From 22fce39c06605ea015de8c880aa1abae2da43bec Mon Sep 17 00:00:00 2001 From: joegoldman2 <147369450+joegoldman@users.noreply.github.com> Date: Tue, 4 Jun 2024 17:01:15 +0000 Subject: [PATCH] Lexicographic order --- .../OpenIdConnectConfiguration.cs | 259 +++++++++--------- .../OpenIdProviderMetadataNames.cs | 36 +-- .../OpenIdConnectConfigurationTests.cs | 41 ++- .../OpenIdConnectMetadata.json | 18 +- 4 files changed, 177 insertions(+), 177 deletions(-) diff --git a/src/Microsoft.IdentityModel.Protocols.OpenIdConnect/Configuration/OpenIdConnectConfiguration.cs b/src/Microsoft.IdentityModel.Protocols.OpenIdConnect/Configuration/OpenIdConnectConfiguration.cs index e31c8aa1af..be0c9d3ca6 100644 --- a/src/Microsoft.IdentityModel.Protocols.OpenIdConnect/Configuration/OpenIdConnectConfiguration.cs +++ b/src/Microsoft.IdentityModel.Protocols.OpenIdConnect/Configuration/OpenIdConnectConfiguration.cs @@ -23,16 +23,20 @@ public class OpenIdConnectConfiguration : BaseConfiguration // these are used to lazy create private Dictionary _additionalData; private ICollection _acrValuesSupported; + private ICollection _backchannelTokenDeliveryModesSupported; + private ICollection _backchannelAuthenticationRequestSigningAlgValuesSupported; private ICollection _claimsSupported; private ICollection _claimsLocalesSupported; private ICollection _claimTypesSupported; private ICollection _displayValuesSupported; + private ICollection _dPoPSigningAlgValuesSupported; private ICollection _grantTypesSupported; private ICollection _idTokenEncryptionAlgValuesSupported; private ICollection _idTokenEncryptionEncValuesSupported; private ICollection _idTokenSigningAlgValuesSupported; private ICollection _introspectionEndpointAuthMethodsSupported; private ICollection _introspectionEndpointAuthSigningAlgValuesSupported; + private ICollection _promptValuesSupported; private ICollection _requestObjectEncryptionAlgValuesSupported; private ICollection _requestObjectEncryptionEncValuesSupported; private ICollection _requestObjectSigningAlgValuesSupported; @@ -46,10 +50,6 @@ public class OpenIdConnectConfiguration : BaseConfiguration private ICollection _userInfoEndpointEncryptionAlgValuesSupported; private ICollection _userInfoEndpointEncryptionEncValuesSupported; private ICollection _userInfoEndpointSigningAlgValuesSupported; - private ICollection _promptValuesSupported; - private ICollection _backchannelTokenDeliveryModesSupported; - private ICollection _backchannelAuthenticationRequestSigningAlgValuesSupported; - private ICollection _dPoPSigningAlgValuesSupported; /// /// Deserializes the json string into an object. @@ -143,6 +143,51 @@ public OpenIdConnectConfiguration(string json) #endif public string AuthorizationEndpoint { get; set; } + /// + /// Gets or sets the 'authorization_response_iss_parameter_supported' + /// + [JsonPropertyName(OpenIdProviderMetadataNames.AuthorizationResponseIssParameterSupported)] +#if NET6_0_OR_GREATER + [JsonIgnore(Condition = JsonIgnoreCondition.WhenWritingDefault)] +#endif + public bool AuthorizationResponseIssParameterSupported { get; set; } + + /// + /// Gets or sets the 'backchannel_authentication_endpoint'. + /// + [JsonPropertyName(OpenIdProviderMetadataNames.BackchannelAuthenticationEndpoint)] +#if NET6_0_OR_GREATER + [JsonIgnore(Condition = JsonIgnoreCondition.WhenWritingNull)] +#endif + public string BackchannelAuthenticationEndpoint { get; set; } + + /// + /// Gets the collection of 'backchannel_token_delivery_modes_supported' + /// + [JsonPropertyName(OpenIdProviderMetadataNames.BackchannelTokenDeliveryModesSupported)] + public ICollection BackchannelTokenDeliveryModesSupported => + _backchannelTokenDeliveryModesSupported ?? + Interlocked.CompareExchange(ref _backchannelTokenDeliveryModesSupported, new Collection(), null) ?? + _backchannelTokenDeliveryModesSupported; + + /// + /// Gets the collection of 'backchannel_authentication_request_signing_alg_values_supported' + /// + [JsonPropertyName(OpenIdProviderMetadataNames.BackchannelAuthenticationRequestSigningAlgValuesSupported)] + public ICollection BackchannelAuthenticationRequestSigningAlgValuesSupported => + _backchannelAuthenticationRequestSigningAlgValuesSupported ?? + Interlocked.CompareExchange(ref _backchannelAuthenticationRequestSigningAlgValuesSupported, new Collection(), null) ?? + _backchannelAuthenticationRequestSigningAlgValuesSupported; + + /// + /// Gets or sets the 'backchannel_user_code_parameter_supported' + /// + [JsonPropertyName(OpenIdProviderMetadataNames.BackchannelUserCodeParameterSupported)] +#if