Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add new integration tests for the revamped authorization/logout endpoints caching feature #891

Open
kevinchalet opened this issue Jan 13, 2020 · 2 comments

Comments

@kevinchalet
Copy link
Member

In OpenIddict 1.x/2.x, authorization and logout requests were serialized to BSON and stored in the distributed cache. In 3.x, this logic was changed and these requests are now stored as signed and encrypted JWTs in the distributed cache. We'll need to port and adapt the integration tests guaranteeing this feature works as intended.

@kevinchalet kevinchalet added this to the 3.0.0-alpha2 milestone Jan 13, 2020
@kevinchalet kevinchalet modified the milestones: 3.0.0-beta2, 3.0.0-beta3 Jun 30, 2020
@kevinchalet kevinchalet modified the milestones: 3.0.0-beta3, 3.0.0-beta4 Jul 12, 2020
@kevinchalet kevinchalet modified the milestones: 3.0.0-beta4, 3.0.0-beta5 Aug 25, 2020
@kevinchalet kevinchalet modified the milestones: 3.0.0-beta5, 3.0.0-beta6 Oct 3, 2020
@kevinchalet kevinchalet modified the milestones: 3.0.0-beta6, 3.0.0-rc1 Oct 18, 2020
@kevinchalet kevinchalet modified the milestones: 3.0.0-rc1, 3.0.0-rc2 Nov 16, 2020
@kevinchalet kevinchalet modified the milestones: 3.0.0-rc2, 3.0.0 Dec 7, 2020
@kevinchalet kevinchalet modified the milestones: 3.0.0, 3.1.0-preview1 Dec 23, 2020
@IgorHrabrov
Copy link
Contributor

Hello! Could you point to the integration tests you need to port and adapt pls? Thanks.

@kevinchalet
Copy link
Member Author

Hey @IgorHrabrov,

Thanks for your interest!

For the authorization endpoint, the tests are here:

And for the logout endpoint:

You'll want to add them here: https://github.com/openiddict/openiddict-core/tree/dev/test/OpenIddict.Server.AspNetCore.IntegrationTests

Once they are ready, we'll be able to port them to https://github.com/openiddict/openiddict-core/tree/dev/test/OpenIddict.Server.Owin.IntegrationTests with no/minor changes, as the OWIN/Katana and ASP.NET Core hosts are quite similar.

Note: the "redirect to the same page with just the request_id parameter in the URL" dance now happens earlier in OpenIddict 3.0 (at the ExtractAuthorizationRequest/ExtractLogoutRequest stage), so the tests that start with Handle*Request will have to be renamed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging a pull request may close this issue.

2 participants