(0, specific.AuthenticateCount); - Assert.Equal(0, specific.ForbidCount); - Assert.Equal(0, specific.ChallengeCount); - Assert.Equal(0, specific.SignInCount); - Assert.Equal(0, specific.SignOutCount); - } - - [Fact] - public async Task SpecificForwardWinsOverSelectorAndDefault() - { - var services = new ServiceCollection().AddLogging(); - services.AddAuthentication(o => - { - o.DefaultScheme = JwtBearerDefaults.AuthenticationScheme; - o.AddScheme("auth1", "auth1"); - o.AddScheme("selector", "selector"); - o.AddScheme("specific", "specific"); - }) - .AddJwtBearer(o => - { - ConfigureDefaults(o); - o.ForwardDefault = "auth1"; - o.ForwardDefaultSelector = _ => "selector"; - o.ForwardAuthenticate = "specific"; - o.ForwardChallenge = "specific"; - o.ForwardSignIn = "specific"; - o.ForwardSignOut = "specific"; - o.ForwardForbid = "specific"; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - var selector = new TestHandler3(); - services.AddSingleton(selector); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await context.AuthenticateAsync(); - Assert.Equal(1, specific.AuthenticateCount); - - await context.ForbidAsync(); - Assert.Equal(1, specific.ForbidCount); - - await context.ChallengeAsync(); - Assert.Equal(1, specific.ChallengeCount); - - await Assert.ThrowsAsync(() => context.SignOutAsync()); - await Assert.ThrowsAsync(() => context.SignInAsync(new ClaimsPrincipal())); - - Assert.Equal(0, forwardDefault.AuthenticateCount); - Assert.Equal(0, forwardDefault.ForbidCount); - Assert.Equal(0, forwardDefault.ChallengeCount); - Assert.Equal(0, forwardDefault.SignInCount); - Assert.Equal(0, forwardDefault.SignOutCount); - Assert.Equal(0, selector.AuthenticateCount); - Assert.Equal(0, selector.ForbidCount); - Assert.Equal(0, selector.ChallengeCount); - Assert.Equal(0, selector.SignInCount); - Assert.Equal(0, selector.SignOutCount); - } - - [Fact] - public async Task VerifySchemeDefaults() - { - var services = new ServiceCollection(); - services.AddAuthentication().AddJwtBearer(); - var sp = services.BuildServiceProvider(); - var schemeProvider = sp.GetRequiredService(); - var scheme = await schemeProvider.GetSchemeAsync(JwtBearerDefaults.AuthenticationScheme); - Assert.NotNull(scheme); - Assert.Equal("JwtBearerHandler", scheme.HandlerType.Name); - Assert.Null(scheme.DisplayName); - } - [Fact] public async Task BearerTokenValidation() { diff --git a/test/Microsoft.AspNetCore.Authentication.Test/MicrosoftAccountTests.cs b/test/Microsoft.AspNetCore.Authentication.Test/MicrosoftAccountTests.cs index e2e13f270e..26a5484c83 100644 --- a/test/Microsoft.AspNetCore.Authentication.Test/MicrosoftAccountTests.cs +++ b/test/Microsoft.AspNetCore.Authentication.Test/MicrosoftAccountTests.cs @@ -1,14 +1,5 @@ // Copyright (c) .NET Foundation. All rights reserved. See License.txt in the project root for license information. -using System; -using System.Collections.Generic; -using System.Linq; -using System.Net; -using System.Net.Http; -using System.Security.Claims; -using System.Text; -using System.Text.Encodings.Web; -using System.Threading.Tasks; using Microsoft.AspNetCore.Authentication.MicrosoftAccount; using Microsoft.AspNetCore.Authentication.OAuth; using Microsoft.AspNetCore.Builder; @@ -16,438 +7,44 @@ using Microsoft.AspNetCore.DataProtection; using Microsoft.AspNetCore.Hosting; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.TestHost; -using Microsoft.Extensions.Configuration; using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.Logging.Abstractions; -using Microsoft.Extensions.Options; using Newtonsoft.Json; +using System; +using System.Linq; +using System.Net; +using System.Net.Http; +using System.Security.Claims; +using System.Text; +using System.Text.Encodings.Web; +using System.Threading.Tasks; using Xunit; namespace Microsoft.AspNetCore.Authentication.Tests.MicrosoftAccount { - public class MicrosoftAccountTests + public class MicrosoftAccountTests : RemoteAuthenticationTests { - private void ConfigureDefaults(MicrosoftAccountOptions o) + protected override string DefaultScheme => MicrosoftAccountDefaults.AuthenticationScheme; + protected override Type HandlerType => typeof(MicrosoftAccountHandler); + protected override bool SupportsSignIn { get => false; } + protected override bool SupportsSignOut { get => false; } + + protected override void RegisterAuth(AuthenticationBuilder services, Action configure) + { + services.AddMicrosoftAccount(o => + { + ConfigureDefaults(o); + configure.Invoke(o); + }); + } + + protected override void ConfigureDefaults(MicrosoftAccountOptions o) { o.ClientId = "whatever"; o.ClientSecret = "whatever"; o.SignInScheme = "auth1"; } - [Fact] - public async Task CanForwardDefault() - { - var services = new ServiceCollection().AddLogging(); - - services.AddAuthentication(o => - { - o.DefaultScheme = MicrosoftAccountDefaults.AuthenticationScheme; - o.AddScheme("auth1", "auth1"); - }) - .AddMicrosoftAccount(o => - { - ConfigureDefaults(o); - o.ForwardDefault = "auth1"; - }); - - var forwardDefault = new TestHandler(); - services.AddSingleton(forwardDefault); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - Assert.Equal(0, forwardDefault.AuthenticateCount); - Assert.Equal(0, forwardDefault.ForbidCount); - Assert.Equal(0, forwardDefault.ChallengeCount); - Assert.Equal(0, forwardDefault.SignInCount); - Assert.Equal(0, forwardDefault.SignOutCount); - - await context.AuthenticateAsync(); - Assert.Equal(1, forwardDefault.AuthenticateCount); - - await context.ForbidAsync(); - Assert.Equal(1, forwardDefault.ForbidCount); - - await context.ChallengeAsync(); - Assert.Equal(1, forwardDefault.ChallengeCount); - - await Assert.ThrowsAsync(() => context.SignOutAsync()); - await Assert.ThrowsAsync(() => context.SignInAsync(new ClaimsPrincipal())); - } - - [Fact] - public async Task ForwardSignInThrows() - { - var services = new ServiceCollection().AddLogging(); - - services.AddAuthentication(o => - { - o.DefaultScheme = MicrosoftAccountDefaults.AuthenticationScheme; - o.AddScheme("auth1", "auth1"); - o.AddScheme("specific", "specific"); - }) - .AddMicrosoftAccount(o => - { - ConfigureDefaults(o); - o.ForwardDefault = "auth1"; - o.ForwardSignOut = "specific"; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await Assert.ThrowsAsync(() => context.SignInAsync(new ClaimsPrincipal())); - } - - [Fact] - public async Task ForwardSignOutThrows() - { - var services = new ServiceCollection().AddLogging(); - - services.AddAuthentication(o => - { - o.DefaultScheme = MicrosoftAccountDefaults.AuthenticationScheme; - o.AddScheme("auth1", "auth1"); - o.AddScheme("specific", "specific"); - }) - .AddMicrosoftAccount(o => - { - ConfigureDefaults(o); - o.ForwardDefault = "auth1"; - o.ForwardSignOut = "specific"; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await Assert.ThrowsAsync(() => context.SignOutAsync()); - } - - [Fact] - public async Task ForwardForbidWinsOverDefault() - { - var services = new ServiceCollection().AddLogging(); - - services.AddAuthentication(o => - { - o.DefaultScheme = MicrosoftAccountDefaults.AuthenticationScheme; - o.AddScheme("auth1", "auth1"); - o.AddScheme("specific", "specific"); - }) - .AddMicrosoftAccount(o => - { - ConfigureDefaults(o); - o.ForwardDefault = "auth1"; - o.ForwardForbid = "specific"; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await