NET6_0_OR_GREATER + [JsonIgnore(Condition = JsonIgnoreCondition.WhenWritingDefault)] +#endif + public bool BackchannelUserCodeParameterSupported { get; set; } + /// /// Gets or sets the 'check_session_iframe'. /// @@ -197,6 +242,15 @@ public OpenIdConnectConfiguration(string json) Interlocked.CompareExchange(ref _displayValuesSupported, new Collection(), null) ?? _displayValuesSupported; + /// + /// Gets the collection of 'dpop_signing_alg_values_supported' + /// + [JsonPropertyName(OpenIdProviderMetadataNames.DPoPSigningAlgValuesSupported)] + public ICollection DPoPSigningAlgValuesSupported => + _dPoPSigningAlgValuesSupported ?? + Interlocked.CompareExchange(ref _dPoPSigningAlgValuesSupported, new Collection(), null) ?? + _dPoPSigningAlgValuesSupported; + /// /// Gets or sets the 'end_session_endpoint'. /// @@ -346,6 +400,24 @@ public OpenIdConnectConfiguration(string json) #endif public string OpTosUri { get; set; } + /// + /// Gets the collection of 'prompt_values_supported' + /// + [JsonPropertyName(OpenIdProviderMetadataNames.PromptValuesSupported)] + public ICollection PromptValuesSupported => + _promptValuesSupported ?? + Interlocked.CompareExchange(ref _promptValuesSupported, new Collection(), null) ?? + _promptValuesSupported; + + /// + /// Gets or sets the 'pushed_authorization_request_endpoint'. + /// + [JsonPropertyName(OpenIdProviderMetadataNames.PushedAuthorizationRequestEndpoint)] +#if NET6_0_OR_GREATER + [JsonIgnore(Condition = JsonIgnoreCondition.WhenWritingNull)] +#endif + public string PushedAuthorizationRequestEndpoint { get; set; } + /// /// Gets or sets the 'registration_endpoint' /// @@ -400,6 +472,16 @@ public OpenIdConnectConfiguration(string json) #endif public bool RequestUriParameterSupported { get; set; } + + /// + /// Gets or sets the 'require_pushed_authorization_requests' + /// + [JsonPropertyName(OpenIdProviderMetadataNames.RequirePushedAuthorizationRequests)] +#if NET6_0_OR_GREATER + [JsonIgnore(Condition = JsonIgnoreCondition.WhenWritingDefault)] +#endif + public bool RequirePushedAuthorizationRequests { get; set; } + /// /// Gets or sets the 'require_request_uri_registration' /// @@ -538,87 +620,6 @@ public OpenIdConnectConfiguration(string json) Interlocked.CompareExchange(ref _userInfoEndpointSigningAlgValuesSupported, new Collection(), null) ?? _userInfoEndpointSigningAlgValuesSupported; - /// - /// Gets the collection of 'prompt_values_supported' - /// - [JsonPropertyName(OpenIdProviderMetadataNames.PromptValuesSupported)] - public ICollection PromptValuesSupported => - _promptValuesSupported ?? - Interlocked.CompareExchange(ref _promptValuesSupported, new Collection(), null) ?? - _promptValuesSupported; - - /// - /// Gets or sets the 'pushed_authorization_request_endpoint'. - /// - [JsonPropertyName(OpenIdProviderMetadataNames.PushedAuthorizationRequestEndpoint)] -#if NET6_0_OR_GREATER - [JsonIgnore(Condition = JsonIgnoreCondition.WhenWritingNull)] -#endif - public string PushedAuthorizationRequestEndpoint { get; set; } - - /// - /// Gets or sets the 'require_pushed_authorization_requests' - /// - [JsonPropertyName(OpenIdProviderMetadataNames.RequirePushedAuthorizationRequests)] -#if NET6_0_OR_GREATER - [JsonIgnore(Condition = JsonIgnoreCondition.WhenWritingDefault)] -#endif - public bool RequirePushedAuthorizationRequests { get; set; } - - /// - /// Gets or sets the 'backchannel_authentication_endpoint'. - /// - [JsonPropertyName(OpenIdProviderMetadataNames.BackchannelAuthenticationEndpoint)] -#if NET6_0_OR_GREATER - [JsonIgnore(Condition = JsonIgnoreCondition.WhenWritingNull)] -#endif - public string BackchannelAuthenticationEndpoint { get; set; } - - /// - /// Gets the collection of 'backchannel_token_delivery_modes_supported' - /// - [JsonPropertyName(OpenIdProviderMetadataNames.BackchannelTokenDeliveryModesSupported)] - public ICollection BackchannelTokenDeliveryModesSupported => - _backchannelTokenDeliveryModesSupported ?? - Interlocked.CompareExchange(ref _backchannelTokenDeliveryModesSupported, new Collection(), null) ?? - _backchannelTokenDeliveryModesSupported; - - /// - /// Gets the collection of 'backchannel_authentication_request_signing_alg_values_supported' - /// - [JsonPropertyName(OpenIdProviderMetadataNames.BackchannelAuthenticationRequestSigningAlgValuesSupported)] - public ICollection BackchannelAuthenticationRequestSigningAlgValuesSupported => - _backchannelAuthenticationRequestSigningAlgValuesSupported ?? - Interlocked.CompareExchange(ref _backchannelAuthenticationRequestSigningAlgValuesSupported, new Collection(), null) ?? - _backchannelAuthenticationRequestSigningAlgValuesSupported; - - /// - /// Gets or sets the 'backchannel_user_code_parameter_supported' - /// - [JsonPropertyName(OpenIdProviderMetadataNames.BackchannelUserCodeParameterSupported)] -#if NET6_0_OR_GREATER - [JsonIgnore(Condition = JsonIgnoreCondition.WhenWritingDefault)] -#endif - public bool BackchannelUserCodeParameterSupported { get; set; } - - /// - /// Gets the collection of 'dpop_signing_alg_values_supported' - /// - [JsonPropertyName(OpenIdProviderMetadataNames.DPoPSigningAlgValuesSupported)] - public ICollection DPoPSigningAlgValuesSupported => - _dPoPSigningAlgValuesSupported ?? - Interlocked.CompareExchange(ref _dPoPSigningAlgValuesSupported, new Collection(), null) ?? - _dPoPSigningAlgValuesSupported; - - /// - /// Gets or sets the 'authorization_response_iss_parameter_supported' - /// - [JsonPropertyName(OpenIdProviderMetadataNames.AuthorizationResponseIssParameterSupported)] -#if NET6_0_OR_GREATER - [JsonIgnore(Condition = JsonIgnoreCondition.WhenWritingDefault)] -#endif - public bool AuthorizationResponseIssParameterSupported { get; set; } - #region shouldserialize // TODO - should we keep these, they were used by Newtonsoft to control serialization of collections. // May help users to keep them hanging around. @@ -633,6 +634,28 @@ public bool ShouldSerializeAcrValuesSupported() return AcrValuesSupported.Count > 0; } + /// + /// Gets a bool that determines if the 'backchannel_token_delivery_modes_supported' (BackchannelTokenDeliveryModesSupported) property should be serialized. + /// This is used by Json.NET in order to conditionally serialize properties. + /// + /// true if 'backchannel_token_delivery_modes_supported' (BackchannelTokenDeliveryModesSupported) is not empty; otherwise, false. + [EditorBrowsable(EditorBrowsableState.Never)] + public bool ShouldSerializeBackchannelTokenDeliveryModesSupported() + { + return BackchannelTokenDeliveryModesSupported.Count > 0; + } + + /// + /// Gets a bool that determines if the 'backchannel_authentication_request_signing_alg_values_supported' (BackchannelAuthenticationRequestSigningAlgValuesSupported) property should be serialized. + /// This is used by Json.NET in order to conditionally serialize properties. + /// + /// true if 'backchannel_authentication_request_signing_alg_values_supported' (BackchannelAuthenticationRequestSigningAlgValuesSupported) is not empty; otherwise, false. + [EditorBrowsable(EditorBrowsableState.Never)] + public bool ShouldSerializeBackchannelAuthenticationRequestSigningAlgValuesSupported() + { + return BackchannelAuthenticationRequestSigningAlgValuesSupported.Count > 0; + } + /// /// Gets a bool that determines if the 'claims_supported' (ClaimsSupported) property should be serialized. /// This is used by Json.NET in order to conditionally serialize properties. @@ -677,6 +700,17 @@ public bool ShouldSerializeDisplayValuesSupported() return DisplayValuesSupported.Count > 0; } + /// + /// Gets a bool that determines if the 'dpop_signing_alg_values_supported' (DPoPSigningAlgValuesSupported) property should be serialized. + /// This is used by Json.NET in order to conditionally serialize properties. + /// + /// true if 'dpop_signing_alg_values_supported' (DPoPSigningAlgValuesSupported) is not empty; otherwise, false. + [EditorBrowsable(EditorBrowsableState.Never)] + public bool ShouldSerializeDPoPSigningAlgValuesSupported() + { + return DPoPSigningAlgValuesSupported.Count > 0; + } + /// /// Gets a bool that determines if the 'grant_types_supported' (GrantTypesSupported) property should be serialized. /// This is used by Json.NET in order to conditionally serialize properties. @@ -743,6 +777,17 @@ public bool ShouldSerializeIntrospectionEndpointAuthSigningAlgValuesSupported() return IntrospectionEndpointAuthSigningAlgValuesSupported.Count > 0; } + /// + /// Gets a bool that determines if the 'prompt_values_supported' (PromptValuesSupported) property should be serialized. + /// This is used by Json.NET in order to conditionally serialize properties. + /// + /// true if 'prompt_values_supported' (PromptValuesSupported) is not empty; otherwise, false. + [EditorBrowsable(EditorBrowsableState.Never)] + public bool ShouldSerializePromptValuesSupported() + { + return PromptValuesSupported.Count > 0; + } + /// /// Gets a bool that determines if the 'request_object_encryption_alg_values_supported' (RequestObjectEncryptionAlgValuesSupported) property should be