Refactor common tests
This commit is contained in:
parent
078a13d97d
commit
899a3a2e88
|
|
@ -10,7 +10,6 @@ using System.Security.Principal;
|
||||||
using System.Text;
|
using System.Text;
|
||||||
using System.Threading.Tasks;
|
using System.Threading.Tasks;
|
||||||
using System.Xml.Linq;
|
using System.Xml.Linq;
|
||||||
using Microsoft.AspNetCore.Authentication.Tests;
|
|
||||||
using Microsoft.AspNetCore.Builder;
|
using Microsoft.AspNetCore.Builder;
|
||||||
using Microsoft.AspNetCore.DataProtection;
|
using Microsoft.AspNetCore.DataProtection;
|
||||||
using Microsoft.AspNetCore.Hosting;
|
using Microsoft.AspNetCore.Hosting;
|
||||||
|
|
@ -22,431 +21,16 @@ using Xunit;
|
||||||
|
|
||||||
namespace Microsoft.AspNetCore.Authentication.Cookies
|
namespace Microsoft.AspNetCore.Authentication.Cookies
|
||||||
{
|
{
|
||||||
public class CookieTests
|
public class CookieTests : SharedAuthenticationTests<CookieAuthenticationOptions>
|
||||||
{
|
{
|
||||||
private TestClock _clock = new TestClock();
|
private TestClock _clock = new TestClock();
|
||||||
|
|
||||||
[Fact]
|
protected override string DefaultScheme => CookieAuthenticationDefaults.AuthenticationScheme;
|
||||||
public async Task CanForwardDefault()
|
protected override Type HandlerType => typeof(CookieAuthenticationHandler);
|
||||||
|
|
||||||
|
protected override void RegisterAuth(AuthenticationBuilder services, Action<CookieAuthenticationOptions> configure)
|
||||||
{
|
{
|
||||||
var services = new ServiceCollection().AddLogging();
|
services.AddCookie(configure);
|
||||||
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
|
|
||||||
o.AddScheme<TestHandler>("auth1", "auth1");
|
|
||||||
})
|
|
||||||
.AddCookie(o => o.ForwardDefault = "auth1");
|
|
||||||
|
|
||||||
var forwardDefault = new TestHandler();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ForbidCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ChallengeCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignInCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignOutCount);
|
|
||||||
|
|
||||||
await context.AuthenticateAsync();
|
|
||||||
Assert.Equal(1, forwardDefault.AuthenticateCount);
|
|
||||||
|
|
||||||
await context.ForbidAsync();
|
|
||||||
Assert.Equal(1, forwardDefault.ForbidCount);
|
|
||||||
|
|
||||||
await context.ChallengeAsync();
|
|
||||||
Assert.Equal(1, forwardDefault.ChallengeCount);
|
|
||||||
|
|
||||||
await context.SignOutAsync();
|
|
||||||
Assert.Equal(1, forwardDefault.SignOutCount);
|
|
||||||
|
|
||||||
await context.SignInAsync(new ClaimsPrincipal());
|
|
||||||
Assert.Equal(1, forwardDefault.SignInCount);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task ForwardSignInWinsOverDefault()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
})
|
|
||||||
.AddCookie(o =>
|
|
||||||
{
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardSignIn = "specific";
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await context.SignInAsync(new ClaimsPrincipal());
|
|
||||||
Assert.Equal(1, specific.SignInCount);
|
|
||||||
Assert.Equal(0, specific.AuthenticateCount);
|
|
||||||
Assert.Equal(0, specific.ForbidCount);
|
|
||||||
Assert.Equal(0, specific.ChallengeCount);
|
|
||||||
Assert.Equal(0, specific.SignOutCount);
|
|
||||||
|
|
||||||
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ForbidCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ChallengeCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignInCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignOutCount);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task ForwardSignOutWinsOverDefault()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
})
|
|
||||||
.AddCookie(o =>
|
|
||||||
{
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardSignOut = "specific";
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await context.SignOutAsync();
|
|
||||||
Assert.Equal(1, specific.SignOutCount);
|
|
||||||
Assert.Equal(0, specific.AuthenticateCount);
|
|
||||||
Assert.Equal(0, specific.ForbidCount);
|
|
||||||
Assert.Equal(0, specific.ChallengeCount);
|
|
||||||
Assert.Equal(0, specific.SignInCount);
|
|
||||||
|
|
||||||
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ForbidCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ChallengeCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignInCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignOutCount);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task ForwardForbidWinsOverDefault()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
})
|
|
||||||
.AddCookie(o =>
|
|
||||||
{
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardForbid = "specific";
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await context.ForbidAsync();
|
|
||||||
Assert.Equal(0, specific.SignOutCount);
|
|
||||||
Assert.Equal(0, specific.AuthenticateCount);
|
|
||||||
Assert.Equal(1, specific.ForbidCount);
|
|
||||||
Assert.Equal(0, specific.ChallengeCount);
|
|
||||||
Assert.Equal(0, specific.SignInCount);
|
|
||||||
|
|
||||||
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ForbidCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ChallengeCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignInCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignOutCount);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task ForwardAuthenticateWinsOverDefault()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
})
|
|
||||||
.AddCookie(o =>
|
|
||||||
{
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardAuthenticate = "specific";
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await context.AuthenticateAsync();
|
|
||||||
Assert.Equal(0, specific.SignOutCount);
|
|
||||||
Assert.Equal(1, specific.AuthenticateCount);
|
|
||||||
Assert.Equal(0, specific.ForbidCount);
|
|
||||||
Assert.Equal(0, specific.ChallengeCount);
|
|
||||||
Assert.Equal(0, specific.SignInCount);
|
|
||||||
|
|
||||||
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ForbidCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ChallengeCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignInCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignOutCount);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task ForwardChallengeWinsOverDefault()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
})
|
|
||||||
.AddCookie(o =>
|
|
||||||
{
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardChallenge = "specific";
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await context.ChallengeAsync();
|
|
||||||
Assert.Equal(0, specific.SignOutCount);
|
|
||||||
Assert.Equal(0, specific.AuthenticateCount);
|
|
||||||
Assert.Equal(0, specific.ForbidCount);
|
|
||||||
Assert.Equal(1, specific.ChallengeCount);
|
|
||||||
Assert.Equal(0, specific.SignInCount);
|
|
||||||
|
|
||||||
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ForbidCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ChallengeCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignInCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignOutCount);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task ForwardSelectorWinsOverDefault()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
o.AddScheme<TestHandler3>("selector", "selector");
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
})
|
|
||||||
.AddCookie(o =>
|
|
||||||
{
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardDefaultSelector = _ => "selector";
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
var selector = new TestHandler3();
|
|
||||||
services.AddSingleton(selector);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await context.AuthenticateAsync();
|
|
||||||
Assert.Equal(1, selector.AuthenticateCount);
|
|
||||||
|
|
||||||
await context.ForbidAsync();
|
|
||||||
Assert.Equal(1, selector.ForbidCount);
|
|
||||||
|
|
||||||
await context.ChallengeAsync();
|
|
||||||
Assert.Equal(1, selector.ChallengeCount);
|
|
||||||
|
|
||||||
await context.SignOutAsync();
|
|
||||||
Assert.Equal(1, selector.SignOutCount);
|
|
||||||
|
|
||||||
await context.SignInAsync(new ClaimsPrincipal());
|
|
||||||
Assert.Equal(1, selector.SignInCount);
|
|
||||||
|
|
||||||
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ForbidCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ChallengeCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignInCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignOutCount);
|
|
||||||
Assert.Equal(0, specific.AuthenticateCount);
|
|
||||||
Assert.Equal(0, specific.ForbidCount);
|
|
||||||
Assert.Equal(0, specific.ChallengeCount);
|
|
||||||
Assert.Equal(0, specific.SignInCount);
|
|
||||||
Assert.Equal(0, specific.SignOutCount);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task NullForwardSelectorUsesDefault()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
o.AddScheme<TestHandler3>("selector", "selector");
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
})
|
|
||||||
.AddCookie(o =>
|
|
||||||
{
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardDefaultSelector = _ => null;
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
var selector = new TestHandler3();
|
|
||||||
services.AddSingleton(selector);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await context.AuthenticateAsync();
|
|
||||||
Assert.Equal(1, forwardDefault.AuthenticateCount);
|
|
||||||
|
|
||||||
await context.ForbidAsync();
|
|
||||||
Assert.Equal(1, forwardDefault.ForbidCount);
|
|
||||||
|
|
||||||
await context.ChallengeAsync();
|
|
||||||
Assert.Equal(1, forwardDefault.ChallengeCount);
|
|
||||||
|
|
||||||
await context.SignOutAsync();
|
|
||||||
Assert.Equal(1, forwardDefault.SignOutCount);
|
|
||||||
|
|
||||||
await context.SignInAsync(new ClaimsPrincipal());
|
|
||||||
Assert.Equal(1, forwardDefault.SignInCount);
|
|
||||||
|
|
||||||
Assert.Equal(0, selector.AuthenticateCount);
|
|
||||||
Assert.Equal(0, selector.ForbidCount);
|
|
||||||
Assert.Equal(0, selector.ChallengeCount);
|
|
||||||
Assert.Equal(0, selector.SignInCount);
|
|
||||||
Assert.Equal(0, selector.SignOutCount);
|
|
||||||
Assert.Equal(0, specific.AuthenticateCount);
|
|
||||||
Assert.Equal(0, specific.ForbidCount);
|
|
||||||
Assert.Equal(0, specific.ChallengeCount);
|
|
||||||
Assert.Equal(0, specific.SignInCount);
|
|
||||||
Assert.Equal(0, specific.SignOutCount);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task SpecificForwardWinsOverSelectorAndDefault()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
o.AddScheme<TestHandler3>("selector", "selector");
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
})
|
|
||||||
.AddCookie(o =>
|
|
||||||
{
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardDefaultSelector = _ => "selector";
|
|
||||||
o.ForwardAuthenticate = "specific";
|
|
||||||
o.ForwardChallenge = "specific";
|
|
||||||
o.ForwardSignIn = "specific";
|
|
||||||
o.ForwardSignOut = "specific";
|
|
||||||
o.ForwardForbid = "specific";
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
var selector = new TestHandler3();
|
|
||||||
services.AddSingleton(selector);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await context.AuthenticateAsync();
|
|
||||||
Assert.Equal(1, specific.AuthenticateCount);
|
|
||||||
|
|
||||||
await context.ForbidAsync();
|
|
||||||
Assert.Equal(1, specific.ForbidCount);
|
|
||||||
|
|
||||||
await context.ChallengeAsync();
|
|
||||||
Assert.Equal(1, specific.ChallengeCount);
|
|
||||||
|
|
||||||
await context.SignOutAsync();
|
|
||||||
Assert.Equal(1, specific.SignOutCount);
|
|
||||||
|
|
||||||
await context.SignInAsync(new ClaimsPrincipal());
|
|
||||||
Assert.Equal(1, specific.SignInCount);
|
|
||||||
|
|
||||||
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ForbidCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ChallengeCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignInCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignOutCount);
|
|
||||||
Assert.Equal(0, selector.AuthenticateCount);
|
|
||||||
Assert.Equal(0, selector.ForbidCount);
|
|
||||||
Assert.Equal(0, selector.ChallengeCount);
|
|
||||||
Assert.Equal(0, selector.SignInCount);
|
|
||||||
Assert.Equal(0, selector.SignOutCount);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task VerifySchemeDefaults()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection();
|
|
||||||
services.AddAuthentication().AddCookie();
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var schemeProvider = sp.GetRequiredService<IAuthenticationSchemeProvider>();
|
|
||||||
var scheme = await schemeProvider.GetSchemeAsync(CookieAuthenticationDefaults.AuthenticationScheme);
|
|
||||||
Assert.NotNull(scheme);
|
|
||||||
Assert.Equal("CookieAuthenticationHandler", scheme.HandlerType.Name);
|
|
||||||
Assert.Null(scheme.DisplayName);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
[Fact]
|
[Fact]
|
||||||
|
|
|
||||||
|
|
@ -1,17 +1,8 @@
|
||||||
// Copyright (c) .NET Foundation. All rights reserved.
|
// Copyright (c) .NET Foundation. All rights reserved.
