// Copyright (c) .NET Foundation. All rights reserved. // Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information. using System; using System.Threading; using System.Threading.Tasks; using Microsoft.AspNetCore.Authentication.Cookies; using Microsoft.AspNetCore.Builder; using Microsoft.AspNetCore.Http; using Microsoft.Extensions.Logging; using Microsoft.Extensions.Options; using Moq; using Xunit; namespace Microsoft.AspNetCore.Identity.Service { public class ClientApplicationValidatorTest { [Theory] [InlineData(true)] [InlineData(false)] public async Task ValidateClientIdAsync_ChecksThatTheClientIdExist(bool exists) { // Arrange var options = new IdentityServiceOptions(); var store = new Mock>(); store.Setup(s => s.FindByClientIdAsync(It.IsAny(), It.IsAny())) .ReturnsAsync(exists ? new IdentityServiceApplication() : null); var manager = new ApplicationManager( Options.Create(new ApplicationOptions()), store.Object, Mock.Of>(), Array.Empty>(), Mock.Of>>(), new ApplicationErrorDescriber()); var clientValidator = new ClientApplicationValidator( Options.Create(options), GetSessionManager(), manager, new ProtocolErrorProvider()); // Act var validation = await clientValidator.ValidateClientIdAsync("clientId"); // Assert Assert.Equal(exists, validation); } [Fact] public async Task ValidateClientCredentialsAsync_DelegatesToApplicationManager() { // Arrange var options = new IdentityServiceOptions(); var store = new Mock>(); store.Setup(s => s.FindByClientIdAsync(It.IsAny(), It.IsAny())) .ReturnsAsync(new IdentityServiceApplication()); store.As>() .Setup(s => s.HasClientSecretAsync(It.IsAny(), It.IsAny())) .ReturnsAsync(false); var manager = new ApplicationManager( Options.Create(new ApplicationOptions()), store.Object, Mock.Of>(), Array.Empty>(), Mock.Of>>(), new ApplicationErrorDescriber()); var clientValidator = new ClientApplicationValidator( Options.Create(options), GetSessionManager(), manager, new ProtocolErrorProvider()); // Act var validation = await clientValidator.ValidateClientCredentialsAsync("clientId", null); // Assert Assert.True(validation); } private SessionManager GetSessionManager() { return new TestSessionManager( Mock.Of>(), Mock.Of>(), Mock.Of>(), new TimeStampManager(), Mock.Of(), new ProtocolErrorProvider()); } private class TestSessionManager : SessionManager { public TestSessionManager( IOptions options, IOptions identityOptions, IOptionsSnapshot cookieOptions, ITimeStampManager timeStampManager, IHttpContextAccessor contextAccessor, ProtocolErrorProvider errorProvider) : base(options, identityOptions, cookieOptions, timeStampManager, contextAccessor, errorProvider) { } public override Task CreateSessionAsync(string userId, string clientId) { throw new NotImplementedException(); } public override Task IsAuthorizedAsync(AuthorizationRequest request) { throw new NotImplementedException(); } } } }