serialized. /// This is used by Json.NET in order to conditionally serialize properties. @@ -896,50 +941,6 @@ public bool ShouldSerializeUserInfoEndpointSigningAlgValuesSupported() { return UserInfoEndpointSigningAlgValuesSupported.Count > 0; } - - /// - /// Gets a bool that determines if the 'prompt_values_supported' (PromptValuesSupported) property should be serialized. - /// This is used by Json.NET in order to conditionally serialize properties. - /// - /// true if 'prompt_values_supported' (PromptValuesSupported) is not empty; otherwise, false. - [EditorBrowsable(EditorBrowsableState.Never)] - public bool ShouldSerializePromptValuesSupported() - { - return PromptValuesSupported.Count > 0; - } - - /// - /// Gets a bool that determines if the 'backchannel_token_delivery_modes_supported' (BackchannelTokenDeliveryModesSupported) property should be serialized. - /// This is used by Json.NET in order to conditionally serialize properties. - /// - /// true if 'backchannel_token_delivery_modes_supported' (BackchannelTokenDeliveryModesSupported) is not empty; otherwise, false. - [EditorBrowsable(EditorBrowsableState.Never)] - public bool ShouldSerializeBackchannelTokenDeliveryModesSupported() - { - return BackchannelTokenDeliveryModesSupported.Count > 0; - } - - /// - /// Gets a bool that determines if the 'backchannel_authentication_request_signing_alg_values_supported' (BackchannelAuthenticationRequestSigningAlgValuesSupported) property should be serialized. - /// This is used by Json.NET in order to conditionally serialize properties. - /// - /// true if 'backchannel_authentication_request_signing_alg_values_supported' (BackchannelAuthenticationRequestSigningAlgValuesSupported) is not empty; otherwise, false. - [EditorBrowsable(EditorBrowsableState.Never)] - public bool ShouldSerializeBackchannelAuthenticationRequestSigningAlgValuesSupported() - { - return BackchannelAuthenticationRequestSigningAlgValuesSupported.Count > 0; - } - - /// - /// Gets a bool that determines if the 'dpop_signing_alg_values_supported' (DPoPSigningAlgValuesSupported) property should be serialized. - /// This is used by Json.NET in order to conditionally serialize properties. - /// - /// true if 'dpop_signing_alg_values_supported' (DPoPSigningAlgValuesSupported) is not empty; otherwise, false. - [EditorBrowsable(EditorBrowsableState.Never)] - public bool ShouldSerializeDPoPSigningAlgValuesSupported() - { - return DPoPSigningAlgValuesSupported.Count > 0; - } #endregion shouldserialize } } diff --git a/src/Microsoft.IdentityModel.Protocols.OpenIdConnect/OpenIdProviderMetadataNames.cs b/src/Microsoft.IdentityModel.Protocols.OpenIdConnect/OpenIdProviderMetadataNames.cs index d4857c96ad..3853ac6073 100644 --- a/src/Microsoft.IdentityModel.Protocols.OpenIdConnect/OpenIdProviderMetadataNames.cs +++ b/src/Microsoft.IdentityModel.Protocols.OpenIdConnect/OpenIdProviderMetadataNames.cs @@ -14,6 +14,11 @@ public static class OpenIdProviderMetadataNames #pragma warning disable 1591 public const string AcrValuesSupported = "acr_values_supported"; public const string AuthorizationEndpoint = "authorization_endpoint"; + public const string AuthorizationResponseIssParameterSupported = "authorization_response_iss_parameter_supported"; + public const string BackchannelAuthenticationEndpoint = "backchannel_authentication_endpoint"; + public const string BackchannelTokenDeliveryModesSupported = "backchannel_token_delivery_modes_supported"; + public const string BackchannelAuthenticationRequestSigningAlgValuesSupported = "backchannel_authentication_request_signing_alg_values_supported"; + public const string BackchannelUserCodeParameterSupported = "backchannel_user_code_parameter_supported"; public const string CheckSessionIframe = "check_session_iframe"; public const string ClaimsLocalesSupported = "claims_locales_supported"; public const string ClaimsParameterSupported = "claims_parameter_supported"; @@ -21,6 +26,7 @@ public static class OpenIdProviderMetadataNames public const string ClaimTypesSupported = "claim_types_supported"; public const string Discovery = ".well-known/openid-configuration"; public const string DisplayValuesSupported = "display_values_supported"; + public const string DPoPSigningAlgValuesSupported = "dpop_signing_alg_values_supported"; public const string EndSessionEndpoint = "end_session_endpoint"; public const string FrontchannelLogoutSessionSupported = "frontchannel_logout_session_supported"; public const string FrontchannelLogoutSupported = "frontchannel_logout_supported"; @@ -38,12 +44,15 @@ public static class OpenIdProviderMetadataNames public const string MicrosoftMultiRefreshToken = "microsoft_multi_refresh_token"; public const string OpPolicyUri = "op_policy_uri"; public const string OpTosUri = "op_tos_uri"; + public const string PromptValuesSupported = "prompt_values_supported"; + public const string PushedAuthorizationRequestEndpoint = "pushed_authorization_request_endpoint"; public const string RegistrationEndpoint = "registration_endpoint"; public const string RequestObjectEncryptionAlgValuesSupported = "request_object_encryption_alg_values_supported"; public const string RequestObjectEncryptionEncValuesSupported = "request_object_encryption_enc_values_supported"; public const string RequestObjectSigningAlgValuesSupported = "request_object_signing_alg_values_supported"; public const string RequestParameterSupported = "request_parameter_supported"; public const string RequestUriParameterSupported = "request_uri_parameter_supported"; + public const string RequirePushedAuthorizationRequests = "require_pushed_authorization_requests"; public const string RequireRequestUriRegistration = "require_request_uri_registration"; public const string ResponseModesSupported = "response_modes_supported"; public const string ResponseTypesSupported = "response_types_supported"; @@ -58,15 +67,6 @@ public static class OpenIdProviderMetadataNames public const string UserInfoEncryptionAlgValuesSupported = "userinfo_encryption_alg_values_supported"; public const string UserInfoEncryptionEncValuesSupported = "userinfo_encryption_enc_values_supported"; public const string UserInfoSigningAlgValuesSupported = "userinfo_signing_alg_values_supported"; - public const string PromptValuesSupported = "prompt_values_supported"; - public const string PushedAuthorizationRequestEndpoint = "pushed_authorization_request_endpoint"; - public const string RequirePushedAuthorizationRequests = "require_pushed_authorization_requests"; - public const string BackchannelAuthenticationEndpoint = "backchannel_authentication_endpoint"; - public const string BackchannelTokenDeliveryModesSupported = "backchannel_token_delivery_modes_supported"; - public const string BackchannelAuthenticationRequestSigningAlgValuesSupported = "backchannel_authentication_request_signing_alg_values_supported"; - public const string BackchannelUserCodeParameterSupported = "backchannel_user_code_parameter_supported"; - public const string DPoPSigningAlgValuesSupported = "dpop_signing_alg_values_supported"; - public const string AuthorizationResponseIssParameterSupported = "authorization_response_iss_parameter_supported"; #pragma warning restore 1591 } @@ -79,6 +79,11 @@ internal static class OpenIdProviderMetadataUtf8Bytes { public static ReadOnlySpan AcrValuesSupported => "acr_values_supported"u8; public static ReadOnlySpan AuthorizationEndpoint => "authorization_endpoint"u8; + public static ReadOnlySpan AuthorizationResponseIssParameterSupported => "authorization_response_iss_parameter_supported"u8; + public static ReadOnlySpan BackchannelAuthenticationEndpoint => "backchannel_authentication_endpoint"u8; + public static ReadOnlySpan BackchannelTokenDeliveryModesSupported => "backchannel_token_delivery_modes_supported"u8; + public static ReadOnlySpan BackchannelAuthenticationRequestSigningAlgValuesSupported => "backchannel_authentication_request_signing_alg_values_supported"u8; + public static ReadOnlySpan BackchannelUserCodeParameterSupported => "backchannel_user_code_parameter_supported"u8; public static ReadOnlySpan CheckSessionIframe => "check_session_iframe"u8; public static ReadOnlySpan ClaimsLocalesSupported => "claims_locales_supported"u8; public static ReadOnlySpan ClaimsParameterSupported => "claims_parameter_supported"u8; @@ -86,6 +91,7 @@ internal static class OpenIdProviderMetadataUtf8Bytes public static ReadOnlySpan ClaimTypesSupported => "claim_types_supported"u8; public static ReadOnlySpan Discovery => ".well-known/openid-configuration"u8; public static ReadOnlySpan DisplayValuesSupported => "display_values_supported"u8; + public static ReadOnlySpan DPoPSigningAlgValuesSupported => "dpop_signing_alg_values_supported"u8; public static ReadOnlySpan EndSessionEndpoint => "end_session_endpoint"u8; public static ReadOnlySpan FrontchannelLogoutSessionSupported => "frontchannel_logout_session_supported"u8; public static ReadOnlySpan FrontchannelLogoutSupported => "frontchannel_logout_supported"u8; @@ -103,12 +109,15 @@ internal static class OpenIdProviderMetadataUtf8Bytes public