-
Notifications
You must be signed in to change notification settings - Fork 10k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
- Loading branch information
Showing
18 changed files
with
354 additions
and
5 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
79 changes: 79 additions & 0 deletions
79
src/Components/test/E2ETest/Tests/RemoteAuthenticationTest.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,79 @@ | ||
// Licensed to the .NET Foundation under one or more agreements. | ||
// The .NET Foundation licenses this file to you under the MIT license. | ||
|
||
using System.Reflection; | ||
using Microsoft.AspNetCore.Components.E2ETest.Infrastructure; | ||
using Microsoft.AspNetCore.Components.E2ETest.Infrastructure.ServerFixtures; | ||
using Microsoft.AspNetCore.E2ETesting; | ||
using Microsoft.AspNetCore.Hosting; | ||
using Microsoft.Extensions.DependencyInjection; | ||
using Microsoft.Extensions.Hosting; | ||
using Microsoft.Extensions.Logging; | ||
using Microsoft.Extensions.Logging.Testing; | ||
using OpenQA.Selenium; | ||
using TestServer; | ||
using Xunit.Abstractions; | ||
|
||
namespace Microsoft.AspNetCore.Components.E2ETest.Tests; | ||
|
||
public class RemoteAuthenticationTest : | ||
ServerTestBase<BasicTestAppServerSiteFixture<RemoteAuthenticationStartup>> | ||
{ | ||
public readonly bool TestTrimmedApps = typeof(ToggleExecutionModeServerFixture<>).Assembly | ||
.GetCustomAttributes<AssemblyMetadataAttribute>() | ||
.First(m => m.Key == "Microsoft.AspNetCore.E2ETesting.TestTrimmedOrMultithreadingApps") | ||
.Value == "true"; | ||
|
||
public RemoteAuthenticationTest( | ||
BrowserFixture browserFixture, | ||
BasicTestAppServerSiteFixture<RemoteAuthenticationStartup> serverFixture, | ||
ITestOutputHelper output) | ||
: base(browserFixture, serverFixture, output) | ||
{ | ||
serverFixture.ApplicationAssembly = typeof(RemoteAuthenticationStartup).Assembly; | ||
|
||
if (TestTrimmedApps) | ||
{ | ||
serverFixture.BuildWebHostMethod = BuildPublishedWebHost; | ||
serverFixture.GetContentRootMethod = GetPublishedContentRoot; | ||
} | ||
} | ||
|
||
[Fact] | ||
public void NavigateToLogin_PreservesExtraQueryParams() | ||
{ | ||
// If the preservedExtraQueryParams passed to NavigateToLogin by RedirectToLogin gets trimmed, | ||
// the OIDC endpoints will fail to authenticate the user. | ||
Navigate("/subdir/test-remote-authentication"); | ||
|
||
var heading = Browser.Exists(By.TagName("h1")); | ||
Browser.Equal("Hello, Jane Doe!", () => heading.Text); | ||
} | ||
|
||
private static IHost BuildPublishedWebHost(string[] args) => | ||
Host.CreateDefaultBuilder(args) | ||
.ConfigureLogging((ctx, lb) => | ||
{ | ||
TestSink sink = new TestSink(); | ||
lb.AddProvider(new TestLoggerProvider(sink)); | ||
lb.Services.AddSingleton(sink); | ||
}) | ||
.ConfigureWebHostDefaults(webHostBuilder => | ||
{ | ||
webHostBuilder.UseStartup<RemoteAuthenticationStartup>(); | ||
// Avoid UseStaticAssets or we won't use the trimmed published output. | ||
}) | ||
.Build(); | ||
|
||
private static string GetPublishedContentRoot(Assembly assembly) | ||
{ | ||
var contentRoot = Path.Combine(AppContext.BaseDirectory, "trimmed-or-threading", assembly.GetName().Name); | ||
|
||
if (!Directory.Exists(contentRoot)) | ||
{ | ||
throw new DirectoryNotFoundException($"Test is configured to use trimmed outputs, but trimmed outputs were not found in {contentRoot}."); | ||
} | ||
|
||
return contentRoot; | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
