private static TestServer CreateAuthorizationServer() {
var builder = new WebHostBuilder();
builder.UseEnvironment("Testing");
builder.ConfigureLogging(options => options.AddDebug());
builder.ConfigureServices(services => {
services.AddAuthentication();
services.AddDistributedMemoryCache();
services.AddLogging();
});
builder.Configure(app => {
app.Map("/.well-known/openid-configuration", map => map.Run(async context => {
using (var buffer = new MemoryStream())
using (var writer = new JsonTextWriter(new StreamWriter(buffer))) {
var payload = new JObject {
[OAuthIntrospectionConstants.Metadata.IntrospectionEndpoint] = "http://localhost/connect/introspect"
};
payload.WriteTo(writer);
writer.Flush();
context.Response.ContentLength = buffer.Length;
context.Response.ContentType = "application/json;charset=UTF-8";
buffer.Seek(offset: 0, loc: SeekOrigin.Begin);
await buffer.CopyToAsync(context.Response.Body, 4096, context.RequestAborted);
}
}));
app.Map("/connect/introspect", map => map.Run(async context => {
using (var buffer = new MemoryStream())
using (var writer = new JsonTextWriter(new StreamWriter(buffer))) {
var payload = new JObject();
var form = await context.Request.ReadFormAsync();
switch (form[OAuthIntrospectionConstants.Parameters.Token]) {
case "invalid-token": {
payload[OAuthIntrospectionConstants.Claims.Active] = false;
break;
}
case "expired-token": {
payload[OAuthIntrospectionConstants.Claims.Active] = true;
payload[OAuthIntrospectionConstants.Claims.Subject] = "Fabrikam";
// 1451602800 = 01/01/2016 - 00:00:00 AM.
payload[OAuthIntrospectionConstants.Claims.ExpiresAt] = 1455359642;
break;
}
case "valid-token": {
payload[OAuthIntrospectionConstants.Claims.Active] = true;
payload[OAuthIntrospectionConstants.Claims.JwtId] = "jwt-token-identifier";
payload[OAuthIntrospectionConstants.Claims.Subject] = "Fabrikam";
break;
}
case "valid-token-with-scopes": {
payload[OAuthIntrospectionConstants.Claims.Active] = true;
payload[OAuthIntrospectionConstants.Claims.JwtId] = "jwt-token-identifier";
payload[OAuthIntrospectionConstants.Claims.Subject] = "Fabrikam";
payload[OAuthIntrospectionConstants.Claims.Scope] =
"C54A8F5E-0387-43F4-BA43-FD4B50DC190D 5C57E3BD-9EFB-4224-9AB8-C8C5E009FFD7";
break;
}
case "valid-token-with-single-audience": {
payload[OAuthIntrospectionConstants.Claims.Active] = true;
payload[OAuthIntrospectionConstants.Claims.JwtId] = "jwt-token-identifier";
payload[OAuthIntrospectionConstants.Claims.Subject] = "Fabrikam";
payload[OAuthIntrospectionConstants.Claims.Audience] = "http://www.google.com/";
break;
}
case "valid-token-with-multiple-audiences": {
payload[OAuthIntrospectionConstants.Claims.Active] = true;
payload[OAuthIntrospectionConstants.Claims.JwtId] = "jwt-token-identifier";
payload[OAuthIntrospectionConstants.Claims.Subject] = "Fabrikam";
payload[OAuthIntrospectionConstants.Claims.Audience] = JArray.FromObject(new[] {
"http://www.google.com/", "http://www.fabrikam.com/"
});
break;
}
}
payload.WriteTo(writer);
writer.Flush();
context.Response.ContentLength = buffer.Length;
context.Response.ContentType = "application/json;charset=UTF-8";
buffer.Seek(offset: 0, loc: SeekOrigin.Begin);
await buffer.CopyToAsync(context.Response.Body, 4096, context.RequestAborted);
}
}));
});
return new TestServer(builder);
}
}