|
||||||
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
|
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
|
||||||
|
|
||||||
using System;
|
|
||||||
using System.Linq;
|
|
||||||
using System.Net;
|
|
||||||
using System.Net.Http;
|
|
||||||
using System.Security.Claims;
|
|
||||||
using System.Text;
|
|
||||||
using System.Text.Encodings.Web;
|
|
||||||
using System.Threading.Tasks;
|
|
||||||
using Microsoft.AspNetCore.Authentication.Cookies;
|
using Microsoft.AspNetCore.Authentication.Cookies;
|
||||||
using Microsoft.AspNetCore.Authentication.OAuth;
|
using Microsoft.AspNetCore.Authentication.OAuth;
|
||||||
using Microsoft.AspNetCore.Authentication.Tests;
|
|
||||||
using Microsoft.AspNetCore.Builder;
|
using Microsoft.AspNetCore.Builder;
|
||||||
using Microsoft.AspNetCore.DataProtection;
|
using Microsoft.AspNetCore.DataProtection;
|
||||||
using Microsoft.AspNetCore.Hosting;
|
using Microsoft.AspNetCore.Hosting;
|
||||||
|
|
@ -20,478 +11,40 @@ using Microsoft.AspNetCore.TestHost;
|
||||||
using Microsoft.Extensions.DependencyInjection;
|
using Microsoft.Extensions.DependencyInjection;
|
||||||
using Microsoft.Extensions.Logging.Abstractions;
|
using Microsoft.Extensions.Logging.Abstractions;
|
||||||
using Newtonsoft.Json;
|
using Newtonsoft.Json;
|
||||||
|
using System;
|
||||||
|
using System.Linq;
|
||||||
|
using System.Net;
|
||||||
|
using System.Net.Http;
|
||||||
|
using System.Text;
|
||||||
|
using System.Text.Encodings.Web;
|
||||||
|
using System.Threading.Tasks;
|
||||||
using Xunit;
|
using Xunit;
|
||||||
|
|
||||||
namespace Microsoft.AspNetCore.Authentication.Facebook
|
namespace Microsoft.AspNetCore.Authentication.Facebook
|
||||||
{
|
{
|
||||||
public class FacebookTests
|
public class FacebookTests : RemoteAuthenticationTests<FacebookOptions>
|
||||||
{
|
{
|
||||||
private void ConfigureDefaults(FacebookOptions o)
|
protected override string DefaultScheme => FacebookDefaults.AuthenticationScheme;
|
||||||
|
protected override Type HandlerType => typeof(FacebookHandler);
|
||||||
|
protected override bool SupportsSignIn { get => false; }
|
||||||
|
protected override bool SupportsSignOut { get => false; }
|
||||||
|
|
||||||
|
protected override void RegisterAuth(AuthenticationBuilder services, Action<FacebookOptions> configure)
|
||||||
|
{
|
||||||
|
services.AddFacebook(o =>
|
||||||
|
{
|
||||||
|
ConfigureDefaults(o);
|
||||||
|
configure.Invoke(o);
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
protected override void ConfigureDefaults(FacebookOptions o)
|
||||||
{
|
{
|
||||||
o.AppId = "whatever";
|
o.AppId = "whatever";
|
||||||
o.AppSecret = "whatever";
|
o.AppSecret = "whatever";
|
||||||
o.SignInScheme = "auth1";
|
o.SignInScheme = "auth1";
|
||||||
}
|
}
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task CanForwardDefault()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = FacebookDefaults.AuthenticationScheme;
|
|
||||||
o.AddScheme<TestHandler>("auth1", "auth1");
|
|
||||||
})
|
|
||||||
.AddFacebook(o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
});
|
|
||||||
|
|
||||||
var forwardDefault = new TestHandler();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ForbidCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ChallengeCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignInCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignOutCount);
|
|
||||||
|
|
||||||
await context.AuthenticateAsync();
|
|
||||||
Assert.Equal(1, forwardDefault.AuthenticateCount);
|
|
||||||
|
|
||||||
await context.ForbidAsync();
|
|
||||||
Assert.Equal(1, forwardDefault.ForbidCount);
|
|
||||||
|
|
||||||
await context.ChallengeAsync();
|
|
||||||
Assert.Equal(1, forwardDefault.ChallengeCount);
|
|
||||||
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignOutAsync());
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignInAsync(new ClaimsPrincipal()));
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task ForwardSignInThrows()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = FacebookDefaults.AuthenticationScheme;
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
})
|
|
||||||
.AddFacebook(o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardSignOut = "specific";
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignInAsync(new ClaimsPrincipal()));
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task ForwardSignOutThrows()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = FacebookDefaults.AuthenticationScheme;
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
})
|
|
||||||
.AddFacebook(o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardSignOut = "specific";
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignOutAsync());
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task ForwardForbidWinsOverDefault()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = FacebookDefaults.AuthenticationScheme;
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
})
|
|
||||||
.AddFacebook(o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardForbid = "specific";
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await context.ForbidAsync();
|
|
||||||
Assert.Equal(0, specific.SignOutCount);
|
|
||||||
Assert.Equal(0, specific.AuthenticateCount);
|
|
||||||
Assert.Equal(1, specific.ForbidCount);
|
|
||||||
Assert.Equal(0, specific.ChallengeCount);
|
|
||||||
Assert.Equal(0, specific.SignInCount);
|
|
||||||
|
|
||||||
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ForbidCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ChallengeCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignInCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignOutCount);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task ForwardAuthenticateWinsOverDefault()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = FacebookDefaults.AuthenticationScheme;
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
})
|
|
||||||
.AddFacebook(o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardAuthenticate = "specific";
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await context.AuthenticateAsync();
|
|
||||||
Assert.Equal(0, specific.SignOutCount);
|
|
||||||
Assert.Equal(1, specific.AuthenticateCount);
|
|
||||||
Assert.Equal(0, specific.ForbidCount);
|
|
||||||
Assert.Equal(0, specific.ChallengeCount);
|
|
||||||
Assert.Equal(0, specific.SignInCount);
|
|
||||||
|
|
||||||
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ForbidCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ChallengeCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignInCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignOutCount);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task ForwardChallengeWinsOverDefault()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = FacebookDefaults.AuthenticationScheme;
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
})
|
|
||||||
.AddFacebook(o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardChallenge = "specific";
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await context.ChallengeAsync();
|
|
||||||
Assert.Equal(0, specific.SignOutCount);
|
|
||||||
Assert.Equal(0, specific.AuthenticateCount);
|
|
||||||
Assert.Equal(0, specific.ForbidCount);
|
|
||||||
Assert.Equal(1, specific.ChallengeCount);
|
|
||||||
Assert.Equal(0, specific.SignInCount);
|
|
||||||
|
|
||||||
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ForbidCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ChallengeCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignInCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignOutCount);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task ForwardSelectorWinsOverDefault()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = FacebookDefaults.AuthenticationScheme;
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
o.AddScheme<TestHandler3>("selector", "selector");
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
})
|
|
||||||
.AddFacebook(o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardDefaultSelector = _ => "selector";
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
var selector = new TestHandler3();
|
|
||||||
services.AddSingleton(selector);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await context.AuthenticateAsync();
|
|
||||||
Assert.Equal(1, selector.AuthenticateCount);
|
|
||||||
|
|
||||||
await context.ForbidAsync();
|
|
||||||
Assert.Equal(1, selector.ForbidCount);
|
|
||||||
|
|
||||||
await context.ChallengeAsync();
|
|
||||||
Assert.Equal(1, selector.ChallengeCount);
|
|
||||||
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignOutAsync());
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignInAsync(new ClaimsPrincipal()));
|
|
||||||
|
|
||||||
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ForbidCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ChallengeCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignInCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignOutCount);
|
|
||||||
Assert.Equal(0, specific.AuthenticateCount);
|
|
||||||
Assert.Equal(0, specific.ForbidCount);
|
|
||||||
Assert.Equal(0, specific.ChallengeCount);
|
|
||||||
Assert.Equal(0, specific.SignInCount);
|
|
||||||
Assert.Equal(0, specific.SignOutCount);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task NullForwardSelectorUsesDefault()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = FacebookDefaults.AuthenticationScheme;
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
o.AddScheme<TestHandler3>("selector", "selector");
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
})
|
|
||||||
.AddFacebook(o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardDefaultSelector = _ => null;
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
var selector = new TestHandler3();
|
|
||||||
services.AddSingleton(selector);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await context.AuthenticateAsync();
|
|
||||||
Assert.Equal(1, forwardDefault.AuthenticateCount);
|
|
||||||
|
|
||||||
await context.ForbidAsync();
|
|
||||||
Assert.Equal(1, forwardDefault.ForbidCount);
|
|
||||||
|
|
||||||
await context.ChallengeAsync();
|
|
||||||
Assert.Equal(1, forwardDefault.ChallengeCount);
|
|
||||||
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignOutAsync());
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignInAsync(new ClaimsPrincipal()));
|
|
||||||
|
|
||||||
Assert.Equal(0, selector.AuthenticateCount);
|
|
||||||
Assert.Equal(0, selector.ForbidCount);
|
|
||||||
Assert.Equal(0, selector.ChallengeCount);
|
|
||||||
Assert.Equal(0, selector.SignInCount);
|
|
||||||
Assert.Equal(0, selector.SignOutCount);
|
|
||||||
Assert.Equal(0, specific.AuthenticateCount);
|
|
||||||
Assert.Equal(0, specific.ForbidCount);
|
|
||||||
Assert.Equal(0, specific.ChallengeCount);
|
|
||||||
Assert.Equal(0, specific.SignInCount);
|
|
||||||
Assert.Equal(0, specific.SignOutCount);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task SpecificForwardWinsOverSelectorAndDefault()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = FacebookDefaults.AuthenticationScheme;
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
o.AddScheme<TestHandler3>("selector", "selector");
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
})
|
|
||||||
.AddFacebook(o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardDefaultSelector = _ => "selector";
|
|
||||||
o.ForwardAuthenticate = "specific";
|
|
||||||
o.ForwardChallenge = "specific";
|
|
||||||
o.ForwardSignIn = "specific";
|
|
||||||
o.ForwardSignOut = "specific";
|
|
||||||
o.ForwardForbid = "specific";
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
var selector = new TestHandler3();
|
|
||||||
services.AddSingleton(selector);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await context.AuthenticateAsync();
|
|
||||||
Assert.Equal(1, specific.AuthenticateCount);
|
|
||||||
|
|
||||||
await context.ForbidAsync();
|
|
||||||
Assert.Equal(1, specific.ForbidCount);
|
|
||||||
|
|
||||||
await context.ChallengeAsync();
|
|
||||||
Assert.Equal(1, specific.ChallengeCount);
|
|
||||||
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignOutAsync());
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignInAsync(new ClaimsPrincipal()));
|
|
||||||
|
|
||||||
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ForbidCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ChallengeCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignInCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignOutCount);
|
|
||||||
Assert.Equal(0, selector.AuthenticateCount);
|
|
||||||
Assert.Equal(0, selector.ForbidCount);
|
|
||||||
Assert.Equal(0, selector.ChallengeCount);
|
|
||||||
Assert.Equal(0, selector.SignInCount);
|
|
||||||
Assert.Equal(0, selector.SignOutCount);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task VerifySignInSchemeCannotBeSetToSelf()
|
|
||||||
{
|
|
||||||
var server = CreateServer(
|
|
||||||
app => { },
|
|
||||||
services => services.AddAuthentication().AddFacebook(o =>
|
|
||||||
{
|
|
||||||
o.AppId = "whatever";
|
|
||||||
o.AppSecret = "whatever";
|
|
||||||
o.SignInScheme = FacebookDefaults.AuthenticationScheme;
|
|
||||||
}),
|
|
||||||
async context =>
|
|
||||||
{
|
|
||||||
await context.ChallengeAsync("Facebook");
|
|
||||||
return true;
|
|
||||||
});
|
|
||||||
var error = await Assert.ThrowsAsync<InvalidOperationException>(() => server.SendAsync("https://example.com/challenge"));
|
|
||||||
Assert.Contains("cannot be set to itself", error.Message);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task VerifySignInSchemeCannotBeSetToSelfUsingDefaultScheme()
|
|
||||||
{
|
|
||||||
var server = CreateServer(
|
|
||||||
app => { },
|
|
||||||
services => services.AddAuthentication(o => o.DefaultScheme = FacebookDefaults.AuthenticationScheme).AddFacebook(o =>
|
|
||||||
{
|
|
||||||
o.AppId = "whatever";
|
|
||||||
o.AppSecret = "whatever";
|
|
||||||
}),
|
|
||||||
async context =>
|
|
||||||
{
|
|
||||||
await context.ChallengeAsync("Facebook");
|
|
||||||
return true;
|
|
||||||
});
|
|
||||||
var error = await Assert.ThrowsAsync<InvalidOperationException>(() => server.SendAsync("https://example.com/challenge"));
|
|
||||||
Assert.Contains("cannot be set to itself", error.Message);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task VerifySignInSchemeCannotBeSetToSelfUsingDefaultSignInScheme()
|
|
||||||
{
|
|
||||||
var server = CreateServer(
|
|
||||||
app => { },
|
|
||||||
services => services.AddAuthentication(o => o.DefaultSignInScheme = FacebookDefaults.AuthenticationScheme).AddFacebook(o =>
|
|
||||||
{
|
|
||||||
o.AppId = "whatever";
|
|
||||||
o.AppSecret = "whatever";
|
|
||||||
}),
|
|
||||||
async context =>
|
|
||||||
{
|
|
||||||
await context.ChallengeAsync("Facebook");
|
|
||||||
return true;
|
|
||||||
});
|
|
||||||
var error = await Assert.ThrowsAsync<InvalidOperationException>(() => server.SendAsync("https://example.com/challenge"));
|
|
||||||
Assert.Contains("cannot be set to itself", error.Message);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task VerifySchemeDefaults()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection();
|
|
||||||
services.AddAuthentication().AddFacebook();
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var schemeProvider = sp.GetRequiredService<IAuthenticationSchemeProvider>();
|
|
||||||
var scheme = await schemeProvider.GetSchemeAsync(FacebookDefaults.AuthenticationScheme);
|
|
||||||
Assert.NotNull(scheme);
|
|
||||||
Assert.Equal("FacebookHandler", scheme.HandlerType.Name);
|
|
||||||
Assert.Equal(FacebookDefaults.AuthenticationScheme, scheme.DisplayName);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
[Fact]
|
||||||
public async Task ThrowsIfAppIdMissing()
|
public async Task ThrowsIfAppIdMissing()
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -1,16 +1,6 @@
|
||||||
// Copyright (c) .NET Foundation. All rights reserved. See License.txt in the project root for license information.
|
// Copyright (c) .NET Foundation. All rights reserved. See License.txt in the project root for license information.
