C# 针对特定用户的集成测试OpenID Connect
我正在尝试对带有身份验证的API进行集成测试。因为一些API函数代表用户调用其他API,这允许我们在发布之前测试所有内容 问题是,即使我在头中传递了令牌,我仍然会得到302重定向。我不熟悉OpenID,所以可能我填写了错误的标题?我已经从找到的样本中复制粘贴了启动。有人能给我指一下正确的方向吗 仅供参考,在控制器上没有Authorized属性的情况下,一切正常C# 针对特定用户的集成测试OpenID Connect,c#,asp.net-core,openid-connect,C#,Asp.net Core,Openid Connect,我正在尝试对带有身份验证的API进行集成测试。因为一些API函数代表用户调用其他API,这允许我们在发布之前测试所有内容 问题是,即使我在头中传递了令牌,我仍然会得到302重定向。我不熟悉OpenID,所以可能我填写了错误的标题?我已经从找到的样本中复制粘贴了启动。有人能给我指一下正确的方向吗 仅供参考,在控制器上没有Authorized属性的情况下,一切正常 public class Startup { public void Configure(IApplicationBuilder
public class Startup
{
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
app.UseAuthentication();
}
public void ConfigureServices(IServiceCollection services)
{
services.AddAuthentication(sharedOptions =>
{
sharedOptions.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
sharedOptions.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
})
.AddOpenIdConnect(options =>
{
options.Authority = "hidden";
options.ClientId = "hidden";
options.CallbackPath = "/signin-oidc";
options.RequireHttpsMetadata = false;
options.UseTokenLifetime = true;
})
.AddCookie();
}
}
[TestClass]
public class Tests
{
[TestMethod]
public void Test()
{
// Get access token for API.
var httpClient = new HttpClient();
var formContent = new FormUrlEncodedContent(new[]
{
new KeyValuePair<string, string>("resource", "hidden"),
new KeyValuePair<string, string>("client_secret", "hidden"),
new KeyValuePair<string, string>("username", "hidden"),
new KeyValuePair<string, string>("password", "hidden"),
new KeyValuePair<string, string>("client_id", "hidden"),
new KeyValuePair<string, string>("grant_type", "password")
})
var result = httpClient.PostAsync(new Uri("https://login.microsoftonline.com/hidden.onmicrosoft.com/oauth2/token", formContent).Result;
var content = result.Content.ReadAsStringAsync().Result;
var accessToken = JObject.Parse(content)["access_token"].ToString();
// Create client calling the API.
var builder = new WebHostBuilder()
.UseStartup<Startup>();
var testServer = new TestServer(builder);
var client = testServer.CreateClient();
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", accessToken);
var response = client.GetAsync("/hidden").Result; // Receiving a 302 redirect
var content = response.Content.ReadAsStringAsync().Result;
Console.WriteLine(content);
Assert.IsTrue(response.IsSuccessStatusCode);
}
}
公共类启动
{
公共无效配置(IApplicationBuilder应用程序,IHostingEnvironment环境)
{
app.UseAuthentication();
}
public void配置服务(IServiceCollection服务)
{
services.AddAuthentication(sharedOptions=>
{
sharedOptions.DefaultScheme=CookieAuthenticationDefaults.AuthenticationScheme;
sharedOptions.DefaultChallengeScheme=OpenIdConnectDefaults.AuthenticationScheme;
})
.AddOpenIdConnect(选项=>
{
options.Authority=“hidden”;
options.ClientId=“隐藏”;
options.CallbackPath=“/signin oidc”;
options.RequireHttpsMetadata=false;
options.UseTokenLifetime=true;
})
.AddCookie();
}
}
[测试类]
公开课考试
{
[测试方法]
公开无效测试()
{
//获取API的访问令牌。
var httpClient=新的httpClient();
var formContent=new FormUrlEncodedContent(new[]
{
新的KeyValuePair(“资源”、“隐藏”),
新的KeyValuePair(“客户端密码”、“隐藏”),
新的KeyValuePair(“用户名”、“隐藏”),
新的KeyValuePair(“密码”、“隐藏”),
新的KeyValuePair(“客户端id”、“隐藏”),
新的KeyValuePair(“授权类型”、“密码”)
})
var result=httpClient.PostAsync(新Uri(“https://login.microsoftonline.com/hidden.onmicrosoft.com/oauth2/token“,formContent)。结果;
var content=result.content.ReadAsStringAsync().result;
var accessToken=JObject.Parse(content)[“access_token”].ToString();
//创建调用API的客户端。
var builder=新的WebHostBuilder()
.UseStartup();
var testServer=新的testServer(构建器);
var client=testServer.CreateClient();
client.DefaultRequestHeaders.Authorization=新的AuthenticationHeaderValue(“承载者”,accessToken);
var response=client.GetAsync(“/hidden”).Result;//接收302重定向
var content=response.content.ReadAsStringAsync().Result;
Console.WriteLine(内容);
Assert.IsTrue(response.issucessStatusCode);
}
}
Result