huahaofeng
/
aspnetcore
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

#772 Fill in OIDC test gaps

This commit is contained in:
Chris R 2017-08-09 15:29:34 -07:00
parent 5d802a7988
commit c125022050
3 changed files with 33 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
samples/SocialSample/Startup.cs
View File

@ -162,7 +162,7 @@ namespace SocialSample
})
// You must first create an app with GitHub and add its ID and Secret to your user-secrets.
// https://github.com/settings/applications/
.AddOAuth("GitHub", o =>
.AddOAuth("GitHub", "Github", o =>
{
o.ClientId = Configuration["github:clientid"];
o.ClientSecret = Configuration["github:clientsecret"];

36
test/Microsoft.AspNetCore.Authentication.Test/OpenIdConnect/OpenIdConnectChallengeTests.cs
View File

@ -5,11 +5,12 @@ using System;
using System.Linq;
using System.Net;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Authentication.Cookies;
using Microsoft.AspNetCore.Authentication.OpenIdConnect;
using Microsoft.AspNetCore.DataProtection;
using Microsoft.Extensions.Logging.Abstractions;
using Microsoft.Extensions.Primitives;
using Microsoft.IdentityModel.Protocols.OpenIdConnect;
using Microsoft.Net.Http.Headers;
using Xunit;
namespace Microsoft.AspNetCore.Authentication.Test.OpenIdConnect
@ -19,7 +20,7 @@ namespace Microsoft.AspNetCore.Authentication.Test.OpenIdConnect
private static readonly string ChallengeEndpoint = TestServerBuilder.TestHost + TestServerBuilder.Challenge;
[Fact]
public async Task ChallengeIsIssuedCorrectly()
public async Task ChallengeRedirectIsIssuedCorrectly()
{
var settings = new TestSettings(
opt =>
@ -86,7 +87,7 @@ namespace Microsoft.AspNetCore.Authentication.Test.OpenIdConnect
</body>
*/
[Fact]
public async Task ChallengeIssueedCorrectlyForFormPost()
public async Task ChallengeFormPostIssuedCorrectly()
{
var settings = new TestSettings(
opt =>
@ -361,24 +362,37 @@ namespace Microsoft.AspNetCore.Authentication.Test.OpenIdConnect
Assert.Null(res.Headers.Location);
}
[Fact]
public async Task ChallengeSetsNonceAndStateCookies()
[Theory]
[InlineData(OpenIdConnectRedirectBehavior.RedirectGet)]
[InlineData(OpenIdConnectRedirectBehavior.FormPost)]
public async Task ChallengeSetsNonceAndStateCookies(OpenIdConnectRedirectBehavior method)
{
var settings = new TestSettings(o =>
{
o.AuthenticationMethod = method;
o.ClientId = "Test Id";
o.Authority = TestServerBuilder.DefaultAuthority;
});
var server = settings.CreateTestServer();
var transaction = await server.SendAsync(ChallengeEndpoint);
var firstCookie = transaction.SetCookie.First();
Assert.Contains(OpenIdConnectDefaults.CookieNoncePrefix, firstCookie);
Assert.Contains("expires", firstCookie);
var challengeCookies = SetCookieHeaderValue.ParseList(transaction.SetCookie);
var nonceCookie = challengeCookies.Where(cookie => cookie.Name.StartsWith(OpenIdConnectDefaults.CookieNoncePrefix, StringComparison.Ordinal)).Single();
Assert.True(nonceCookie.Expires.HasValue);
Assert.True(nonceCookie.Expires > DateTime.UtcNow);
Assert.True(nonceCookie.HttpOnly);
Assert.Equal("/signin-oidc", nonceCookie.Path);
Assert.Equal("N", nonceCookie.Value);
Assert.Equal(Net.Http.Headers.SameSiteMode.None, nonceCookie.SameSite);
var secondCookie = transaction.SetCookie.Skip(1).First();
Assert.StartsWith(".AspNetCore.Correlation.OpenIdConnect.", secondCookie);
Assert.Contains("expires", secondCookie);
var correlationCookie = challengeCookies.Where(cookie => cookie.Name.StartsWith(".AspNetCore.Correlation.", StringComparison.Ordinal)).Single();
Assert.True(correlationCookie.Expires.HasValue);
Assert.True(nonceCookie.Expires > DateTime.UtcNow);
Assert.True(correlationCookie.HttpOnly);
Assert.Equal("/signin-oidc", correlationCookie.Path);
Assert.False(StringSegment.IsNullOrEmpty(correlationCookie.Value));
Assert.Equal(2, challengeCookies.Count);
}
[Fact]

14
test/Microsoft.AspNetCore.Authentication.Test/OpenIdConnect/OpenIdConnectEventTests.cs
View File

@ -76,7 +76,7 @@ namespace Microsoft.AspNetCore.Authentication.Test.OpenIdConnect
}
[Fact]
public async Task OnMessageReceived_Reject_NoMoreEventsRun()
public async Task OnMessageReceived_Fail_NoMoreEventsRun()
{
var messageReceived = false;
var remoteFailure = false;
@ -197,7 +197,7 @@ namespace Microsoft.AspNetCore.Authentication.Test.OpenIdConnect
}
[Fact]
public async Task OnTokenValidated_Reject_NoMoreEventsRun()
public async Task OnTokenValidated_Fail_NoMoreEventsRun()
{
var messageReceived = false;
var tokenValidated = false;
@ -385,7 +385,7 @@ namespace Microsoft.AspNetCore.Authentication.Test.OpenIdConnect
}
[Fact]
public async Task OnAuthorizationCodeReceived_Reject_NoMoreEventsRun()
public async Task OnAuthorizationCodeReceived_Fail_NoMoreEventsRun()
{
var messageReceived = false;
var tokenValidated = false;
@ -596,7 +596,7 @@ namespace Microsoft.AspNetCore.Authentication.Test.OpenIdConnect
}
[Fact]
public async Task OnTokenResponseReceived_Reject_NoMoreEventsRun()
public async Task OnTokenResponseReceived_Fail_NoMoreEventsRun()
{
var messageReceived = false;
var tokenValidated = false;
@ -825,7 +825,7 @@ namespace Microsoft.AspNetCore.Authentication.Test.OpenIdConnect
}
[Fact]
public async Task OnTokenValidatedBackchannel_Reject_NoMoreEventsRun()
public async Task OnTokenValidatedBackchannel_Fail_NoMoreEventsRun()
{
var messageReceived = false;
var codeReceived = false;
@ -1060,7 +1060,7 @@ namespace Microsoft.AspNetCore.Authentication.Test.OpenIdConnect
}
[Fact]
public async Task OnUserInformationReceived_Reject_NoMoreEventsRun()
public async Task OnUserInformationReceived_Fail_NoMoreEventsRun()
{
var messageReceived = false;
var tokenValidated = false;
@ -1321,7 +1321,7 @@ namespace Microsoft.AspNetCore.Authentication.Test.OpenIdConnect
}
[Fact]
public async Task OnAuthenticationFailed_Reject_NoMoreEventsRun()
public async Task OnAuthenticationFailed_Fail_NoMoreEventsRun()
{
var messageReceived = false;
var tokenValidated = false;