24 changes: 24 additions & 0 deletions
24
...nents/test/testassets/Components.TestServer/RazorComponents/RemoteAuthenticationApp.razor
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
<!DOCTYPE html> | ||
<html lang="en"> | ||
|
||
<head> | ||
<meta charset="utf-8" /> | ||
<base href="/subdir/" /> | ||
|
||
<HeadOutlet @rendermode="new InteractiveWebAssemblyRenderMode(prerender: false)" /> | ||
</head> | ||
|
||
<body> | ||
<Components.WasmRemoteAuthentication.Routes @rendermode="new InteractiveWebAssemblyRenderMode(prerender: false)" /> | ||
<script src="_framework/blazor.web.js" autostart="false"></script> | ||
<script src="_content/Microsoft.AspNetCore.Components.WebAssembly.Authentication/AuthenticationService.js"></script> | ||
<script> | ||
Blazor.start({ | ||
webAssembly: { | ||
loadBootResource: (type, name, defaultUri, integrity) => `WasmRemoteAuthentication/_framework/${name}` | ||
} | ||
}); | ||
</script> | ||
</body> | ||
|
||
</html> |
97 changes: 97 additions & 0 deletions
97
src/Components/test/testassets/Components.TestServer/RemoteAuthenticationStartup.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,97 @@ | ||
// Licensed to the .NET Foundation under one or more agreements. | ||
// The .NET Foundation licenses this file to you under the MIT license. | ||
|
||
using System.Globalization; | ||
using System.Reflection; | ||
using Components.TestServer.RazorComponents; | ||
using Microsoft.AspNetCore.Mvc; | ||
using Microsoft.IdentityModel.JsonWebTokens; | ||
using Microsoft.IdentityModel.Tokens; | ||
|
||
namespace TestServer; | ||
|
||
public class RemoteAuthenticationStartup | ||
{ | ||
public void ConfigureServices(IServiceCollection services) | ||
{ | ||
services.AddRazorComponents() | ||
.AddInteractiveWebAssemblyComponents(); | ||
} | ||
|
||
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline. | ||
public void Configure(IApplicationBuilder app, IWebHostEnvironment env) | ||
{ | ||
app.Map("/subdir", app => | ||
{ | ||
app.UseStaticFiles(); | ||
app.UseRouting(); | ||
app.UseAntiforgery(); | ||
app.UseEndpoints(endpoints => | ||
{ | ||
endpoints.MapRazorComponents<RemoteAuthenticationApp>() | ||
.AddAdditionalAssemblies(Assembly.Load("Components.WasmRemoteAuthentication")) | ||
.AddInteractiveWebAssemblyRenderMode(options => options.PathPrefix = "/WasmRemoteAuthentication"); | ||
var oidcEndpoints = endpoints.MapGroup("oidc"); | ||
// This is designed to test a single login at a time. | ||
var issuer = ""; | ||
oidcEndpoints.MapGet(".well-known/openid-configuration", (HttpRequest request, [FromHeader] string host) => | ||
{ | ||
issuer = $"{(request.IsHttps ? "https" : "http")}://{host}"; | ||
return Results.Json(new | ||
{ | ||
issuer, | ||
authorization_endpoint = $"{issuer}/subdir/oidc/authorize", | ||
token_endpoint = $"{issuer}/subdir/oidc/token", | ||
}); | ||
}); | ||
var lastCode = ""; | ||
oidcEndpoints.MapGet("authorize", (string redirect_uri, string? state, string? prompt, bool? preservedExtraQueryParams) => | ||
{ | ||
// Require interaction so silent sign-in does not skip RedirectToLogin.razor. | ||
if (prompt == "none") | ||
{ | ||
return Results.Redirect($"{redirect_uri}?error=interaction_required&state={state}"); | ||
} | ||
// Verify that the extra query parameters added by RedirectToLogin.razor are preserved. | ||
if (preservedExtraQueryParams != true) | ||
{ | ||
return Results.Redirect($"{redirect_uri}?error=invalid_request&error_description=extraQueryParams%20not%20preserved&state={state}"); | ||
