mirror of
https://github.com/nsnail/Ocelot.git
synced 2025-06-19 20:08:17 +08:00
implemented adding claims as query strings to downstream route, removed some of the middleware injection optiosn as i have currently have no use case for them, general refactoring to use the OcelotMiddleware a bit more
This commit is contained in:
TomPallister
@ -0,0 +1,194 @@
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.IO;
|
||||
using System.Linq;
|
||||
using System.Net;
|
||||
using System.Security.Claims;
|
||||
using IdentityServer4.Models;
|
||||
using IdentityServer4.Services.InMemory;
|
||||
using Microsoft.AspNetCore.Builder;
|
||||
using Microsoft.AspNetCore.Hosting;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.Extensions.DependencyInjection;
|
||||
using Microsoft.Extensions.Primitives;
|
||||
using Ocelot.Configuration.Yaml;
|
||||
using TestStack.BDDfy;
|
||||
using Xunit;
|
||||
|
||||
namespace Ocelot.AcceptanceTests
|
||||
{
|
||||
public class ClaimsToQueryStringForwardingTests : IDisposable
|
||||
{
|
||||
private IWebHost _servicebuilder;
|
||||
private IWebHost _identityServerBuilder;
|
||||
private readonly Steps _steps;
|
||||
|
||||
public ClaimsToQueryStringForwardingTests()
|
||||
{
|
||||
_steps = new Steps();
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public void should_return_response_200_and_foward_claim_as_query_string()
|
||||
{
|
||||
var user = new InMemoryUser
|
||||
{
|
||||
Username = "test",
|
||||
Password = "test",
|
||||
Enabled = true,
|
||||
Subject = "registered|1231231",
|
||||
Claims = new List<Claim>
|
||||
{
|
||||
new Claim("CustomerId", "123"),
|
||||
new Claim("LocationId", "1")
|
||||
}
|
||||
};
|
||||
|
||||
var yamlConfiguration = new YamlConfiguration
|
||||
{
|
||||
ReRoutes = new List<YamlReRoute>
|
||||
{
|
||||
new YamlReRoute
|
||||
{
|
||||
DownstreamTemplate = "http://localhost:57876/",
|
||||
UpstreamTemplate = "/",
|
||||
UpstreamHttpMethod = "Get",
|
||||
AuthenticationOptions = new YamlAuthenticationOptions
|
||||
{
|
||||
AdditionalScopes = new List<string>
|
||||
{
|
||||
"openid", "offline_access"
|
||||
},
|
||||
Provider = "IdentityServer",
|
||||
ProviderRootUrl = "http://localhost:57888",
|
||||
RequireHttps = false,
|
||||
ScopeName = "api",
|
||||
ScopeSecret = "secret",
|
||||
},
|
||||
AddQueriesToRequest =
|
||||
{
|
||||
{"CustomerId", "Claims[CustomerId] > value"},
|
||||
{"LocationId", "Claims[LocationId] > value"},
|
||||
{"UserType", "Claims[sub] > value[0] > |"},
|
||||
{"UserId", "Claims[sub] > value[1] > |"}
|
||||
}
|
||||
}
|
||||
}
|
||||
};
|
||||
|
||||
this.Given(x => x.GivenThereIsAnIdentityServerOn("http://localhost:57888", "api", AccessTokenType.Jwt, user))
|
||||
.And(x => x.GivenThereIsAServiceRunningOn("http://localhost:57876", 200))
|
||||
.And(x => _steps.GivenIHaveAToken("http://localhost:57888"))
|
||||
.And(x => _steps.GivenThereIsAConfiguration(yamlConfiguration))
|
||||
.And(x => _steps.GivenOcelotIsRunning())
|
||||
.And(x => _steps.GivenIHaveAddedATokenToMyRequest())
|
||||
.When(x => _steps.WhenIGetUrlOnTheApiGateway("/"))
|
||||
.Then(x => _steps.ThenTheStatusCodeShouldBe(HttpStatusCode.OK))
|
||||
.And(x => _steps.ThenTheResponseBodyShouldBe("CustomerId: 123 LocationId: 1 UserType: registered UserId: 1231231"))
|
||||
.BDDfy();
|
||||
}
|
||||
|
||||
private void GivenThereIsAServiceRunningOn(string url, int statusCode)
|
||||
{
|
||||
_servicebuilder = new WebHostBuilder()
|
||||
.UseUrls(url)
|
||||
.UseKestrel()
|
||||
.UseContentRoot(Directory.GetCurrentDirectory())
|
||||
.UseIISIntegration()
|
||||
.UseUrls(url)
|
||||
.Configure(app =>
|
||||
{
|
||||
app.Run(async context =>
|
||||
{
|
||||
StringValues customerId;
|
||||
context.Request.Query.TryGetValue("CustomerId", out customerId);
