IdentityServer3 xBehave测试 [英] IdentityServer3 xBehave test

问题描述

我想为WebApi和IdentityServer编写验收测试.为了使事情尽可能简单，我从

I wanted to write acceptance tests for my WebApi and IdentityServer. To keep things as simple as possible I copied the whole sample project from here but added another project, that essentially makes the same as the console client would but as a acceptance test.

我现在唯一的情况是:

namespace SpecTesting
{
using System;
using System.Net;
using System.Net.Http;
using System.Threading;
using FluentAssertions;
using IdentityModel.Client;
using Xbehave;

public class JustLikeConsole
{
    private static readonly string ServerUrl = "http://localhost:11111";
    private static readonly string IdentityServerUrl = "http://localhost:5000";

    private IDisposable webApp;
    private IDisposable identityServer;
    private HttpClient appClient;
    private HttpClient identityServerClient;

    [Background]
    public void Background()
    {
        "establish server"._(() =>
        {
            this.identityServer = Microsoft.Owin.Hosting.WebApp.Start<IdSrv.Startup>(IdentityServerUrl);
            this.webApp = Microsoft.Owin.Hosting.WebApp.Start<Apis.Startup>(ServerUrl);
            this.appClient = new HttpClient { BaseAddress = new Uri(ServerUrl) };
            this.identityServerClient = new HttpClient { BaseAddress = new Uri(IdentityServerUrl) };
        }).Teardown(() =>
        {
            this.identityServerClient.Dispose();
            this.appClient.Dispose();
            this.webApp.Dispose();
            this.identityServer.Dispose();
        });
    }

    [Scenario]
    public void SimplestScenario(HttpResponseMessage response)
    {
        var clientId = "silicon";
        var clientSecret = "F621F470-9731-4A25-80EF-67A6F7C5F4B8";
        var expectedJson = $"{{ client: '{clientId}' }}";

        "get token"._(() =>
        {
            var client = new TokenClient(
                $"{IdentityServerUrl}/connect/token",
                clientId,
                clientSecret);

            var token = client.RequestClientCredentialsAsync("api1").Result;
            this.appClient.SetBearerToken(token.AccessToken);
        });

        "when calling the service"._(()
            => response = this.appClient.SendAsync(new HttpRequestMessage(HttpMethod.Get, "/test"), CancellationToken.None).Result);

        "it should return status code 'OK'"._(()
            => response.StatusCode.Should().Be(HttpStatusCode.OK));

        "it should equal expected json"._(()
            => response.Content.ReadAsStringAsync().Result.Should().Be(expectedJson));
    }
}
}

我现在总是得到状态代码未经授权"而不是确定".当我通过控制台客户端调用两个服务器时，它可以正常工作.非常令人沮丧.

I now always get the status code 'unauthorized' instead of 'ok'. When I call the two servers via the console client, it works as expected. Very frustrating.

更新 我将在调用服务时"步骤替换为以下几行，以增强简单性:

Update I replaced the "when calling a service" step with the following lines just to enhance the simplicity:

var client = new HttpClient();
client.SetBearerToken(token.AccessToken);
var result = client.GetStringAsync($"{ServerUrl}/test").Result;

问题仍然存在:现在抛出HttpRequestException(未经授权的401).

The problem is still the same: Now an HttpRequestException gets thrown (401 unauthorized).

推荐答案

与此同时，我发现了它不起作用的原因:

In the meantime I found the reason why it wasn't working:

原来，我必须在WebApi上使用IdentityServer3.AccessTokenValidation的2.6.0版本或更早的版本.一旦我更新到2.7.0或更高版本，它将停止工作.我没有时间找出这两个版本之间到底发生了什么变化，以及是什么导致了问题.但是我可以将其隔离到IdentityServer3.AccessTokenValidation

Turned out I have to use version 2.6.0 of IdentityServer3.AccessTokenValidation or earlier on the WebApi. As soon as I update to 2.7.0 or later it stops working. I didn't have time to find out what exactly has changed between the two releases and therefore what causes the problem. But I could isolate it to IdentityServer3.AccessTokenValidation

这篇关于IdentityServer3 xBehave测试的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！