Skip to content

Commit

Permalink
fix: /userinfo with claim array (#82)
Browse files Browse the repository at this point in the history
  • Loading branch information
@IvanJosipovic
IvanJosipovic authored Oct 6, 2023
1 parent 1d99e3f commit 5a5aa8f
Show file tree
Hide file tree
Showing 2 changed files with 26 additions and 1 deletion.
2 changes: 1 addition & 1 deletion src/oidc-guard/Program.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -235,7 +235,7 @@ public static void Main(string[] args)

app.MapGet("/robots.txt", () => "User-agent: *\r\nDisallow: /");

app.MapGet("/userinfo", (HttpContext httpContext) => httpContext.User.Claims.ToDictionary(x => x.Type, x => x.Value))
app.MapGet("/userinfo", (HttpContext httpContext) => httpContext.User.Claims.GroupBy(x => x.Type).ToDictionary(x => x.Key, y => y.Count() > 1 ? (object)y.Select(x => x.Value) : y.First().Value))
.RequireAuthorization();

app.MapGet("/auth", ([FromServices] Settings settings, [FromServices] IMeterFactory meterFactory, HttpContext httpContext) =>
Expand Down
25 changes: 25 additions & 0 deletions tests/oidc-guard-tests/AuthTests.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -510,6 +510,31 @@ public async Task UserInfo()
json.RootElement.GetProperty("username").GetString().Should().Be("test");

Check warning on line 510 in tests/oidc-guard-tests/AuthTests.cs

View workflow job for this annotation

GitHub Actions / Build & Test 

Dereference of a possibly null reference.
}

[Fact]
public async Task UserInfoMulti()
{
var _client = AuthTestsHelpers.GetClient();

var claims = new List<Claim>()
{
new Claim("username", "test"),
new Claim("multi", "one"),
new Claim("multi", "two")
};

_client.DefaultRequestHeaders.TryAddWithoutValidation(HeaderNames.Authorization, FakeJwtIssuer.GenerateBearerJwtToken(claims));

var response = await _client.GetAsync("/userinfo");
response.StatusCode.Should().Be(HttpStatusCode.OK);
var json = await response.Content.ReadFromJsonAsync<JsonDocument>();

json.RootElement.GetProperty("username").GetString().Should().Be("test");

json.RootElement.GetProperty("multi").GetArrayLength().Should().Be(2);
json.RootElement.GetProperty("multi").EnumerateArray().ElementAt(0).GetString().Should().Be("one");
json.RootElement.GetProperty("multi").EnumerateArray().ElementAt(1).GetString().Should().Be("two");
}

[Theory]
[InlineData("?skip-auth=GET,test", "https://test.com", "GET", HttpStatusCode.OK)]
[InlineData("?skip-auth=GET,test", "https://test.com", "POST", HttpStatusCode.Unauthorized)]
Expand Down

0 comments on commit 5a5aa8f

Please sign in to comment.