|
||||
|
||||
StringValues locationId;
|
||||
context.Request.Query.TryGetValue("LocationId", out locationId);
|
||||
|
||||
StringValues userType;
|
||||
context.Request.Query.TryGetValue("UserType", out userType);
|
||||
|
||||
StringValues userId;
|
||||
context.Request.Query.TryGetValue("UserId", out userId);
|
||||
|
||||
var responseBody = $"CustomerId: {customerId} LocationId: {locationId} UserType: {userType} UserId: {userId}";
|
||||
context.Response.StatusCode = statusCode;
|
||||
await context.Response.WriteAsync(responseBody);
|
||||
});
|
||||
})
|
||||
.Build();
|
||||
|
||||
_servicebuilder.Start();
|
||||
}
|
||||
|
||||
private void GivenThereIsAnIdentityServerOn(string url, string scopeName, AccessTokenType tokenType, InMemoryUser user)
|
||||
{
|
||||
_identityServerBuilder = new WebHostBuilder()
|
||||
.UseUrls(url)
|
||||
.UseKestrel()
|
||||
.UseContentRoot(Directory.GetCurrentDirectory())
|
||||
.UseIISIntegration()
|
||||
.UseUrls(url)
|
||||
.ConfigureServices(services =>
|
||||
{
|
||||
services.AddLogging();
|
||||
services.AddDeveloperIdentityServer()
|
||||
.AddInMemoryScopes(new List<Scope>
|
||||
{
|
||||
new Scope
|
||||
{
|
||||
Name = scopeName,
|
||||
Description = "My API",
|
||||
Enabled = true,
|
||||
AllowUnrestrictedIntrospection = true,
|
||||
ScopeSecrets = new List<Secret>()
|
||||
{
|
||||
new Secret
|
||||
{
|
||||
Value = "secret".Sha256()
|
||||
}
|
||||
},
|
||||
IncludeAllClaimsForUser = true
|
||||
},
|
||||
|
||||
StandardScopes.OpenId,
|
||||
StandardScopes.OfflineAccess
|
||||
})
|
||||
.AddInMemoryClients(new List<Client>
|
||||
{
|
||||
new Client
|
||||
{
|
||||
ClientId = "client",
|
||||
AllowedGrantTypes = GrantTypes.ResourceOwnerPassword,
|
||||
ClientSecrets = new List<Secret> {new Secret("secret".Sha256())},
|
||||
AllowedScopes = new List<string> { scopeName, "openid", "offline_access" },
|
||||
AccessTokenType = tokenType,
|
||||
Enabled = true,
|
||||
RequireClientSecret = false
|
||||
}
|
||||
})
|
||||
.AddInMemoryUsers(new List<InMemoryUser>
|
||||
{
|
||||
user
|
||||
});
|
||||
})
|
||||
.Configure(app =>
|
||||
{
|
||||
app.UseIdentityServer();
|
||||
})
|
||||
.Build();
|
||||
|
||||
_identityServerBuilder.Start();
|
||||
|
||||
_steps.VerifyIdentiryServerStarted(url);
|
||||
}
|
||||
|
||||
public void Dispose()
|
||||
{
|
||||
_servicebuilder?.Dispose();
|
||||
_steps.Dispose();
|
||||
_identityServerBuilder?.Dispose();
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -29,11 +29,11 @@ namespace Ocelot.AcceptanceTests
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public void response_should_come_from_pre_http_responder_middleware()
|
||||
public void response_should_come_from_pre_authorisation_middleware()
|
||||
{
|
||||
var configuration = new OcelotMiddlewareConfiguration
|
||||
{
|
||||
PreHttpResponderMiddleware = async (ctx, next) =>
|
||||
PreAuthorisationMiddleware = async (ctx, next) =>
|
||||
{
|
||||
await ctx.Response.WriteAsync("PreHttpResponderMiddleware");
|
||||
}
|
||||
@ -62,11 +62,11 @@ namespace Ocelot.AcceptanceTests
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public void response_should_come_from_pre_http_requester_middleware()
|
||||
public void response_should_come_from_pre_http_authentication_middleware()
|
||||
{
|
||||
var configuration = new OcelotMiddlewareConfiguration
|
||||
{
|
||||
PreHttpRequesterMiddleware = async (ctx, next) =>
|
||||
PreAuthenticationMiddleware = async (ctx, next) =>
|
||||
{
|
||||
await ctx.Response.WriteAsync("PreHttpRequesterMiddleware");
|
||||
}
|
||||
|
||||
@ -5,3 +5,4 @@ ReRoutes:
|
||||
AddHeadersToRequest: {}
|
||||
AddClaimsToRequest: {}
|
||||
RouteClaimsRequirement: {}
|
||||
AddQueriesToRequest: {}
|
||||
|
||||
Reference in New Issue
Block a user