Disable developer certificate middlware on test website, replace developer certificate with pfx from file

2017-08-22 18:11:43 -07:00 · 2017-08-22 18:11:43 -07:00 · 9d937cac4b
parent 7216144fb8
commit 9d937cac4b
4 changed files with 13 additions and 54 deletions
--- a/test/Microsoft.AspnetCore.Identity.Service.FunctionalTests/Infrastructure/CredentialsServerBuilder.cs
+++ b/test/Microsoft.AspnetCore.Identity.Service.FunctionalTests/Infrastructure/CredentialsServerBuilder.cs
@ -7,12 +7,14 @@ using Identity.OpenIdConnect.WebSite;
 using Identity.OpenIdConnect.WebSite.Identity.Data;
 using Microsoft.AspNetCore.Authentication.OpenIdConnect;
 using Microsoft.AspNetCore.Hosting;
+using Microsoft.AspNetCore.Identity.Service;
 using Microsoft.AspNetCore.Identity.Service.IntegratedWebClient;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Mvc.Testing;
 using Microsoft.EntityFrameworkCore;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.Extensions.DependencyInjection.Extensions;
+using Microsoft.IdentityModel.Tokens;

 namespace Microsoft.AspnetCore.Identity.Service.FunctionalTests
 {
@ -83,61 +85,12 @@ namespace Microsoft.AspnetCore.Identity.Service.FunctionalTests

        public CredentialsServerBuilder EnsureDeveloperCertificate()
        {
-            try
-            {
-                using (var store = new X509Store(StoreName.My, StoreLocation.CurrentUser))
-                {
-                    store.Open(OpenFlags.ReadOnly);
-                    var certificates = store.Certificates.OfType<X509Certificate2>().ToList();
-                    var development = certificates.FirstOrDefault(c => c.Subject == "CN=Identity.Development" &&
-                    c.GetRSAPrivateKey() != null &&
-                    c.NotAfter > DateTimeOffset.UtcNow);
-
-                    if (development == null)
-                    {
-                        CreateDevelopmentCertificate();
-                    }
-                }
-            }
-            catch (Exception)
-            {
-                throw new InvalidOperationException("There was an error ensuring the presence of the developer certificate.");
-            }
+            Server.ConfigureBeforeStartup(services => services.Configure<IdentityServiceOptions>(
+                o => o.SigningKeys.Add(
+                    new SigningCredentials(
+                        new X509SecurityKey(new X509Certificate2("./test-cert.pfx", "test")), "RS256"))));

            return this;
-
-            void CreateDevelopmentCertificate()
-            {
-#if NETCOREAPP2_0
-            using (var rsa = RSA.Create(2048))
-            {
-                var signingRequest = new CertificateRequest(
-                    new X500DistinguishedName("CN=Identity.Development"), rsa, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
-                var enhacedKeyUsage = new OidCollection();
-                enhacedKeyUsage.Add(new Oid("1.3.6.1.5.5.7.3.1", "Server Authentication"));
-                signingRequest.CertificateExtensions.Add(new X509EnhancedKeyUsageExtension(enhacedKeyUsage, critical: true));
-                signingRequest.CertificateExtensions.Add(new X509KeyUsageExtension(X509KeyUsageFlags.DigitalSignature, critical: true));
-
-                var certificate = signingRequest.CreateSelfSigned(DateTimeOffset.UtcNow, DateTimeOffset.UtcNow.AddYears(1));
-                certificate.FriendlyName = "Identity Service developer certificate";
-
-                // We need to take this step so that the key gets persisted.
-                var export = certificate.Export(X509ContentType.Pkcs12, "");
-                var imported = new X509Certificate2(export, "", X509KeyStorageFlags.PersistKeySet);
-                Array.Clear(export, 0, export.Length);
-
-                using (var store = new X509Store(StoreName.My, StoreLocation.CurrentUser))
-                {
-                    store.Open(OpenFlags.ReadWrite);
-                    store.Add(imported);
-                    store.Close();
-                };
-            }
-#elif NET461
-#else
-#error The target frameworks need to be updated.
-#endif
-            }
        }

        public MvcWebApplicationBuilder<Startup> Server { get; }
--- a/test/Microsoft.AspnetCore.Identity.Service.FunctionalTests/Microsoft.AspnetCore.Identity.Service.FunctionalTests.csproj
+++ b/test/Microsoft.AspnetCore.Identity.Service.FunctionalTests/Microsoft.AspnetCore.Identity.Service.FunctionalTests.csproj
@ -7,6 +7,12 @@
    <TargetFrameworks Condition=" '$(OS)' != 'Windows_NT' ">netcoreapp2.0</TargetFrameworks>
  </PropertyGroup>

+  <ItemGroup>
+    <Content Include="test-cert.pfx">
+      <CopyToOutputDirectory>Always</CopyToOutputDirectory>
+    </Content>
+  </ItemGroup>
+
  <ItemGroup>
    <ProjectReference Include="..\WebSites\Identity.OpenIdConnect.WebSite\Identity.OpenIdConnect.WebSite.csproj" />
  </ItemGroup>
--- a/test/Microsoft.AspnetCore.Identity.Service.FunctionalTests/test-cert.pfx
+++ b/test/Microsoft.AspnetCore.Identity.Service.FunctionalTests/test-cert.pfx
--- a/test/WebSites/Identity.OpenIdConnect.WebSite/Startup.cs
+++ b/test/WebSites/Identity.OpenIdConnect.WebSite/Startup.cs
@ -72,7 +72,7 @@ namespace Identity.OpenIdConnect.WebSite
            {
                app.UseDeveloperExceptionPage();
                app.UseDatabaseErrorPage();
-                app.UseDevelopmentCertificateErrorPage(Configuration);
+                //app.UseDevelopmentCertificateErrorPage(Configuration);
            }
            else
            {