tk/Ocelot
1
0
Fork 0
mirror of https://github.com/nsnail/Ocelot.git synced 2025-04-20 01:22:50 +08:00
Code Issues Packages Projects Releases Wiki Activity
Ocelot/test/Ocelot.AcceptanceTests/ClaimsToQueryStringForwardingTests.cs
TomPallister f62ed72dde all packages upgraded and tests passing
2020-12-01 11:06:49 +00:00

303 lines
12 KiB
C#
Raw Permalink Blame History

namespace Ocelot.AcceptanceTests
{
using IdentityServer4.Test;
using Shouldly;
using IdentityServer4.AccessTokenValidation;
using IdentityServer4.Models;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.Http;
using Microsoft.Extensions.DependencyInjection;
using Microsoft.Extensions.Primitives;
using Ocelot.Configuration.File;
using System;
using System.Collections.Generic;
using System.IO;
using System.Net;
using System.Security.Claims;
using TestStack.BDDfy;
using Xunit;
public class ClaimsToQueryStringForwardingTests : IDisposable
{
private IWebHost _servicebuilder;
private IWebHost _identityServerBuilder;
private readonly Steps _steps;
private Action<IdentityServerAuthenticationOptions> _options;
private string _identityServerRootUrl;
private string _downstreamQueryString;
public ClaimsToQueryStringForwardingTests()
{
_steps = new Steps();
var identityServerPort = RandomPortFinder.GetRandomPort();
_identityServerRootUrl = $"http://localhost:{identityServerPort}";
_options = o =>
{
o.Authority = _identityServerRootUrl;
o.ApiName = "api";
o.RequireHttpsMetadata = false;
o.SupportedTokens = SupportedTokens.Both;
o.ApiSecret = "secret";
};
}
[Fact]
public void should_return_response_200_and_foward_claim_as_query_string()
{
var user = new TestUser()
{
Username = "test",
Password = "test",
SubjectId = "registered|1231231",
Claims = new List<Claim>
{
new Claim("CustomerId", "123"),
new Claim("LocationId", "1"),
},
};
int port = RandomPortFinder.GetRandomPort();
var configuration = new FileConfiguration
{
Routes = new List<FileRoute>
{
new FileRoute
{
DownstreamPathTemplate = "/",
DownstreamHostAndPorts = new List<FileHostAndPort>
{
new FileHostAndPort
{
Host = "localhost",
Port = port,
},
},
DownstreamScheme = "http",
UpstreamPathTemplate = "/",
UpstreamHttpMethod = new List<string> { "Get" },
AuthenticationOptions = new FileAuthenticationOptions
{
AuthenticationProviderKey = "Test",
AllowedScopes = new List<string>
{
"openid", "offline_access", "api",
},
},
AddQueriesToRequest =
{
{"CustomerId", "Claims[CustomerId] > value"},
{"LocationId", "Claims[LocationId] > value"},
{"UserType", "Claims[sub] > value[0] > |"},
{"UserId", "Claims[sub] > value[1] > |"},
},
},
},
};
this.Given(x => x.GivenThereIsAnIdentityServerOn(_identityServerRootUrl, "api", AccessTokenType.Jwt, user))
.And(x => x.GivenThereIsAServiceRunningOn($"http://localhost:{port}", 200))
.And(x => _steps.GivenIHaveAToken(_identityServerRootUrl))
.And(x => _steps.GivenThereIsAConfiguration(configuration))
.And(x => _steps.GivenOcelotIsRunning(_options, "Test"))
.And(x => _steps.GivenIHaveAddedATokenToMyRequest())
.When(x => _steps.WhenIGetUrlOnTheApiGateway("/"))
.Then(x => _steps.ThenTheStatusCodeShouldBe(HttpStatusCode.OK))
.And(x => _steps.ThenTheResponseBodyShouldBe("CustomerId: 123 LocationId: 1 UserType: registered UserId: 1231231"))
.BDDfy();
}
[Fact]
public void should_return_response_200_and_foward_claim_as_query_string_and_preserve_original_string()
{
var user = new TestUser()
{
Username = "test",
Password = "test",
SubjectId = "registered|1231231",
Claims = new List<Claim>
{
new Claim("CustomerId", "123"),
new Claim("LocationId", "1"),
},
};
int port = RandomPortFinder.GetRandomPort();
var configuration = new FileConfiguration
{
Routes = new List<FileRoute>
{
new FileRoute
{
DownstreamPathTemplate = "/",
DownstreamHostAndPorts = new List<FileHostAndPort>
{
new FileHostAndPort
{
Host = "localhost",
Port = port,
},
},
DownstreamScheme = "http",
UpstreamPathTemplate = "/",