static ReadOnlySpan MicrosoftMultiRefreshToken => "microsoft_multi_refresh_token"u8; public static ReadOnlySpan OpPolicyUri => "op_policy_uri"u8; public static ReadOnlySpan OpTosUri => "op_tos_uri"u8; + public static ReadOnlySpan PromptValuesSupported => "prompt_values_supported"u8; + public static ReadOnlySpan PushedAuthorizationRequestEndpoint => "pushed_authorization_request_endpoint"u8; public static ReadOnlySpan RegistrationEndpoint => "registration_endpoint"u8; public static ReadOnlySpan RequestObjectEncryptionAlgValuesSupported => "request_object_encryption_alg_values_supported"u8; public static ReadOnlySpan RequestObjectEncryptionEncValuesSupported => "request_object_encryption_enc_values_supported"u8; public static ReadOnlySpan RequestObjectSigningAlgValuesSupported => "request_object_signing_alg_values_supported"u8; public static ReadOnlySpan RequestParameterSupported => "request_parameter_supported"u8; public static ReadOnlySpan RequestUriParameterSupported => "request_uri_parameter_supported"u8; + public static ReadOnlySpan RequirePushedAuthorizationRequests => "require_pushed_authorization_requests"u8; public static ReadOnlySpan RequireRequestUriRegistration => "require_request_uri_registration"u8; public static ReadOnlySpan ResponseModesSupported => "response_modes_supported"u8; public static ReadOnlySpan ResponseTypesSupported => "response_types_supported"u8; @@ -123,14 +132,5 @@ internal static class OpenIdProviderMetadataUtf8Bytes public static ReadOnlySpan UserInfoEncryptionAlgValuesSupported => "userinfo_encryption_alg_values_supported"u8; public static ReadOnlySpan UserInfoEncryptionEncValuesSupported => "userinfo_encryption_enc_values_supported"u8; public static ReadOnlySpan UserInfoSigningAlgValuesSupported => "userinfo_signing_alg_values_supported"u8; - public static ReadOnlySpan PromptValuesSupported => "prompt_values_supported"u8; - public static ReadOnlySpan PushedAuthorizationRequestEndpoint => "pushed_authorization_request_endpoint"u8; - public static ReadOnlySpan RequirePushedAuthorizationRequests => "require_pushed_authorization_requests"u8; - public static ReadOnlySpan BackchannelAuthenticationEndpoint => "backchannel_authentication_endpoint"u8; - public static ReadOnlySpan BackchannelTokenDeliveryModesSupported => "backchannel_token_delivery_modes_supported"u8; - public static ReadOnlySpan BackchannelAuthenticationRequestSigningAlgValuesSupported => "backchannel_authentication_request_signing_alg_values_supported"u8; - public static ReadOnlySpan BackchannelUserCodeParameterSupported => "backchannel_user_code_parameter_supported"u8; - public static ReadOnlySpan DPoPSigningAlgValuesSupported => "dpop_signing_alg_values_supported"u8; - public static ReadOnlySpan AuthorizationResponseIssParameterSupported => "authorization_response_iss_parameter_supported"u8; } } diff --git a/test/Microsoft.IdentityModel.Protocols.OpenIdConnect.Tests/OpenIdConnectConfigurationTests.cs b/test/Microsoft.IdentityModel.Protocols.OpenIdConnect.Tests/OpenIdConnectConfigurationTests.cs index 80df6c5f19..1ac4117e54 100644 --- a/test/Microsoft.IdentityModel.Protocols.OpenIdConnect.Tests/OpenIdConnectConfigurationTests.cs +++ b/test/Microsoft.IdentityModel.Protocols.OpenIdConnect.Tests/OpenIdConnectConfigurationTests.cs @@ -75,11 +75,16 @@ public void Defaults() { OpenIdConnectConfiguration configuration = new OpenIdConnectConfiguration(); Assert.NotNull(configuration.AcrValuesSupported); + Assert.False(configuration.AuthorizationResponseIssParameterSupported); + Assert.NotNull(configuration.BackchannelTokenDeliveryModesSupported); + Assert.NotNull(configuration.BackchannelAuthenticationRequestSigningAlgValuesSupported); + Assert.False(configuration.BackchannelUserCodeParameterSupported); Assert.NotNull(configuration.ClaimsSupported); Assert.NotNull(configuration.ClaimsLocalesSupported); Assert.False(configuration.ClaimsParameterSupported); Assert.NotNull(configuration.ClaimTypesSupported); Assert.NotNull(configuration.DisplayValuesSupported); + Assert.NotNull(configuration.DPoPSigningAlgValuesSupported); Assert.NotNull(configuration.GrantTypesSupported); Assert.False(configuration.HttpLogoutSupported); Assert.NotNull(configuration.IdTokenEncryptionAlgValuesSupported); @@ -87,14 +92,16 @@ public void Defaults() Assert.NotNull(configuration.IdTokenSigningAlgValuesSupported); Assert.NotNull(configuration.IntrospectionEndpointAuthMethodsSupported); Assert.NotNull(configuration.IntrospectionEndpointAuthSigningAlgValuesSupported); + Assert.NotNull(configuration.PromptValuesSupported); Assert.NotNull(configuration.RequestObjectEncryptionAlgValuesSupported); Assert.NotNull(configuration.RequestObjectEncryptionEncValuesSupported); Assert.NotNull(configuration.RequestObjectSigningAlgValuesSupported); Assert.False(configuration.RequestParameterSupported); - Assert.NotNull(configuration.ResponseModesSupported); - Assert.NotNull(configuration.ResponseTypesSupported); + Assert.False(configuration.RequirePushedAuthorizationRequests); Assert.False(configuration.RequestUriParameterSupported); Assert.False(configuration.RequireRequestUriRegistration); + Assert.NotNull(configuration.ResponseModesSupported); + Assert.NotNull(configuration.ResponseTypesSupported); Assert.NotNull(configuration.ScopesSupported); Assert.NotNull(configuration.SigningKeys); Assert.NotNull(configuration.SubjectTypesSupported); @@ -104,13 +111,6 @@ public void Defaults() Assert.NotNull(configuration.UserInfoEndpointEncryptionAlgValuesSupported); Assert.NotNull(configuration.UserInfoEndpointEncryptionEncValuesSupported); Assert.NotNull(configuration.UserInfoEndpointSigningAlgValuesSupported); - Assert.NotNull(configuration.PromptValuesSupported); - Assert.False(configuration.RequirePushedAuthorizationRequests); - Assert.NotNull(configuration.BackchannelTokenDeliveryModesSupported); - Assert.NotNull(configuration.BackchannelAuthenticationRequestSigningAlgValuesSupported); - Assert.False(configuration.BackchannelUserCodeParameterSupported); - Assert.NotNull(configuration.DPoPSigningAlgValuesSupported); - Assert.False(configuration.AuthorizationResponseIssParameterSupported); } // If the OpenIdConnect metadata has a "SigningKeys" claim, it should NOT be deserialized into the corresponding OpenIdConnectConfiguration.SigningKeys property. @@ -149,6 +149,9 @@ public void GetSets() PropertyNamesAndSetGetValue = new List>> { new KeyValuePair>("AuthorizationEndpoint", new List{ (string)null, Guid.NewGuid().ToString(), Guid.NewGuid().ToString() }), + new KeyValuePair>("AuthorizationResponseIssParameterSupported", new List{ false, true, true }), + new KeyValuePair>("BackchannelAuthenticationEndpoint", new List{ (string)null, Guid.NewGuid().ToString(), Guid.NewGuid().ToString() }), + new KeyValuePair>("BackchannelUserCodeParameterSupported", new List{ false, true, true }), new KeyValuePair>("CheckSessionIframe", new List{ (string)null, Guid.NewGuid().ToString(), Guid.NewGuid().ToString() }), new KeyValuePair>("ClaimsParameterSupported", new List{ false, true, false }), new KeyValuePair>("EndSessionEndpoint", new List{ (string)null, Guid.NewGuid().ToString(), Guid.NewGuid().ToString() }), @@ -160,19 +163,15 @@ public void GetSets() new KeyValuePair>("LogoutSessionSupported", new List{ false, true, true }), new KeyValuePair>("OpPolicyUri", new List{ (string)null, Guid.NewGuid().ToString(), Guid.NewGuid().ToString() }), new KeyValuePair>("OpTosUri", new List{ (string)null, Guid.NewGuid().ToString(), Guid.NewGuid().ToString() }), + new KeyValuePair>("PushedAuthorizationRequestEndpoint", new List{ (string)null, Guid.NewGuid().ToString(), Guid.NewGuid().ToString() }), new KeyValuePair>("RegistrationEndpoint", new List{ (string)null, Guid.NewGuid().ToString(), Guid.NewGuid().ToString() }), - new KeyValuePair>("RequireRequestUriRegistration", new List{ false, true, true }), new KeyValuePair>("RequestParameterSupported", new List{ false, true, false }), new KeyValuePair>("RequestUriParameterSupported", new List{ false, true, true }), + new KeyValuePair>("RequirePushedAuthorizationRequests", new List{ false, true, true }), + new KeyValuePair>("RequireRequestUriRegistration", new List{ false, true, true }), new KeyValuePair>("ServiceDocumentation", new List{ (string)null, Guid.NewGuid().ToString(), Guid.NewGuid().ToString() }), new KeyValuePair>("TokenEndpoint", new List{ (string)null, Guid.NewGuid().ToString(), Guid.NewGuid().ToString() }), new KeyValuePair>("UserInfoEndpoint", new List{ (string)null, Guid.NewGuid().ToString(), Guid.NewGuid().ToString() }), - - new KeyValuePair>("PushedAuthorizationRequestEndpoint", new List{ (string)null, Guid.NewGuid().ToString(), Guid.NewGuid().ToString() }), - new KeyValuePair>("RequirePushedAuthorizationRequests", new List{ false, true, true }), - new KeyValuePair>("BackchannelAuthenticationEndpoint", new List{ (string)null, Guid.NewGuid().ToString(), Guid.NewGuid().ToString() }), - new KeyValuePair>("BackchannelUserCodeParameterSupported", new List{ false, true, true }), - new KeyValuePair>("AuthorizationResponseIssParameterSupported", new