This repository has been archived by the owner on Jul 31, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 4k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Fix custom redirect after ProcessLogin for custom authorize response …
…generators (#4615) * fix missing check for redirect * NS cleanup * fix prompt=none and consent return
- Loading branch information
1 parent
0c05323
commit 9e0b0cd
Showing
5 changed files
with
183 additions
and
13 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
174 changes: 174 additions & 0 deletions
174
...uthorizeInteractionResponseGenerator/AuthorizeInteractionResponseGeneratorTests_Custom.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,174 @@ | ||
// Copyright (c) Brock Allen & Dominick Baier. All rights reserved. | ||
// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information. | ||
|
||
|
||
using System.Threading.Tasks; | ||
using FluentAssertions; | ||
using IdentityServer.UnitTests.Common; | ||
using IdentityServer4; | ||
using IdentityServer4.Configuration; | ||
using IdentityServer4.Models; | ||
using IdentityServer4.ResponseHandling; | ||
using IdentityServer4.Services; | ||
using IdentityServer4.Validation; | ||
using Microsoft.AspNetCore.Authentication; | ||
using Microsoft.Extensions.Logging; | ||
using Xunit; | ||
using static IdentityModel.OidcConstants; | ||
|
||
namespace IdentityServer.UnitTests.ResponseHandling.AuthorizeInteractionResponseGenerator | ||
{ | ||
public class CustomAuthorizeInteractionResponseGenerator : IdentityServer4.ResponseHandling.AuthorizeInteractionResponseGenerator | ||
{ | ||
public CustomAuthorizeInteractionResponseGenerator(ISystemClock clock, ILogger<IdentityServer4.ResponseHandling.AuthorizeInteractionResponseGenerator> logger, IConsentService consent, IProfileService profile) : base(clock, logger, consent, profile) | ||
{ | ||
} | ||
|
||
public InteractionResponse ProcessLoginResponse { get; set; } | ||
protected internal override Task<InteractionResponse> ProcessLoginAsync(ValidatedAuthorizeRequest request) | ||
{ | ||
if (ProcessLoginResponse != null) | ||
{ | ||
return Task.FromResult(ProcessLoginResponse); | ||
} | ||
|
||
return base.ProcessLoginAsync(request); | ||
} | ||
|
||
public InteractionResponse ProcessConsentResponse { get; set; } | ||
protected internal override Task<InteractionResponse> ProcessConsentAsync(ValidatedAuthorizeRequest request, ConsentResponse consent = null) | ||
{ | ||
if (ProcessConsentResponse != null) | ||
{ | ||
return Task.FromResult(ProcessConsentResponse); | ||
} | ||
return base.ProcessConsentAsync(request, consent); | ||
} | ||
} | ||
|
||
public class AuthorizeInteractionResponseGeneratorTests_Custom | ||
{ | ||
private IdentityServerOptions _options = new IdentityServerOptions(); | ||
private CustomAuthorizeInteractionResponseGenerator _subject; | ||
private MockConsentService _mockConsentService = new MockConsentService(); | ||
private StubClock _clock = new StubClock(); | ||
|
||
public AuthorizeInteractionResponseGeneratorTests_Custom() | ||
{ | ||
_subject = new CustomAuthorizeInteractionResponseGenerator( | ||
_clock, | ||
TestLogger.Create<IdentityServer4.ResponseHandling.AuthorizeInteractionResponseGenerator>(), | ||
_mockConsentService, | ||
new MockProfileService()); | ||
} | ||
|
||
|
||
[Fact] | ||
public async Task ProcessInteractionAsync_with_overridden_login_returns_redirect_should_return_redirect() | ||
{ | ||
var request = new ValidatedAuthorizeRequest | ||
{ | ||
ClientId = "foo", | ||
Subject = new IdentityServerUser("123") | ||
{ | ||
IdentityProvider = IdentityServerConstants.LocalIdentityProvider | ||
}.CreatePrincipal(), | ||
Client = new Client | ||
{ | ||
}, | ||
}; | ||
|
||
_subject.ProcessLoginResponse = new InteractionResponse | ||
{ | ||
RedirectUrl = "/custom" | ||
}; | ||
|
||
var result = await _subject.ProcessInteractionAsync(request); | ||
|
||
result.IsRedirect.Should().BeTrue(); | ||
result.RedirectUrl.Should().Be("/custom"); | ||
} | ||
|
||
[Fact] | ||
public async Task ProcessInteractionAsync_with_prompt_none_and_login_returns_login_should_return_error() | ||
{ | ||
var request = new ValidatedAuthorizeRequest | ||
{ | ||
ClientId = "foo", | ||
Subject = new IdentityServerUser("123") | ||
{ | ||
IdentityProvider = IdentityServerConstants.LocalIdentityProvider | ||
}.CreatePrincipal(), | ||
Client = new Client | ||
{ | ||
}, | ||
PromptModes = new[] { PromptModes.None }, | ||
}; | ||
|
||
_subject.ProcessLoginResponse = new InteractionResponse | ||
{ | ||
IsLogin = true | ||
}; | ||
|
||
var result = await _subject.ProcessInteractionAsync(request); | ||
|
||
result.IsError.Should().BeTrue(); | ||
result.Error.Should().Be("login_required"); | ||
} | ||
|
||
[Fact] | ||
public async Task ProcessInteractionAsync_with_prompt_none_and_login_returns_redirect_should_return_error() | ||
{ | ||
var request = new ValidatedAuthorizeRequest | ||
{ | ||
ClientId = "foo", | ||
Subject = new IdentityServerUser("123") | ||
{ | ||
IdentityProvider = IdentityServerConstants.LocalIdentityProvider | ||
}.CreatePrincipal(), | ||
Client = new Client | ||
{ | ||
}, | ||
PromptModes = new[] { PromptModes.None }, | ||
}; | ||
|
||
_subject.ProcessLoginResponse = new InteractionResponse | ||
{ | ||
RedirectUrl = "/custom" | ||
}; | ||
|
||
var result = await _subject.ProcessInteractionAsync(request); | ||
|
||
result.IsError.Should().BeTrue(); | ||
result.Error.Should().Be("interaction_required"); | ||
result.RedirectUrl.Should().BeNull(); | ||
} | ||
|
||
[Fact] | ||
public async Task ProcessInteractionAsync_with_prompt_none_and_consent_returns_consent_should_return_error() | ||
{ | ||
var request = new ValidatedAuthorizeRequest | ||
{ | ||
ClientId = "foo", | ||
Subject = new IdentityServerUser("123") | ||
{ | ||
IdentityProvider = IdentityServerConstants.LocalIdentityProvider | ||
}.CreatePrincipal(), | ||
Client = new Client | ||
{ | ||
}, | ||
PromptModes = new[] { PromptModes.None }, | ||
}; | ||
|
||
_subject.ProcessConsentResponse = new InteractionResponse | ||
{ | ||
IsConsent = true | ||
}; | ||
|
||
var result = await _subject.ProcessInteractionAsync(request); | ||
|
||
result.IsError.Should().BeTrue(); | ||
result.Error.Should().Be("consent_required"); | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters