Skip to content
This repository has been archived by the owner on Sep 18, 2021. It is now read-only.

convert use of URI to string in models #620

Merged
merged 4 commits into from
Dec 11, 2014
Merged
Show file tree
Hide file tree
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion source/Core/Configuration/IdentityServerOptions.cs
Original file line number Diff line number Diff line change
Expand Up @@ -158,7 +158,7 @@ internal void Validate()
/// <value>
/// The protocol logout urls.
/// </value>
public List<string> ProtocolLogoutUrls { get; set; }
public ICollection<string> ProtocolLogoutUrls { get; set; }

/// <summary>
/// Gets or sets the CSP options.
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -222,7 +222,7 @@ private IHttpActionResult CreateConsentResult(
CurrentUser = User.GetName(),
ClientName = validatedRequest.Client.ClientName,
ClientUrl = validatedRequest.Client.ClientUri,
ClientLogoUrl = validatedRequest.Client.LogoUri != null ? validatedRequest.Client.LogoUri.AbsoluteUri : null,
ClientLogoUrl = validatedRequest.Client.LogoUri != null ? validatedRequest.Client.LogoUri : null,
IdentityScopes = validatedRequest.GetIdentityScopes(),
ResourceScopes = validatedRequest.GetResourceScopes(),
AllowRememberConsent = validatedRequest.Client.AllowRememberConsent,
Expand Down
2 changes: 1 addition & 1 deletion source/Core/Models/AuthorizationCode.cs
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ public class AuthorizationCode : ITokenMetadata

public bool IsOpenId { get; set; }
public IEnumerable<Scope> RequestedScopes { get; set; }
public Uri RedirectUri { get; set; }
public string RedirectUri { get; set; }
public string Nonce { get; set; }

public bool WasConsentShown { get; set; }
Expand Down
2 changes: 1 addition & 1 deletion source/Core/Models/AuthorizeError.cs
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ public class AuthorizeError
public ErrorTypes ErrorType { get; set; }
public string Error { get; set; }
public string ResponseMode { get; set; }
public Uri ErrorUri { get; set; }
public string ErrorUri { get; set; }
public string State { get; set; }
}
}
2 changes: 1 addition & 1 deletion source/Core/Models/AuthorizeResponse.cs
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ namespace Thinktecture.IdentityServer.Core.Models
public class AuthorizeResponse
{
public ValidatedAuthorizeRequest Request { get; set; }
public Uri RedirectUri { get; set; }
public string RedirectUri { get; set; }
public string IdentityToken { get; set; }
public string AccessToken { get; set; }
public int AccessTokenLifetime { get; set; }
Expand Down
12 changes: 6 additions & 6 deletions source/Core/Models/Client.cs
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@ public class Client
/// <summary>
/// URI to client logo (used on consent screen)
/// </summary>
public Uri LogoUri { get; set; }
public string LogoUri { get; set; }

/// <summary>
/// Specifies whether a consent screen is required (defaults to false)
Expand All @@ -73,17 +73,17 @@ public class Client
/// <summary>
/// Specifies allowed URIs to return tokens or authorization codes to
/// </summary>
public List<Uri> RedirectUris { get; set; }
public ICollection<string> RedirectUris { get; set; }
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't really like ICollection - since this Model is used to define clients in code manually - List<T> plays much nicer with intellisense.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lern2linq :P

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

it is not about linq - it is about being able to press tab in VS (and not getting #if)

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't follow (or agree), but that's ok -- I reverted it back.


/// <summary>
/// Specifies allowed URIs to redirect to after logout
/// </summary>
public List<Uri> PostLogoutRedirectUris { get; set; }
public ICollection<string> PostLogoutRedirectUris { get; set; }

/// <summary>
/// Specifies the scopes that the client is allowed to request. If empty, the client can request all scopes (defaults to empty)
/// </summary>
public List<string> ScopeRestrictions { get; set; }
public ICollection<string> ScopeRestrictions { get; set; }

/// <summary>
/// Lifetime of identity token in seconds (defaults to 300 seconds / 5 minutes)
Expand Down Expand Up @@ -165,8 +165,8 @@ public Client()
{
Flow = Flows.Implicit;
ScopeRestrictions = new List<string>();
RedirectUris = new List<Uri>();
PostLogoutRedirectUris = new List<Uri>();
RedirectUris = new List<string>();
PostLogoutRedirectUris = new List<string>();

// 5 minutes
AuthorizationCodeLifetime = 300;
Expand Down
2 changes: 1 addition & 1 deletion source/Core/Models/Token.cs
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,7 @@ public class Token : ITokenMetadata
public string Type { get; set; }
public Client Client { get; set; }

public List<Claim> Claims { get; set; }
public ICollection<Claim> Claims { get; set; }

public Token()
{
Expand Down
4 changes: 2 additions & 2 deletions source/Core/ResponseHandling/EndSessionResponseGenerator.cs
Original file line number Diff line number Diff line change
Expand Up @@ -32,13 +32,13 @@ public SignOutMessage CreateSignoutMessage(ValidatedEndSessionRequest request)

if (request.PostLogOutUri != null)
{
message.ReturnUrl = request.PostLogOutUri.AbsoluteUri;
message.ReturnUrl = request.PostLogOutUri;
}
else
{
if (request.Client.PostLogoutRedirectUris.Any())
{
message.ReturnUrl = request.Client.PostLogoutRedirectUris.First().AbsoluteUri;
message.ReturnUrl = request.Client.PostLogoutRedirectUris.First();
}
}

Expand Down
4 changes: 2 additions & 2 deletions source/Core/Results/AuthorizeFormPostResult.cs
Original file line number Diff line number Diff line change
Expand Up @@ -41,14 +41,14 @@ protected override string GetHtml()
var root = _request.GetIdentityServerBaseUrl();
if (root.EndsWith("/")) root = root.Substring(0, root.Length - 1);
var fields = _response.ToNameValueCollection().ToFormPost();
var redirect = _response.RedirectUri.AbsoluteUri;
var redirect = _response.RedirectUri;

return AssetManager.LoadFormPost(root, redirect, fields);
}

public override Task<HttpResponseMessage> ExecuteAsync(System.Threading.CancellationToken cancellationToken)
{
Logger.Info("Posting to " + _response.RedirectUri.AbsoluteUri);
Logger.Info("Posting to " + _response.RedirectUri);
return base.ExecuteAsync(cancellationToken);
}
}
Expand Down
2 changes: 1 addition & 1 deletion source/Core/Results/AuthorizeRedirectResult.cs
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ public Task<HttpResponseMessage> ExecuteAsync(System.Threading.CancellationToken
HttpResponseMessage Execute()
{
var responseMessage = new HttpResponseMessage(HttpStatusCode.Redirect);
var url = _response.RedirectUri.AbsoluteUri;
var url = _response.RedirectUri;

var query = _response.ToNameValueCollection().ToQueryString();

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -92,7 +92,7 @@ public async Task<IEnumerable<ClientPermission>> GetClientPermissionsAsync(strin
ClientId = client.ClientId,
ClientName = client.ClientName,
ClientUrl = client.ClientUri,
ClientLogoUrl = client.LogoUri.AbsoluteUri,
ClientLogoUrl = client.LogoUri,
IdentityPermissions = identityScopes,
ResourcePermissions = resourceScopes
});
Expand Down
4 changes: 2 additions & 2 deletions source/Core/Services/Default/DefaultRedirectUriValidator.cs
Original file line number Diff line number Diff line change
Expand Up @@ -22,14 +22,14 @@ namespace Thinktecture.IdentityServer.Core.Services.Default
{
public class DefaultRedirectUriValidator : IRedirectUriValidator
{
public Task<bool> IsRedirecUriValidAsync(Uri requestedUri, Client client)
public Task<bool> IsRedirecUriValidAsync(string requestedUri, Client client)
{
var result = client.RedirectUris.Contains(requestedUri);
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think thats good enough to compare URIs - case sensitivity in host name etc. For comparison we probably need to convert to URI first (since we don't want to rebuild all that logic).

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yep. Need unit tests for that. But with all the strings exact the same, it's working.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we should still use the Uri class for Equals and TryCreate - but store strings afterwards.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't want to get into the business of comparing URIs

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yep -- I'll add those stronger checks. Is this the only place where we need those comparisons?


return Task.FromResult(result);
}

public Task<bool> IsPostLogoutRedirecUriValidAsync(Uri requestedUri, Client client)
public Task<bool> IsPostLogoutRedirecUriValidAsync(string requestedUri, Client client)
{
var result = client.PostLogoutRedirectUris.Contains(requestedUri);

Expand Down
4 changes: 2 additions & 2 deletions source/Core/Services/IRedirectUriValidator.cs
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ namespace Thinktecture.IdentityServer.Core.Services
{
public interface IRedirectUriValidator
{
Task<bool> IsRedirecUriValidAsync(Uri requestedUri, Client client);
Task<bool> IsPostLogoutRedirecUriValidAsync(Uri requestedUri, Client client);
Task<bool> IsRedirecUriValidAsync(string requestedUri, Client client);
Task<bool> IsPostLogoutRedirecUriValidAsync(string requestedUri, Client client);
}
}
2 changes: 1 addition & 1 deletion source/Core/Validation/AuthorizeRequestValidator.cs
Original file line number Diff line number Diff line change
Expand Up @@ -108,7 +108,7 @@ public ValidationResult ValidateProtocol(NameValueCollection parameters)
}

Logger.InfoFormat("redirect_uri: {0}", redirectUri);
_validatedRequest.RedirectUri = new Uri(redirectUri);
_validatedRequest.RedirectUri = redirectUri;


//////////////////////////////////////////////////////////
Expand Down
16 changes: 6 additions & 10 deletions source/Core/Validation/EndSessionRequestValidator.cs
Original file line number Diff line number Diff line change
Expand Up @@ -86,17 +86,13 @@ public async Task<ValidationResult> ValidateAsync(NameValueCollection parameters
var redirectUri = parameters.Get(Constants.EndSessionRequest.PostLogoutRedirectUri);
if (redirectUri.IsPresent())
{
Uri uri;
if (Uri.TryCreate(redirectUri, UriKind.Absolute, out uri))
if (await _uriValidator.IsPostLogoutRedirecUriValidAsync(redirectUri, _validatedRequest.Client) == true)
{
if (await _uriValidator.IsPostLogoutRedirecUriValidAsync(uri, _validatedRequest.Client) == true)
{
_validatedRequest.PostLogOutUri = uri;
}
else
{
return Invalid();
}
_validatedRequest.PostLogOutUri = redirectUri;
}
else
{
return Invalid();
}

var state = parameters.Get(Constants.EndSessionRequest.State);
Expand Down
2 changes: 1 addition & 1 deletion source/Core/Validation/TokenRequestValidator.cs
Original file line number Diff line number Diff line change
Expand Up @@ -206,7 +206,7 @@ private async Task<ValidationResult> ValidateAuthorizationCodeRequestAsync(NameV
return Invalid(Constants.TokenErrors.UnauthorizedClient);
}

if (redirectUri != _validatedRequest.AuthorizationCode.RedirectUri.AbsoluteUri)
if (redirectUri != _validatedRequest.AuthorizationCode.RedirectUri)
{
Logger.ErrorFormat("Invalid redirect_uri: {0}", redirectUri);
return Invalid(Constants.TokenErrors.UnauthorizedClient);
Expand Down
2 changes: 1 addition & 1 deletion source/Core/Validation/ValidatedAuthorizeRequest.cs
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ public class ValidatedAuthorizeRequest : ValidatedRequest
public Flows Flow { get; set; }

public Client Client { get; set; }
public Uri RedirectUri { get; set; }
public string RedirectUri { get; set; }

public string ClientId { get; set; }
public List<string> RequestedScopes { get; set; }
Expand Down
2 changes: 1 addition & 1 deletion source/Core/Validation/ValidatedEndSessionRequest.cs
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ namespace Thinktecture.IdentityServer.Core.Validation
public class ValidatedEndSessionRequest : ValidatedRequest
{
public Client Client { get; set; }
public Uri PostLogOutUri { get; set; }
public string PostLogOutUri { get; set; }
public string State { get; set; }
}
}
46 changes: 23 additions & 23 deletions source/Host/Config/Clients.cs

Large diffs are not rendered by default.

Original file line number Diff line number Diff line change
Expand Up @@ -84,7 +84,7 @@ public void ProcessConsentAsync_AllowsNullConsent()
{
ResponseMode = Constants.ResponseModes.Fragment,
State = "12345",
RedirectUri = new Uri("https://client.com/callback"),
RedirectUri = "https://client.com/callback",
PromptMode = Constants.PromptModes.Consent
};
var result = subject.ProcessConsentAsync(request, null).Result;
Expand All @@ -98,7 +98,7 @@ public void ProcessConsentAsync_PromptModeIsLogin_Throws()
{
ResponseMode = Constants.ResponseModes.Fragment,
State = "12345",
RedirectUri = new Uri("https://client.com/callback"),
RedirectUri = "https://client.com/callback",
PromptMode = Constants.PromptModes.Login
};

Expand All @@ -116,7 +116,7 @@ public void ProcessConsentAsync_PromptModeIsSelectAccount_Throws()
{
ResponseMode = Constants.ResponseModes.Fragment,
State = "12345",
RedirectUri = new Uri("https://client.com/callback"),
RedirectUri = "https://client.com/callback",
PromptMode = Constants.PromptModes.SelectAccount
};

Expand All @@ -135,7 +135,7 @@ public void ProcessConsentAsync_RequiresConsentButPromptModeIsNone_ReturnsErrorR
{
ResponseMode = Constants.ResponseModes.Fragment,
State = "12345",
RedirectUri = new Uri("https://client.com/callback"),
RedirectUri = "https://client.com/callback",
PromptMode = Constants.PromptModes.None
};
var result = subject.ProcessConsentAsync(request).Result;
Expand All @@ -154,7 +154,7 @@ public void ProcessConsentAsync_PromptModeIsConsent_NoPriorConsent_ReturnsConsen
{
ResponseMode = Constants.ResponseModes.Fragment,
State = "12345",
RedirectUri = new Uri("https://client.com/callback"),
RedirectUri = "https://client.com/callback",
PromptMode = Constants.PromptModes.Consent
};
var result = subject.ProcessConsentAsync(request).Result;
Expand All @@ -171,7 +171,7 @@ public void ProcessConsentAsync_NoPromptMode_ConsentServiceRequiresConsent_NoPri
{
ResponseMode = Constants.ResponseModes.Fragment,
State = "12345",
RedirectUri = new Uri("https://client.com/callback"),
RedirectUri = "https://client.com/callback",
PromptMode = Constants.PromptModes.Consent
};
var result = subject.ProcessConsentAsync(request).Result;
Expand All @@ -187,7 +187,7 @@ public void ProcessConsentAsync_PromptModeIsConsent_ConsentNotGranted_ReturnsErr
{
ResponseMode = Constants.ResponseModes.Fragment,
State = "12345",
RedirectUri = new Uri("https://client.com/callback"),
RedirectUri = "https://client.com/callback",
PromptMode = Constants.PromptModes.Consent
};
var consent = new UserConsent
Expand All @@ -213,7 +213,7 @@ public void ProcessConsentAsync_NoPromptMode_ConsentServiceRequiresConsent_Conse
{
ResponseMode = Constants.ResponseModes.Fragment,
State = "12345",
RedirectUri = new Uri("https://client.com/callback"),
RedirectUri = "https://client.com/callback",
};
var consent = new UserConsent
{
Expand All @@ -239,7 +239,7 @@ public void ProcessConsentAsync_PromptModeIsConsent_ConsentGranted_NoScopesSelec
{
ResponseMode = Constants.ResponseModes.Fragment,
State = "12345",
RedirectUri = new Uri("https://client.com/callback"),
RedirectUri = "https://client.com/callback",
PromptMode = Constants.PromptModes.Consent,
ValidatedScopes = new ScopeValidator(null),
Client = new Client { }
Expand All @@ -265,7 +265,7 @@ public void ProcessConsentAsync_NoPromptMode_ConsentServiceRequiresConsent_Conse
{
ResponseMode = Constants.ResponseModes.Fragment,
State = "12345",
RedirectUri = new Uri("https://client.com/callback"),
RedirectUri = "https://client.com/callback",
ValidatedScopes = new ScopeValidator(null),
Client = new Client { }
};
Expand All @@ -290,7 +290,7 @@ public async Task ProcessConsentAsync_NoPromptMode_ConsentServiceRequiresConsent
{
ResponseMode = Constants.ResponseModes.Fragment,
State = "12345",
RedirectUri = new Uri("https://client.com/callback"),
RedirectUri = "https://client.com/callback",
ValidatedScopes = new ScopeValidator(new InMemoryScopeStore(TestScopes.Get())),
Client = new Client { }
};
Expand All @@ -317,7 +317,7 @@ public async Task ProcessConsentAsync_PromptModeConsent_ConsentGranted_ScopesSel
{
ResponseMode = Constants.ResponseModes.Fragment,
State = "12345",
RedirectUri = new Uri("https://client.com/callback"),
RedirectUri = "https://client.com/callback",
ValidatedScopes = new ScopeValidator(new InMemoryScopeStore(TestScopes.Get())),
Client = new Client { }
};
Expand Down Expand Up @@ -346,7 +346,7 @@ public async Task ProcessConsentAsync_AllowConsentSelected_SavesConsent()
{
ResponseMode = Constants.ResponseModes.Fragment,
State = "12345",
RedirectUri = new Uri("https://client.com/callback"),
RedirectUri = "https://client.com/callback",
ValidatedScopes = new ScopeValidator(new InMemoryScopeStore(TestScopes.Get())),
Client = client,
Subject = user
Expand Down
12 changes: 6 additions & 6 deletions source/Tests/UnitTests/Connect/Setup/TestClients.cs
Original file line number Diff line number Diff line change
Expand Up @@ -34,9 +34,9 @@ public static IEnumerable<Client> Get()
Flow = Flows.AuthorizationCode,
RequireConsent = false,

RedirectUris = new List<Uri>
RedirectUris = new List<string>
{
new Uri("https://server/cb"),
"https://server/cb",
},

AuthorizationCodeLifetime = 60
Expand All @@ -50,9 +50,9 @@ public static IEnumerable<Client> Get()
Flow = Flows.Implicit,
RequireConsent = false,

RedirectUris = new List<Uri>
RedirectUris = new List<string>
{
new Uri("oob://implicit/cb")
"oob://implicit/cb"
},
},
new Client
Expand All @@ -69,9 +69,9 @@ public static IEnumerable<Client> Get()
"openid"
},

RedirectUris = new List<Uri>
RedirectUris = new List<string>
{
new Uri("https://server/cb"),
"https://server/cb",
},
},
new Client
Expand Down
Loading