List{ false, true, true }), }, Object = configuration, @@ -282,16 +281,20 @@ public void NonemptyCollectionSerialization() var collectionNames = new List { "acr_values_supported", + "backchannel_token_delivery_modes_supported", + "backchannel_authentication_request_signing_alg_values_supported", "claims_supported", "claims_locales_supported", "claim_types_supported", "display_values_supported", + "dpop_signing_alg_values_supported", "grant_types_supported", "id_token_encryption_alg_values_supported", "id_token_encryption_enc_values_supported", "id_token_signing_alg_values_supported", "introspection_endpoint_auth_methods_supported", "introspection_endpoint_auth_signing_alg_values_supported", + "prompt_values_supported", "request_object_encryption_alg_values_supported", "request_object_encryption_enc_values_supported", "request_object_signing_alg_values_supported", @@ -304,11 +307,7 @@ public void NonemptyCollectionSerialization() "ui_locales_supported", "userinfo_encryption_alg_values_supported", "userinfo_encryption_enc_values_supported", - "userinfo_signing_alg_values_supported", - "prompt_values_supported", - "backchannel_token_delivery_modes_supported", - "backchannel_authentication_request_signing_alg_values_supported", - "dpop_signing_alg_values_supported", + "userinfo_signing_alg_values_supported", }; foreach (var collection in collectionNames) diff --git a/test/Microsoft.IdentityModel.Protocols.OpenIdConnect.Tests/OpenIdConnectMetadata.json b/test/Microsoft.IdentityModel.Protocols.OpenIdConnect.Tests/OpenIdConnectMetadata.json index 687f5bdeab..b396623bc5 100644 --- a/test/Microsoft.IdentityModel.Protocols.OpenIdConnect.Tests/OpenIdConnectMetadata.json +++ b/test/Microsoft.IdentityModel.Protocols.OpenIdConnect.Tests/OpenIdConnectMetadata.json @@ -1,6 +1,12 @@ { "acr_values_supported": ["acr_value1", "acr_value2", "acr_value3"], "authorization_endpoint": "https://login.windows.net/d062b2b0-9aca-4ff7-b32a-ba47231a4002/oauth2/authorize", + "authorization_response_iss_parameter_supported": false, + "backchannel_authentication_endpoint": "https://login.windows.net/d062b2b0-9aca-4ff7-b32a-ba47231a4002/oauth2/bc-authorize", + "backchannel_token_delivery_modes_supported": ["poll", "ping"], + "backchannel_authentication_request_signing_alg_values_supported": ["ES384", "ES512"], + "backchannel_user_code_parameter_supported": false, + "dpop_signing_alg_values_supported": ["ES384", "ES512"], "frontchannel_logout_session_supported": "true", "frontchannel_logout_supported": "true", "check_session_iframe": "https://login.windows.net/d062b2b0-9aca-4ff7-b32a-ba47231a4002/oauth2/checksession", @@ -24,11 +30,13 @@ "microsoft_multi_refresh_token": true, "op_policy_uri": "https://login.windows.net/d062b2b0-9aca-4ff7-b32a-ba47231a4002/op_policy_uri", "op_tos_uri": "https://login.windows.net/d062b2b0-9aca-4ff7-b32a-ba47231a4002/op_tos_uri", + "pushed_authorization_request_endpoint": "https://login.windows.net/d062b2b0-9aca-4ff7-b32a-ba47231a4002/oauth2/par", "request_object_encryption_alg_values_supported": ["A192KW", "A256KW"], "request_object_encryption_enc_values_supported": ["A192GCM","A256GCM"], "request_object_signing_alg_values_supported": ["PS256", "PS512"], "request_parameter_supported": true, "request_uri_parameter_supported": true, + "require_pushed_authorization_requests": false, "require_request_uri_registration": true, "response_types_supported": ["code", "id_token", "code id_token"], "response_modes_supported": ["query", "fragment", "form_post"], @@ -43,13 +51,5 @@ "userinfo_encryption_alg_values_supported": ["ECDH-ES+A128KW","ECDH-ES+A192KW"], "userinfo_encryption_enc_values_supported": ["A256CBC-HS512", "A128CBC-HS256"], "userinfo_signing_alg_values_supported": ["ES384", "ES512"], - "prompt_values_supported": ["none", "login", "consent"], - "pushed_authorization_request_endpoint": "https://login.windows.net/d062b2b0-9aca-4ff7-b32a-ba47231a4002/oauth2/par", - "require_pushed_authorization_requests": false, - "backchannel_authentication_endpoint": "https://login.windows.net/d062b2b0-9aca-4ff7-b32a-ba47231a4002/oauth2/bc-authorize", - "backchannel_token_delivery_modes_supported": ["poll", "ping"], - "backchannel_authentication_request_signing_alg_values_supported": ["ES384", "ES512"], - "backchannel_user_code_parameter_supported": false, - "dpop_signing_alg_values_supported": ["ES384", "ES512"], - "authorization_response_iss_parameter_supported": false + "prompt_values_supported": ["none", "login", "consent"] } \ No newline at end of file