|
||||||
|
|
||||||
using System;
|
|
||||||
using System.Collections.Generic;
|
|
||||||
using System.Linq;
|
|
||||||
using System.Net;
|
|
||||||
using System.Net.Http;
|
|
||||||
using System.Security.Claims;
|
|
||||||
using System.Text;
|
|
||||||
using System.Text.Encodings.Web;
|
|
||||||
using System.Threading.Tasks;
|
|
||||||
using Microsoft.AspNetCore.Authentication.OAuth;
|
using Microsoft.AspNetCore.Authentication.OAuth;
|
||||||
using Microsoft.AspNetCore.Authentication.Tests;
|
|
||||||
using Microsoft.AspNetCore.Builder;
|
using Microsoft.AspNetCore.Builder;
|
||||||
using Microsoft.AspNetCore.DataProtection;
|
using Microsoft.AspNetCore.DataProtection;
|
||||||
using Microsoft.AspNetCore.Hosting;
|
using Microsoft.AspNetCore.Hosting;
|
||||||
|
|
@ -20,433 +10,42 @@ using Microsoft.AspNetCore.WebUtilities;
|
||||||
using Microsoft.Extensions.DependencyInjection;
|
using Microsoft.Extensions.DependencyInjection;
|
||||||
using Microsoft.Extensions.Logging.Abstractions;
|
using Microsoft.Extensions.Logging.Abstractions;
|
||||||
using Newtonsoft.Json;
|
using Newtonsoft.Json;
|
||||||
|
using System;
|
||||||
|
using System.Collections.Generic;
|
||||||
|
using System.Linq;
|
||||||
|
using System.Net;
|
||||||
|
using System.Net.Http;
|
||||||
|
using System.Security.Claims;
|
||||||
|
using System.Text;
|
||||||
|
using System.Text.Encodings.Web;
|
||||||
|
using System.Threading.Tasks;
|
||||||
using Xunit;
|
using Xunit;
|
||||||
|
|
||||||
namespace Microsoft.AspNetCore.Authentication.Google
|
namespace Microsoft.AspNetCore.Authentication.Google
|
||||||
{
|
{
|
||||||
public class GoogleTests
|
public class GoogleTests : RemoteAuthenticationTests<GoogleOptions>
|
||||||
{
|
{
|
||||||
private void ConfigureDefaults(GoogleOptions o)
|
protected override string DefaultScheme => GoogleDefaults.AuthenticationScheme;
|
||||||
|
protected override Type HandlerType => typeof(GoogleHandler);
|
||||||
|
protected override bool SupportsSignIn { get => false; }
|
||||||
|
protected override bool SupportsSignOut { get => false; }
|
||||||
|
|
||||||
|
protected override void RegisterAuth(AuthenticationBuilder services, Action<GoogleOptions> configure)
|
||||||
|
{
|
||||||
|
services.AddGoogle(o =>
|
||||||
|
{
|
||||||
|
ConfigureDefaults(o);
|
||||||
|
configure.Invoke(o);
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
protected override void ConfigureDefaults(GoogleOptions o)
|
||||||
{
|
{
|
||||||
o.ClientId = "whatever";
|
o.ClientId = "whatever";
|
||||||
o.ClientSecret = "whatever";
|
o.ClientSecret = "whatever";
|
||||||
o.SignInScheme = "auth1";
|
o.SignInScheme = "auth1";
|
||||||
}
|
}
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task CanForwardDefault()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = GoogleDefaults.AuthenticationScheme;
|
|
||||||
o.AddScheme<TestHandler>("auth1", "auth1");
|
|
||||||
})
|
|
||||||
.AddGoogle(o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
});
|
|
||||||
|
|
||||||
var forwardDefault = new TestHandler();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ForbidCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ChallengeCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignInCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignOutCount);
|
|
||||||
|
|
||||||
await context.AuthenticateAsync();
|
|
||||||
Assert.Equal(1, forwardDefault.AuthenticateCount);
|
|
||||||
|
|
||||||
await context.ForbidAsync();
|
|
||||||
Assert.Equal(1, forwardDefault.ForbidCount);
|
|
||||||
|
|
||||||
await context.ChallengeAsync();
|
|
||||||
Assert.Equal(1, forwardDefault.ChallengeCount);
|
|
||||||
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignOutAsync());
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignInAsync(new ClaimsPrincipal()));
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task ForwardSignInThrows()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = GoogleDefaults.AuthenticationScheme;
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
})
|
|
||||||
.AddGoogle(o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardSignOut = "specific";
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignInAsync(new ClaimsPrincipal()));
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task ForwardSignOutThrows()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = GoogleDefaults.AuthenticationScheme;
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
})
|
|
||||||
.AddGoogle(o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardSignOut = "specific";
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignOutAsync());
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task ForwardForbidWinsOverDefault()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = GoogleDefaults.AuthenticationScheme;
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
})
|
|
||||||
.AddGoogle(o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardForbid = "specific";
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await context.ForbidAsync();
|
|
||||||
Assert.Equal(0, specific.SignOutCount);
|
|
||||||
Assert.Equal(0, specific.AuthenticateCount);
|
|
||||||
Assert.Equal(1, specific.ForbidCount);
|
|
||||||
Assert.Equal(0, specific.ChallengeCount);
|
|
||||||
Assert.Equal(0, specific.SignInCount);
|
|
||||||
|
|
||||||
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ForbidCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ChallengeCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignInCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignOutCount);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task ForwardAuthenticateWinsOverDefault()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = GoogleDefaults.AuthenticationScheme;
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
})
|
|
||||||
.AddGoogle(o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardAuthenticate = "specific";
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await context.AuthenticateAsync();
|
|
||||||
Assert.Equal(0, specific.SignOutCount);
|
|
||||||
Assert.Equal(1, specific.AuthenticateCount);
|
|
||||||
Assert.Equal(0, specific.ForbidCount);
|
|
||||||
Assert.Equal(0, specific.ChallengeCount);
|
|
||||||
Assert.Equal(0, specific.SignInCount);
|
|
||||||
|
|
||||||
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ForbidCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ChallengeCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignInCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignOutCount);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task ForwardChallengeWinsOverDefault()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = GoogleDefaults.AuthenticationScheme;
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
})
|
|
||||||
.AddGoogle(o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardChallenge = "specific";
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await context.ChallengeAsync();
|
|
||||||
Assert.Equal(0, specific.SignOutCount);
|
|
||||||
Assert.Equal(0, specific.AuthenticateCount);
|
|
||||||
Assert.Equal(0, specific.ForbidCount);
|
|
||||||
Assert.Equal(1, specific.ChallengeCount);
|
|
||||||
Assert.Equal(0, specific.SignInCount);
|
|
||||||
|
|
||||||
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ForbidCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ChallengeCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignInCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignOutCount);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task ForwardSelectorWinsOverDefault()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = GoogleDefaults.AuthenticationScheme;
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
o.AddScheme<TestHandler3>("selector", "selector");
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
})
|
|
||||||
.AddGoogle(o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardDefaultSelector = _ => "selector";
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
var selector = new TestHandler3();
|
|
||||||
services.AddSingleton(selector);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await context.AuthenticateAsync();
|
|
||||||
Assert.Equal(1, selector.AuthenticateCount);
|
|
||||||
|
|
||||||
await context.ForbidAsync();
|
|
||||||
Assert.Equal(1, selector.ForbidCount);
|
|
||||||
|
|
||||||
await context.ChallengeAsync();
|
|
||||||
Assert.Equal(1, selector.ChallengeCount);
|
|
||||||
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignOutAsync());
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignInAsync(new ClaimsPrincipal()));
|
|
||||||
|
|
||||||
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ForbidCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ChallengeCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignInCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignOutCount);
|
|
||||||
Assert.Equal(0, specific.AuthenticateCount);
|
|
||||||
Assert.Equal(0, specific.ForbidCount);
|
|
||||||
Assert.Equal(0, specific.ChallengeCount);
|
|
||||||
Assert.Equal(0, specific.SignInCount);
|
|
||||||
Assert.Equal(0, specific.SignOutCount);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task NullForwardSelectorUsesDefault()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = GoogleDefaults.AuthenticationScheme;
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
o.AddScheme<TestHandler3>("selector", "selector");
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
})
|
|
||||||
.AddGoogle(o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardDefaultSelector = _ => null;
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
var selector = new TestHandler3();
|
|
||||||
services.AddSingleton(selector);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await context.AuthenticateAsync();
|
|
||||||
Assert.Equal(1, forwardDefault.AuthenticateCount);
|
|
||||||
|
|
||||||
await context.ForbidAsync();
|
|
||||||
Assert.Equal(1, forwardDefault.ForbidCount);
|
|
||||||
|
|
||||||
await context.ChallengeAsync();
|
|
||||||
Assert.Equal(1, forwardDefault.ChallengeCount);
|
|
||||||
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignOutAsync());
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignInAsync(new ClaimsPrincipal()));
|
|
||||||
|
|
||||||
Assert.Equal(0, selector.AuthenticateCount);
|
|
||||||
Assert.Equal(0, selector.ForbidCount);
|
|
||||||
Assert.Equal(0, selector.ChallengeCount);
|
|
||||||
Assert.Equal(0, selector.SignInCount);
|
|
||||||
Assert.Equal(0, selector.SignOutCount);
|
|
||||||
Assert.Equal(0, specific.AuthenticateCount);
|
|
||||||
Assert.Equal(0, specific.ForbidCount);
|
|
||||||
Assert.Equal(0, specific.ChallengeCount);
|
|
||||||
Assert.Equal(0, specific.SignInCount);
|
|
||||||
Assert.Equal(0, specific.SignOutCount);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task SpecificForwardWinsOverSelectorAndDefault()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = GoogleDefaults.AuthenticationScheme;
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
o.AddScheme<TestHandler3>("selector", "selector");
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
})
|
|
||||||
.AddGoogle(o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardDefaultSelector = _ => "selector";
|
|
||||||
o.ForwardAuthenticate = "specific";
|
|
||||||
o.ForwardChallenge = "specific";
|
|
||||||
o.ForwardSignIn = "specific";
|
|
||||||
o.ForwardSignOut = "specific";
|
|
||||||
o.ForwardForbid = "specific";
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
var selector = new TestHandler3();
|
|
||||||
services.AddSingleton(selector);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await context.AuthenticateAsync();
|
|
||||||
Assert.Equal(1, specific.AuthenticateCount);
|
|
||||||
|
|
||||||
await context.ForbidAsync();
|
|
||||||
Assert.Equal(1, specific.ForbidCount);
|
|
||||||
|
|
||||||
await context.ChallengeAsync();
|
|
||||||
Assert.Equal(1, specific.ChallengeCount);
|
|
||||||
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignOutAsync());
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignInAsync(new ClaimsPrincipal()));
|
|
||||||
|
|
||||||
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ForbidCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ChallengeCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignInCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignOutCount);
|
|
||||||
Assert.Equal(0, selector.AuthenticateCount);
|
|
||||||
Assert.Equal(0, selector.ForbidCount);
|
|
||||||
Assert.Equal(0, selector.ChallengeCount);
|
|
||||||
Assert.Equal(0, selector.SignInCount);
|
|
||||||
Assert.Equal(0, selector.SignOutCount);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task VerifySignInSchemeCannotBeSetToSelf()
|
|
||||||
{
|
|
||||||
var server = CreateServer(o =>
|
|
||||||
{
|
|
||||||
o.ClientId = "Test Id";
|
|
||||||
o.ClientSecret = "Test Secret";
|
|
||||||
o.SignInScheme = GoogleDefaults.AuthenticationScheme;
|
|
||||||
});
|
|
||||||
var error = await Assert.ThrowsAsync<InvalidOperationException>(() => server.SendAsync("https://example.com/challenge"));
|
|
||||||
Assert.Contains("cannot be set to itself", error.Message);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task VerifySchemeDefaults()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection();
|
|
||||||
services.AddAuthentication().AddGoogle();
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var schemeProvider = sp.GetRequiredService<IAuthenticationSchemeProvider>();
|
|
||||||
var scheme = await schemeProvider.GetSchemeAsync(GoogleDefaults.AuthenticationScheme);
|
|
||||||
Assert.NotNull(scheme);
|
|
||||||
Assert.Equal("GoogleHandler", scheme.HandlerType.Name);
|
|
||||||
Assert.Equal(GoogleDefaults.AuthenticationScheme, scheme.DisplayName);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
[Fact]
|
||||||
public async Task ChallengeWillTriggerRedirection()
|
public async Task ChallengeWillTriggerRedirection()
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -1,6 +1,12 @@
|
||||||
// Copyright (c) .NET Foundation. All rights reserved.
|
// Copyright (c) .NET Foundation. All rights reserved.
|
||||||
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
|
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
|
||||||
|
|
||||||
|
using Microsoft.AspNetCore.Builder;
|
||||||
|
using Microsoft.AspNetCore.Hosting;
|
||||||
|
using Microsoft.AspNetCore.Http;
|
||||||
|
using Microsoft.AspNetCore.TestHost;
|
||||||
|
using Microsoft.Extensions.DependencyInjection;
|
||||||
|
using Microsoft.IdentityModel.Tokens;
|
||||||
using System;
|
using System;
|
||||||
using System.IdentityModel.Tokens.Jwt;
|
using System.IdentityModel.Tokens.Jwt;
|
||||||
using System.Linq;
|
using System.Linq;
|
||||||
|
|
@ -11,428 +17,30 @@ using System.Security.Claims;
|
||||||
using System.Text;
|
using System.Text;
|
||||||
using System.Threading.Tasks;
|
using System.Threading.Tasks;
|
||||||
using System.Xml.Linq;
|
using System.Xml.Linq;
|
||||||
using Microsoft.AspNetCore.Authentication.Tests;
|
|
||||||
using Microsoft.AspNetCore.Builder;
|
|
||||||
using Microsoft.AspNetCore.Hosting;
|
|
||||||
using Microsoft.AspNetCore.Http;
|
|
||||||
using Microsoft.AspNetCore.TestHost;
|
|
||||||
using Microsoft.AspNetCore.Testing.xunit;
|
|
||||||
using Microsoft.Extensions.DependencyInjection;
|
|
||||||
using Microsoft.IdentityModel.Tokens;
|
|
||||||
using Xunit;
|
using Xunit;
|
||||||
|
|
||||||
namespace Microsoft.AspNetCore.Authentication.JwtBearer
|
namespace Microsoft.AspNetCore.Authentication.JwtBearer
|
||||||
{
|
{
|
||||||
public class JwtBearerTests
|
public class JwtBearerTests : SharedAuthenticationTests<JwtBearerOptions>
|
||||||
{
|
{
|
||||||
|
protected override string DefaultScheme => JwtBearerDefaults.AuthenticationScheme;
|
||||||
|
protected override Type HandlerType => typeof(JwtBearerHandler);
|
||||||
|
protected override bool SupportsSignIn { get => false; }
|
||||||
|
protected override bool SupportsSignOut { get => false; }
|
||||||
|
|
||||||
|
protected override void RegisterAuth(AuthenticationBuilder services, Action<JwtBearerOptions> configure)
|
||||||
|
{
|
||||||
|
services.AddJwtBearer(o =>
|
||||||
|
{
|
||||||
|
ConfigureDefaults(o);
|
||||||
|
configure.Invoke(o);
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
private void ConfigureDefaults(JwtBearerOptions o)
|
private void ConfigureDefaults(JwtBearerOptions o)
|
||||||
{
|
{
|
||||||
}
|
}
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task CanForwardDefault()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
|
|
||||||
o.AddScheme<TestHandler>("auth1", "auth1");
|
|
||||||
})
|
|
||||||
.AddJwtBearer(o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
});
|
|
||||||
|
|
||||||
var forwardDefault = new TestHandler();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ForbidCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ChallengeCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignInCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignOutCount);
|
|
||||||
|
|
||||||
await context.AuthenticateAsync();
|
|
||||||
Assert.Equal(1, forwardDefault.AuthenticateCount);
|
|
||||||
|
|
||||||
await context.ForbidAsync();
|
|
||||||
Assert.Equal(1, forwardDefault.ForbidCount);
|
|
||||||
|
|
||||||
await context.ChallengeAsync();
|
|
||||||
Assert.Equal(1, forwardDefault.ChallengeCount);
|
|
||||||
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignOutAsync());
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignInAsync(new ClaimsPrincipal()));
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task ForwardSignInThrows()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
})
|
|
||||||
.AddJwtBearer(o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardSignOut = "specific";
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignInAsync(new ClaimsPrincipal()));
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task ForwardSignOutThrows()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
})
|
|
||||||
.AddJwtBearer(o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardSignOut = "specific";
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignOutAsync());
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task ForwardForbidWinsOverDefault()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
|
|
||||||
o.DefaultSignInScheme = "auth1";
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
})
|
|
||||||
.AddJwtBearer(o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardForbid = "specific";
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await context.ForbidAsync();
|
|
||||||
Assert.Equal(0, specific.SignOutCount);
|
|
||||||
Assert.Equal(0, specific.AuthenticateCount);
|
|
||||||
Assert.Equal(1, specific.ForbidCount);
|
|
||||||
Assert.Equal(0, specific.ChallengeCount);
|
|
||||||
Assert.Equal(0, specific.SignInCount);
|
|
||||||
|
|
||||||
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ForbidCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ChallengeCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignInCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignOutCount);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task ForwardAuthenticateWinsOverDefault()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
|
|
||||||
o.DefaultSignInScheme = "auth1";
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
})
|
|
||||||
.AddJwtBearer(o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardAuthenticate = "specific";
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await context.AuthenticateAsync();
|
|
||||||
Assert.Equal(0, specific.SignOutCount);
|
|
||||||
Assert.Equal(1, specific.AuthenticateCount);
|
|
||||||
Assert.Equal(0, specific.ForbidCount);
|
|
||||||
Assert.Equal(0, specific.ChallengeCount);
|
|
||||||
Assert.Equal(0, specific.SignInCount);
|
|
||||||
|
|
||||||
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ForbidCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ChallengeCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignInCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignOutCount);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task ForwardChallengeWinsOverDefault()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
|
|
||||||
o.DefaultSignInScheme = "auth1";
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
})
|
|
||||||
.AddJwtBearer(o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardChallenge = "specific";
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await context.ChallengeAsync();
|
|
||||||
Assert.Equal(0, specific.SignOutCount);
|
|
||||||
Assert.Equal(0, specific.AuthenticateCount);
|
|
||||||
Assert.Equal(0, specific.ForbidCount);
|
|
||||||
Assert.Equal(1, specific.ChallengeCount);
|
|
||||||
Assert.Equal(0, specific.SignInCount);
|
|
||||||
|
