From b102689fce455b067c230e6e1ac9172b3c70f2a8 Mon Sep 17 00:00:00 2001 From: Json-exe Date: Fri, 4 Oct 2024 14:46:15 +0200 Subject: [PATCH 1/2] fix: double slash in request uri for fetching token by refresh token --- .../LogtoCookieContextManagerTests.cs | 13 +++++++++++++ .../LogtoCookieContextManager.cs | 11 +++++++++-- 2 files changed, 22 insertions(+), 2 deletions(-) create mode 100644 src/Logto.AspNetCore.Authentication.Tests/LogtoCookieContextManagerTests.cs diff --git a/src/Logto.AspNetCore.Authentication.Tests/LogtoCookieContextManagerTests.cs b/src/Logto.AspNetCore.Authentication.Tests/LogtoCookieContextManagerTests.cs new file mode 100644 index 0000000..8d95ebb --- /dev/null +++ b/src/Logto.AspNetCore.Authentication.Tests/LogtoCookieContextManagerTests.cs @@ -0,0 +1,13 @@ +namespace Logto.AspNetCore.Authentication.Tests; + +public class LogtoCookieContextManagerTests +{ + [Theory] + [InlineData("https://www.example.com/", "https://www.example.com/oidc/token")] + [InlineData("https://www.example.com", "https://www.example.com/oidc/token")] + public void FetchTokenUriParseTest(string endpoint, string expectedUri) + { + var requestUri = LogtoCookieContextManager.GetTokenRequestUri(endpoint); + Assert.Equal(requestUri.ToString(), expectedUri); + } +} \ No newline at end of file diff --git a/src/Logto.AspNetCore.Authentication/LogtoCookieContextManager.cs b/src/Logto.AspNetCore.Authentication/LogtoCookieContextManager.cs index f820042..7e27f41 100644 --- a/src/Logto.AspNetCore.Authentication/LogtoCookieContextManager.cs +++ b/src/Logto.AspNetCore.Authentication/LogtoCookieContextManager.cs @@ -8,6 +8,7 @@ using Microsoft.AspNetCore.Authentication; using Microsoft.AspNetCore.Authentication.Cookies; using Microsoft.AspNetCore.Authentication.OpenIdConnect; +using Microsoft.AspNetCore.Http.Extensions; using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.Options; @@ -78,7 +79,6 @@ public async Task Handle() if (logtoOptions.Resource != null && !await RefreshTokens(true)) { context.RejectPrincipal(); - return; } } @@ -177,7 +177,7 @@ public async Task FetchTokensByRefreshToken(string refreshTo } // TODO: The token endpoint should be read from the discovery endpoint or the OpenID Connect context. - var request = new HttpRequestMessage(HttpMethod.Post, $"{logtoOptions.Endpoint}/oidc/token") + var request = new HttpRequestMessage(HttpMethod.Post, GetTokenRequestUri(logtoOptions.Endpoint)) { Content = new FormUrlEncodedContent(body) }; @@ -191,4 +191,11 @@ public async Task FetchTokensByRefreshToken(string refreshTo PropertyNameCaseInsensitive = true, })!; } + + public static Uri GetTokenRequestUri(string endpoint) + { + var baseUri = new Uri(endpoint); + var requestUri = new Uri(baseUri, "/oidc/token"); + return requestUri; + } } From 9fe16d64905b8a36dee05dd5520f987459e34681 Mon Sep 17 00:00:00 2001 From: Json-exe Date: Fri, 4 Oct 2024 14:57:18 +0200 Subject: [PATCH 2/2] feat: add more tests, add documentation --- .../LogtoCookieContextManagerTests.cs | 20 ++++++++++++++++++- .../LogtoCookieContextManager.cs | 12 ++++++++--- 2 files changed, 28 insertions(+), 4 deletions(-) diff --git a/src/Logto.AspNetCore.Authentication.Tests/LogtoCookieContextManagerTests.cs b/src/Logto.AspNetCore.Authentication.Tests/LogtoCookieContextManagerTests.cs index 8d95ebb..a5fc37d 100644 --- a/src/Logto.AspNetCore.Authentication.Tests/LogtoCookieContextManagerTests.cs +++ b/src/Logto.AspNetCore.Authentication.Tests/LogtoCookieContextManagerTests.cs @@ -5,9 +5,27 @@ public class LogtoCookieContextManagerTests [Theory] [InlineData("https://www.example.com/", "https://www.example.com/oidc/token")] [InlineData("https://www.example.com", "https://www.example.com/oidc/token")] + [InlineData("https://example.com", "https://example.com/oidc/token")] + [InlineData("http://www.example.com", "http://www.example.com/oidc/token")] + [InlineData("https://sub.example.com", "https://sub.example.com/oidc/token")] + [InlineData("https://www.example.com/path/", "https://www.example.com/path/oidc/token")] public void FetchTokenUriParseTest(string endpoint, string expectedUri) { - var requestUri = LogtoCookieContextManager.GetTokenRequestUri(endpoint); + var requestUri = LogtoCookieContextManager.GetOidcTokenRequestUri(endpoint); Assert.Equal(requestUri.ToString(), expectedUri); } + + [Fact] + public void FetchTokenUriInvalidFormatTest() + { + Assert.Throws(() => LogtoCookieContextManager.GetOidcTokenRequestUri("https:///example.com//")); + } + + [Fact] + public void FetchTokenUriNullOrEmptyTest() + { + Assert.Throws(() => LogtoCookieContextManager.GetOidcTokenRequestUri(null!)); + Assert.Throws(() => LogtoCookieContextManager.GetOidcTokenRequestUri(string.Empty)); + } + } \ No newline at end of file diff --git a/src/Logto.AspNetCore.Authentication/LogtoCookieContextManager.cs b/src/Logto.AspNetCore.Authentication/LogtoCookieContextManager.cs index 7e27f41..dcf159d 100644 --- a/src/Logto.AspNetCore.Authentication/LogtoCookieContextManager.cs +++ b/src/Logto.AspNetCore.Authentication/LogtoCookieContextManager.cs @@ -177,7 +177,7 @@ public async Task FetchTokensByRefreshToken(string refreshTo } // TODO: The token endpoint should be read from the discovery endpoint or the OpenID Connect context. - var request = new HttpRequestMessage(HttpMethod.Post, GetTokenRequestUri(logtoOptions.Endpoint)) + var request = new HttpRequestMessage(HttpMethod.Post, GetOidcTokenRequestUri(logtoOptions.Endpoint)) { Content = new FormUrlEncodedContent(body) }; @@ -192,10 +192,16 @@ public async Task FetchTokensByRefreshToken(string refreshTo })!; } - public static Uri GetTokenRequestUri(string endpoint) + /// + /// Constructs a URI for the OpenID Connect (OIDC) token request based on the provided endpoint. + /// + /// The base endpoint URL as a string. + /// A object representing the full token request URI. + /// Thrown when the provided endpoint is not a valid URI. + public static Uri GetOidcTokenRequestUri(string endpoint) { var baseUri = new Uri(endpoint); - var requestUri = new Uri(baseUri, "/oidc/token"); + var requestUri = new Uri(baseUri, "oidc/token"); return requestUri; } }