context.ForbidAsync(); - Assert.Equal(0, specific.SignOutCount); - Assert.Equal(0, specific.AuthenticateCount); - Assert.Equal(1, specific.ForbidCount); - Assert.Equal(0, specific.ChallengeCount); - Assert.Equal(0, specific.SignInCount); - - Assert.Equal(0, forwardDefault.AuthenticateCount); - Assert.Equal(0, forwardDefault.ForbidCount); - Assert.Equal(0, forwardDefault.ChallengeCount); - Assert.Equal(0, forwardDefault.SignInCount); - Assert.Equal(0, forwardDefault.SignOutCount); - } - - [Fact] - public async Task ForwardAuthenticateWinsOverDefault() - { - var services = new ServiceCollection().AddLogging(); - - services.AddAuthentication(o => - { - o.DefaultScheme = MicrosoftAccountDefaults.AuthenticationScheme; - o.AddScheme("auth1", "auth1"); - o.AddScheme("specific", "specific"); - }) - .AddMicrosoftAccount(o => - { - ConfigureDefaults(o); - o.ForwardDefault = "auth1"; - o.ForwardAuthenticate = "specific"; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await context.AuthenticateAsync(); - Assert.Equal(0, specific.SignOutCount); - Assert.Equal(1, specific.AuthenticateCount); - Assert.Equal(0, specific.ForbidCount); - Assert.Equal(0, specific.ChallengeCount); - Assert.Equal(0, specific.SignInCount); - - Assert.Equal(0, forwardDefault.AuthenticateCount); - Assert.Equal(0, forwardDefault.ForbidCount); - Assert.Equal(0, forwardDefault.ChallengeCount); - Assert.Equal(0, forwardDefault.SignInCount); - Assert.Equal(0, forwardDefault.SignOutCount); - } - - [Fact] - public async Task ForwardChallengeWinsOverDefault() - { - var services = new ServiceCollection().AddLogging(); - services.AddAuthentication(o => - { - o.DefaultScheme = MicrosoftAccountDefaults.AuthenticationScheme; - o.AddScheme("specific", "specific"); - o.AddScheme("auth1", "auth1"); - }) - .AddMicrosoftAccount(o => - { - ConfigureDefaults(o); - o.ForwardDefault = "auth1"; - o.ForwardChallenge = "specific"; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await context.ChallengeAsync(); - Assert.Equal(0, specific.SignOutCount); - Assert.Equal(0, specific.AuthenticateCount); - Assert.Equal(0, specific.ForbidCount); - Assert.Equal(1, specific.ChallengeCount); - Assert.Equal(0, specific.SignInCount); - - Assert.Equal(0, forwardDefault.AuthenticateCount); - Assert.Equal(0, forwardDefault.ForbidCount); - Assert.Equal(0, forwardDefault.ChallengeCount); - Assert.Equal(0, forwardDefault.SignInCount); - Assert.Equal(0, forwardDefault.SignOutCount); - } - - [Fact] - public async Task ForwardSelectorWinsOverDefault() - { - var services = new ServiceCollection().AddLogging(); - services.AddAuthentication(o => - { - o.DefaultScheme = MicrosoftAccountDefaults.AuthenticationScheme; - o.AddScheme("auth1", "auth1"); - o.AddScheme("selector", "selector"); - o.AddScheme("specific", "specific"); - }) - .AddMicrosoftAccount(o => - { - ConfigureDefaults(o); - o.ForwardDefault = "auth1"; - o.ForwardDefaultSelector = _ => "selector"; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - var selector = new TestHandler3(); - services.AddSingleton(selector); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await context.AuthenticateAsync(); - Assert.Equal(1, selector.AuthenticateCount); - - await context.ForbidAsync(); - Assert.Equal(1, selector.ForbidCount); - - await context.ChallengeAsync(); - Assert.Equal(1, selector.ChallengeCount); - - await Assert.ThrowsAsync(() => context.SignOutAsync()); - await Assert.ThrowsAsync(() => context.SignInAsync(new ClaimsPrincipal())); - - Assert.Equal(0, forwardDefault.AuthenticateCount); - Assert.Equal(0, forwardDefault.ForbidCount); - Assert.Equal(0, forwardDefault.ChallengeCount); - Assert.Equal(0, forwardDefault.SignInCount); - Assert.Equal(0, forwardDefault.SignOutCount); - Assert.Equal(0, specific.AuthenticateCount); - Assert.Equal(0, specific.ForbidCount); - Assert.Equal(0, specific.ChallengeCount); - Assert.Equal(0, specific.SignInCount); - Assert.Equal(0, specific.SignOutCount); - } - - [Fact] - public async Task NullForwardSelectorUsesDefault() - { - var services = new ServiceCollection().AddLogging(); - services.AddAuthentication(o => - { - o.DefaultScheme = MicrosoftAccountDefaults.AuthenticationScheme; - o.AddScheme("auth1", "auth1"); - o.AddScheme("selector", "selector"); - o.AddScheme("specific", "specific"); - }) - .AddMicrosoftAccount(o => - { - ConfigureDefaults(o); - o.ForwardDefault = "auth1"; - o.ForwardDefaultSelector = _ => null; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - var selector = new TestHandler3(); - services.AddSingleton(selector); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await context.AuthenticateAsync(); - Assert.Equal(1, forwardDefault.AuthenticateCount); - - await context.ForbidAsync(); - Assert.Equal(1, forwardDefault.ForbidCount); - - await context.ChallengeAsync(); - Assert.Equal(1, forwardDefault.ChallengeCount); - - await Assert.ThrowsAsync(() => context.SignOutAsync()); - await Assert.ThrowsAsync(() => context.SignInAsync(new ClaimsPrincipal())); - - Assert.Equal(0, selector.AuthenticateCount); - Assert.Equal(0, selector.ForbidCount); - Assert.Equal(0, selector.ChallengeCount); - Assert.Equal(0, selector.SignInCount); - Assert.Equal(0, selector.SignOutCount); - Assert.Equal(0, specific.AuthenticateCount); - Assert.Equal(0, specific.ForbidCount); - Assert.Equal(0, specific.ChallengeCount); - Assert.Equal(0, specific.SignInCount); - Assert.Equal(0, specific.SignOutCount); - } - - [Fact] - public async Task SpecificForwardWinsOverSelectorAndDefault() - { - var services = new ServiceCollection().AddLogging(); - services.AddAuthentication(o => - { - o.DefaultScheme = MicrosoftAccountDefaults.AuthenticationScheme; - o.AddScheme("auth1", "auth1"); - o.AddScheme("selector", "selector"); - o.AddScheme("specific", "specific"); - }) - .AddMicrosoftAccount(o => - { - ConfigureDefaults(o); - o.ForwardDefault = "auth1"; - o.ForwardDefaultSelector = _ => "selector"; - o.ForwardAuthenticate = "specific"; - o.ForwardChallenge = "specific"; - o.ForwardSignIn = "specific"; - o.ForwardSignOut = "specific"; - o.ForwardForbid = "specific"; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - var selector = new TestHandler3(); - services.AddSingleton(selector); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await context.AuthenticateAsync(); - Assert.Equal(1, specific.AuthenticateCount); - - await context.ForbidAsync(); - Assert.Equal(1, specific.ForbidCount); - - await context.ChallengeAsync(); - Assert.Equal(1, specific.ChallengeCount); - - await Assert.ThrowsAsync(() => context.SignOutAsync()); - await Assert.ThrowsAsync(() => context.SignInAsync(new ClaimsPrincipal())); - - Assert.Equal(0, forwardDefault.AuthenticateCount); - Assert.Equal(0, forwardDefault.ForbidCount); - Assert.Equal(0, forwardDefault.ChallengeCount); - Assert.Equal(0, forwardDefault.SignInCount); - Assert.Equal(0, forwardDefault.SignOutCount); - Assert.Equal(0, selector.AuthenticateCount); - Assert.Equal(0, selector.ForbidCount); - Assert.Equal(0, selector.ChallengeCount); - Assert.Equal(0, selector.SignInCount); - Assert.Equal(0, selector.SignOutCount); - } - - [Fact] - public async Task VerifySignInSchemeCannotBeSetToSelf() - { - var server = CreateServer(o => - { - o.ClientId = "Test Id"; - o.ClientSecret = "Test Secret"; - o.SignInScheme = MicrosoftAccountDefaults.AuthenticationScheme; - }); - var