openiddict
Add new integration tests for the revamped authorization/logout endpoints caching feature
In OpenIddict 1.x/2.x, authorization and logout requests were serialized to BSON and stored in the distributed cache. In 3.x, this logic was changed and these requests are now stored as signed and encrypted JWTs in the distributed cache. We'll need to port and adapt the integration tests guaranteeing this feature works as intended.
Hello! Could you point to the integration tests you need to port and adapt pls? Thanks.
Hey @IgorHrabrov,
Thanks for your interest!
For the authorization endpoint, the tests are here:
- https://github.com/openiddict/openiddict-core/blob/2.0.1/test/OpenIddict.Server.Tests/Internal/OpenIddictServerProviderTests.Authentication.cs#L76-L117
- https://github.com/openiddict/openiddict-core/blob/2.0.1/test/OpenIddict.Server.Tests/Internal/OpenIddictServerProviderTests.Authentication.cs#L805-L866
- https://github.com/openiddict/openiddict-core/blob/2.0.1/test/OpenIddict.Server.Tests/Internal/OpenIddictServerProviderTests.Authentication.cs#L928-L990
And for the logout endpoint:
- https://github.com/openiddict/openiddict-core/blob/2.0.1/test/OpenIddict.Server.Tests/Internal/OpenIddictServerProviderTests.Session.cs#L44-L66
- https://github.com/openiddict/openiddict-core/blob/2.0.1/test/OpenIddict.Server.Tests/Internal/OpenIddictServerProviderTests.Session.cs#L121-L172
You'll want to add them here: https://github.com/openiddict/openiddict-core/tree/dev/test/OpenIddict.Server.AspNetCore.IntegrationTests
Once they are ready, we'll be able to port them to https://github.com/openiddict/openiddict-core/tree/dev/test/OpenIddict.Server.Owin.IntegrationTests with no/minor changes, as the OWIN/Katana and ASP.NET Core hosts are quite similar.
Note: the "redirect to the same page with just the request_id parameter in the URL" dance now happens earlier in OpenIddict 3.0 (at the ExtractAuthorizationRequest/ExtractLogoutRequest stage), so the tests that start with Handle*Request will have to be renamed.