|
||||||
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ForbidCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ChallengeCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignInCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignOutCount);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task ForwardSelectorWinsOverDefault()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
o.AddScheme<TestHandler3>("selector", "selector");
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
})
|
|
||||||
.AddJwtBearer(o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardDefaultSelector = _ => "selector";
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
var selector = new TestHandler3();
|
|
||||||
services.AddSingleton(selector);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await context.AuthenticateAsync();
|
|
||||||
Assert.Equal(1, selector.AuthenticateCount);
|
|
||||||
|
|
||||||
await context.ForbidAsync();
|
|
||||||
Assert.Equal(1, selector.ForbidCount);
|
|
||||||
|
|
||||||
await context.ChallengeAsync();
|
|
||||||
Assert.Equal(1, selector.ChallengeCount);
|
|
||||||
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignOutAsync());
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignInAsync(new ClaimsPrincipal()));
|
|
||||||
|
|
||||||
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ForbidCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ChallengeCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignInCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignOutCount);
|
|
||||||
Assert.Equal(0, specific.AuthenticateCount);
|
|
||||||
Assert.Equal(0, specific.ForbidCount);
|
|
||||||
Assert.Equal(0, specific.ChallengeCount);
|
|
||||||
Assert.Equal(0, specific.SignInCount);
|
|
||||||
Assert.Equal(0, specific.SignOutCount);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task NullForwardSelectorUsesDefault()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
o.AddScheme<TestHandler3>("selector", "selector");
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
})
|
|
||||||
.AddJwtBearer(o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardDefaultSelector = _ => null;
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
var selector = new TestHandler3();
|
|
||||||
services.AddSingleton(selector);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await context.AuthenticateAsync();
|
|
||||||
Assert.Equal(1, forwardDefault.AuthenticateCount);
|
|
||||||
|
|
||||||
await context.ForbidAsync();
|
|
||||||
Assert.Equal(1, forwardDefault.ForbidCount);
|
|
||||||
|
|
||||||
await context.ChallengeAsync();
|
|
||||||
Assert.Equal(1, forwardDefault.ChallengeCount);
|
|
||||||
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignOutAsync());
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignInAsync(new ClaimsPrincipal()));
|
|
||||||
|
|
||||||
Assert.Equal(0, selector.AuthenticateCount);
|
|
||||||
Assert.Equal(0, selector.ForbidCount);
|
|
||||||
Assert.Equal(0, selector.ChallengeCount);
|
|
||||||
Assert.Equal(0, selector.SignInCount);
|
|
||||||
Assert.Equal(0, selector.SignOutCount);
|
|
||||||
Assert.Equal(0, specific.AuthenticateCount);
|
|
||||||
Assert.Equal(0, specific.ForbidCount);
|
|
||||||
Assert.Equal(0, specific.ChallengeCount);
|
|
||||||
Assert.Equal(0, specific.SignInCount);
|
|
||||||
Assert.Equal(0, specific.SignOutCount);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task SpecificForwardWinsOverSelectorAndDefault()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
o.AddScheme<TestHandler3>("selector", "selector");
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
})
|
|
||||||
.AddJwtBearer(o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardDefaultSelector = _ => "selector";
|
|
||||||
o.ForwardAuthenticate = "specific";
|
|
||||||
o.ForwardChallenge = "specific";
|
|
||||||
o.ForwardSignIn = "specific";
|
|
||||||
o.ForwardSignOut = "specific";
|
|
||||||
o.ForwardForbid = "specific";
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
var selector = new TestHandler3();
|
|
||||||
services.AddSingleton(selector);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await context.AuthenticateAsync();
|
|
||||||
Assert.Equal(1, specific.AuthenticateCount);
|
|
||||||
|
|
||||||
await context.ForbidAsync();
|
|
||||||
Assert.Equal(1, specific.ForbidCount);
|
|
||||||
|
|
||||||
await context.ChallengeAsync();
|
|
||||||
Assert.Equal(1, specific.ChallengeCount);
|
|
||||||
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignOutAsync());
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignInAsync(new ClaimsPrincipal()));
|
|
||||||
|
|
||||||
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ForbidCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ChallengeCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignInCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignOutCount);
|
|
||||||
Assert.Equal(0, selector.AuthenticateCount);
|
|
||||||
Assert.Equal(0, selector.ForbidCount);
|
|
||||||
Assert.Equal(0, selector.ChallengeCount);
|
|
||||||
Assert.Equal(0, selector.SignInCount);
|
|
||||||
Assert.Equal(0, selector.SignOutCount);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task VerifySchemeDefaults()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection();
|
|
||||||
services.AddAuthentication().AddJwtBearer();
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var schemeProvider = sp.GetRequiredService<IAuthenticationSchemeProvider>();
|
|
||||||
var scheme = await schemeProvider.GetSchemeAsync(JwtBearerDefaults.AuthenticationScheme);
|
|
||||||
Assert.NotNull(scheme);
|
|
||||||
Assert.Equal("JwtBearerHandler", scheme.HandlerType.Name);
|
|
||||||
Assert.Null(scheme.DisplayName);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
[Fact]
|
||||||
public async Task BearerTokenValidation()
|
public async Task BearerTokenValidation()
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -1,14 +1,5 @@
|
||||||
// Copyright (c) .NET Foundation. All rights reserved. See License.txt in the project root for license information.
|
// Copyright (c) .NET Foundation. All rights reserved. See License.txt in the project root for license information.
|
||||||
|
|
||||||
using System;
|
|
||||||
using System.Collections.Generic;
|
|
||||||
using System.Linq;
|
|
||||||
using System.Net;
|
|
||||||
using System.Net.Http;
|
|
||||||
using System.Security.Claims;
|
|
||||||
using System.Text;
|
|
||||||
using System.Text.Encodings.Web;
|
|
||||||
using System.Threading.Tasks;
|
|
||||||
using Microsoft.AspNetCore.Authentication.MicrosoftAccount;
|
using Microsoft.AspNetCore.Authentication.MicrosoftAccount;
|
||||||
using Microsoft.AspNetCore.Authentication.OAuth;
|
using Microsoft.AspNetCore.Authentication.OAuth;
|
||||||
using Microsoft.AspNetCore.Builder;
|
using Microsoft.AspNetCore.Builder;
|
||||||
|
|
@ -16,438 +7,44 @@ using Microsoft.AspNetCore.DataProtection;
|
||||||
using Microsoft.AspNetCore.Hosting;
|
using Microsoft.AspNetCore.Hosting;
|
||||||
using Microsoft.AspNetCore.Http;
|
using Microsoft.AspNetCore.Http;
|
||||||
using Microsoft.AspNetCore.TestHost;
|
using Microsoft.AspNetCore.TestHost;
|
||||||
using Microsoft.Extensions.Configuration;
|
|
||||||
using Microsoft.Extensions.DependencyInjection;
|
using Microsoft.Extensions.DependencyInjection;
|
||||||
using Microsoft.Extensions.Logging.Abstractions;
|
using Microsoft.Extensions.Logging.Abstractions;
|
||||||
using Microsoft.Extensions.Options;
|
|
||||||
using Newtonsoft.Json;
|
using Newtonsoft.Json;
|
||||||
|
using System;
|
||||||
|
using System.Linq;
|
||||||
|
using System.Net;
|
||||||
|
using System.Net.Http;
|
||||||
|
using System.Security.Claims;
|
||||||
|
using System.Text;
|
||||||
|
using System.Text.Encodings.Web;
|
||||||
|
using System.Threading.Tasks;
|
||||||
using Xunit;
|
using Xunit;
|
||||||
|
|
||||||
namespace Microsoft.AspNetCore.Authentication.Tests.MicrosoftAccount
|
namespace Microsoft.AspNetCore.Authentication.Tests.MicrosoftAccount
|
||||||
{
|
{
|
||||||
public class MicrosoftAccountTests
|
public class MicrosoftAccountTests : RemoteAuthenticationTests<MicrosoftAccountOptions>
|
||||||
{
|
{
|
||||||
private void ConfigureDefaults(MicrosoftAccountOptions o)
|
protected override string DefaultScheme => MicrosoftAccountDefaults.AuthenticationScheme;
|
||||||
|
protected override Type HandlerType => typeof(MicrosoftAccountHandler);
|
||||||
|
protected override bool SupportsSignIn { get => false; }
|
||||||
|
protected override bool SupportsSignOut { get => false; }
|
||||||
|
|
||||||
|
protected override void RegisterAuth(AuthenticationBuilder services, Action<MicrosoftAccountOptions> configure)
|
||||||
|
{
|
||||||
|
services.AddMicrosoftAccount(o =>
|
||||||
|
{
|
||||||
|
ConfigureDefaults(o);
|
||||||
|
configure.Invoke(o);
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
protected override void ConfigureDefaults(MicrosoftAccountOptions o)
|
||||||
{
|
{
|
||||||
o.ClientId = "whatever";
|
o.ClientId = "whatever";
|
||||||
o.ClientSecret = "whatever";
|
o.ClientSecret = "whatever";
|
||||||
o.SignInScheme = "auth1";
|
o.SignInScheme = "auth1";
|
||||||
}
|
}
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task CanForwardDefault()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = MicrosoftAccountDefaults.AuthenticationScheme;
|
|
||||||
o.AddScheme<TestHandler>("auth1", "auth1");
|
|
||||||
})
|
|
||||||
.AddMicrosoftAccount(o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
});
|
|
||||||
|
|
||||||
var forwardDefault = new TestHandler();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ForbidCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ChallengeCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignInCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignOutCount);
|
|
||||||
|
|
||||||
await context.AuthenticateAsync();
|
|
||||||
Assert.Equal(1, forwardDefault.AuthenticateCount);
|
|
||||||
|
|
||||||
await context.ForbidAsync();
|
|
||||||
Assert.Equal(1, forwardDefault.ForbidCount);
|
|
||||||
|
|
||||||
await context.ChallengeAsync();
|
|
||||||
Assert.Equal(1, forwardDefault.ChallengeCount);
|
|
||||||
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignOutAsync());
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignInAsync(new ClaimsPrincipal()));
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task ForwardSignInThrows()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = MicrosoftAccountDefaults.AuthenticationScheme;
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
})
|
|
||||||
.AddMicrosoftAccount(o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardSignOut = "specific";
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignInAsync(new ClaimsPrincipal()));
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task ForwardSignOutThrows()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = MicrosoftAccountDefaults.AuthenticationScheme;
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
})
|
|
||||||
.AddMicrosoftAccount(o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardSignOut = "specific";
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignOutAsync());
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task ForwardForbidWinsOverDefault()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = MicrosoftAccountDefaults.AuthenticationScheme;
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
})
|
|
||||||
.AddMicrosoftAccount(o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardForbid = "specific";
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await context.ForbidAsync();
|
|
||||||
Assert.Equal(0, specific.SignOutCount);
|
|
||||||
Assert.Equal(0, specific.AuthenticateCount);
|
|
||||||
Assert.Equal(1, specific.ForbidCount);
|
|
||||||
Assert.Equal(0, specific.ChallengeCount);
|
|
||||||
Assert.Equal(0, specific.SignInCount);
|
|
||||||
|
|
||||||
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ForbidCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ChallengeCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignInCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignOutCount);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task ForwardAuthenticateWinsOverDefault()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = MicrosoftAccountDefaults.AuthenticationScheme;
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
})
|
|
||||||
.AddMicrosoftAccount(o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardAuthenticate = "specific";
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await context.AuthenticateAsync();
|
|
||||||
Assert.Equal(0, specific.SignOutCount);
|
|
||||||
Assert.Equal(1, specific.AuthenticateCount);
|
|
||||||
Assert.Equal(0, specific.ForbidCount);
|
|
||||||
Assert.Equal(0, specific.ChallengeCount);
|
|
||||||
Assert.Equal(0, specific.SignInCount);
|
|
||||||
|
|
||||||
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ForbidCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ChallengeCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignInCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignOutCount);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task ForwardChallengeWinsOverDefault()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = MicrosoftAccountDefaults.AuthenticationScheme;
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
})
|
|
||||||
.AddMicrosoftAccount(o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardChallenge = "specific";
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await context.ChallengeAsync();
|
|
||||||
Assert.Equal(0, specific.SignOutCount);
|
|
||||||
Assert.Equal(0, specific.AuthenticateCount);
|
|
||||||
Assert.Equal(0, specific.ForbidCount);
|
|
||||||
Assert.Equal(1, specific.ChallengeCount);
|
|
||||||
Assert.Equal(0, specific.SignInCount);
|
|
||||||
|
|
||||||
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ForbidCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ChallengeCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignInCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignOutCount);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task ForwardSelectorWinsOverDefault()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = MicrosoftAccountDefaults.AuthenticationScheme;
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
o.AddScheme<TestHandler3>("selector", "selector");
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
})
|
|
||||||
.AddMicrosoftAccount(o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardDefaultSelector = _ => "selector";
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
var selector = new TestHandler3();
|
|
||||||
services.AddSingleton(selector);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await context.AuthenticateAsync();
|
|
||||||
Assert.Equal(1, selector.AuthenticateCount);
|
|
||||||
|
|
||||||
await context.ForbidAsync();
|
|
||||||
Assert.Equal(1, selector.ForbidCount);
|
|
||||||
|
|
||||||
await context.ChallengeAsync();
|
|
||||||
Assert.Equal(1, selector.ChallengeCount);
|
|
||||||
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignOutAsync());
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignInAsync(new ClaimsPrincipal()));
|
|
||||||
|
|
||||||
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ForbidCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ChallengeCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignInCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignOutCount);
|
|
||||||
Assert.Equal(0, specific.AuthenticateCount);
|
|
||||||
Assert.Equal(0, specific.ForbidCount);
|
|
||||||
Assert.Equal(0, specific.ChallengeCount);
|
|
||||||
Assert.Equal(0, specific.SignInCount);
|
|
||||||
Assert.Equal(0, specific.SignOutCount);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task NullForwardSelectorUsesDefault()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = MicrosoftAccountDefaults.AuthenticationScheme;
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
o.AddScheme<TestHandler3>("selector", "selector");
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
})
|
|
||||||
.AddMicrosoftAccount(o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardDefaultSelector = _ => null;
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
var selector = new TestHandler3();
|
|
||||||
services.AddSingleton(selector);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await context.AuthenticateAsync();
|
|
||||||
Assert.Equal(1, forwardDefault.AuthenticateCount);
|
|
||||||
|
|
||||||
await context.ForbidAsync();
|
|
||||||
Assert.Equal(1, forwardDefault.ForbidCount);
|
|
||||||
|
|
||||||
await context.ChallengeAsync();
|
|
||||||
Assert.Equal(1, forwardDefault.ChallengeCount);
|
|
||||||
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignOutAsync());
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignInAsync(new ClaimsPrincipal()));
|
|
||||||
|
|
||||||
Assert.Equal(0, selector.AuthenticateCount);
|
|
||||||
Assert.Equal(0, selector.ForbidCount);
|
|
||||||
Assert.Equal(0, selector.ChallengeCount);
|
|
||||||
Assert.Equal(0, selector.SignInCount);
|
|
||||||
Assert.Equal(0, selector.SignOutCount);
|
|
||||||
Assert.Equal(0, specific.AuthenticateCount);
|
|
||||||
Assert.Equal(0, specific.ForbidCount);
|
|
||||||
Assert.Equal(0, specific.ChallengeCount);
|
|
||||||
Assert.Equal(0, specific.SignInCount);
|
|
||||||
Assert.Equal(0, specific.SignOutCount);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task SpecificForwardWinsOverSelectorAndDefault()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = MicrosoftAccountDefaults.AuthenticationScheme;
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
o.AddScheme<TestHandler3>("selector", "selector");
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
})
|
|
||||||
.AddMicrosoftAccount(o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardDefaultSelector = _ => "selector";
|
|
||||||
o.ForwardAuthenticate = "specific";
|
|
||||||
o.ForwardChallenge = "specific";
|
|
||||||
o.ForwardSignIn = "specific";
|
|
||||||
o.ForwardSignOut = "specific";
|
|
||||||
o.ForwardForbid = "specific";
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
var selector = new TestHandler3();
|
|
||||||
services.AddSingleton(selector);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await context.AuthenticateAsync();
|
|
||||||
Assert.Equal(1, specific.AuthenticateCount);
|
|
||||||
|
|
||||||
await context.ForbidAsync();
|
|
||||||
Assert.Equal(1, specific.ForbidCount);
|
|
||||||
|
|
||||||
await context.ChallengeAsync();
|
|
||||||
Assert.Equal(1, specific.ChallengeCount);
|
|
||||||
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignOutAsync());
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignInAsync(new ClaimsPrincipal()));
|
|
||||||
|
|
||||||
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ForbidCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ChallengeCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignInCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignOutCount);
|
|
||||||
Assert.Equal(0, selector.AuthenticateCount);
|
|
||||||
Assert.Equal(0, selector.ForbidCount);
|
|
||||||
Assert.Equal(0, selector.ChallengeCount);
|
|
||||||
Assert.Equal(0, selector.SignInCount);
|
|
||||||
Assert.Equal(0, selector.SignOutCount);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task VerifySignInSchemeCannotBeSetToSelf()
|
|
||||||
{
|
|
||||||
var server = CreateServer(o =>
|
|
||||||
{
|
|
||||||
o.ClientId = "Test Id";
|
|
||||||
o.ClientSecret = "Test Secret";
|
|
||||||
o.SignInScheme = MicrosoftAccountDefaults.AuthenticationScheme;
|
|
||||||
});
|
|
||||||
var error = await Assert.ThrowsAsync<InvalidOperationException>(() => server.SendAsync("https://example.com/challenge"));
|
|
||||||
Assert.Contains("cannot be set to itself", error.Message);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task VerifySchemeDefaults()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection();
|
|
||||||
services.AddAuthentication().AddMicrosoftAccount();
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var schemeProvider = sp.GetRequiredService<IAuthenticationSchemeProvider>();
|
|
||||||
var scheme = await schemeProvider.GetSchemeAsync(MicrosoftAccountDefaults.AuthenticationScheme);
|
|
||||||
Assert.NotNull(scheme);
|
|
||||||
Assert.Equal("MicrosoftAccountHandler", scheme.HandlerType.Name);
|
|
||||||
Assert.Equal(MicrosoftAccountDefaults.AuthenticationScheme, scheme.DisplayName);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
[Fact]
|
||||||
public async Task ChallengeWillTriggerApplyRedirectEvent()
|
public async Task ChallengeWillTriggerApplyRedirectEvent()
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -1,447 +1,34 @@
|
||||||
// Copyright (c) .NET Foundation. All rights reserved.