error = await Assert.ThrowsAsync(() => server.SendAsync("https://example.com/challenge")); - Assert.Contains("cannot be set to itself", error.Message); - } - - [Fact] - public async Task VerifySchemeDefaults() - { - var services = new ServiceCollection(); - services.AddAuthentication().AddMicrosoftAccount(); - var sp = services.BuildServiceProvider(); - var schemeProvider = sp.GetRequiredService(); - var scheme = await schemeProvider.GetSchemeAsync(MicrosoftAccountDefaults.AuthenticationScheme); - Assert.NotNull(scheme); - Assert.Equal("MicrosoftAccountHandler", scheme.HandlerType.Name); - Assert.Equal(MicrosoftAccountDefaults.AuthenticationScheme, scheme.DisplayName); - } - [Fact] public async Task ChallengeWillTriggerApplyRedirectEvent() { diff --git a/test/Microsoft.AspNetCore.Authentication.Test/OAuthTests.cs b/test/Microsoft.AspNetCore.Authentication.Test/OAuthTests.cs index 4b822b611f..87131b8d7b 100644 --- a/test/Microsoft.AspNetCore.Authentication.Test/OAuthTests.cs +++ b/test/Microsoft.AspNetCore.Authentication.Test/OAuthTests.cs @@ -1,447 +1,34 @@ // Copyright (c) .NET Foundation. All rights reserved. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. -using System; -using System.Collections.Generic; -using System.Net; -using System.Security.Claims; -using System.Threading.Tasks; using Microsoft.AspNetCore.Authentication.Cookies; -using Microsoft.AspNetCore.Authentication.Tests; using Microsoft.AspNetCore.Builder; using Microsoft.AspNetCore.Hosting; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.TestHost; using Microsoft.Extensions.DependencyInjection; +using System; +using System.Collections.Generic; +using System.Net; +using System.Threading.Tasks; using Xunit; namespace Microsoft.AspNetCore.Authentication.OAuth { - public class OAuthTests + public class OAuthTests : RemoteAuthenticationTests { - [Fact] - public async Task CanForwardDefault() - { - var services = new ServiceCollection().AddLogging(); + protected override string DefaultScheme => OAuthDefaults.DisplayName; + protected override Type HandlerType => typeof(OAuthHandler); + protected override bool SupportsSignIn { get => false; } + protected override bool SupportsSignOut { get => false; } - services.AddAuthentication(o => - { - o.DefaultScheme = "default"; - o.AddScheme("auth1", "auth1"); - }) - .AddOAuth("default", o => + protected override void RegisterAuth(AuthenticationBuilder services, Action configure) + { + services.AddOAuth(DefaultScheme, o => { ConfigureDefaults(o); - o.SignInScheme = "auth1"; - o.ForwardDefault = "auth1"; + configure.Invoke(o); }); - - var forwardDefault = new TestHandler(); - services.AddSingleton(forwardDefault); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - Assert.Equal(0, forwardDefault.AuthenticateCount); - Assert.Equal(0, forwardDefault.ForbidCount); - Assert.Equal(0, forwardDefault.ChallengeCount); - Assert.Equal(0, forwardDefault.SignInCount); - Assert.Equal(0, forwardDefault.SignOutCount); - - await context.AuthenticateAsync(); - Assert.Equal(1, forwardDefault.AuthenticateCount); - - await context.ForbidAsync(); - Assert.Equal(1, forwardDefault.ForbidCount); - - await context.ChallengeAsync(); - Assert.Equal(1, forwardDefault.ChallengeCount); - - await Assert.ThrowsAsync(() => context.SignOutAsync()); - await Assert.ThrowsAsync(() => context.SignInAsync(new ClaimsPrincipal())); - } - - [Fact] - public async Task ForwardSignInThrows() - { - var services = new ServiceCollection().AddLogging(); - - services.AddAuthentication(o => - { - o.DefaultScheme = "default"; - o.AddScheme("auth1", "auth1"); - o.AddScheme("specific", "specific"); - }) - .AddOAuth("default", o => - { - ConfigureDefaults(o); - o.SignInScheme = "auth1"; - o.ForwardDefault = "auth1"; - o.ForwardSignOut = "specific"; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await Assert.ThrowsAsync(() => context.SignInAsync(new ClaimsPrincipal())); - } - - [Fact] - public async Task ForwardSignOutThrows() - { - var services = new ServiceCollection().AddLogging(); - - services.AddAuthentication(o => - { - o.DefaultScheme = "default"; - o.AddScheme("auth1", "auth1"); - o.AddScheme("specific", "specific"); - }) - .AddOAuth("default", o => - { - ConfigureDefaults(o); - o.SignInScheme = "auth1"; - o.ForwardDefault = "auth1"; - o.ForwardSignOut = "specific"; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await Assert.ThrowsAsync(() => context.SignOutAsync()); - } - - [Fact] - public async Task ForwardForbidWinsOverDefault() - { - var services = new ServiceCollection().AddLogging(); - - services.AddAuthentication(o => - { - o.DefaultScheme = "default"; - o.DefaultSignInScheme = "auth1"; - o.AddScheme("auth1", "auth1"); - o.AddScheme("specific", "specific"); - }) - .AddOAuth("default", o => - { - ConfigureDefaults(o); - o.ForwardDefault = "auth1"; - o.ForwardForbid = "specific"; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await context.ForbidAsync(); - Assert.Equal(0, specific.SignOutCount); - Assert.Equal(0, specific.AuthenticateCount); - Assert.Equal(1, specific.ForbidCount); - Assert.Equal(0, specific.ChallengeCount); - Assert.Equal(0, specific.SignInCount); - - Assert.Equal(0, forwardDefault.AuthenticateCount); - Assert.Equal(0, forwardDefault.ForbidCount); - Assert.Equal(0, forwardDefault.ChallengeCount); - Assert.Equal(0, forwardDefault.SignInCount); - Assert.Equal(0, forwardDefault.SignOutCount); - } - - [Fact] - public async Task ForwardAuthenticateWinsOverDefault() - { - var services = new ServiceCollection().AddLogging(); - - services.AddAuthentication(o => - { - o.DefaultScheme = "default"; - o.DefaultSignInScheme = "auth1"; - o.AddScheme("auth1", "auth1"); - o.AddScheme("specific", "specific"); - }) - .AddOAuth("default", o => - { - ConfigureDefaults(o); - o.ForwardDefault = "auth1"; - o.ForwardAuthenticate = "specific"; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await context.AuthenticateAsync(); - Assert.Equal(0, specific.SignOutCount); - Assert.Equal(1, specific.AuthenticateCount); - Assert.Equal(0, specific.ForbidCount); - Assert.Equal(0, specific.ChallengeCount); - Assert.Equal(0, specific.SignInCount); - - Assert.Equal(0, forwardDefault.AuthenticateCount); - Assert.Equal(0, forwardDefault.ForbidCount); - Assert.Equal(0, forwardDefault.ChallengeCount); - Assert.Equal(0, forwardDefault.SignInCount); - Assert.Equal(0, forwardDefault.SignOutCount); - } - - [Fact] - public async Task ForwardChallengeWinsOverDefault() - { - var services = new ServiceCollection().AddLogging(); - services.AddAuthentication(o => - { - o.DefaultScheme = "default"; - o.DefaultSignInScheme = "auth1"; - o.AddScheme("specific", "specific"); - o.AddScheme("auth1", "auth1"); - }) - .AddOAuth("default", o => - { - ConfigureDefaults(o); - o.ForwardDefault = "auth1"; - o.ForwardChallenge = "specific"; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await context.ChallengeAsync(); - Assert.Equal(0, specific.SignOutCount); - Assert.Equal(0, specific.AuthenticateCount); - Assert.Equal(0, specific.ForbidCount); - Assert.Equal(1, specific.ChallengeCount); - Assert.Equal(0, specific.SignInCount); - - Assert.Equal(0, forwardDefault.AuthenticateCount); - Assert.Equal(0, forwardDefault.ForbidCount); - Assert.Equal(0, forwardDefault.ChallengeCount); - Assert.Equal(0, forwardDefault.SignInCount); - Assert.Equal(0, forwardDefault.SignOutCount); - } - - [Fact] - public