UpstreamHttpMethod = new List<string> { "Get" },
AuthenticationOptions = new FileAuthenticationOptions
{
AuthenticationProviderKey = "Test",
AllowedScopes = new List<string>
{
"openid", "offline_access", "api",
},
},
AddQueriesToRequest =
{
{"CustomerId", "Claims[CustomerId] > value"},
{"LocationId", "Claims[LocationId] > value"},
{"UserType", "Claims[sub] > value[0] > |"},
{"UserId", "Claims[sub] > value[1] > |"},
},
},
},
};
this.Given(x => x.GivenThereIsAnIdentityServerOn(_identityServerRootUrl, "api", AccessTokenType.Jwt, user))
.And(x => x.GivenThereIsAServiceRunningOn($"http://localhost:{port}", 200))
.And(x => _steps.GivenIHaveAToken(_identityServerRootUrl))
.And(x => _steps.GivenThereIsAConfiguration(configuration))
.And(x => _steps.GivenOcelotIsRunning(_options, "Test"))
.And(x => _steps.GivenIHaveAddedATokenToMyRequest())
.When(x => _steps.WhenIGetUrlOnTheApiGateway("/?test=1&test=2"))
.Then(x => _steps.ThenTheStatusCodeShouldBe(HttpStatusCode.OK))
.And(x => _steps.ThenTheResponseBodyShouldBe("CustomerId: 123 LocationId: 1 UserType: registered UserId: 1231231"))
.And(_ => ThenTheQueryStringIs("?test=1&test=2&CustomerId=123&LocationId=1&UserId=1231231&UserType=registered"))
.BDDfy();
}
private void ThenTheQueryStringIs(string queryString)
{
_downstreamQueryString.ShouldBe(queryString);
}
private void GivenThereIsAServiceRunningOn(string url, int statusCode)
{
_servicebuilder = new WebHostBuilder()
.UseUrls(url)
.UseKestrel()
.UseContentRoot(Directory.GetCurrentDirectory())
.UseIISIntegration()
.UseUrls(url)
.Configure(app =>
{
app.Run(async context =>
{
_downstreamQueryString = context.Request.QueryString.Value;
StringValues customerId;
context.Request.Query.TryGetValue("CustomerId", out customerId);
StringValues locationId;
context.Request.Query.TryGetValue("LocationId", out locationId);
StringValues userType;
context.Request.Query.TryGetValue("UserType", out userType);
StringValues userId;
context.Request.Query.TryGetValue("UserId", out userId);
var responseBody = $"CustomerId: {customerId} LocationId: {locationId} UserType: {userType} UserId: {userId}";
context.Response.StatusCode = statusCode;
await context.Response.WriteAsync(responseBody);
});
})
.Build();
_servicebuilder.Start();
}
private void GivenThereIsAnIdentityServerOn(string url, string apiName, AccessTokenType tokenType, TestUser user)
{
_identityServerBuilder = new WebHostBuilder()
.UseUrls(url)
.UseKestrel()
.UseContentRoot(Directory.GetCurrentDirectory())
.UseIISIntegration()
.UseUrls(url)
.ConfigureServices(services =>
{
services.AddLogging();
services.AddIdentityServer()
.AddDeveloperSigningCredential()
.AddInMemoryApiScopes(new List<ApiScope>
{
new ApiScope(apiName, "test"),
new ApiScope("openid", "test"),
new ApiScope("offline_access", "test"),
new ApiScope("api.readOnly", "test"),
})
.AddInMemoryApiResources(new List<ApiResource>
{
new ApiResource
{
Name = apiName,
Description = "My API",
Enabled = true,
DisplayName = "test",
Scopes = new List<string>()
{
"api",
"openid",
"offline_access",
},
ApiSecrets = new List<Secret>()
{
new Secret
{
Value = "secret".Sha256(),
},
},
UserClaims = new List<string>()
{
"CustomerId", "LocationId", "UserType", "UserId",
},
},
})
.AddInMemoryClients(new List<Client>
{
new Client
{
ClientId = "client",
AllowedGrantTypes = GrantTypes.ResourceOwnerPassword,
ClientSecrets = new List<Secret> {new Secret("secret".Sha256())},
AllowedScopes = new List<string> { apiName, "openid", "offline_access" },
AccessTokenType = tokenType,
Enabled = true,
RequireClientSecret = false,
},
})
.AddTestUsers(new List<TestUser>
{
user,
});
})
.Configure(app =>
{
app.UseIdentityServer();
})
.Build();
_identityServerBuilder.Start();
_steps.VerifyIdentiryServerStarted(url);
}
public void Dispose()
{
_servicebuilder?.Dispose();
_steps.Dispose();
_identityServerBuilder?.Dispose();
}
}
}
Reference in New Issue View Git Blame Copy Permalink