Support token refresh using SDK 28.3.0

COMET.Web.Common.Tests/Services/SessionManagement/AuthenticationServiceTestFixture.cs

@@ -32,6 +32,9 @@ namespace COMET.Web.Common.Tests.Services.SessionManagement
 
     using CDP4DalCommon.Authentication;
 
+    using CDP4ServicesDal;
+    using CDP4ServicesDal.ExternalAuthenticationProviderService;
+
     using COMET.Web.Common.Model.DTO;
     using COMET.Web.Common.Services.SessionManagement;
 
@@ -50,20 +53,30 @@ public class AuthenticationServiceTestFixture
         private AuthenticationService authenticationService;
         private AuthenticationDto authenticationDto;
         private Mock<ISessionStorageService> sessionStorageService;
+        private Mock<IOpenIdConnectService> openIdConnectService;
+        private Mock<IAutomaticTokenRefreshService> automaticTokenRefreshService;
+        private Credentials credentials;
 
         [SetUp]
         public void SetUp()
         {
             this.session = new Mock<ISession>();
             this.sessionService = new Mock<ISessionService>();
             this.sessionStorageService = new Mock<ISessionStorageService>();
-
+            this.openIdConnectService = new Mock<IOpenIdConnectService>();
+            this.automaticTokenRefreshService = new Mock<IAutomaticTokenRefreshService>();
+
             this.sessionService.Setup(x => x.Session).Returns(this.session.Object);
             this.sessionService.Setup(x => x.IsSessionOpen).Returns(false);
 
             this.cometWebAuthStateProvider = new CometWebAuthStateProvider(this.sessionService.Object);
-            this.authenticationService = new AuthenticationService(this.sessionService.Object, this.cometWebAuthStateProvider, this.sessionStorageService.Object);
+
+            this.authenticationService = new AuthenticationService(this.sessionService.Object, this.cometWebAuthStateProvider, this.sessionStorageService.Object,
+                this.openIdConnectService.Object, this.automaticTokenRefreshService.Object);
 
+            this.credentials = new Credentials(new Uri("http://localhost:5000/"));
+            this.session.Setup(x => x.Credentials).Returns(this.credentials);
+
             this.authenticationDto = new AuthenticationDto
             {
                 SourceAddress = "https://www.stariongroup.eu/",
@@ -72,6 +85,12 @@ public void SetUp()
             };
         }
 
+        [TearDown]
+        public void Teardown()
+        {
+            this.authenticationService.Dispose();
+        }
+
         [Test]
         public async Task VerifyLogout()
         {
@@ -120,24 +139,28 @@ public async Task VerifyLoginWithDefinedScheme()
                 this.sessionStorageService.Verify(x => x.SetItemAsync("access_token", It.IsAny<string>(), default), Times.Never);
             });
 
-            var tokenBasedAuthenticationInfo = new AuthenticationInformation("token");
-            this.sessionService.Setup(x => x.AuthenticateAndOpenSession(AuthenticationSchemeKind.ExternalJwtBearer, tokenBasedAuthenticationInfo)).ReturnsAsync(Result.Ok());
-            this.sessionService.Setup(x => x.AuthenticateAndOpenSession(AuthenticationSchemeKind.LocalJwtBearer, tokenBasedAuthenticationInfo)).ReturnsAsync(Result.Ok());
-
+            var tokenBasedAuthenticationInfo = new AuthenticationInformation(new AuthenticationTokens("token", "refresh"));
+
+            this.sessionService.Setup(x => x.AuthenticateAndOpenSession(AuthenticationSchemeKind.ExternalJwtBearer, tokenBasedAuthenticationInfo)).ReturnsAsync(Result.Ok())
+                .Callback(() => this.credentials.ProvideUserToken(tokenBasedAuthenticationInfo.Token, AuthenticationSchemeKind.ExternalJwtBearer));
+
+            this.sessionService.Setup(x => x.AuthenticateAndOpenSession(AuthenticationSchemeKind.LocalJwtBearer, tokenBasedAuthenticationInfo)).ReturnsAsync(Result.Ok())
+                .Callback(() => this.credentials.ProvideUserToken(tokenBasedAuthenticationInfo.Token, AuthenticationSchemeKind.LocalJwtBearer));
+
             loginResult = await this.authenticationService.LoginAsync(AuthenticationSchemeKind.LocalJwtBearer, tokenBasedAuthenticationInfo);
 
             Assert.Multiple(() =>
             {
                 Assert.That(loginResult.IsSuccess, Is.EqualTo(true)); 
-                this.sessionStorageService.Verify(x => x.SetItemAsync("access_token", tokenBasedAuthenticationInfo.Token, default), Times.Once);
+                this.sessionStorageService.Verify(x => x.SetItemAsync("access_token", tokenBasedAuthenticationInfo.Token.AccessToken, default), Times.Once);
             });
 
             loginResult = await this.authenticationService.LoginAsync(AuthenticationSchemeKind.ExternalJwtBearer, tokenBasedAuthenticationInfo);
 
             Assert.Multiple(() =>
             {
                 Assert.That(loginResult.IsSuccess, Is.EqualTo(true)); 
-                this.sessionStorageService.Verify(x => x.SetItemAsync("access_token", tokenBasedAuthenticationInfo.Token, default), Times.Exactly(2));
+                this.sessionStorageService.Verify(x => x.SetItemAsync("access_token", tokenBasedAuthenticationInfo.Token.AccessToken, default), Times.Exactly(2));
             });
         }
 
@@ -197,5 +220,42 @@ public async Task VerifyTryRestoreLastSession()
             await this.authenticationService.TryRestoreLastSessionAsync();
             this.sessionService.Verify(x => x.AuthenticateAndOpenSession(AuthenticationSchemeKind.LocalJwtBearer, It.IsAny<AuthenticationInformation>()), Times.Once);
         }
+
+        [Test]
+        public async Task VerifyExchangeOpenIdConnectCodeAsync()
+        {
+            const string code = "aRandomCode";
+            const string redirect = "http://localhost/callback";
+
+            var authenticationSchemeResponse = new AuthenticationSchemeResponse()
+            {
+                Schemes = [AuthenticationSchemeKind.Basic]
+            };            
+
+            await  Assert.MultipleAsync(async () =>
+            {
+                await Assert.ThatAsync(() => this.authenticationService.ExchangeOpenIdConnectCodeAsync(null, authenticationSchemeResponse, redirect), Throws.Exception);
+                await Assert.ThatAsync(() => this.authenticationService.ExchangeOpenIdConnectCodeAsync(code, null, redirect), Throws.Exception);
+                await Assert.ThatAsync(() => this.authenticationService.ExchangeOpenIdConnectCodeAsync(code, authenticationSchemeResponse, null), Throws.Exception);
+                await Assert.ThatAsync(() => this.authenticationService.ExchangeOpenIdConnectCodeAsync(code, authenticationSchemeResponse, redirect), Throws.Exception);
+            });
+
+            authenticationSchemeResponse.Schemes = [AuthenticationSchemeKind.ExternalJwtBearer];
+            var openIdDto = new OpenIdAuthenticationDto("access", "refresh", 1500, 15000);
+
+            this.openIdConnectService.Setup(x => x.RequestAuthenticationToken(code, authenticationSchemeResponse, redirect, null)).ReturnsAsync(openIdDto);
+
+            this.sessionService.Setup(x => x.AuthenticateAndOpenSession(AuthenticationSchemeKind.ExternalJwtBearer, It.IsAny<AuthenticationInformation>()))
+                .ReturnsAsync(Result.Ok())
+                .Callback(()=> this.credentials.ProvideUserToken(openIdDto, AuthenticationSchemeKind.ExternalJwtBearer));
+
+            await this.authenticationService.ExchangeOpenIdConnectCodeAsync(code, authenticationSchemeResponse, redirect);
+            this.sessionService.Verify(x => x.AuthenticateAndOpenSession(AuthenticationSchemeKind.ExternalJwtBearer, It.IsAny<AuthenticationInformation>()), Times.Once);
+
+            this.openIdConnectService.Setup(x => x.RequestAuthenticationToken(code, authenticationSchemeResponse, redirect, null)).ThrowsAsync(new InvalidOperationException());
+            await this.authenticationService.ExchangeOpenIdConnectCodeAsync(code, authenticationSchemeResponse, redirect);
+
+            this.sessionStorageService.Verify(x => x.SetItemAsync(It.IsAny<string>(), string.Empty, default), Times.Exactly(3));
+        }
     }
 }

COMET.Web.Common/COMET.Web.Common.csproj

@@ -3,9 +3,9 @@
   <PropertyGroup>
     <TargetFramework>net9.0</TargetFramework>
     <LangVersion>Latest</LangVersion>
-    <Version>6.0.0</Version>
-    <AssemblyVersion>6.0.0</AssemblyVersion>
-    <FileVersion>6.0.0</FileVersion>
+    <Version>6.1.0</Version>
+    <AssemblyVersion>6.1.0</AssemblyVersion>
+    <FileVersion>6.1.0</FileVersion>
     <Title>CDP4 WEB Common</Title>
     <Description>A Common Library for any Blazor based application related to ECSS-E-TM-10-25</Description>
     <Company>Starion Group S.A.</Company>
@@ -24,16 +24,16 @@
     <IncludeSymbols>true</IncludeSymbols>
     <SymbolPackageFormat>snupkg</SymbolPackageFormat>
     <PackageReleaseNotes>
-            [Update] to CDP4-SDK 28.0.0
+            [Update] to CDP4-SDK 28.2.0
             [Add] Support of multiple authentication scheme
         </PackageReleaseNotes>
   </PropertyGroup>
   <ItemGroup>
     <PackageReference Include="AsyncEnumerator" Version="4.0.2" />
     <PackageReference Include="Blazored.FluentValidation" Version="2.2.0" />
     <PackageReference Include="Blazored.SessionStorage" Version="2.4.0" />
-    <PackageReference Include="CDP4ServicesDal-CE" Version="28.0.0" />
-    <PackageReference Include="CDP4Web-CE" Version="28.0.0" />
+    <PackageReference Include="CDP4ServicesDal-CE" Version="28.2.0" />
+    <PackageReference Include="CDP4Web-CE" Version="28.2.0" />
     <PackageReference Include="DevExpress.Blazor" Version="23.2.11" />
     <PackageReference Include="FastMember" Version="1.5.0" />
     <PackageReference Include="FluentResults" Version="3.16.0" />

COMET.Web.Common/Extensions/ServiceCollectionExtensions.cs

@@ -31,6 +31,9 @@ namespace COMET.Web.Common.Extensions
 
     using CDP4Dal;
 
+    using CDP4ServicesDal;
+    using CDP4ServicesDal.ExternalAuthenticationProviderService;
+
     using COMET.Web.Common.Model;
     using COMET.Web.Common.Server.Services.ConfigurationService;
     using COMET.Web.Common.Server.Services.StringTableService;
@@ -91,6 +94,8 @@ public static void RegisterCdp4CometCommonServices(this IServiceCollection servi
             serviceProvider.AddScoped<ICDPMessageBus, CDPMessageBus>();
             serviceProvider.AddSingleton<IValidationService, ValidationService>();
             serviceProvider.AddScoped<ICacheService, CacheService>();
+            serviceProvider.AddScoped<IOpenIdConnectService, OpenIdConnectService>();
+            serviceProvider.AddScoped<IAutomaticTokenRefreshService, AutomaticTokenRefreshService>();
             serviceProvider.AddAuthorizationCore();
             serviceProvider.AddDevExpressBlazor(configure => configure.SizeMode = SizeMode.Medium);
             serviceProvider.RegisterCommonViewModels();