async Task ForwardSelectorWinsOverDefault() - { - var services = new ServiceCollection().AddLogging(); - services.AddAuthentication(o => - { - o.DefaultScheme = "default"; - o.AddScheme("auth1", "auth1"); - o.AddScheme("selector", "selector"); - o.AddScheme("specific", "specific"); - }) - .AddOAuth("default", o => - { - ConfigureDefaults(o); - o.ForwardDefault = "auth1"; - o.ForwardDefaultSelector = _ => "selector"; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - var selector = new TestHandler3(); - services.AddSingleton(selector); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await context.AuthenticateAsync(); - Assert.Equal(1, selector.AuthenticateCount); - - await context.ForbidAsync(); - Assert.Equal(1, selector.ForbidCount); - - await context.ChallengeAsync(); - Assert.Equal(1, selector.ChallengeCount); - - await Assert.ThrowsAsync(() => context.SignOutAsync()); - await Assert.ThrowsAsync(() => context.SignInAsync(new ClaimsPrincipal())); - - Assert.Equal(0, forwardDefault.AuthenticateCount); - Assert.Equal(0, forwardDefault.ForbidCount); - Assert.Equal(0, forwardDefault.ChallengeCount); - Assert.Equal(0, forwardDefault.SignInCount); - Assert.Equal(0, forwardDefault.SignOutCount); - Assert.Equal(0, specific.AuthenticateCount); - Assert.Equal(0, specific.ForbidCount); - Assert.Equal(0, specific.ChallengeCount); - Assert.Equal(0, specific.SignInCount); - Assert.Equal(0, specific.SignOutCount); - } - - [Fact] - public async Task NullForwardSelectorUsesDefault() - { - var services = new ServiceCollection().AddLogging(); - services.AddAuthentication(o => - { - o.DefaultScheme = "default"; - o.AddScheme("auth1", "auth1"); - o.AddScheme("selector", "selector"); - o.AddScheme("specific", "specific"); - }) - .AddOAuth("default", o => - { - ConfigureDefaults(o); - o.ForwardDefault = "auth1"; - o.ForwardDefaultSelector = _ => null; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - var selector = new TestHandler3(); - services.AddSingleton(selector); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await context.AuthenticateAsync(); - Assert.Equal(1, forwardDefault.AuthenticateCount); - - await context.ForbidAsync(); - Assert.Equal(1, forwardDefault.ForbidCount); - - await context.ChallengeAsync(); - Assert.Equal(1, forwardDefault.ChallengeCount); - - await Assert.ThrowsAsync(() => context.SignOutAsync()); - await Assert.ThrowsAsync(() => context.SignInAsync(new ClaimsPrincipal())); - - Assert.Equal(0, selector.AuthenticateCount); - Assert.Equal(0, selector.ForbidCount); - Assert.Equal(0, selector.ChallengeCount); - Assert.Equal(0, selector.SignInCount); - Assert.Equal(0, selector.SignOutCount); - Assert.Equal(0, specific.AuthenticateCount); - Assert.Equal(0, specific.ForbidCount); - Assert.Equal(0, specific.ChallengeCount); - Assert.Equal(0, specific.SignInCount); - Assert.Equal(0, specific.SignOutCount); - } - - [Fact] - public async Task SpecificForwardWinsOverSelectorAndDefault() - { - var services = new ServiceCollection().AddLogging(); - services.AddAuthentication(o => - { - o.DefaultScheme = "default"; - o.AddScheme("auth1", "auth1"); - o.AddScheme("selector", "selector"); - o.AddScheme("specific", "specific"); - }) - .AddOAuth("default", o => - { - ConfigureDefaults(o); - o.ForwardDefault = "auth1"; - o.ForwardDefaultSelector = _ => "selector"; - o.ForwardAuthenticate = "specific"; - o.ForwardChallenge = "specific"; - o.ForwardSignIn = "specific"; - o.ForwardSignOut = "specific"; - o.ForwardForbid = "specific"; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - var selector = new TestHandler3(); - services.AddSingleton(selector); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await context.AuthenticateAsync(); - Assert.Equal(1, specific.AuthenticateCount); - - await context.ForbidAsync(); - Assert.Equal(1, specific.ForbidCount); - - await context.ChallengeAsync(); - Assert.Equal(1, specific.ChallengeCount); - - await Assert.ThrowsAsync(() => context.SignOutAsync()); - await Assert.ThrowsAsync(() => context.SignInAsync(new ClaimsPrincipal())); - - Assert.Equal(0, forwardDefault.AuthenticateCount); - Assert.Equal(0, forwardDefault.ForbidCount); - Assert.Equal(0, forwardDefault.ChallengeCount); - Assert.Equal(0, forwardDefault.SignInCount); - Assert.Equal(0, forwardDefault.SignOutCount); - Assert.Equal(0, selector.AuthenticateCount); - Assert.Equal(0, selector.ForbidCount); - Assert.Equal(0, selector.ChallengeCount); - Assert.Equal(0, selector.SignInCount); - Assert.Equal(0, selector.SignOutCount); - } - - - [Fact] - public async Task VerifySignInSchemeCannotBeSetToSelf() - { - var server = CreateServer( - services => services.AddAuthentication().AddOAuth("weeblie", o => - { - o.SignInScheme = "weeblie"; - o.ClientId = "whatever"; - o.ClientSecret = "whatever"; - o.CallbackPath = "/whatever"; - o.AuthorizationEndpoint = "/whatever"; - o.TokenEndpoint = "/whatever"; - })); - var error = await Assert.ThrowsAsync(() => server.SendAsync("https://example.com/")); - Assert.Contains("cannot be set to itself", error.Message); - } - - [Fact] - public async Task VerifySchemeDefaults() - { - var services = new ServiceCollection(); - services.AddAuthentication().AddOAuth("oauth", o => { }); - var sp = services.BuildServiceProvider(); - var schemeProvider = sp.GetRequiredService(); - var scheme = await schemeProvider.GetSchemeAsync("oauth"); - Assert.NotNull(scheme); - Assert.Equal("OAuthHandler`1", scheme.HandlerType.Name); - Assert.Equal(OAuthDefaults.DisplayName, scheme.DisplayName); } [Fact] @@ -654,7 +241,7 @@ namespace Microsoft.AspNetCore.Authentication.OAuth Assert.Contains("scope=baz%20qux", res.Headers.Location.Query); } - private void ConfigureDefaults(OAuthOptions o) + protected override void ConfigureDefaults(OAuthOptions o) { o.ClientId = "Test Id"; o.ClientSecret = "secret"; diff --git a/test/Microsoft.AspNetCore.Authentication.Test/RemoteAuthenticationTests.cs b/test/Microsoft.AspNetCore.Authentication.Test/RemoteAuthenticationTests.cs new file mode 100644 index 0000000000..d477e75347 --- /dev/null +++ b/test/Microsoft.AspNetCore.Authentication.Test/RemoteAuthenticationTests.cs @@ -0,0 +1,92 @@ +// Copyright (c) .NET Foundation. All rights reserved. +// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. + +using Microsoft.AspNetCore.Builder; +using Microsoft.AspNetCore.Hosting; +using Microsoft.AspNetCore.Http; +using Microsoft.AspNetCore.TestHost; +using Microsoft.Extensions.DependencyInjection; +using System; +using System.Threading.Tasks; +using Xunit; + +namespace Microsoft.AspNetCore.Authentication +{ + public abstract class RemoteAuthenticationTests : SharedAuthenticationTests where TOptions : RemoteAuthenticationOptions + { + protected override string DisplayName => DefaultScheme; + + private TestServer CreateServer(Action configureOptions, Func testpath = null, bool isDefault = true) + => CreateServerWithServices(s => + { + var builder = s.AddAuthentication(); + if (isDefault) + { + s.Configure(o => o.DefaultScheme = DefaultScheme); + } + RegisterAuth(builder, configureOptions); + s.AddSingleton(Clock); + }, testpath); + + + protected virtual TestServer CreateServerWithServices(Action configureServices, Func testpath = null) + { + //private static TestServer CreateServer(Action