} | ||
lastCode = Random.Shared.Next().ToString(CultureInfo.InvariantCulture); | ||
return Results.Redirect($"{redirect_uri}?code={lastCode}&state={state}"); | ||
}); | ||
var jwtHandler = new JsonWebTokenHandler(); | ||
oidcEndpoints.MapPost("token", ([FromForm] string code) => | ||
{ | ||
if (string.IsNullOrEmpty(lastCode) && code != lastCode) | ||
{ | ||
return Results.BadRequest("Bad code"); | ||
} | ||
return Results.Json(new | ||
{ | ||
token_type = "Bearer", | ||
scope = "openid profile", | ||
expires_in = 3600, | ||
id_token = jwtHandler.CreateToken(new SecurityTokenDescriptor | ||
{ | ||
Issuer = issuer, | ||
Audience = "s6BhdRkqt3", | ||
Claims = new Dictionary<string, object> | ||
{ | ||
["sub"] = "248289761001", | ||
["name"] = "Jane Doe", | ||
}, | ||
}), | ||
}); | ||
}).DisableAntiforgery(); | ||
}); | ||
}); | ||
} | ||
} |
20 changes: 20 additions & 0 deletions
20
...testassets/Components.WasmRemoteAuthentication/Components.WasmRemoteAuthentication.csproj
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
<Project Sdk="Microsoft.NET.Sdk.BlazorWebAssembly"> | ||
|
||
<PropertyGroup> | ||
<TargetFramework>$(DefaultNetCoreTargetFramework)</TargetFramework> | ||
<Nullable>enable</Nullable> | ||
<ImplicitUsings>enable</ImplicitUsings> | ||
<StaticWebAssetBasePath>WasmRemoteAuthentication</StaticWebAssetBasePath> | ||
</PropertyGroup> | ||
|
||
<PropertyGroup Condition="'$(TestTrimmedOrMultithreadingApps)' == 'true'"> | ||
<!-- Avoid spending time brotli compression publish output.--> | ||
<_BlazorBrotliCompressionLevel>NoCompression</_BlazorBrotliCompressionLevel> | ||
</PropertyGroup> | ||
|
||
<ItemGroup> | ||
<Reference Include="Microsoft.AspNetCore.Components.WebAssembly" /> | ||
<Reference Include="Microsoft.AspNetCore.Components.WebAssembly.Authentication" /> | ||
</ItemGroup> | ||
|
||
</Project> |
9 changes: 9 additions & 0 deletions
9
...Components/test/testassets/Components.WasmRemoteAuthentication/Pages/Authentication.razor
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
@page "/authentication/{action}" | ||
|
||
@using Microsoft.AspNetCore.Components.WebAssembly.Authentication | ||
|
||
<RemoteAuthenticatorView Action="@Action" /> | ||
|
||
@code { | ||
[Parameter] public string? Action { get; set; } | ||
} |
13 changes: 13 additions & 0 deletions
13
.../test/testassets/Components.WasmRemoteAuthentication/Pages/TestRemoteAuthentication.razor
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
@page "/test-remote-authentication" | ||
|
||
@using Microsoft.AspNetCore.Components.Authorization | ||
|
||
<AuthorizeView> | ||
<Authorized> | ||
<h1>Hello, @context.User.Identity?.Name!</h1> | ||
</Authorized> | ||
<NotAuthorized> | ||
@* Do this rather than rely on the [Authorize] attribute to avoid endpoint routing. *@ | ||
<RedirectToLogin /> | ||
</NotAuthorized> | ||
</AuthorizeView> |
12 changes: 12 additions & 0 deletions
12
src/Components/test/testassets/Components.WasmRemoteAuthentication/Program.cs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
using Microsoft.AspNetCore.Components.WebAssembly.Hosting; | ||
|
||
var builder = WebAssemblyHostBuilder.CreateDefault(args); | ||
|
||
builder.Services.AddOidcAuthentication(options => | ||
{ | ||
options.ProviderOptions.Authority = $"{builder.HostEnvironment.BaseAddress}oidc"; | ||
options.ProviderOptions.ClientId = "s6BhdRkqt3"; | ||
options.ProviderOptions.ResponseType = "code"; | ||
}); | ||
|
||
await builder.Build().RunAsync(); |
Oops, something went wrong.