|
// Copyright (c) .NET Foundation. All rights reserved.
|
||||||
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
|
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
|
||||||
|
|
||||||
using System;
|
|
||||||
using System.Collections.Generic;
|
|
||||||
using System.Net;
|
|
||||||
using System.Security.Claims;
|
|
||||||
using System.Threading.Tasks;
|
|
||||||
using Microsoft.AspNetCore.Authentication.Cookies;
|
using Microsoft.AspNetCore.Authentication.Cookies;
|
||||||
using Microsoft.AspNetCore.Authentication.Tests;
|
|
||||||
using Microsoft.AspNetCore.Builder;
|
using Microsoft.AspNetCore.Builder;
|
||||||
using Microsoft.AspNetCore.Hosting;
|
using Microsoft.AspNetCore.Hosting;
|
||||||
using Microsoft.AspNetCore.Http;
|
using Microsoft.AspNetCore.Http;
|
||||||
using Microsoft.AspNetCore.TestHost;
|
using Microsoft.AspNetCore.TestHost;
|
||||||
using Microsoft.Extensions.DependencyInjection;
|
using Microsoft.Extensions.DependencyInjection;
|
||||||
|
using System;
|
||||||
|
using System.Collections.Generic;
|
||||||
|
using System.Net;
|
||||||
|
using System.Threading.Tasks;
|
||||||
using Xunit;
|
using Xunit;
|
||||||
|
|
||||||
namespace Microsoft.AspNetCore.Authentication.OAuth
|
namespace Microsoft.AspNetCore.Authentication.OAuth
|
||||||
{
|
{
|
||||||
public class OAuthTests
|
public class OAuthTests : RemoteAuthenticationTests<OAuthOptions>
|
||||||
{
|
{
|
||||||
[Fact]
|
protected override string DefaultScheme => OAuthDefaults.DisplayName;
|
||||||
public async Task CanForwardDefault()
|
protected override Type HandlerType => typeof(OAuthHandler<OAuthOptions>);
|
||||||
{
|
protected override bool SupportsSignIn { get => false; }
|
||||||
var services = new ServiceCollection().AddLogging();
|
protected override bool SupportsSignOut { get => false; }
|
||||||
|
|
||||||
services.AddAuthentication(o =>
|
protected override void RegisterAuth(AuthenticationBuilder services, Action<OAuthOptions> configure)
|
||||||
{
|
{
|
||||||
o.DefaultScheme = "default";
|
services.AddOAuth(DefaultScheme, o =>
|
||||||
o.AddScheme<TestHandler>("auth1", "auth1");
|
|
||||||
})
|
|
||||||
.AddOAuth("default", o =>
|
|
||||||
{
|
{
|
||||||
ConfigureDefaults(o);
|
ConfigureDefaults(o);
|
||||||
o.SignInScheme = "auth1";
|
configure.Invoke(o);
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
});
|
});
|
||||||
|
|
||||||
var forwardDefault = new TestHandler();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ForbidCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ChallengeCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignInCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignOutCount);
|
|
||||||
|
|
||||||
await context.AuthenticateAsync();
|
|
||||||
Assert.Equal(1, forwardDefault.AuthenticateCount);
|
|
||||||
|
|
||||||
await context.ForbidAsync();
|
|
||||||
Assert.Equal(1, forwardDefault.ForbidCount);
|
|
||||||
|
|
||||||
await context.ChallengeAsync();
|
|
||||||
Assert.Equal(1, forwardDefault.ChallengeCount);
|
|
||||||
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignOutAsync());
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignInAsync(new ClaimsPrincipal()));
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task ForwardSignInThrows()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = "default";
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
})
|
|
||||||
.AddOAuth("default", o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.SignInScheme = "auth1";
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardSignOut = "specific";
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignInAsync(new ClaimsPrincipal()));
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task ForwardSignOutThrows()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = "default";
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
})
|
|
||||||
.AddOAuth("default", o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.SignInScheme = "auth1";
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardSignOut = "specific";
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignOutAsync());
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task ForwardForbidWinsOverDefault()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = "default";
|
|
||||||
o.DefaultSignInScheme = "auth1";
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
})
|
|
||||||
.AddOAuth("default", o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardForbid = "specific";
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await context.ForbidAsync();
|
|
||||||
Assert.Equal(0, specific.SignOutCount);
|
|
||||||
Assert.Equal(0, specific.AuthenticateCount);
|
|
||||||
Assert.Equal(1, specific.ForbidCount);
|
|
||||||
Assert.Equal(0, specific.ChallengeCount);
|
|
||||||
Assert.Equal(0, specific.SignInCount);
|
|
||||||
|
|
||||||
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ForbidCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ChallengeCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignInCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignOutCount);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task ForwardAuthenticateWinsOverDefault()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = "default";
|
|
||||||
o.DefaultSignInScheme = "auth1";
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
})
|
|
||||||
.AddOAuth("default", o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardAuthenticate = "specific";
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await context.AuthenticateAsync();
|
|
||||||
Assert.Equal(0, specific.SignOutCount);
|
|
||||||
Assert.Equal(1, specific.AuthenticateCount);
|
|
||||||
Assert.Equal(0, specific.ForbidCount);
|
|
||||||
Assert.Equal(0, specific.ChallengeCount);
|
|
||||||
Assert.Equal(0, specific.SignInCount);
|
|
||||||
|
|
||||||
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ForbidCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ChallengeCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignInCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignOutCount);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task ForwardChallengeWinsOverDefault()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = "default";
|
|
||||||
o.DefaultSignInScheme = "auth1";
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
})
|
|
||||||
.AddOAuth("default", o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardChallenge = "specific";
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await context.ChallengeAsync();
|
|
||||||
Assert.Equal(0, specific.SignOutCount);
|
|
||||||
Assert.Equal(0, specific.AuthenticateCount);
|
|
||||||
Assert.Equal(0, specific.ForbidCount);
|
|
||||||
Assert.Equal(1, specific.ChallengeCount);
|
|
||||||
Assert.Equal(0, specific.SignInCount);
|
|
||||||
|
|
||||||
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ForbidCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ChallengeCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignInCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignOutCount);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task ForwardSelectorWinsOverDefault()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = "default";
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
o.AddScheme<TestHandler3>("selector", "selector");
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
})
|
|
||||||
.AddOAuth("default", o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardDefaultSelector = _ => "selector";
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
var selector = new TestHandler3();
|
|
||||||
services.AddSingleton(selector);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await context.AuthenticateAsync();
|
|
||||||
Assert.Equal(1, selector.AuthenticateCount);
|
|
||||||
|
|
||||||
await context.ForbidAsync();
|
|
||||||
Assert.Equal(1, selector.ForbidCount);
|
|
||||||
|
|
||||||
await context.ChallengeAsync();
|
|
||||||
Assert.Equal(1, selector.ChallengeCount);
|
|
||||||
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignOutAsync());
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignInAsync(new ClaimsPrincipal()));
|
|
||||||
|
|
||||||
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ForbidCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ChallengeCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignInCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignOutCount);
|
|
||||||
Assert.Equal(0, specific.AuthenticateCount);
|
|
||||||
Assert.Equal(0, specific.ForbidCount);
|
|
||||||
Assert.Equal(0, specific.ChallengeCount);
|
|
||||||
Assert.Equal(0, specific.SignInCount);
|
|
||||||
Assert.Equal(0, specific.SignOutCount);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task NullForwardSelectorUsesDefault()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = "default";
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
o.AddScheme<TestHandler3>("selector", "selector");
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
})
|
|
||||||
.AddOAuth("default", o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardDefaultSelector = _ => null;
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
var selector = new TestHandler3();
|
|
||||||
services.AddSingleton(selector);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await context.AuthenticateAsync();
|
|
||||||
Assert.Equal(1, forwardDefault.AuthenticateCount);
|
|
||||||
|
|
||||||
await context.ForbidAsync();
|
|
||||||
Assert.Equal(1, forwardDefault.ForbidCount);
|
|
||||||
|
|
||||||
await context.ChallengeAsync();
|
|
||||||
Assert.Equal(1, forwardDefault.ChallengeCount);
|
|
||||||
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignOutAsync());
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignInAsync(new ClaimsPrincipal()));
|
|
||||||
|
|
||||||
Assert.Equal(0, selector.AuthenticateCount);
|
|
||||||
Assert.Equal(0, selector.ForbidCount);
|
|
||||||
Assert.Equal(0, selector.ChallengeCount);
|
|
||||||
Assert.Equal(0, selector.SignInCount);
|
|
||||||
Assert.Equal(0, selector.SignOutCount);
|
|
||||||
Assert.Equal(0, specific.AuthenticateCount);
|
|
||||||
Assert.Equal(0, specific.ForbidCount);
|
|
||||||
Assert.Equal(0, specific.ChallengeCount);
|
|
||||||
Assert.Equal(0, specific.SignInCount);
|
|
||||||
Assert.Equal(0, specific.SignOutCount);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task SpecificForwardWinsOverSelectorAndDefault()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = "default";
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
o.AddScheme<TestHandler3>("selector", "selector");
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
})
|
|
||||||
.AddOAuth("default", o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardDefaultSelector = _ => "selector";
|
|
||||||
o.ForwardAuthenticate = "specific";
|
|
||||||
o.ForwardChallenge = "specific";
|
|
||||||
o.ForwardSignIn = "specific";
|
|
||||||
o.ForwardSignOut = "specific";
|
|
||||||
o.ForwardForbid = "specific";
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
var selector = new TestHandler3();
|
|
||||||
services.AddSingleton(selector);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await context.AuthenticateAsync();
|
|
||||||
Assert.Equal(1, specific.AuthenticateCount);
|
|
||||||
|
|
||||||
await context.ForbidAsync();
|
|
||||||
Assert.Equal(1, specific.ForbidCount);
|
|
||||||
|
|
||||||
await context.ChallengeAsync();
|
|
||||||
Assert.Equal(1, specific.ChallengeCount);
|
|
||||||
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignOutAsync());
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignInAsync(new ClaimsPrincipal()));
|
|
||||||
|
|
||||||
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ForbidCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ChallengeCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignInCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignOutCount);
|
|
||||||
Assert.Equal(0, selector.AuthenticateCount);
|
|
||||||
Assert.Equal(0, selector.ForbidCount);
|
|
||||||
Assert.Equal(0, selector.ChallengeCount);
|
|
||||||
Assert.Equal(0, selector.SignInCount);
|
|
||||||
Assert.Equal(0, selector.SignOutCount);
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task VerifySignInSchemeCannotBeSetToSelf()
|
|
||||||
{
|
|
||||||
var server = CreateServer(
|
|
||||||
services => services.AddAuthentication().AddOAuth("weeblie", o =>
|
|
||||||
{
|
|
||||||
o.SignInScheme = "weeblie";
|
|
||||||
o.ClientId = "whatever";
|
|
||||||
o.ClientSecret = "whatever";
|
|
||||||
o.CallbackPath = "/whatever";
|
|
||||||
o.AuthorizationEndpoint = "/whatever";
|
|
||||||
o.TokenEndpoint = "/whatever";
|
|
||||||
}));
|
|
||||||
var error = await Assert.ThrowsAsync<InvalidOperationException>(() => server.SendAsync("https://example.com/"));
|
|
||||||
Assert.Contains("cannot be set to itself", error.Message);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task VerifySchemeDefaults()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection();
|
|
||||||
services.AddAuthentication().AddOAuth("oauth", o => { });
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var schemeProvider = sp.GetRequiredService<IAuthenticationSchemeProvider>();
|
|
||||||
var scheme = await schemeProvider.GetSchemeAsync("oauth");
|
|
||||||
Assert.NotNull(scheme);
|
|
||||||
Assert.Equal("OAuthHandler`1", scheme.HandlerType.Name);
|
|
||||||
Assert.Equal(OAuthDefaults.DisplayName, scheme.DisplayName);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
[Fact]
|
[Fact]
|
||||||
|
|
@ -654,7 +241,7 @@ namespace Microsoft.AspNetCore.Authentication.OAuth
|
||||||
Assert.Contains("scope=baz%20qux", res.Headers.Location.Query);
|
Assert.Contains("scope=baz%20qux", res.Headers.Location.Query);
|
||||||
}
|
}
|
||||||
|
|
||||||
private void ConfigureDefaults(OAuthOptions o)
|
protected override void ConfigureDefaults(OAuthOptions o)
|
||||||
{
|
{
|
||||||
o.ClientId = "Test Id";
|
o.ClientId = "Test Id";
|
||||||
o.ClientSecret = "secret";
|
o.ClientSecret = "secret";
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,92 @@
|
||||||
|
// Copyright (c) .NET Foundation. All rights reserved.