configure, Action configureServices, Func> handler) + var builder = new WebHostBuilder() + .Configure(app => + { + app.Use(async (context, next) => + { + if (testpath != null) + { + await testpath(context); + } + await next(); + }); + }) + .ConfigureServices(configureServices); + return new TestServer(builder); + } + + protected abstract void ConfigureDefaults(TOptions o); + + [Fact] + public async Task VerifySignInSchemeCannotBeSetToSelf() + { + var server = CreateServer( + o => + { + ConfigureDefaults(o); + o.SignInScheme = DefaultScheme; + }, + context => context.ChallengeAsync(DefaultScheme)); + var error = await Assert.ThrowsAsync(() => server.SendAsync("https://example.com/challenge")); + Assert.Contains("cannot be set to itself", error.Message); + } + + [Fact] + public async Task VerifySignInSchemeCannotBeSetToSelfUsingDefaultScheme() + { + var server = CreateServer( + o => o.SignInScheme = null, + context => context.ChallengeAsync(DefaultScheme), + isDefault: true); + var error = await Assert.ThrowsAsync(() => server.SendAsync("https://example.com/challenge")); + Assert.Contains("cannot be set to itself", error.Message); + } + + [Fact] + public async Task VerifySignInSchemeCannotBeSetToSelfUsingDefaultSignInScheme() + { + var server = CreateServerWithServices( + services => + { + var builder = services.AddAuthentication(o => o.DefaultSignInScheme = DefaultScheme); + RegisterAuth(builder, o => o.SignInScheme = null); + }, + context => context.ChallengeAsync(DefaultScheme)); + var error = await Assert.ThrowsAsync(() => server.SendAsync("https://example.com/challenge")); + Assert.Contains("cannot be set to itself", error.Message); + } + } +} diff --git a/test/Microsoft.AspNetCore.Authentication.Test/SharedAuthenticationTests.cs b/test/Microsoft.AspNetCore.Authentication.Test/SharedAuthenticationTests.cs new file mode 100644 index 0000000000..4590c4915d --- /dev/null +++ b/test/Microsoft.AspNetCore.Authentication.Test/SharedAuthenticationTests.cs @@ -0,0 +1,510 @@ +// Copyright (c) .NET Foundation. All rights reserved. +// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. + +using Microsoft.AspNetCore.Authentication.Tests; +using Microsoft.AspNetCore.Http; +using Microsoft.Extensions.DependencyInjection; +using System; +using System.Security.Claims; +using System.Threading.Tasks; +using Xunit; + +namespace Microsoft.AspNetCore.Authentication +{ + public abstract class SharedAuthenticationTests where TOptions : AuthenticationSchemeOptions + { + protected TestClock Clock { get; } = new TestClock(); + + protected abstract string DefaultScheme { get; } + protected virtual string DisplayName { get; } + protected abstract Type HandlerType { get; } + + protected virtual bool SupportsSignIn { get => true; } + protected virtual bool SupportsSignOut { get => true; } + + protected abstract void RegisterAuth(AuthenticationBuilder services, Action configure); + + [Fact] + public async Task CanForwardDefault() + { + var services = new ServiceCollection().AddLogging(); + + var builder = services.AddAuthentication(o => + { + o.DefaultScheme = DefaultScheme; + o.AddScheme("auth1", "auth1"); + }); + RegisterAuth(builder, o => o.ForwardDefault = "auth1"); + + var forwardDefault = new TestHandler(); + services.AddSingleton(forwardDefault); + + var sp = services.BuildServiceProvider(); + var context = new DefaultHttpContext(); + context.RequestServices = sp; + + Assert.Equal(0, forwardDefault.AuthenticateCount); + Assert.Equal(0, forwardDefault.ForbidCount); + Assert.Equal(0, forwardDefault.ChallengeCount); + Assert.Equal(0, forwardDefault.SignInCount); + Assert.Equal(0, forwardDefault.SignOutCount); + + await context.AuthenticateAsync(); + Assert.Equal(1, forwardDefault.AuthenticateCount); + + await context.ForbidAsync(); + Assert.Equal(1, forwardDefault.ForbidCount); + + await context.ChallengeAsync(); + Assert.Equal(1, forwardDefault.ChallengeCount); + + if (SupportsSignOut) + { + await context.SignOutAsync(); + Assert.Equal(1, forwardDefault.SignOutCount); + } + else + { + await Assert.ThrowsAsync(() => context.SignOutAsync()); + } + + if (SupportsSignIn) + { + await context.SignInAsync(new ClaimsPrincipal()); + Assert.Equal(1, forwardDefault.SignInCount); + } + else + { + await Assert.ThrowsAsync(() => context.SignInAsync(new ClaimsPrincipal())); + } + } + + [Fact] + public async Task ForwardSignInWinsOverDefault() + { + if (SupportsSignIn) + { + var services = new ServiceCollection().AddLogging(); + + var builder = services.AddAuthentication(o => + { + o.DefaultScheme = DefaultScheme; + o.AddScheme("auth1", "auth1"); + o.AddScheme("specific", "specific"); + }); + RegisterAuth(builder, o => + { + o.ForwardDefault = "auth1"; + o.ForwardSignIn = "specific"; + }); + + var specific = new TestHandler(); + services.AddSingleton(specific); + var forwardDefault = new TestHandler2(); + services.AddSingleton(forwardDefault); + + var sp = services.BuildServiceProvider(); + var context = new DefaultHttpContext(); + context.RequestServices = sp; + + await context.SignInAsync(new ClaimsPrincipal()); + Assert.Equal(1, specific.SignInCount); + Assert.Equal(0, specific.AuthenticateCount); + Assert.Equal(0, specific.ForbidCount); + Assert.Equal(0, specific.ChallengeCount); + Assert.Equal(0, specific.SignOutCount); + + Assert.Equal(0, forwardDefault.AuthenticateCount); + Assert.Equal(0, forwardDefault.ForbidCount); + Assert.Equal(0, forwardDefault.ChallengeCount); + Assert.Equal(0, forwardDefault.SignInCount); + Assert.Equal(0, forwardDefault.SignOutCount); + } + } + + [Fact] + public async Task ForwardSignOutWinsOverDefault() + { + if (SupportsSignOut) + { + var services = new ServiceCollection().AddLogging(); + var builder = services.AddAuthentication(o => + { + o.DefaultScheme = DefaultScheme; + o.AddScheme("auth1", "auth1"); + o.AddScheme("specific", "specific"); + }); + RegisterAuth(builder, o => + { + o.ForwardDefault = "auth1"; + o.ForwardSignOut = "specific"; + }); + + var specific = new TestHandler(); + services.AddSingleton(specific); + var forwardDefault = new TestHandler2(); + services.AddSingleton(forwardDefault); + + var sp = services.BuildServiceProvider(); + var context = new DefaultHttpContext(); + context.RequestServices = sp; + + await context.SignOutAsync(); + Assert.Equal(1, specific.SignOutCount); + Assert.Equal(0, specific.AuthenticateCount); + Assert.Equal(0, specific.ForbidCount); + Assert.Equal(0, specific.ChallengeCount); + Assert.Equal(0, specific.SignInCount); + + Assert.Equal(0, forwardDefault.AuthenticateCount); + Assert.Equal(0, forwardDefault.ForbidCount); + Assert.Equal(0, forwardDefault.ChallengeCount); + Assert.Equal(0, forwardDefault.SignInCount); + Assert.Equal(0, forwardDefault.SignOutCount); + } + } + + [Fact] + public async Task ForwardForbidWinsOverDefault() + { + var services = new ServiceCollection().AddLogging(); + var builder = services.AddAuthentication(o => + { + o.DefaultScheme = DefaultScheme; + o.AddScheme("auth1", "auth1"); + o.AddScheme("specific", "specific"); + }); + RegisterAuth(builder, o => + { + o.ForwardDefault = "auth1"; + o.ForwardForbid = "specific"; + }); + + var specific = new TestHandler(); + services.AddSingleton(specific); + var forwardDefault = new TestHandler2(); + services.AddSingleton(forwardDefault); + + var sp = services.BuildServiceProvider(); + var