|
||||||
|
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
|
||||||
|
|
||||||
|
using Microsoft.AspNetCore.Builder;
|
||||||
|
using Microsoft.AspNetCore.Hosting;
|
||||||
|
using Microsoft.AspNetCore.Http;
|
||||||
|
using Microsoft.AspNetCore.TestHost;
|
||||||
|
using Microsoft.Extensions.DependencyInjection;
|
||||||
|
using System;
|
||||||
|
using System.Threading.Tasks;
|
||||||
|
using Xunit;
|
||||||
|
|
||||||
|
namespace Microsoft.AspNetCore.Authentication
|
||||||
|
{
|
||||||
|
public abstract class RemoteAuthenticationTests<TOptions> : SharedAuthenticationTests<TOptions> where TOptions : RemoteAuthenticationOptions
|
||||||
|
{
|
||||||
|
protected override string DisplayName => DefaultScheme;
|
||||||
|
|
||||||
|
private TestServer CreateServer(Action<TOptions> configureOptions, Func<HttpContext, Task> testpath = null, bool isDefault = true)
|
||||||
|
=> CreateServerWithServices(s =>
|
||||||
|
{
|
||||||
|
var builder = s.AddAuthentication();
|
||||||
|
if (isDefault)
|
||||||
|
{
|
||||||
|
s.Configure<AuthenticationOptions>(o => o.DefaultScheme = DefaultScheme);
|
||||||
|
}
|
||||||
|
RegisterAuth(builder, configureOptions);
|
||||||
|
s.AddSingleton<ISystemClock>(Clock);
|
||||||
|
}, testpath);
|
||||||
|
|
||||||
|
|
||||||
|
protected virtual TestServer CreateServerWithServices(Action<IServiceCollection> configureServices, Func<HttpContext, Task> testpath = null)
|
||||||
|
{
|
||||||
|
//private static TestServer CreateServer(Action<IApplicationBuilder> configure, Action<IServiceCollection> configureServices, Func<HttpContext, Task<bool>> handler)
|
||||||
|
var builder = new WebHostBuilder()
|
||||||
|
.Configure(app =>
|
||||||
|
{
|
||||||
|
app.Use(async (context, next) =>
|
||||||
|
{
|
||||||
|
if (testpath != null)
|
||||||
|
{
|
||||||
|
await testpath(context);
|
||||||
|
}
|
||||||
|
await next();
|
||||||
|
});
|
||||||
|
})
|
||||||
|
.ConfigureServices(configureServices);
|
||||||
|
return new TestServer(builder);
|
||||||
|
}
|
||||||
|
|
||||||
|
protected abstract void ConfigureDefaults(TOptions o);
|
||||||
|
|
||||||
|
[Fact]
|
||||||
|
public async Task VerifySignInSchemeCannotBeSetToSelf()
|
||||||
|
{
|
||||||
|
var server = CreateServer(
|
||||||
|
o =>
|
||||||
|
{
|
||||||
|
ConfigureDefaults(o);
|
||||||
|
o.SignInScheme = DefaultScheme;
|
||||||
|
},
|
||||||
|
context => context.ChallengeAsync(DefaultScheme));
|
||||||
|
var error = await Assert.ThrowsAsync<InvalidOperationException>(() => server.SendAsync("https://example.com/challenge"));
|
||||||
|
Assert.Contains("cannot be set to itself", error.Message);
|
||||||
|
}
|
||||||
|
|
||||||
|
[Fact]
|
||||||
|
public async Task VerifySignInSchemeCannotBeSetToSelfUsingDefaultScheme()
|
||||||
|
{
|
||||||
|
var server = CreateServer(
|
||||||
|
o => o.SignInScheme = null,
|
||||||
|
context => context.ChallengeAsync(DefaultScheme),
|
||||||
|
isDefault: true);
|
||||||
|
var error = await Assert.ThrowsAsync<InvalidOperationException>(() => server.SendAsync("https://example.com/challenge"));
|
||||||
|
Assert.Contains("cannot be set to itself", error.Message);
|
||||||
|
}
|
||||||
|
|
||||||
|
[Fact]
|
||||||
|
public async Task VerifySignInSchemeCannotBeSetToSelfUsingDefaultSignInScheme()
|
||||||
|
{
|
||||||
|
var server = CreateServerWithServices(
|
||||||
|
services =>
|
||||||
|
{
|
||||||
|
var builder = services.AddAuthentication(o => o.DefaultSignInScheme = DefaultScheme);
|
||||||
|
RegisterAuth(builder, o => o.SignInScheme = null);
|
||||||
|
},
|
||||||
|
context => context.ChallengeAsync(DefaultScheme));
|
||||||
|
var error = await Assert.ThrowsAsync<InvalidOperationException>(() => server.SendAsync("https://example.com/challenge"));
|
||||||
|
Assert.Contains("cannot be set to itself", error.Message);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
@ -0,0 +1,510 @@
|
||||||
|
// Copyright (c) .NET Foundation. All rights reserved.
|
||||||
|
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
|
||||||
|
|
||||||
|
using Microsoft.AspNetCore.Authentication.Tests;
|
||||||
|
using Microsoft.AspNetCore.Http;
|
||||||
|
using Microsoft.Extensions.DependencyInjection;
|
||||||
|
using System;
|
||||||
|
using System.Security.Claims;
|
||||||
|
using System.Threading.Tasks;
|
||||||
|
using Xunit;
|
||||||
|
|
||||||
|
namespace Microsoft.AspNetCore.Authentication
|
||||||
|
{
|
||||||
|
public abstract class SharedAuthenticationTests<TOptions> where TOptions : AuthenticationSchemeOptions
|
||||||
|
{
|
||||||
|
protected TestClock Clock { get; } = new TestClock();
|
||||||
|
|
||||||
|
protected abstract string DefaultScheme { get; }
|
||||||
|
protected virtual string DisplayName { get; }
|
||||||
|
protected abstract Type HandlerType { get; }
|
||||||
|
|
||||||
|
protected virtual bool SupportsSignIn { get => true; }
|
||||||
|
protected virtual bool SupportsSignOut { get => true; }
|
||||||
|
|
||||||
|
protected abstract void RegisterAuth(AuthenticationBuilder services, Action<TOptions> configure);
|
||||||
|
|
||||||
|
[Fact]
|
||||||
|
public async Task CanForwardDefault()
|
||||||
|
{
|
||||||
|
var services = new ServiceCollection().AddLogging();
|
||||||
|
|
||||||
|
var builder = services.AddAuthentication(o =>
|
||||||
|
{
|
||||||
|
o.DefaultScheme = DefaultScheme;
|
||||||
|
o.AddScheme<TestHandler>("auth1", "auth1");
|
||||||
|
});
|
||||||
|
RegisterAuth(builder, o => o.ForwardDefault = "auth1");
|
||||||
|
|
||||||
|
var forwardDefault = new TestHandler();
|
||||||
|
services.AddSingleton(forwardDefault);
|
||||||
|
|
||||||
|
var sp = services.BuildServiceProvider();
|
||||||
|
var context = new DefaultHttpContext();
|
||||||
|
context.RequestServices = sp;
|
||||||
|
|
||||||
|
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
||||||
|
Assert.Equal(0, forwardDefault.ForbidCount);
|
||||||
|
Assert.Equal(0, forwardDefault.ChallengeCount);
|
||||||
|
Assert.Equal(0, forwardDefault.SignInCount);
|
||||||
|
Assert.Equal(0, forwardDefault.SignOutCount);
|
||||||
|
|
||||||
|
await context.AuthenticateAsync();
|
||||||
|
Assert.Equal(1, forwardDefault.AuthenticateCount);
|
||||||
|
|
||||||
|
await context.ForbidAsync();
|
||||||
|
Assert.Equal(1, forwardDefault.ForbidCount);
|
||||||
|
|
||||||
|
await context.ChallengeAsync();
|
||||||
|
Assert.Equal(1, forwardDefault.ChallengeCount);
|
||||||
|
|
||||||
|
if (SupportsSignOut)
|
||||||
|
{
|
||||||
|
await context.SignOutAsync();
|
||||||
|
Assert.Equal(1, forwardDefault.SignOutCount);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignOutAsync());
|
||||||
|
}
|
||||||
|
|
||||||
|
if (SupportsSignIn)
|
||||||
|
{
|
||||||
|
await context.SignInAsync(new ClaimsPrincipal());
|
||||||
|
Assert.Equal(1, forwardDefault.SignInCount);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignInAsync(new ClaimsPrincipal()));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
[Fact]
|
||||||
|
public async Task ForwardSignInWinsOverDefault()
|
||||||
|
{
|
||||||
|
if (SupportsSignIn)
|
||||||
|
{
|
||||||
|
var services = new ServiceCollection().AddLogging();
|
||||||
|
|
||||||
|
var builder = services.AddAuthentication(o =>
|
||||||
|
{
|
||||||
|
o.DefaultScheme = DefaultScheme;
|
||||||
|
o.AddScheme<TestHandler2>("auth1", "auth1");
|
||||||
|
o.AddScheme<TestHandler>("specific", "specific");
|
||||||
|
});
|
||||||
|
RegisterAuth(builder, o =>
|
||||||
|
{
|
||||||
|
o.ForwardDefault = "auth1";
|
||||||
|
o.ForwardSignIn = "specific";
|
||||||
|
});
|
||||||
|
|
||||||
|
var specific = new TestHandler();
|
||||||
|
services.AddSingleton(specific);
|
||||||
|
var forwardDefault = new TestHandler2();
|
||||||
|
services.AddSingleton(forwardDefault);
|
||||||
|
|
||||||
|
var sp = services.BuildServiceProvider();
|
||||||
|
var context = new DefaultHttpContext();
|
||||||
|
context.RequestServices = sp;
|
||||||
|
|
||||||
|
await context.SignInAsync(new ClaimsPrincipal());
|
||||||
|
Assert.Equal(1, specific.SignInCount);
|
||||||
|
Assert.Equal(0, specific.AuthenticateCount);
|
||||||
|
Assert.Equal(0, specific.ForbidCount);
|
||||||
|
Assert.Equal(0, specific.ChallengeCount);
|
||||||
|
Assert.Equal(0, specific.SignOutCount);
|
||||||
|
|
||||||
|
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
||||||
|
Assert.Equal(0, forwardDefault.ForbidCount);
|
||||||
|
Assert.Equal(0, forwardDefault.ChallengeCount);
|
||||||
|
Assert.Equal(0, forwardDefault.SignInCount);
|
||||||
|
Assert.Equal(0, forwardDefault.SignOutCount);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
[Fact]
|
||||||
|
public async Task ForwardSignOutWinsOverDefault()
|
||||||
|
{
|
||||||
|
if (SupportsSignOut)
|
||||||
|
{
|
||||||
|
var services = new ServiceCollection().AddLogging();
|
||||||
|
var builder = services.AddAuthentication(o =>
|
||||||
|
{
|
||||||
|
o.DefaultScheme = DefaultScheme;
|
||||||
|
o.AddScheme<TestHandler2>("auth1", "auth1");
|
||||||
|
o.AddScheme<TestHandler>("specific", "specific");
|
||||||
|
});
|
||||||
|
RegisterAuth(builder, o =>
|
||||||
|
{
|
||||||
|
o.ForwardDefault = "auth1";
|
||||||
|
o.ForwardSignOut = "specific";
|
||||||
|
});
|
||||||
|
|
||||||
|
var specific = new TestHandler();
|
||||||
|
services.AddSingleton(specific);
|
||||||
|
var forwardDefault = new TestHandler2();
|
||||||
|
services.AddSingleton(forwardDefault);
|
||||||
|
|
||||||
|
var sp = services.BuildServiceProvider();
|
||||||
|
var context = new DefaultHttpContext();
|
||||||
|
context.RequestServices = sp;
|
||||||
|
|
||||||
|
await context.SignOutAsync();
|
||||||
|
Assert.Equal(1, specific.SignOutCount);
|
||||||
|
Assert.Equal(0, specific.AuthenticateCount);
|
||||||
|
Assert.Equal(0, specific.ForbidCount);
|
||||||
|
Assert.Equal(0, specific.ChallengeCount);
|
||||||
|
Assert.Equal(0, specific.SignInCount);
|
||||||
|
|
||||||
|
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
||||||
|
Assert.Equal(0, forwardDefault.ForbidCount);
|
||||||
|
Assert.Equal(0, forwardDefault.ChallengeCount);
|
||||||
|
Assert.Equal(0, forwardDefault.SignInCount);
|
||||||
|
Assert.Equal(0, forwardDefault.SignOutCount);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
[Fact]
|
||||||
|
public async Task ForwardForbidWinsOverDefault()
|
||||||
|
{
|
||||||
|
var services = new ServiceCollection().AddLogging();
|
||||||
|
var builder = services.AddAuthentication(o =>
|
||||||
|
{
|
||||||
|
o.DefaultScheme = DefaultScheme;
|
||||||
|
o.AddScheme<TestHandler2>("auth1", "auth1");
|
||||||
|
o.AddScheme<TestHandler>("specific", "specific");
|
||||||
|
});
|
||||||
|
RegisterAuth(builder, o =>
|
||||||
|
{
|
||||||
|
o.ForwardDefault = "auth1";
|
||||||
|
o.ForwardForbid = "specific";
|
||||||
|
});
|
||||||
|
|
||||||
|
var specific = new TestHandler();
|
||||||
|
services.AddSingleton(specific);
|
||||||
|
var forwardDefault = new TestHandler2();
|
||||||
|
services.AddSingleton(forwardDefault);
|
||||||
|
|
||||||
|
var sp = services.BuildServiceProvider();
|
||||||
|
var context = new DefaultHttpContext();
|
||||||
|
context.RequestServices = sp;
|
||||||
|
|
||||||
|
await context.ForbidAsync();
|
||||||
|
Assert.Equal(0, specific.SignOutCount);
|
||||||
|
Assert.Equal(0, specific.AuthenticateCount);
|
||||||
|
Assert.Equal(1, specific.ForbidCount);
|
||||||
|
Assert.Equal(0, specific.ChallengeCount);
|
||||||
|
Assert.Equal(0, specific.SignInCount);
|
||||||
|
|
||||||
|
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
||||||
|
Assert.Equal(0, forwardDefault.ForbidCount);
|
||||||
|
Assert.Equal(0, forwardDefault.ChallengeCount);
|
||||||
|
Assert.Equal(0, forwardDefault.SignInCount);
|
||||||
|