context = new DefaultHttpContext(); + context.RequestServices = sp; + + await context.ForbidAsync(); + Assert.Equal(0, specific.SignOutCount); + Assert.Equal(0, specific.AuthenticateCount); + Assert.Equal(1, specific.ForbidCount); + Assert.Equal(0, specific.ChallengeCount); + Assert.Equal(0, specific.SignInCount); + + Assert.Equal(0, forwardDefault.AuthenticateCount); + Assert.Equal(0, forwardDefault.ForbidCount); + Assert.Equal(0, forwardDefault.ChallengeCount); + Assert.Equal(0, forwardDefault.SignInCount); + Assert.Equal(0, forwardDefault.SignOutCount); + } + + [Fact] + public async Task ForwardAuthenticateWinsOverDefault() + { + var services = new ServiceCollection().AddLogging(); + var builder = services.AddAuthentication(o => + { + o.DefaultScheme = DefaultScheme; + o.AddScheme("auth1", "auth1"); + o.AddScheme("specific", "specific"); + }); + RegisterAuth(builder, o => + { + o.ForwardDefault = "auth1"; + o.ForwardAuthenticate = "specific"; + }); + + var specific = new TestHandler(); + services.AddSingleton(specific); + var forwardDefault = new TestHandler2(); + services.AddSingleton(forwardDefault); + + var sp = services.BuildServiceProvider(); + var context = new DefaultHttpContext(); + context.RequestServices = sp; + + await context.AuthenticateAsync(); + Assert.Equal(0, specific.SignOutCount); + Assert.Equal(1, specific.AuthenticateCount); + Assert.Equal(0, specific.ForbidCount); + Assert.Equal(0, specific.ChallengeCount); + Assert.Equal(0, specific.SignInCount); + + Assert.Equal(0, forwardDefault.AuthenticateCount); + Assert.Equal(0, forwardDefault.ForbidCount); + Assert.Equal(0, forwardDefault.ChallengeCount); + Assert.Equal(0, forwardDefault.SignInCount); + Assert.Equal(0, forwardDefault.SignOutCount); + } + + [Fact] + public async Task ForwardChallengeWinsOverDefault() + { + var services = new ServiceCollection().AddLogging(); + var builder = services.AddAuthentication(o => + { + o.DefaultScheme = DefaultScheme; + o.AddScheme("auth1", "auth1"); + o.AddScheme("specific", "specific"); + }); + RegisterAuth(builder, o => + { + o.ForwardDefault = "auth1"; + o.ForwardChallenge = "specific"; + }); + + var specific = new TestHandler(); + services.AddSingleton(specific); + var forwardDefault = new TestHandler2(); + services.AddSingleton(forwardDefault); + + var sp = services.BuildServiceProvider(); + var context = new DefaultHttpContext(); + context.RequestServices = sp; + + await context.ChallengeAsync(); + Assert.Equal(0, specific.SignOutCount); + Assert.Equal(0, specific.AuthenticateCount); + Assert.Equal(0, specific.ForbidCount); + Assert.Equal(1, specific.ChallengeCount); + Assert.Equal(0, specific.SignInCount); + + Assert.Equal(0, forwardDefault.AuthenticateCount); + Assert.Equal(0, forwardDefault.ForbidCount); + Assert.Equal(0, forwardDefault.ChallengeCount); + Assert.Equal(0, forwardDefault.SignInCount); + Assert.Equal(0, forwardDefault.SignOutCount); + } + + [Fact] + public async Task ForwardSelectorWinsOverDefault() + { + var services = new ServiceCollection().AddLogging(); + var builder = services.AddAuthentication(o => + { + o.DefaultScheme = DefaultScheme; + o.AddScheme("auth1", "auth1"); + o.AddScheme("selector", "selector"); + o.AddScheme("specific", "specific"); + }); + RegisterAuth(builder, o => + { + o.ForwardDefault = "auth1"; + o.ForwardDefaultSelector = _ => "selector"; + }); + + var specific = new TestHandler(); + services.AddSingleton(specific); + var forwardDefault = new TestHandler2(); + services.AddSingleton(forwardDefault); + var selector = new TestHandler3(); + services.AddSingleton(selector); + + var sp = services.BuildServiceProvider(); + var context = new DefaultHttpContext(); + context.RequestServices = sp; + + await context.AuthenticateAsync(); + Assert.Equal(1, selector.AuthenticateCount); + + await context.ForbidAsync(); + Assert.Equal(1, selector.ForbidCount); + + await context.ChallengeAsync(); + Assert.Equal(1, selector.ChallengeCount); + + if (SupportsSignOut) + { + await context.SignOutAsync(); + Assert.Equal(1, selector.SignOutCount); + } + else + { + await Assert.ThrowsAsync(() => context.SignOutAsync()); + } + + if (SupportsSignIn) + { + await context.SignInAsync(new ClaimsPrincipal()); + Assert.Equal(1, selector.SignInCount); + } + else + { + await Assert.ThrowsAsync(() => context.SignInAsync(new ClaimsPrincipal())); + } + + Assert.Equal(0, forwardDefault.AuthenticateCount); + Assert.Equal(0, forwardDefault.ForbidCount); + Assert.Equal(0, forwardDefault.ChallengeCount); + Assert.Equal(0, forwardDefault.SignInCount); + Assert.Equal(0, forwardDefault.SignOutCount); + Assert.Equal(0, specific.AuthenticateCount); + Assert.Equal(0, specific.ForbidCount); + Assert.Equal(0, specific.ChallengeCount); + Assert.Equal(0, specific.SignInCount); + Assert.Equal(0, specific.SignOutCount); + } + + [Fact] + public async Task NullForwardSelectorUsesDefault() + { + var services = new ServiceCollection().AddLogging(); + var builder = services.AddAuthentication(o => + { + o.DefaultScheme = DefaultScheme; + o.AddScheme("auth1", "auth1"); + o.AddScheme("selector", "selector"); + o.AddScheme("specific", "specific"); + }); + RegisterAuth(builder, o => + { + o.ForwardDefault = "auth1"; + o.ForwardDefaultSelector = _ => null; + }); + + var specific = new TestHandler(); + services.AddSingleton(specific); + var forwardDefault = new TestHandler2(); + services.AddSingleton(forwardDefault); + var selector = new TestHandler3(); + services.AddSingleton(selector); + + var sp = services.BuildServiceProvider(); + var context = new DefaultHttpContext(); + context.RequestServices = sp; + + await context.AuthenticateAsync(); + Assert.Equal(1, forwardDefault.AuthenticateCount); + + await context.ForbidAsync(); + Assert.Equal(1, forwardDefault.ForbidCount); + + await context.ChallengeAsync(); + Assert.Equal(1, forwardDefault.ChallengeCount); + + if (SupportsSignOut) + { + await context.SignOutAsync(); + Assert.Equal(1, forwardDefault.SignOutCount); + } + else + { + await Assert.ThrowsAsync(() => context.SignOutAsync()); + } + + if (SupportsSignIn) + { + await context.SignInAsync(new ClaimsPrincipal()); + Assert.Equal(1, forwardDefault.SignInCount); + } + else + { + await Assert.ThrowsAsync(() => context.SignInAsync(new ClaimsPrincipal())); + } + + Assert.Equal(0, selector.AuthenticateCount); + Assert.Equal(0, selector.ForbidCount); + Assert.Equal(0, selector.ChallengeCount); + Assert.Equal(0, selector.SignInCount); + Assert.Equal(0, selector.SignOutCount); + Assert.Equal(0, specific.AuthenticateCount); + Assert.Equal(0, specific.ForbidCount); + Assert.Equal(0, specific.ChallengeCount); + Assert.Equal(0, specific.SignInCount); + Assert.Equal(0, specific.SignOutCount); + } + + [Fact] + public async Task SpecificForwardWinsOverSelectorAndDefault() + { + var services = new ServiceCollection().AddLogging(); + var builder = services.AddAuthentication(o => + { + o.DefaultScheme = DefaultScheme; + o.AddScheme("auth1", "auth1"); + o.AddScheme("selector", "selector"); + o.AddScheme("specific", "specific"); + }); + RegisterAuth(builder, o => + { + o.ForwardDefault = "auth1"; + o.ForwardDefaultSelector = _ => "selector"; + o.ForwardAuthenticate = "specific"; + o.ForwardChallenge = "specific"; + o.ForwardSignIn = "specific"; + o.ForwardSignOut = "specific"; + o.ForwardForbid = "specific"; + }); + + var specific = new TestHandler(); + services.AddSingleton(specific); + var forwardDefault = new TestHandler2(); + services.AddSingleton(forwardDefault); + var selector = new TestHandler3(); + services.AddSingleton(selector); + + var sp = services.BuildServiceProvider(); + var context = new DefaultHttpContext(); + context.RequestServices = sp; + + await context.AuthenticateAsync(); + Assert.Equal(1, specific.AuthenticateCount); + + await context.ForbidAsync(); + Assert.Equal(1, specific.ForbidCount); + + await context.ChallengeAsync(); + Assert.Equal(1, specific.ChallengeCount); + + if (SupportsSignOut) + { + await context.SignOutAsync(); + Assert.Equal(1, specific.SignOutCount); + } + else + { + await Assert.ThrowsAsync(() => context.SignOutAsync()); + } + + if (SupportsSignIn) + { + await context.SignInAsync(new ClaimsPrincipal()); + Assert.Equal(1, specific.SignInCount); + } + else + { + await Assert.ThrowsAsync(() => context.SignInAsync(new ClaimsPrincipal())); + } + + Assert.Equal(0, forwardDefault.AuthenticateCount); + Assert.Equal(0, forwardDefault.ForbidCount); + Assert.Equal(0, forwardDefault.ChallengeCount); + Assert.Equal(0, forwardDefault.SignInCount); + Assert.Equal(0, forwardDefault.SignOutCount); + Assert.Equal(0, selector.AuthenticateCount); + Assert.Equal(0, selector.ForbidCount); + Assert.Equal(0, selector.ChallengeCount); + Assert.Equal(0, selector.SignInCount); + Assert.Equal(0, selector.SignOutCount); + } + + [Fact] + public async Task VerifySchemeDefaults() + { + var services = new ServiceCollection(); + var builder = services.AddAuthentication(); + RegisterAuth(builder, o => { }); + var sp = services.BuildServiceProvider(); + var schemeProvider = sp.GetRequiredService(); + var scheme = await schemeProvider.GetSchemeAsync(DefaultScheme); + Assert.NotNull(scheme); + Assert.Equal(HandlerType, scheme.HandlerType); + Assert.Equal(DisplayName, scheme.DisplayName); + } + } +} diff --git a/test/Microsoft.AspNetCore.Authentication.Test/TwitterTests.cs b/test/Microsoft.AspNetCore.Authentication.Test/TwitterTests.cs index c1937d136c..c438b1f3f7 100644 --- a/test/Microsoft.AspNetCore.Authentication.Test/TwitterTests.cs +++ b/test/Microsoft.AspNetCore.Authentication.Test/TwitterTests.cs @@ -1,5 +1,11 @@ // Copyright (c) .NET Foundation. All rights reserved. See License.txt in the project root for license information. +using Microsoft.AspNetCore.Builder; +using Microsoft.AspNetCore.Hosting; +using Microsoft.AspNetCore.Http; +using Microsoft.AspNetCore.TestHost; +using Microsoft.Extensions.DependencyInjection; +using Microsoft.Net.Http.Headers; using System; using System.Linq; using System.Net; @@ -7,440 +13,33 @@ using System.Net.Http; using System.Security.Claims; using System.Text; using System.Threading.Tasks; -using Microsoft.AspNetCore.Authentication.Tests; -using Microsoft.AspNetCore.Builder; -using Microsoft.AspNetCore.Hosting; -using Microsoft.AspNetCore.Http; -using Microsoft.AspNetCore.TestHost; -using Microsoft.Extensions.DependencyInjection; -using Microsoft.Net.Http.Headers; using Xunit; namespace Microsoft.AspNetCore.Authentication.Twitter { - public class TwitterTests + public class TwitterTests : RemoteAuthenticationTests { - private void ConfigureDefaults(TwitterOptions o) + protected override string DefaultScheme => TwitterDefaults.AuthenticationScheme; + protected override Type HandlerType => typeof(TwitterHandler); + protected override bool SupportsSignIn { get => false; } + protected override bool SupportsSignOut { get => false; } + + protected override void RegisterAuth(AuthenticationBuilder services, Action configure) + { + services.AddTwitter(o => + { + ConfigureDefaults(o); + configure.Invoke(o); + }); + } + + protected override void ConfigureDefaults(TwitterOptions o) { o.ConsumerKey = "whatever"; o.ConsumerSecret = "whatever"; o.SignInScheme = "auth1"; } - [Fact] - public async Task CanForwardDefault() - { - var services = new ServiceCollection().AddLogging(); - - services.AddAuthentication(o => - { - o.DefaultScheme = TwitterDefaults.AuthenticationScheme; - o.AddScheme("auth1", "auth1"); - }) - .AddTwitter(o => - { - ConfigureDefaults(o); - o.ForwardDefault = "auth1"; - }); - - var forwardDefault = new TestHandler(); - services.AddSingleton(forwardDefault); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - Assert.Equal(0, forwardDefault.AuthenticateCount); - Assert.Equal(0, forwardDefault.ForbidCount); - Assert.Equal(0, forwardDefault.ChallengeCount); - Assert.Equal(0, forwardDefault.SignInCount); - Assert.Equal(0, forwardDefault.SignOutCount); - - await context.AuthenticateAsync(); - Assert.Equal(1, forwardDefault.AuthenticateCount); - - await context.ForbidAsync(); - Assert.Equal(1, forwardDefault.ForbidCount); - - await context.ChallengeAsync(); - Assert.Equal(1, forwardDefault.ChallengeCount); - - await Assert.ThrowsAsync(() => context.SignOutAsync()); - await Assert.ThrowsAsync(() => context.SignInAsync(new ClaimsPrincipal())); - } - - [Fact] - public async Task ForwardSignInThrows() - { - var services = new ServiceCollection().AddLogging(); - - services.AddAuthentication(o => - { - o.DefaultScheme = TwitterDefaults.AuthenticationScheme; - o.AddScheme("auth1", "auth1"); - o.AddScheme("specific", "specific"); - }) - .AddTwitter(o => - { - ConfigureDefaults(o); - o.ForwardDefault = "auth1"; - o.ForwardSignOut = "specific"; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await Assert.ThrowsAsync(() => context.SignInAsync(new ClaimsPrincipal())); - } - - [Fact] - public async Task ForwardSignOutThrows() - { - var services = new ServiceCollection().AddLogging(); - - services.AddAuthentication(o => - { - o.DefaultScheme = TwitterDefaults.AuthenticationScheme; - o.AddScheme("auth1", "auth1"); - o.AddScheme("specific", "specific"); - }) - .AddTwitter(o => - { - ConfigureDefaults(o); - o.ForwardDefault = "auth1"; - o.ForwardSignOut = "specific"; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await Assert.ThrowsAsync(() => context.SignOutAsync()); - } - - [Fact] - public async Task ForwardForbidWinsOverDefault() - { - var services = new ServiceCollection().AddLogging(); - - services.AddAuthentication(o => - { - o.DefaultScheme = TwitterDefaults.AuthenticationScheme; - o.AddScheme("auth1", "auth1"); - o.AddScheme("specific", "specific"); - }) - .AddTwitter(o => - { - ConfigureDefaults(o); - o.ForwardDefault = "auth1"; - o.ForwardForbid = "specific"; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await context.ForbidAsync(); - Assert.Equal(0, specific.SignOutCount); - Assert.Equal(0, specific.AuthenticateCount); - Assert.Equal(1, specific.ForbidCount); - Assert.Equal(0, specific.ChallengeCount); - Assert.Equal(0, specific.SignInCount); - - Assert.Equal(0, forwardDefault.AuthenticateCount); - Assert.Equal(0, forwardDefault.ForbidCount); - Assert.Equal(0, forwardDefault.ChallengeCount); - Assert.Equal(0, forwardDefault.SignInCount); - Assert.Equal(0, forwardDefault.SignOutCount); - } - - [Fact] - public async Task ForwardAuthenticateWinsOverDefault() - { - var services = new ServiceCollection().AddLogging(); - - services.AddAuthentication(o => - { - o.DefaultScheme = TwitterDefaults.AuthenticationScheme; - o.AddScheme("auth1", "auth1"); - o.AddScheme("specific", "specific"); - }) - .AddTwitter(o => - { - ConfigureDefaults(o); - o.ForwardDefault = "auth1"; - o.ForwardAuthenticate = "specific"; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await context.AuthenticateAsync(); - Assert.Equal(0, specific.SignOutCount); - Assert.Equal(1, specific.AuthenticateCount); - Assert.Equal(0, specific.ForbidCount); - Assert.Equal(0, specific.ChallengeCount); - Assert.Equal(0, specific.SignInCount); - - Assert.Equal(0, forwardDefault.AuthenticateCount); - Assert.Equal(0, forwardDefault.ForbidCount); - Assert.Equal(0, forwardDefault.ChallengeCount); - Assert.Equal(0, forwardDefault.SignInCount); - Assert.Equal(0, forwardDefault.SignOutCount); - } - - [Fact] - public async Task ForwardChallengeWinsOverDefault() - { - var services = new ServiceCollection().AddLogging(); - services.AddAuthentication(o => - { - o.DefaultScheme = TwitterDefaults.AuthenticationScheme; - o.AddScheme("specific", "specific"); - o.AddScheme("auth1", "auth1"); - }) - .AddTwitter(o => - { - ConfigureDefaults(o); - o.ForwardDefault = "auth1"; - o.ForwardChallenge = "specific"; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await context.ChallengeAsync(); - Assert.Equal(0, specific.SignOutCount); - Assert.Equal(0, specific.AuthenticateCount); - Assert.Equal(0, specific.ForbidCount); - Assert.Equal(1, specific.ChallengeCount); - Assert.Equal(0, specific.SignInCount); - - Assert.Equal(0, forwardDefault.AuthenticateCount); - Assert.Equal(0, forwardDefault.ForbidCount); - Assert.Equal(0, forwardDefault.ChallengeCount); - Assert.Equal(0, forwardDefault.SignInCount); - Assert.Equal(0, forwardDefault.SignOutCount); - } - - [Fact] - public async Task ForwardSelectorWinsOverDefault() - { - var services = new ServiceCollection().AddLogging(); - services.AddAuthentication(o => - { - o.DefaultScheme = TwitterDefaults.AuthenticationScheme; - o.AddScheme("auth1", "auth1"); - o.AddScheme("selector", "selector"); - o.AddScheme("specific", "specific"); - }) - .AddTwitter(o => - { - ConfigureDefaults(o); - o.ForwardDefault = "auth1"; - o.ForwardDefaultSelector = _ => "selector"; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - var selector = new TestHandler3(); - services.AddSingleton(selector); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await context.AuthenticateAsync(); - Assert.Equal(1, selector.AuthenticateCount); - - await context.ForbidAsync(); - Assert.Equal(1, selector.ForbidCount); - - await context.ChallengeAsync(); - Assert.Equal(1, selector.ChallengeCount); - - await Assert.ThrowsAsync(() => context.SignOutAsync()); - await Assert.ThrowsAsync(() => context.SignInAsync(new ClaimsPrincipal())); - - Assert.Equal(0, forwardDefault.AuthenticateCount); - Assert.Equal(0, forwardDefault.ForbidCount); - Assert.Equal(0, forwardDefault.ChallengeCount); - Assert.Equal(0, forwardDefault.SignInCount); - Assert.Equal(0, forwardDefault.SignOutCount); - Assert.Equal(0, specific.AuthenticateCount); - Assert.Equal(0, specific.ForbidCount); - Assert.Equal(0, specific.ChallengeCount); - Assert.Equal(0, specific.SignInCount); - Assert.Equal(0, specific.SignOutCount); - } - - [Fact] - public async Task NullForwardSelectorUsesDefault() - { - var services = new ServiceCollection().AddLogging(); - services.AddAuthentication(o => - { - o.DefaultScheme = TwitterDefaults.AuthenticationScheme; - o.AddScheme("auth1", "auth1"); - o.AddScheme("selector", "selector"); - o.AddScheme("specific", "specific"); - }) - .AddTwitter(o => - { - ConfigureDefaults(o); - o.ForwardDefault = "auth1"; - o.ForwardDefaultSelector = _ => null; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - var selector = new TestHandler3(); - services.AddSingleton(selector); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await context.AuthenticateAsync(); - Assert.Equal(1, forwardDefault.AuthenticateCount); - - await context.ForbidAsync(); - Assert.Equal(1, forwardDefault.ForbidCount); - - await context.ChallengeAsync(); - Assert.Equal(1, forwardDefault.ChallengeCount); - - await Assert.ThrowsAsync(() => context.SignOutAsync()); - await Assert.ThrowsAsync(() => context.SignInAsync(new ClaimsPrincipal())); - - Assert.Equal(0, selector.AuthenticateCount); - Assert.Equal(0, selector.ForbidCount); - Assert.Equal(0, selector.ChallengeCount); - Assert.Equal(0, selector.SignInCount); - Assert.Equal(0, selector.SignOutCount); - Assert.Equal(0, specific.AuthenticateCount); - Assert.Equal(0, specific.ForbidCount); - Assert.Equal(0, specific.ChallengeCount); - Assert.Equal(0, specific.SignInCount); - Assert.Equal(0, specific.SignOutCount); - } - - [Fact] - public async Task SpecificForwardWinsOverSelectorAndDefault() - { - var services = new ServiceCollection().AddLogging(); - services.AddAuthentication(o => - { - o.DefaultScheme = TwitterDefaults.AuthenticationScheme; - o.AddScheme("auth1", "auth1"); - o.AddScheme("selector", "selector"); - o.AddScheme("specific", "specific"); - }) - .AddTwitter(o => - { - ConfigureDefaults(o); - o.ForwardDefault = "auth1"; - o.ForwardDefaultSelector = _ => "selector"; - o.ForwardAuthenticate = "specific"; - o.ForwardChallenge = "specific"; - o.ForwardSignIn = "specific"; - o.ForwardSignOut = "specific"; - o.ForwardForbid = "specific"; - }); - - var specific = new TestHandler(); - services.AddSingleton(specific); - var forwardDefault = new TestHandler2(); - services.AddSingleton(forwardDefault); - var selector = new TestHandler3(); - services.AddSingleton(selector); - - var sp = services.BuildServiceProvider(); - var context = new DefaultHttpContext(); - context.RequestServices = sp; - - await context.AuthenticateAsync(); - Assert.Equal(1, specific.AuthenticateCount); - - await context.ForbidAsync(); - Assert.Equal(1, specific.ForbidCount); - - await context.ChallengeAsync(); - Assert.Equal(1, specific.ChallengeCount); - - await Assert.ThrowsAsync(() => context.SignOutAsync()); - await Assert.ThrowsAsync(() => context.SignInAsync(new ClaimsPrincipal())); - - Assert.Equal(0, forwardDefault.AuthenticateCount); - Assert.Equal(0, forwardDefault.ForbidCount); - Assert.Equal(0, forwardDefault.ChallengeCount); - Assert.Equal(0, forwardDefault.SignInCount); - Assert.Equal(0, forwardDefault.SignOutCount); - Assert.Equal(0, selector.AuthenticateCount); - Assert.Equal(0, selector.ForbidCount); - Assert.Equal(0, selector.ChallengeCount); - Assert.Equal(0, selector.SignInCount); - Assert.Equal(0, selector.SignOutCount); - } - - [Fact] - public async Task VerifySignInSchemeCannotBeSetToSelf() - { - var server = CreateServer(o => - { - o.ConsumerKey = "Test Consumer Key"; - o.ConsumerSecret = "Test Consumer Secret"; - o.SignInScheme = TwitterDefaults.AuthenticationScheme; - }); - var error = await Assert.ThrowsAsync(() => server.SendAsync("https://example.com/challenge")); - Assert.Contains("cannot be set to itself", error.Message); - } - - [Fact] - public async Task VerifySchemeDefaults() - { - var services = new ServiceCollection(); - services.AddAuthentication().AddTwitter(); - var sp = services.BuildServiceProvider(); - var schemeProvider = sp.GetRequiredService(); - var scheme = await schemeProvider.GetSchemeAsync(TwitterDefaults.AuthenticationScheme); - Assert.NotNull(scheme); - Assert.Equal("TwitterHandler", scheme.HandlerType.Name); - Assert.Equal(TwitterDefaults.AuthenticationScheme, scheme.DisplayName); - } - [Fact] public async Task ChallengeWillTriggerApplyRedirectEvent() {