Assert.Equal(0, forwardDefault.SignOutCount);
|
||||||
|
}
|
||||||
|
|
||||||
|
[Fact]
|
||||||
|
public async Task ForwardAuthenticateWinsOverDefault()
|
||||||
|
{
|
||||||
|
var services = new ServiceCollection().AddLogging();
|
||||||
|
var builder = services.AddAuthentication(o =>
|
||||||
|
{
|
||||||
|
o.DefaultScheme = DefaultScheme;
|
||||||
|
o.AddScheme<TestHandler2>("auth1", "auth1");
|
||||||
|
o.AddScheme<TestHandler>("specific", "specific");
|
||||||
|
});
|
||||||
|
RegisterAuth(builder, o =>
|
||||||
|
{
|
||||||
|
o.ForwardDefault = "auth1";
|
||||||
|
o.ForwardAuthenticate = "specific";
|
||||||
|
});
|
||||||
|
|
||||||
|
var specific = new TestHandler();
|
||||||
|
services.AddSingleton(specific);
|
||||||
|
var forwardDefault = new TestHandler2();
|
||||||
|
services.AddSingleton(forwardDefault);
|
||||||
|
|
||||||
|
var sp = services.BuildServiceProvider();
|
||||||
|
var context = new DefaultHttpContext();
|
||||||
|
context.RequestServices = sp;
|
||||||
|
|
||||||
|
await context.AuthenticateAsync();
|
||||||
|
Assert.Equal(0, specific.SignOutCount);
|
||||||
|
Assert.Equal(1, specific.AuthenticateCount);
|
||||||
|
Assert.Equal(0, specific.ForbidCount);
|
||||||
|
Assert.Equal(0, specific.ChallengeCount);
|
||||||
|
Assert.Equal(0, specific.SignInCount);
|
||||||
|
|
||||||
|
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
||||||
|
Assert.Equal(0, forwardDefault.ForbidCount);
|
||||||
|
Assert.Equal(0, forwardDefault.ChallengeCount);
|
||||||
|
Assert.Equal(0, forwardDefault.SignInCount);
|
||||||
|
Assert.Equal(0, forwardDefault.SignOutCount);
|
||||||
|
}
|
||||||
|
|
||||||
|
[Fact]
|
||||||
|
public async Task ForwardChallengeWinsOverDefault()
|
||||||
|
{
|
||||||
|
var services = new ServiceCollection().AddLogging();
|
||||||
|
var builder = services.AddAuthentication(o =>
|
||||||
|
{
|
||||||
|
o.DefaultScheme = DefaultScheme;
|
||||||
|
o.AddScheme<TestHandler2>("auth1", "auth1");
|
||||||
|
o.AddScheme<TestHandler>("specific", "specific");
|
||||||
|
});
|
||||||
|
RegisterAuth(builder, o =>
|
||||||
|
{
|
||||||
|
o.ForwardDefault = "auth1";
|
||||||
|
o.ForwardChallenge = "specific";
|
||||||
|
});
|
||||||
|
|
||||||
|
var specific = new TestHandler();
|
||||||
|
services.AddSingleton(specific);
|
||||||
|
var forwardDefault = new TestHandler2();
|
||||||
|
services.AddSingleton(forwardDefault);
|
||||||
|
|
||||||
|
var sp = services.BuildServiceProvider();
|
||||||
|
var context = new DefaultHttpContext();
|
||||||
|
context.RequestServices = sp;
|
||||||
|
|
||||||
|
await context.ChallengeAsync();
|
||||||
|
Assert.Equal(0, specific.SignOutCount);
|
||||||
|
Assert.Equal(0, specific.AuthenticateCount);
|
||||||
|
Assert.Equal(0, specific.ForbidCount);
|
||||||
|
Assert.Equal(1, specific.ChallengeCount);
|
||||||
|
Assert.Equal(0, specific.SignInCount);
|
||||||
|
|
||||||
|
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
||||||
|
Assert.Equal(0, forwardDefault.ForbidCount);
|
||||||
|
Assert.Equal(0, forwardDefault.ChallengeCount);
|
||||||
|
Assert.Equal(0, forwardDefault.SignInCount);
|
||||||
|
Assert.Equal(0, forwardDefault.SignOutCount);
|
||||||
|
}
|
||||||
|
|
||||||
|
[Fact]
|
||||||
|
public async Task ForwardSelectorWinsOverDefault()
|
||||||
|
{
|
||||||
|
var services = new ServiceCollection().AddLogging();
|
||||||
|
var builder = services.AddAuthentication(o =>
|
||||||
|
{
|
||||||
|
o.DefaultScheme = DefaultScheme;
|
||||||
|
o.AddScheme<TestHandler2>("auth1", "auth1");
|
||||||
|
o.AddScheme<TestHandler3>("selector", "selector");
|
||||||
|
o.AddScheme<TestHandler>("specific", "specific");
|
||||||
|
});
|
||||||
|
RegisterAuth(builder, o =>
|
||||||
|
{
|
||||||
|
o.ForwardDefault = "auth1";
|
||||||
|
o.ForwardDefaultSelector = _ => "selector";
|
||||||
|
});
|
||||||
|
|
||||||
|
var specific = new TestHandler();
|
||||||
|
services.AddSingleton(specific);
|
||||||
|
var forwardDefault = new TestHandler2();
|
||||||
|
services.AddSingleton(forwardDefault);
|
||||||
|
var selector = new TestHandler3();
|
||||||
|
services.AddSingleton(selector);
|
||||||
|
|
||||||
|
var sp = services.BuildServiceProvider();
|
||||||
|
var context = new DefaultHttpContext();
|
||||||
|
context.RequestServices = sp;
|
||||||
|
|
||||||
|
await context.AuthenticateAsync();
|
||||||
|
Assert.Equal(1, selector.AuthenticateCount);
|
||||||
|
|
||||||
|
await context.ForbidAsync();
|
||||||
|
Assert.Equal(1, selector.ForbidCount);
|
||||||
|
|
||||||
|
await context.ChallengeAsync();
|
||||||
|
Assert.Equal(1, selector.ChallengeCount);
|
||||||
|
|
||||||
|
if (SupportsSignOut)
|
||||||
|
{
|
||||||
|
await context.SignOutAsync();
|
||||||
|
Assert.Equal(1, selector.SignOutCount);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignOutAsync());
|
||||||
|
}
|
||||||
|
|
||||||
|
if (SupportsSignIn)
|
||||||
|
{
|
||||||
|
await context.SignInAsync(new ClaimsPrincipal());
|
||||||
|
Assert.Equal(1, selector.SignInCount);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignInAsync(new ClaimsPrincipal()));
|
||||||
|
}
|
||||||
|
|
||||||
|
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
||||||
|
Assert.Equal(0, forwardDefault.ForbidCount);
|
||||||
|
Assert.Equal(0, forwardDefault.ChallengeCount);
|
||||||
|
Assert.Equal(0, forwardDefault.SignInCount);
|
||||||
|
Assert.Equal(0, forwardDefault.SignOutCount);
|
||||||
|
Assert.Equal(0, specific.AuthenticateCount);
|
||||||
|
Assert.Equal(0, specific.ForbidCount);
|
||||||
|
Assert.Equal(0, specific.ChallengeCount);
|
||||||
|
Assert.Equal(0, specific.SignInCount);
|
||||||
|
Assert.Equal(0, specific.SignOutCount);
|
||||||
|
}
|
||||||
|
|
||||||
|
[Fact]
|
||||||
|
public async Task NullForwardSelectorUsesDefault()
|
||||||
|
{
|
||||||
|
var services = new ServiceCollection().AddLogging();
|
||||||
|
var builder = services.AddAuthentication(o =>
|
||||||
|
{
|
||||||
|
o.DefaultScheme = DefaultScheme;
|
||||||
|
o.AddScheme<TestHandler2>("auth1", "auth1");
|
||||||
|
o.AddScheme<TestHandler3>("selector", "selector");
|
||||||
|
o.AddScheme<TestHandler>("specific", "specific");
|
||||||
|
});
|
||||||
|
RegisterAuth(builder, o =>
|
||||||
|
{
|
||||||
|
o.ForwardDefault = "auth1";
|
||||||
|
o.ForwardDefaultSelector = _ => null;
|
||||||
|
});
|
||||||
|
|
||||||
|
var specific = new TestHandler();
|
||||||
|
services.AddSingleton(specific);
|
||||||
|
var forwardDefault = new TestHandler2();
|
||||||
|
services.AddSingleton(forwardDefault);
|
||||||
|
var selector = new TestHandler3();
|
||||||
|
services.AddSingleton(selector);
|
||||||
|
|
||||||
|
var sp = services.BuildServiceProvider();
|
||||||
|
var context = new DefaultHttpContext();
|
||||||
|
context.RequestServices = sp;
|
||||||
|
|
||||||
|
await context.AuthenticateAsync();
|
||||||
|
Assert.Equal(1, forwardDefault.AuthenticateCount);
|
||||||
|
|
||||||
|
await context.ForbidAsync();
|
||||||
|
Assert.Equal(1, forwardDefault.ForbidCount);
|
||||||
|
|
||||||
|
await context.ChallengeAsync();
|
||||||
|
Assert.Equal(1, forwardDefault.ChallengeCount);
|
||||||
|
|
||||||
|
if (SupportsSignOut)
|
||||||
|
{
|
||||||
|
await context.SignOutAsync();
|
||||||
|
Assert.Equal(1, forwardDefault.SignOutCount);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignOutAsync());
|
||||||
|
}
|
||||||
|
|
||||||
|
if (SupportsSignIn)
|
||||||
|
{
|
||||||
|
await context.SignInAsync(new ClaimsPrincipal());
|
||||||
|
Assert.Equal(1, forwardDefault.SignInCount);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignInAsync(new ClaimsPrincipal()));
|
||||||
|
}
|
||||||
|
|
||||||
|
Assert.Equal(0, selector.AuthenticateCount);
|
||||||
|
Assert.Equal(0, selector.ForbidCount);
|
||||||
|
Assert.Equal(0, selector.ChallengeCount);
|
||||||
|
Assert.Equal(0, selector.SignInCount);
|
||||||
|
Assert.Equal(0, selector.SignOutCount);
|
||||||
|
Assert.Equal(0, specific.AuthenticateCount);
|
||||||
|
Assert.Equal(0, specific.ForbidCount);
|
||||||
|
Assert.Equal(0, specific.ChallengeCount);
|
||||||
|
Assert.Equal(0, specific.SignInCount);
|
||||||
|
Assert.Equal(0, specific.SignOutCount);
|
||||||
|
}
|
||||||
|
|
||||||
|
[Fact]
|
||||||
|
public async Task SpecificForwardWinsOverSelectorAndDefault()
|
||||||
|
{
|
||||||
|
var services = new ServiceCollection().AddLogging();
|
||||||
|
var builder = services.AddAuthentication(o =>
|
||||||
|
{
|
||||||
|
o.DefaultScheme = DefaultScheme;
|
||||||
|
o.AddScheme<TestHandler2>("auth1", "auth1");
|
||||||
|
o.AddScheme<TestHandler3>("selector", "selector");
|
||||||
|
o.AddScheme<TestHandler>("specific", "specific");
|
||||||
|
});
|
||||||
|
RegisterAuth(builder, o =>
|
||||||
|
{
|
||||||
|
o.ForwardDefault = "auth1";
|
||||||
|
o.ForwardDefaultSelector = _ => "selector";
|
||||||
|
o.ForwardAuthenticate = "specific";
|
||||||
|
o.ForwardChallenge = "specific";
|
||||||
|
o.ForwardSignIn = "specific";
|
||||||
|
o.ForwardSignOut = "specific";
|
||||||
|
o.ForwardForbid = "specific";
|
||||||
|
});
|
||||||
|
|
||||||
|
var specific = new TestHandler();
|
||||||
|
services.AddSingleton(specific);
|
||||||
|
var forwardDefault = new TestHandler2();
|
||||||
|
services.AddSingleton(forwardDefault);
|
||||||
|
var selector = new TestHandler3();
|
||||||
|
services.AddSingleton(selector);
|
||||||
|
|
||||||
|
var sp = services.BuildServiceProvider();
|
||||||
|
var context = new DefaultHttpContext();
|
||||||
|
context.RequestServices = sp;
|
||||||
|
|
||||||
|
await context.AuthenticateAsync();
|
||||||
|
Assert.Equal(1, specific.AuthenticateCount);
|
||||||
|
|
||||||
|
await context.ForbidAsync();
|
||||||
|
Assert.Equal(1, specific.ForbidCount);
|
||||||
|
|
||||||
|
await context.ChallengeAsync();
|
||||||
|
Assert.Equal(1, specific.ChallengeCount);
|
||||||
|
|
||||||
|
if (SupportsSignOut)
|
||||||
|
{
|
||||||
|
await context.SignOutAsync();
|
||||||
|
Assert.Equal(1, specific.SignOutCount);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignOutAsync());
|
||||||
|
}
|
||||||
|
|
||||||
|
if (SupportsSignIn)
|
||||||
|
{
|
||||||
|
await context.SignInAsync(new ClaimsPrincipal());
|
||||||
|
Assert.Equal(1, specific.SignInCount);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignInAsync(new ClaimsPrincipal()));
|
||||||
|
}
|
||||||
|
|
||||||
|
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
||||||
|
Assert.Equal(0, forwardDefault.ForbidCount);
|
||||||
|
Assert.Equal(0, forwardDefault.ChallengeCount);
|
||||||
|
Assert.Equal(0, forwardDefault.SignInCount);
|
||||||
|
Assert.Equal(0, forwardDefault.SignOutCount);
|
||||||
|
Assert.Equal(0, selector.AuthenticateCount);
|
||||||
|
Assert.Equal(0, selector.ForbidCount);
|
||||||
|
Assert.Equal(0, selector.ChallengeCount);
|
||||||
|
Assert.Equal(0, selector.SignInCount);
|
||||||
|
Assert.Equal(0, selector.SignOutCount);
|
||||||
|
}
|
||||||
|
|
||||||
|
[Fact]
|
||||||
|
public async Task VerifySchemeDefaults()
|
||||||
|
{
|
||||||
|
var services = new ServiceCollection();
|
||||||
|
var builder = services.AddAuthentication();
|
||||||
|
RegisterAuth(builder, o => { });
|
||||||
|
var sp = services.BuildServiceProvider();
|
||||||
|
var schemeProvider = sp.GetRequiredService<IAuthenticationSchemeProvider>();
|
||||||
|
var scheme = await schemeProvider.GetSchemeAsync(DefaultScheme);
|
||||||
|
Assert.NotNull(scheme);
|
||||||
|
Assert.Equal(HandlerType, scheme.HandlerType);
|
||||||
|
Assert.Equal(DisplayName, scheme.DisplayName);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
@ -1,5 +1,11 @@
|
||||||
// Copyright (c) .NET Foundation. All rights reserved. See License.txt in the project root for license information.
|
// Copyright (c) .NET Foundation. All rights reserved. See License.txt in the project root for license information.
|
||||||
|
|
||||||
|
using Microsoft.AspNetCore.Builder;
|
||||||
|
using Microsoft.AspNetCore.Hosting;
|
||||||
|
using Microsoft.AspNetCore.Http;
|
||||||
|
using Microsoft.AspNetCore.TestHost;
|
||||||
|
using Microsoft.Extensions.DependencyInjection;
|
||||||
|
using Microsoft.Net.Http.Headers;
|
||||||
using System;
|
using System;
|
||||||
using System.Linq;
|
using System.Linq;
|
||||||
using System.Net;
|
using System.Net;
|
||||||
|
|
@ -7,440 +13,33 @@ using System.Net.Http;
|
||||||
using System.Security.Claims;
|
using System.Security.Claims;
|
||||||
using System.Text;
|
using System.Text;
|
||||||
using System.Threading.Tasks;
|
using System.Threading.Tasks;
|
||||||
using Microsoft.AspNetCore.Authentication.Tests;
|
|
||||||
using Microsoft.AspNetCore.Builder;
|
|
||||||
using Microsoft.AspNetCore.Hosting;
|
|
||||||
using Microsoft.AspNetCore.Http;
|
|
||||||
using Microsoft.AspNetCore.TestHost;
|
|
||||||
using Microsoft.Extensions.DependencyInjection;
|
|
||||||
using Microsoft.Net.Http.Headers;
|
|
||||||
using Xunit;
|
using Xunit;
|
||||||
|
|
||||||
namespace Microsoft.AspNetCore.Authentication.Twitter
|
namespace Microsoft.AspNetCore.Authentication.Twitter
|
||||||
{
|
{
|
||||||
public class TwitterTests
|
public class TwitterTests : RemoteAuthenticationTests<TwitterOptions>
|
||||||
{
|
{
|
||||||
private void ConfigureDefaults(TwitterOptions o)
|
protected override string DefaultScheme => TwitterDefaults.AuthenticationScheme;
|
||||||
|
protected override Type HandlerType => typeof(TwitterHandler);
|
||||||
|
protected override bool SupportsSignIn { get => false; }
|
||||||
|
protected override bool SupportsSignOut { get => false; }
|
||||||
|
|
||||||
|
protected override void RegisterAuth(AuthenticationBuilder services, Action<TwitterOptions> configure)
|
||||||
|
{
|
||||||
|
services.AddTwitter(o =>
|
||||||
|
{
|
||||||
|
ConfigureDefaults(o);
|
||||||
|
configure.Invoke(o);
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
protected override void ConfigureDefaults(TwitterOptions o)
|
||||||
{
|
{
|
||||||
o.ConsumerKey = "whatever";
|
o.ConsumerKey = "whatever";
|
||||||
o.ConsumerSecret = "whatever";
|
o.ConsumerSecret = "whatever";
|
||||||
o.SignInScheme = "auth1";
|
o.SignInScheme = "auth1";
|
||||||
}
|
}
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task CanForwardDefault()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = TwitterDefaults.AuthenticationScheme;
|
|
||||||
o.AddScheme<TestHandler>("auth1", "auth1");
|
|
||||||
})
|
|
||||||
.AddTwitter(o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
});
|
|
||||||
|
|
||||||
var forwardDefault = new TestHandler();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ForbidCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ChallengeCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignInCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignOutCount);
|
|
||||||
|
|
||||||
await context.AuthenticateAsync();
|
|
||||||
Assert.Equal(1, forwardDefault.AuthenticateCount);
|
|
||||||
|
|
||||||
await context.ForbidAsync();
|
|
||||||
Assert.Equal(1, forwardDefault.ForbidCount);
|
|
||||||
|
|
||||||
await context.ChallengeAsync();
|
|
||||||
Assert.Equal(1, forwardDefault.ChallengeCount);
|
|
||||||
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignOutAsync());
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignInAsync(new ClaimsPrincipal()));
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task ForwardSignInThrows()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = TwitterDefaults.AuthenticationScheme;
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
})
|
|
||||||
.AddTwitter(o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardSignOut = "specific";
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignInAsync(new ClaimsPrincipal()));
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task ForwardSignOutThrows()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = TwitterDefaults.AuthenticationScheme;
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
})
|
|
||||||
.AddTwitter(o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardSignOut = "specific";
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignOutAsync());
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task ForwardForbidWinsOverDefault()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = TwitterDefaults.AuthenticationScheme;
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
})
|
|
||||||
.AddTwitter(o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardForbid = "specific";
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await context.ForbidAsync();
|
|
||||||
Assert.Equal(0, specific.SignOutCount);
|
|
||||||
Assert.Equal(0, specific.AuthenticateCount);
|
|
||||||
Assert.Equal(1, specific.ForbidCount);
|
|
||||||
Assert.Equal(0, specific.ChallengeCount);
|
|
||||||
Assert.Equal(0, specific.SignInCount);
|
|
||||||
|
|
||||||
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ForbidCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ChallengeCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignInCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignOutCount);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task ForwardAuthenticateWinsOverDefault()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = TwitterDefaults.AuthenticationScheme;
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
})
|
|
||||||
.AddTwitter(o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardAuthenticate = "specific";
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await context.AuthenticateAsync();
|
|
||||||
Assert.Equal(0, specific.SignOutCount);
|
|
||||||
Assert.Equal(1, specific.AuthenticateCount);
|
|
||||||
Assert.Equal(0, specific.ForbidCount);
|
|
||||||
Assert.Equal(0, specific.ChallengeCount);
|
|
||||||
Assert.Equal(0, specific.SignInCount);
|
|
||||||
|
|
||||||
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ForbidCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ChallengeCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignInCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignOutCount);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task ForwardChallengeWinsOverDefault()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = TwitterDefaults.AuthenticationScheme;
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
})
|
|
||||||
.AddTwitter(o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardChallenge = "specific";
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await context.ChallengeAsync();
|
|
||||||
Assert.Equal(0, specific.SignOutCount);
|
|
||||||
Assert.Equal(0, specific.AuthenticateCount);
|
|
||||||
Assert.Equal(0, specific.ForbidCount);
|
|
||||||
Assert.Equal(1, specific.ChallengeCount);
|
|
||||||
Assert.Equal(0, specific.SignInCount);
|
|
||||||
|
|
||||||
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ForbidCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ChallengeCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignInCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignOutCount);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task ForwardSelectorWinsOverDefault()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = TwitterDefaults.AuthenticationScheme;
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
o.AddScheme<TestHandler3>("selector", "selector");
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
})
|
|
||||||
.AddTwitter(o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardDefaultSelector = _ => "selector";
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
var selector = new TestHandler3();
|
|
||||||
services.AddSingleton(selector);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await context.AuthenticateAsync();
|
|
||||||
Assert.Equal(1, selector.AuthenticateCount);
|
|
||||||
|
|
||||||
await context.ForbidAsync();
|
|
||||||
Assert.Equal(1, selector.ForbidCount);
|
|
||||||
|
|
||||||
await context.ChallengeAsync();
|
|
||||||
Assert.Equal(1, selector.ChallengeCount);
|
|
||||||
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignOutAsync());
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignInAsync(new ClaimsPrincipal()));
|
|
||||||
|
|
||||||
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ForbidCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ChallengeCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignInCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignOutCount);
|
|
||||||
Assert.Equal(0, specific.AuthenticateCount);
|
|
||||||
Assert.Equal(0, specific.ForbidCount);
|
|
||||||
Assert.Equal(0, specific.ChallengeCount);
|
|
||||||
Assert.Equal(0, specific.SignInCount);
|
|
||||||
Assert.Equal(0, specific.SignOutCount);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task NullForwardSelectorUsesDefault()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = TwitterDefaults.AuthenticationScheme;
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
o.AddScheme<TestHandler3>("selector", "selector");
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
})
|
|
||||||
.AddTwitter(o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardDefaultSelector = _ => null;
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
var selector = new TestHandler3();
|
|
||||||
services.AddSingleton(selector);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await context.AuthenticateAsync();
|
|
||||||
Assert.Equal(1, forwardDefault.AuthenticateCount);
|
|
||||||
|
|
||||||
await context.ForbidAsync();
|
|
||||||
Assert.Equal(1, forwardDefault.ForbidCount);
|
|
||||||
|
|
||||||
await context.ChallengeAsync();
|
|
||||||
Assert.Equal(1, forwardDefault.ChallengeCount);
|
|
||||||
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignOutAsync());
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignInAsync(new ClaimsPrincipal()));
|
|
||||||
|
|
||||||
Assert.Equal(0, selector.AuthenticateCount);
|
|
||||||
Assert.Equal(0, selector.ForbidCount);
|
|
||||||
Assert.Equal(0, selector.ChallengeCount);
|
|
||||||
Assert.Equal(0, selector.SignInCount);
|
|
||||||
Assert.Equal(0, selector.SignOutCount);
|
|
||||||
Assert.Equal(0, specific.AuthenticateCount);
|
|
||||||
Assert.Equal(0, specific.ForbidCount);
|
|
||||||
Assert.Equal(0, specific.ChallengeCount);
|
|
||||||
Assert.Equal(0, specific.SignInCount);
|
|
||||||
Assert.Equal(0, specific.SignOutCount);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task SpecificForwardWinsOverSelectorAndDefault()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection().AddLogging();
|
|
||||||
services.AddAuthentication(o =>
|
|
||||||
{
|
|
||||||
o.DefaultScheme = TwitterDefaults.AuthenticationScheme;
|
|
||||||
o.AddScheme<TestHandler2>("auth1", "auth1");
|
|
||||||
o.AddScheme<TestHandler3>("selector", "selector");
|
|
||||||
o.AddScheme<TestHandler>("specific", "specific");
|
|
||||||
})
|
|
||||||
.AddTwitter(o =>
|
|
||||||
{
|
|
||||||
ConfigureDefaults(o);
|
|
||||||
o.ForwardDefault = "auth1";
|
|
||||||
o.ForwardDefaultSelector = _ => "selector";
|
|
||||||
o.ForwardAuthenticate = "specific";
|
|
||||||
o.ForwardChallenge = "specific";
|
|
||||||
o.ForwardSignIn = "specific";
|
|
||||||
o.ForwardSignOut = "specific";
|
|
||||||
o.ForwardForbid = "specific";
|
|
||||||
});
|
|
||||||
|
|
||||||
var specific = new TestHandler();
|
|
||||||
services.AddSingleton(specific);
|
|
||||||
var forwardDefault = new TestHandler2();
|
|
||||||
services.AddSingleton(forwardDefault);
|
|
||||||
var selector = new TestHandler3();
|
|
||||||
services.AddSingleton(selector);
|
|
||||||
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var context = new DefaultHttpContext();
|
|
||||||
context.RequestServices = sp;
|
|
||||||
|
|
||||||
await context.AuthenticateAsync();
|
|
||||||
Assert.Equal(1, specific.AuthenticateCount);
|
|
||||||
|
|
||||||
await context.ForbidAsync();
|
|
||||||
Assert.Equal(1, specific.ForbidCount);
|
|
||||||
|
|
||||||
await context.ChallengeAsync();
|
|
||||||
Assert.Equal(1, specific.ChallengeCount);
|
|
||||||
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignOutAsync());
|
|
||||||
await Assert.ThrowsAsync<InvalidOperationException>(() => context.SignInAsync(new ClaimsPrincipal()));
|
|
||||||
|
|
||||||
Assert.Equal(0, forwardDefault.AuthenticateCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ForbidCount);
|
|
||||||
Assert.Equal(0, forwardDefault.ChallengeCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignInCount);
|
|
||||||
Assert.Equal(0, forwardDefault.SignOutCount);
|
|
||||||
Assert.Equal(0, selector.AuthenticateCount);
|
|
||||||
Assert.Equal(0, selector.ForbidCount);
|
|
||||||
Assert.Equal(0, selector.ChallengeCount);
|
|
||||||
Assert.Equal(0, selector.SignInCount);
|
|
||||||
Assert.Equal(0, selector.SignOutCount);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task VerifySignInSchemeCannotBeSetToSelf()
|
|
||||||
{
|
|
||||||
var server = CreateServer(o =>
|
|
||||||
{
|
|
||||||
o.ConsumerKey = "Test Consumer Key";
|
|
||||||
o.ConsumerSecret = "Test Consumer Secret";
|
|
||||||
o.SignInScheme = TwitterDefaults.AuthenticationScheme;
|
|
||||||
});
|
|
||||||
var error = await Assert.ThrowsAsync<InvalidOperationException>(() => server.SendAsync("https://example.com/challenge"));
|
|
||||||
Assert.Contains("cannot be set to itself", error.Message);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
|
||||||
public async Task VerifySchemeDefaults()
|
|
||||||
{
|
|
||||||
var services = new ServiceCollection();
|
|
||||||
services.AddAuthentication().AddTwitter();
|
|
||||||
var sp = services.BuildServiceProvider();
|
|
||||||
var schemeProvider = sp.GetRequiredService<IAuthenticationSchemeProvider>();
|
|
||||||
var scheme = await schemeProvider.GetSchemeAsync(TwitterDefaults.AuthenticationScheme);
|
|
||||||
Assert.NotNull(scheme);
|
|
||||||
Assert.Equal("TwitterHandler", scheme.HandlerType.Name);
|
|
||||||
Assert.Equal(TwitterDefaults.AuthenticationScheme, scheme.DisplayName);
|
|
||||||
}
|
|
||||||
|
|
||||||
[Fact]
|
[Fact]
|
||||||
public async Task ChallengeWillTriggerApplyRedirectEvent()
|
public async Task ChallengeWillTriggerApplyRedirectEvent()
|
||||||
{
|
{
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue