Add cancellation token support for ticket retrieval
GitHub Actions / Test Report - IdentityServer.IntegrationTests
succeeded
Feb 4, 2025 in 0s
546 passed, 0 failed and 1 skipped
✅ identity-server/test/IdentityServer.IntegrationTests/TestResults/Tests.trx
547 tests were completed in 152s with 546 passed, 0 failed and 1 skipped.
✅ IdentityServer.IntegrationTests.Endpoints.Ciba.CibaTests
✅ acr_values_too_long_should_return_error
✅ binding_message_too_long_should_return_error
✅ client_with_idp_restriction_should_ignore_invalid_idp_acr_value
✅ custom_validator_can_add_complex_properties_that_are_passed_to_user_notification_but_not_client_response
✅ custom_validators_are_invoked_and_can_process_custom_input
✅ expiry_larger_than_client_allows_should_return_error
✅ expiry_than_than_client_allows_should_return_success
✅ expiry_too_long_should_return_error
✅ get_request_should_return_error
✅ id_token_hint_too_long_should_return_error
✅ invalid_client_credentials_should_return_error
✅ invalid_client_grant_should_return_error
✅ invalid_id_token_hint_too_long_should_return_error
✅ invalid_resource_should_return_error
✅ invalid_scope_for_resource_should_return_error
✅ invalid_user_errors_should_return_error(error: "access_denied", code: Forbidden)
✅ invalid_user_errors_should_return_error(error: "expired_login_hint_token", code: BadRequest)
✅ invalid_user_errors_should_return_error(error: "invalid_binding_message", code: BadRequest)
✅ invalid_user_errors_should_return_error(error: "invalid_user_code", code: BadRequest)
✅ invalid_user_errors_should_return_error(error: "missing_user_code", code: BadRequest)
✅ invalid_user_errors_should_return_error(error: "unknown_user_id", code: BadRequest)
✅ login_hint_token_too_long_should_return_error
✅ login_hint_too_long_should_return_error
✅ missing_scope_should_return_error
✅ no_request_object_when_required_should_return_error
✅ post_request_without_form_should_return_error
✅ request_object_client_with_correct_client_id_should_return_success
✅ request_object_client_with_invalid_key_should_return_error
✅ request_object_client_with_mismatched_client_id_should_return_error
✅ request_object_client_with_no_keys_should_return_error
✅ request_object_invalid_signature_should_return_error
✅ request_object_missing_jti_should_return_error
✅ request_object_too_long_should_return_error
✅ request_object_with_param_also_outside_jwt_should_return_error
✅ request_object_with_request_object_should_return_error
✅ request_object_with_request_uri_should_return_error
✅ request_values_should_be_passed_to_user_validator
✅ resource_invalid_format_should_return_error
✅ resource_too_long_should_return_error
✅ scope_missing_openid_should_return_error
✅ scope_too_long_should_return_error
✅ too_few_login_hints_should_return_error
✅ too_many_login_hints_should_return_error
✅ unknown_user_validator_error_should_return_error
✅ user_code_too_long_should_return_error
✅ valid_id_token_hint_should_return_success
✅ valid_login_hint_token_hint_should_return_success
✅ valid_request_object_should_return_valid_result
✅ valid_request_should_notify_user
✅ valid_request_should_return_valid_result
✅ validated_user_missing_sub_should_return_error
✅ IdentityServer.IntegrationTests.Hosting.DynamicProvidersTests
✅ challenge_should_trigger_authorize_request_to_dynamic_idp
✅ challenge_should_trigger_authorize_request_to_static_idp
✅ federation_endpoint_with_no_scheme_should_return_not_found
✅ front_channel_signout_from_dynamic_idp_should_sign_user_out
✅ missing_segments_in_redirect_uri_should_return_not_found
✅ redirect_uri_should_process_dynamic_provider_signin_result
✅ redirect_uri_should_process_static_provider_signin_result
✅ redirect_uri_should_work_when_dynamic_provider_not_in_cache
✅ signout_should_trigger_endsession_request_to_dynamic_idp
✅ IntegrationTests.Clients.ClientAssertionClient
✅ Client_with_invalid_secret_should_fail
✅ Invalid_client_should_fail
✅ Valid_client_should_succeed
✅ Valid_client_with_implicit_clientId_should_succeed
✅ Valid_client_with_manual_payload_should_succeed
✅ Valid_client_with_token_replay_should_fail
✅ IntegrationTests.Clients.ClientCredentialsandResourceOwnerClient
✅ Openid_and_resource_scope_should_be_requestable_via_password
✅ Openid_scope_should_be_requestable_via_password
✅ Openid_scope_should_not_be_requestable_via_client_credentials
✅ Resource_scope_should_be_requestable_via_client_credentials
✅ IntegrationTests.Clients.ClientCredentialsClient
✅ Client_explicitly_requesting_identity_scope_should_fail
✅ Client_explicitly_requesting_offline_access_should_fail
✅ Client_without_default_scopes_skipping_scope_parameter_should_return_error
✅ Implicit_and_client_creds_client_should_not_use_client_credential_grant_without_secret
✅ Implicit_client_should_not_use_client_credential_grant
✅ Invalid_endpoint_should_return_404
✅ Request_For_client_with_no_secret_and_basic_authentication_should_succeed
✅ Request_posting_client_secret_in_body_should_succeed
✅ Request_with_invalid_client_secret_should_fail
✅ Request_with_no_explicit_scopes_should_return_expected_payload
✅ Requesting_authorized_and_unauthorized_scopes_should_fail
✅ Requesting_multiple_scopes_should_return_expected_payload
✅ Requesting_unauthorized_scope_should_fail
✅ Requesting_unknown_scope_should_fail
✅ Unknown_client_should_fail
✅ Valid_request_multiple_audiences_should_return_expected_payload
✅ Valid_request_single_audience_should_return_expected_payload
✅ Valid_request_with_confirmation_should_return_expected_payload
✅ IntegrationTests.Clients.CustomTokenRequestValidatorClient
✅ Client_credentials_request_should_contain_custom_response
✅ Extension_grant_request_should_contain_custom_response
✅ Refreshing_a_token_should_contain_custom_response
✅ Resource_owner_credentials_request_should_contain_custom_response
✅ IntegrationTests.Clients.CustomTokenResponseClients
✅ Extension_grant_failure_should_return_custom_error_response
✅ Extension_grant_success_should_return_custom_response
✅ Resource_owner_failure_should_return_custom_error_response
✅ Resource_owner_success_should_return_custom_response
✅ IntegrationTests.Clients.DiscoveryClientTests
✅ Discovery_document_should_have_expected_values
✅ IntegrationTests.Clients.ExtensionGrantClient
✅ Dynamic_client_claims_no_sub_should_succeed
✅ Dynamic_client_claims_should_succeed
⚪ Dynamic_lifetime_should_succeed
✅ Dynamic_token_type_jwt_should_succeed
✅ Dynamic_token_type_reference_should_succeed
✅ Impersonate_client_should_succeed
✅ Valid_client_missing_grant_specific_data_should_fail
✅ Valid_client_no_subject_should_succeed
✅ Valid_client_should_succeed
✅ Valid_client_using_unauthorized_grant_type_should_fail
✅ Valid_client_using_unsupported_grant_type_should_fail
✅ Valid_client_with_default_scopes_should_succeed
✅ Valid_client_with_extra_claim_should_succeed
✅ Valid_client_with_refreshed_extra_claim_should_succeed
✅ IntegrationTests.Clients.RefreshTokenClient
✅ Refreshing_a_refresh_token_with_one_time_only_should_return_different_refresh_token
✅ Refreshing_a_refresh_token_with_reuse_should_return_same_refresh_token
✅ Replaying_a_rotated_token_should_fail
✅ Requesting_a_refresh_token_with_identity_scopes_should_return_expected_results
✅ Requesting_a_refresh_token_without_identity_scopes_should_return_expected_results
✅ Using_a_revoked_refresh_token_should_fail
✅ Using_a_valid_refresh_token_should_succeed
✅ IntegrationTests.Clients.ResourceOwnerClient
✅ Request_containing_identity_scopes_should_return_expected_payload
✅ Request_for_refresh_token_should_return_expected_payload
✅ Request_with_no_explicit_scopes_should_return_allowed_scopes
✅ Unknown_user_should_fail
✅ User_with_empty_password_should_succeed
✅ User_with_invalid_password_should_fail(password: "")
✅ User_with_invalid_password_should_fail(password: "invalid")
✅ Valid_user_should_succeed_with_expected_response_payload
✅ IntegrationTests.Clients.RevocationClient
✅ Revoking_reference_token_should_invalidate_token
✅ IntegrationTests.Clients.UserInfoEndpointClient
✅ Complex_json_should_be_correct
✅ Invalid_token_should_fail
✅ Request_address_scope_should_return_expected_response
✅ Using_a_token_with_an_identity_scope_but_no_openid_should_fail
✅ Using_a_token_with_no_identity_scope_should_fail
✅ Valid_client_with_GET_should_succeed
✅ IntegrationTests.Conformance.Basic.ClientAuthenticationTests
✅ Token_endpoint_supports_client_authentication_with_basic_authentication_with_POST
✅ Token_endpoint_supports_client_authentication_with_form_encoded_authentication_in_POST_body
✅ IntegrationTests.Conformance.Basic.CodeFlowTests
✅ No_state_should_not_result_in_shash
✅ StateHash_should_be_emitted_based_on_options(emitStateHash: False)
✅ StateHash_should_be_emitted_based_on_options(emitStateHash: True)
✅ IntegrationTests.Conformance.Basic.RedirectUriTests
✅ Preserves_query_parameters_in_redirect_uri
✅ Reject_redirect_uri_not_matching_registered_redirect_uri
✅ Reject_request_without_redirect_uri_when_multiple_registered
✅ Rejects_redirect_uri_when_query_parameter_does_not_match
✅ IntegrationTests.Conformance.Basic.ResponseTypeResponseModeTests
✅ Request_missing_response_type_rejected
✅ Request_with_response_type_code_supported
✅ IntegrationTests.Conformance.Pkce.PkceTests
✅ Authorize_request_code_challenge_cannot_be_too_long(clientId: "code_client")
✅ Authorize_request_code_challenge_cannot_be_too_long(clientId: "code_plain_client")
✅ Authorize_request_code_challenge_cannot_be_too_long(clientId: "codewithproofkey_client")
✅ Authorize_request_code_challenge_cannot_be_too_long(clientId: "codewithproofkey_plain_client")
✅ Authorize_request_code_challenge_cannot_be_too_short(clientId: "code_client")
✅ Authorize_request_code_challenge_cannot_be_too_short(clientId: "code_plain_client")
✅ Authorize_request_code_challenge_cannot_be_too_short(clientId: "codewithproofkey_client")
✅ Authorize_request_code_challenge_cannot_be_too_short(clientId: "codewithproofkey_plain_client")
✅ Authorize_request_needs_code_challenge(clientId: "codewithproofkey_client")
✅ Authorize_request_needs_code_challenge(clientId: "codewithproofkey_plain_client")
✅ Authorize_request_needs_supported_code_challenge_method(clientId: "code_client")
✅ Authorize_request_needs_supported_code_challenge_method(clientId: "code_plain_client")
✅ Authorize_request_needs_supported_code_challenge_method(clientId: "codewithproofkey_client")
✅ Authorize_request_needs_supported_code_challenge_method(clientId: "codewithproofkey_plain_client")
✅ Client_can_use_plain_code_challenge_method(clientId: "code_plain_client")
✅ Client_can_use_plain_code_challenge_method(clientId: "codewithproofkey_plain_client")
✅ Client_can_use_sha256_code_challenge_method(clientId: "code_client")
✅ Client_can_use_sha256_code_challenge_method(clientId: "codewithproofkey_client")
✅ Client_cannot_use_plain_code_challenge_method(clientId: "code_client")
✅ Client_cannot_use_plain_code_challenge_method(clientId: "codewithproofkey_client")
✅ Code_verifier_should_not_be_accepted_if_no_code_challenge_was_used
✅ Token_request_code_verifier_cannot_be_too_long(clientId: "code_plain_client")
✅ Token_request_code_verifier_cannot_be_too_long(clientId: "codewithproofkey_plain_client")
✅ Token_request_code_verifier_cannot_be_too_short(clientId: "code_plain_client")
✅ Token_request_code_verifier_cannot_be_too_short(clientId: "codewithproofkey_plain_client")
✅ Token_request_code_verifier_must_match_with_code_chalenge(clientId: "code_plain_client")
✅ Token_request_code_verifier_must_match_with_code_chalenge(clientId: "codewithproofkey_plain_client")
✅ Token_request_needs_code_verifier(clientId: "code_plain_client")
✅ Token_request_needs_code_verifier(clientId: "codewithproofkey_plain_client")
✅ IntegrationTests.Endpoints.Authorize.AuthorizeTests
✅ acr_values_too_long_should_show_error_page
✅ anonymous_user_should_be_redirected_to_login_page
✅ authenticated_user_with_valid_request_should_receive_authorization_response
✅ client_not_allowed_access_to_scope_should_show_error_page
✅ code_flow_with_fragment_response_type_should_be_allowed
✅ code_success_response_should_have_all_expected_values
✅ custom_prompt_value_should_be_passed_to_custom_interaction_service
✅ custom_prompt_values_should_raise_error_with_default_interaction_service
✅ custom_request_should_have_authorization_params(storeType: null)
✅ custom_request_should_have_authorization_params(storeType: typeof(Duende.IdentityServer.Stores.Default.DistributedCacheAuthorizationParametersMessageStore))
✅ custom_request_should_have_authorization_params(storeType: typeof(Duende.IdentityServer.Stores.QueryStringAuthorizationParametersMessageStore))
✅ disabled_client_should_not_pass_return_url_to_error_page
✅ disabled_client_should_show_error_page
✅ display_mode_should_be_passed_to_error_page
✅ error_page_should_receive_client_id
✅ explicit_response_mode_should_be_passed_to_error_page
✅ for_invalid_client_error_page_should_not_receive_client_id
✅ get_request_should_not_return_404
✅ get_request_should_not_return_500
✅ idp_not_allowed_by_client_should_not_be_passed_to_login_page
✅ idp_should_be_passed_to_login_page
✅ invalid_client_id_should_not_pass_return_url_to_error_page
✅ invalid_client_id_should_show_error_page
✅ invalid_max_age_should_show_error_page
✅ invalid_protocol_for_client_should_not_pass_return_url_to_error_page
✅ invalid_protocol_for_client_should_show_error_page
✅ invalid_redirect_uri_should_not_pass_return_url_to_error_page
✅ invalid_redirect_uri_should_show_error_page
✅ invalid_response_mode_for_flow_should_pass_return_url_to_error_page
✅ invalid_response_mode_for_flow_should_show_error_page
✅ invalid_response_mode_should_pass_return_url_to_error_page
✅ invalid_response_mode_should_show_error_page
✅ invalid_response_type_should_not_pass_return_url_to_error_page
✅ invalid_response_type_should_show_error_page
✅ locale_too_long_should_show_error_page
✅ login_hint_too_long_should_show_error_page
✅ login_response_and_consent_response_should_receive_authorization_response(storeType: null)
✅ login_response_and_consent_response_should_receive_authorization_response(storeType: typeof(Duende.IdentityServer.Stores.Default.DistributedCacheAuthorizationParametersMessageStore))
✅ login_response_and_consent_response_should_receive_authorization_response(storeType: typeof(Duende.IdentityServer.Stores.QueryStringAuthorizationParametersMessageStore))
✅ malformed_redirect_uri_should_show_error_page
✅ max_age_0_should_allow_user_to_login_and_complete_authorization
✅ max_age_0_should_show_login_page
✅ missing_nonce_should_show_error_page
✅ missing_openid_scope_should_show_error_page
✅ missing_redirect_uri_should_not_pass_return_url_to_error_page
✅ missing_redirect_uri_should_show_error_page
✅ missing_scope_should_pass_return_url_to_error_page
✅ missing_scope_should_show_error_page
✅ negative_max_age_should_show_error_page
✅ nonce_too_long_should_show_error_page
✅ overlapping_identity_scopes_and_api_scopes_should_show_error_page
✅ post_request_should_return_200
✅ post_request_without_form_should_return_415
✅ prompt_create_and_login_should_be_an_error
✅ prompt_login_should_allow_user_to_login_and_complete_authorization
✅ prompt_login_should_show_login_page_and_preserve_prompt_values
✅ scope_too_long_should_show_error_page
✅ signin_request_should_have_authorization_params(storeType: null)
✅ signin_request_should_have_authorization_params(storeType: typeof(Duende.IdentityServer.Stores.Default.DistributedCacheAuthorizationParametersMessageStore))
✅ signin_request_should_have_authorization_params(storeType: typeof(Duende.IdentityServer.Stores.QueryStringAuthorizationParametersMessageStore))
✅ signin_response_should_allow_successful_authorization_response
✅ ui_locales_should_be_passed_to_error_page
✅ unicode_values_in_url_should_be_processed_correctly
✅ unknown_prompt_should_error
✅ user_idp_does_not_match_acr_idp_should_cause_login_page
✅ user_idp_not_allowed_by_client_should_cause_login_page
✅ when_tenant_validation_disabled_user_tenant_does_not_match_acr_tenant_should_not_cause_login_page
✅ when_tenant_validation_enabled_user_tenant_does_not_match_acr_tenant_should_cause_login_page
✅ with_config_prompt_create_should_show_create_account_page_and_preserve_prompt_values
✅ without_config_prompt_create_should_be_treated_as_unknown
✅ IntegrationTests.Endpoints.Authorize.ConsentTests
✅ client_requires_consent_should_show_consent_page
✅ consent_page_should_have_authorization_params(storeType: null)
✅ consent_page_should_have_authorization_params(storeType: typeof(Duende.IdentityServer.Stores.Default.DistributedCacheAuthorizationParametersMessageStore))
✅ consent_page_should_have_authorization_params(storeType: typeof(Duende.IdentityServer.Stores.QueryStringAuthorizationParametersMessageStore))
✅ consent_response_missing_required_scopes_should_error
✅ consent_response_of_temporarily_unavailable_should_return_error_to_client(storeType: null)
✅ consent_response_of_temporarily_unavailable_should_return_error_to_client(storeType: typeof(Duende.IdentityServer.Stores.Default.DistributedCacheAuthorizationParametersMessageStore))
✅ consent_response_of_temporarily_unavailable_should_return_error_to_client(storeType: typeof(Duende.IdentityServer.Stores.QueryStringAuthorizationParametersMessageStore))
✅ consent_response_of_unmet_authentication_requirements_should_return_error_to_client(storeType: null)
✅ consent_response_of_unmet_authentication_requirements_should_return_error_to_client(storeType: typeof(Duende.IdentityServer.Stores.Default.DistributedCacheAuthorizationParametersMessageStore))
✅ consent_response_of_unmet_authentication_requirements_should_return_error_to_client(storeType: typeof(Duende.IdentityServer.Stores.QueryStringAuthorizationParametersMessageStore))
✅ consent_response_should_allow_successful_authorization_response(storeType: null)
✅ consent_response_should_allow_successful_authorization_response(storeType: typeof(Duende.IdentityServer.Stores.Default.DistributedCacheAuthorizationParametersMessageStore))
✅ consent_response_should_allow_successful_authorization_response(storeType: typeof(Duende.IdentityServer.Stores.QueryStringAuthorizationParametersMessageStore))
✅ consent_response_should_reject_modified_request_params
✅ legacy_consents_should_apply_and_be_migrated_to_hex_encoding
✅ IntegrationTests.Endpoints.Authorize.JwtRequestAuthorizeTests
✅ authorize_should_accept_complex_objects_in_request_object
✅ authorize_should_accept_request_uri_and_allow_some_parameters_in_query(storeType: null)
✅ authorize_should_accept_request_uri_and_allow_some_parameters_in_query(storeType: typeof(Duende.IdentityServer.Stores.Default.DistributedCacheAuthorizationParametersMessageStore))
✅ authorize_should_accept_request_uri_and_allow_some_parameters_in_query(storeType: typeof(Duende.IdentityServer.Stores.QueryStringAuthorizationParametersMessageStore))
✅ authorize_should_accept_request_uri_with_valid_jwt
✅ authorize_should_accept_request_uri_with_valid_jwt_and_strict_validation
✅ authorize_should_accept_valid_JWT_request_object_and_allow_some_parameters_in_query(storeType: null)
✅ authorize_should_accept_valid_JWT_request_object_and_allow_some_parameters_in_query(storeType: typeof(Duende.IdentityServer.Stores.Default.DistributedCacheAuthorizationParametersMessageStore))
✅ authorize_should_accept_valid_JWT_request_object_and_allow_some_parameters_in_query(storeType: typeof(Duende.IdentityServer.Stores.QueryStringAuthorizationParametersMessageStore))
✅ authorize_should_accept_valid_JWT_request_object_parameters_using_rsa_jwk
✅ authorize_should_accept_valid_JWT_request_object_parameters_using_rsa_jwk_and_pushed_authorization
✅ authorize_should_accept_valid_JWT_request_object_parameters_using_symmetric_jwk
✅ authorize_should_accept_valid_JWT_request_object_parameters_using_X509_certificate
✅ authorize_should_ignore_request_uri_when_feature_is_disabled
✅ authorize_should_reject_jwt_request_if_audience_is_incorrect
✅ authorize_should_reject_jwt_request_if_client_id_does_not_match
✅ authorize_should_reject_jwt_request_if_issuer_does_not_match_client_id
✅ authorize_should_reject_jwt_request_if_response_type_does_not_match
✅ authorize_should_reject_jwt_request_that_includes_request_param
✅ authorize_should_reject_jwt_request_that_includes_request_uri_param
✅ authorize_should_reject_jwt_request_without_client_id
✅ authorize_should_reject_jwt_request_without_client_id_in_jwt
✅ authorize_should_reject_request_uri_with_valid_jwt_and_strict_validation_but_invalid_content_type
✅ both_request_and_request_uri_params_should_fail
✅ correct_jwt_typ_should_pass_strict_validation
✅ missing_jwt_typ_should_error
✅ missing_request_object_should_fail
✅ prompt_login_should_allow_user_to_consent_and_complete_authorization(storeType: null)
✅ prompt_login_should_allow_user_to_consent_and_complete_authorization(storeType: typeof(Duende.IdentityServer.Stores.Default.DistributedCacheAuthorizationParametersMessageStore))
✅ prompt_login_should_allow_user_to_consent_and_complete_authorization(storeType: typeof(Duende.IdentityServer.Stores.QueryStringAuthorizationParametersMessageStore))
✅ prompt_login_should_allow_user_to_login_and_complete_authorization(storeType: null)
✅ prompt_login_should_allow_user_to_login_and_complete_authorization(storeType: typeof(Duende.IdentityServer.Stores.Default.DistributedCacheAuthorizationParametersMessageStore))
✅ prompt_login_should_allow_user_to_login_and_complete_authorization(storeType: typeof(Duende.IdentityServer.Stores.QueryStringAuthorizationParametersMessageStore))
✅ request_uri_length_too_long_should_fail
✅ request_uri_response_returns_404_should_fail
✅ request_uri_response_returns_500_should_fail
✅ IntegrationTests.Endpoints.Authorize.PushedAuthorizationTests
✅ existing_pushed_authorization_request_uris_become_invalid_when_par_is_disabled
✅ happy_path
✅ not_using_pushed_authorization_when_it_is_globally_required_fails
✅ not_using_pushed_authorization_when_it_is_required_for_client_fails
✅ prompt_login_can_be_used_with_pushed_authorization(parameterName: "max_age", parameterValue: "0")
✅ prompt_login_can_be_used_with_pushed_authorization(parameterName: "prompt", parameterValue: "create")
✅ prompt_login_can_be_used_with_pushed_authorization(parameterName: "prompt", parameterValue: "login")
✅ prompt_login_can_be_used_with_pushed_authorization(parameterName: "prompt", parameterValue: "select_account")
✅ pushed_authorization_with_a_request_uri_fails(requestUri: "https://requests.example.com/bar")
✅ pushed_authorization_with_a_request_uri_fails(requestUri: "nonsense")
✅ pushed_authorization_with_a_request_uri_fails(requestUri: "urn:ietf:params:oauth:request_uri:foo")
✅ reusing_pushed_authorization_request_uris_fails
✅ using_pushed_authorization_when_it_is_globally_disabled_fails
✅ IntegrationTests.Endpoints.Authorize.ResourceTests
✅ empty_resource_indicator_on_authz_endpoint_should_succeed
✅ empty_resource_indicator_on_code_exchange_should_succeed
✅ implicit_flow_with_resource_indicator_should_fail
✅ no_resource_indicator_on_code_exchange_should_succeed
✅ no_resource_indicator_on_refresh_token_exchange_should_succeed
✅ resource_indicator_for_isolated_resource_with_offline_access_should_succeed
✅ resource_indicator_for_isolated_resource_without_offline_access_should_succeed
✅ resource_indicator_on_code_exchange_should_succeed
✅ resource_indicator_on_refresh_token_exchange_should_succeed
✅ resource_indicator_without_offline_access_no_resource_on_code_exchange_should_succeed
✅ resource_indicator_without_offline_access_should_succeed
✅ IntegrationTests.Endpoints.Authorize.RestrictAccessTokenViaBrowserTests
✅ Restricted_hybrid_client_can_request_CodeIdToken
✅ Restricted_hybrid_client_cannot_request_CodeIdTokenToken
✅ Restricted_implicit_client_can_request_IdToken
✅ Restricted_implicit_client_cannot_request_IdTokenToken
✅ Unrestricted_hybrid_client_can_request_CodeIdToken
✅ Unrestricted_hybrid_client_can_request_CodeIdTokenToken
✅ Unrestricted_implicit_client_can_request_IdToken
✅ Unrestricted_implicit_client_can_request_IdTokenToken
✅ IntegrationTests.Endpoints.Authorize.SessionIdTests
✅ session_id_should_be_reissued_if_session_cookie_absent
✅ IntegrationTests.Endpoints.CheckSession.CheckSessionTests
✅ get_request_should_not_return_404
✅ IntegrationTests.Endpoints.DeviceAuthorization.DeviceAuthorizationTests
✅ empty_request_should_return_InvalidRequest
✅ get_should_return_InvalidRequest
✅ unknown_client_should_return_InvalidClient
✅ valid_should_return_json
✅ wrong_content_type_return_InvalidRequest
✅ IntegrationTests.Endpoints.Discovery.DiscoveryEndpointTests
✅ Algorithms_supported_should_match_signing_key
✅ createaccount_options_should_include_create_in_prompt_values_supported
✅ Issuer_uri_should_be_lowercase
✅ Jwks_entries_should_contain_alg
✅ Jwks_entries_should_countain_crv
✅ Jwks_with_ecdsa_should_have_parsable_key(crv: "P-256", alg: "ES256")
✅ Jwks_with_ecdsa_should_have_parsable_key(crv: "P-384", alg: "ES384")
✅ Jwks_with_ecdsa_should_have_parsable_key(crv: "P-521", alg: "ES512")
✅ Jwks_with_two_key_using_different_algs_expect_different_alg_values
✅ prompt_values_supported_should_be_absent_if_no_authorize_endpoint_enabled
✅ prompt_values_supported_should_contain_defaults
✅ Unicode_values_in_url_should_be_processed_correctly
✅ when_lower_case_issuer_option_disabled_issuer_uri_should_be_preserved
✅ IntegrationTests.Endpoints.EndSession.EndSessionTests
✅ back_channel_bad_json_errors_can_be_logged
✅ back_channel_errors_no_content_can_be_logged
✅ back_channel_json_errors_can_be_logged
✅ back_channel_logout_should_not_affect_end_session_callback
✅ back_channel_logout_token_should_have_typ_header_set
✅ back_channel_logout_token_should_use_configured_typ_header_value
✅ get_request_should_not_return_404
✅ get_request_should_redirect_to_configured_logout_path
✅ logout_request_with_params_but_user_no_longer_authenticated_should_pass_redirect_info_to_logout
✅ logout_request_with_params_should_pass_values_in_logout_context
✅ logout_should_invoke_back_channel_logout
✅ logout_with_clients_should_render_signout_callback_iframe
✅ logout_without_clients_should_not_render_signout_callback_iframe
✅ signout_callback_should_use_signoutcleanup_for_wsfed_client
✅ signout_callback_with_mismatched_id_token_hint_should_not_pass_along_logout_message
✅ signout_callback_with_mismatched_post_logout_redirect_uri_should_not_pass_along_logout_uri
✅ signout_callback_without_params_should_return_400
✅ signout_request_should_redirect_to_logout_page
✅ signout_should_support_POST
✅ ui_locales_too_long_should_be_ignored
✅ valid_id_token_hint_but_no_post_logout_redirect_uri_should_not_use_any_of_multiple_registered_post_logout_redirect_uri
✅ valid_id_token_hint_but_no_post_logout_redirect_uri_should_not_use_single_registered_post_logout_redirect_uri
✅ valid_signout_callback_should_render_iframes_for_all_clients
✅ valid_signout_callback_should_return_200_html
✅ IntegrationTests.Endpoints.Introspection.IntrospectionTests
✅ Access_tokens_can_be_introspected_with_any_hint(introspectedBy: "api1", hint: "access_token")
✅ Access_tokens_can_be_introspected_with_any_hint(introspectedBy: "api1", hint: "bogus")
✅ Access_tokens_can_be_introspected_with_any_hint(introspectedBy: "api1", hint: "refresh_token")
✅ Access_tokens_can_be_introspected_with_any_hint(introspectedBy: "ro.client", hint: "access_token")
✅ Access_tokens_can_be_introspected_with_any_hint(introspectedBy: "ro.client", hint: "bogus")
✅ Access_tokens_can_be_introspected_with_any_hint(introspectedBy: "ro.client", hint: "refresh_token")
✅ api_validation_with_refresh_token_should_fail
✅ client_validation_with_access_token_for_different_client_should_fail
✅ client_validation_with_access_token_should_succeed
✅ client_validation_with_refresh_token_for_different_client_should_fail
✅ client_validation_with_refresh_token_should_succeed
✅ client_validation_with_revoked_refresh_token_should_fail
✅ Empty_request_should_fail
✅ Invalid_Content_type_should_fail
✅ Invalid_scope_secret_should_fail
✅ Invalid_token_should_fail
✅ Invalid_token_type_hint_should_not_fail
✅ Missing_token_should_fail
✅ Refresh_tokens_can_be_introspected_by_their_client_with_any_hint(introspectedBy: "api1", hint: "access_token", isActive: False)
✅ Refresh_tokens_can_be_introspected_by_their_client_with_any_hint(introspectedBy: "api1", hint: "bogus", isActive: False)
✅ Refresh_tokens_can_be_introspected_by_their_client_with_any_hint(introspectedBy: "api1", hint: "refresh_token", isActive: False)
✅ Refresh_tokens_can_be_introspected_by_their_client_with_any_hint(introspectedBy: "ro.client", hint: "access_token", isActive: True)
✅ Refresh_tokens_can_be_introspected_by_their_client_with_any_hint(introspectedBy: "ro.client", hint: "bogus", isActive: True)
✅ Refresh_tokens_can_be_introspected_by_their_client_with_any_hint(introspectedBy: "ro.client", hint: "refresh_token", isActive: True)
✅ Response_data_should_be_valid_using_multiple_scopes_multiple_audiences
✅ Response_data_should_be_valid_using_multiple_scopes_single_audience
✅ Response_data_should_be_valid_using_single_scope
✅ Response_data_with_user_authentication_should_be_valid_using_single_scope
✅ Token_with_many_scopes_but_api_should_only_see_its_own_scopes
✅ Unknown_scope_should_fail
✅ Valid_token_and_valid_scope_should_succeed
✅ Valid_token_with_invalid_scopes_should_fail
✅ Valid_token_with_valid_multiple_scopes
✅ IntegrationTests.Endpoints.Revocation.RevocationTests
✅ Get_request_should_return_405
✅ Implicit_and_client_creds_client_without_secret_revoking_token_should_fail
✅ Implicit_client_without_secret_revoking_token_should_succeed
✅ Invalid_client_id_should_return_error
✅ Invalid_credentials_should_return_error
✅ Invalid_token_type_hint_should_return_error
✅ Missing_token_should_return_error
✅ Post_without_form_urlencoded_should_return_415
✅ Revoke_invalid_access_token_should_return_success
✅ Revoke_invalid_refresh_token_should_return_success
✅ Revoke_valid_access_token_belonging_to_another_client_should_return_success_but_not_revoke_token
✅ Revoke_valid_access_token_should_return_success
✅ Revoke_valid_refresh_token_belonging_to_another_client_should_return_success_but_not_revoke_token
✅ Revoke_valid_refresh_token_belonging_to_another_session_should_not_revoke_other_session_token
✅ Revoke_valid_refresh_token_should_return_success
✅ Valid_access_token_but_missing_token_type_hint_should_succeed
✅ Valid_refresh_token_but_missing_token_type_hint_should_succeed
✅ IntegrationTests.Endpoints.Token.CibaTokenEndpointTests
✅ calls_past_interval_should_reset_throttling
✅ client_lifetime_should_be_honored
✅ client_mismatch_should_return_error
✅ client_not_allowed_for_ciba_should_return_error
✅ client_polling_interval_should_be_honored
✅ expired_request_should_return_error
✅ request_before_consent_should_return_error
✅ too_frequent_request_should_return_error
✅ user_denies_consent_should_return_error
✅ user_inactive_should_return_error
✅ valid_request_should_return_valid_result
✅ IntegrationTests.Endpoints.Token.DPoPTokenEndpointTests
✅ confidential_client_dpop_proof_should_be_required_on_renewal
✅ confidential_client_should_be_able_to_use_different_dpop_key_for_refresh_token_request
✅ different_ps_proof_tokens_should_work(alg: "ES256")
✅ different_ps_proof_tokens_should_work(alg: "ES384")
✅ different_ps_proof_tokens_should_work(alg: "ES512")
✅ different_rsa_proof_tokens_should_work(alg: "PS256")
✅ different_rsa_proof_tokens_should_work(alg: "PS384")
✅ different_rsa_proof_tokens_should_work(alg: "PS512")
✅ different_rsa_proof_tokens_should_work(alg: "RS256")
✅ different_rsa_proof_tokens_should_work(alg: "RS384")
✅ different_rsa_proof_tokens_should_work(alg: "RS512")
✅ dpop_key_thumbprint_too_long_should_fail
✅ dpop_proof_token_too_long_should_fail
✅ invalid_dpop_request_should_fail
✅ matching_dpop_key_thumbprint_on_authorize_endpoint_and_token_endpoint_should_succeed
✅ mismatched_dpop_key_thumbprint_on_authorize_endpoint_and_token_endpoint_should_fail
✅ missing_dpop_token_when_required_should_fail
✅ missing_proof_token_when_required_on_refresh_token_request_should_fail
✅ multiple_dpop_tokens_should_fail
✅ no_dpop_should_not_be_able_to_start_on_renewal
✅ public_client_dpop_proof_should_be_required_on_renewal
✅ public_client_should_not_be_able_to_use_different_dpop_key_for_refresh_token_request
✅ public_client_using_same_dpop_key_for_refresh_token_request_should_succeed
✅ replayed_dpop_token_should_fail
✅ server_issued_nonce_should_be_emitted
✅ valid_dpop_request_should_return_bound_access_token
✅ valid_dpop_request_should_return_bound_refresh_token
✅ valid_dpop_request_using_jwt_at_introspection_should_return_binding_information
✅ valid_dpop_request_using_reference_token_at_introspection_should_return_binding_information
✅ valid_dpop_request_with_unusual_but_valid_proof_token_should_return_bound_access_token
✅ IntegrationTests.Endpoints.Token.RefreshTokenTests
✅ sid_should_be_in_access_token_after_token_is_renewed
✅ when_UpdateAccessTokenClaimsOnRefresh_is_set_sid_should_be_in_access_token_after_token_is_renewed
✅ IntegrationTests.Endpoints.Token.ResourceTests
✅ client_credentials_with_empty_resource_should_be_treated_as_if_no_resource_and_succeed
✅ client_credentials_with_invalid_resource_and_scope_should_fail
✅ client_credentials_with_resource_with_scope_should_succeed
✅ client_credentials_with_resource_without_scope_should_succeed
✅ client_credentials_without_resource_with_scope_should_succeed
✅ client_credentials_without_resource_without_scope_should_succeed
✅ refresh_token_exchange_with_invalid_resource_should_fail
✅ refresh_token_exchange_with_resource_should_succeed
✅ refresh_token_requested_with_invalid_resource_and_scope_should_fail
✅ refresh_token_requested_with_resource_with_scope_should_succeed
✅ refresh_token_requested_with_resource_without_scope_should_succeed
✅ refresh_token_requested_without_resource_with_scope_should_succeed
✅ refresh_token_requested_without_resource_without_scope_should_succeed
✅ IntegrationTests.Endpoints.Token.TokenEndpointTests
✅ client_credentials_request_with_funny_headers_should_not_hang
✅ invalid_form_post_text_values_should_return_400_error
✅ resource_owner_request_with_funny_headers_should_not_hang
✅ IntegrationTests.Extensibility.CustomClaimsServiceTests
✅ custom_claims_should_be_in_access_token
✅ IntegrationTests.Extensibility.CustomProfileServiceTests
✅ custom_profile_should_return_claims_for_implicit_client
✅ IntegrationTests.Extensibility.CustomTokenCreationServiceTests
✅ custom_aud_should_be_in_access_token
✅ IntegrationTests.Hosting.CorsTests
✅ cors_request_to_allowed_endpoints_should_succeed(url: "https://server/.well-known/openid-configuration")
✅ cors_request_to_allowed_endpoints_should_succeed(url: "https://server/.well-known/openid-configuration/jw"···)
✅ cors_request_to_allowed_endpoints_should_succeed(url: "https://server/connect/revocation")
✅ cors_request_to_allowed_endpoints_should_succeed(url: "https://server/connect/token")
✅ cors_request_to_allowed_endpoints_should_succeed(url: "https://server/connect/userinfo")
✅ cors_request_to_restricted_endpoints_should_not_succeed(url: "https://server/account/consent")
✅ cors_request_to_restricted_endpoints_should_not_succeed(url: "https://server/account/login")
✅ cors_request_to_restricted_endpoints_should_not_succeed(url: "https://server/connect/authorize")
✅ cors_request_to_restricted_endpoints_should_not_succeed(url: "https://server/connect/checksession")
✅ cors_request_to_restricted_endpoints_should_not_succeed(url: "https://server/connect/endsession")
✅ cors_request_to_restricted_endpoints_should_not_succeed(url: "https://server/home/error")
✅ custom_cors_policy_provider_should_be_used
✅ IntegrationTests.Hosting.FederatedSignoutTests
✅ no_authenticated_user_should_not_render_page_with_iframe
✅ no_clients_signed_into_should_not_render_page_with_iframe
✅ non_200_should_not_render_page_with_iframe
✅ user_not_signed_out_should_not_render_page_with_iframe
✅ valid_POST_request_to_federated_signout_endpoint_should_render_page_with_iframe
✅ valid_request_to_federated_signout_endpoint_should_render_page_with_iframe
✅ IntegrationTests.Hosting.IdentityServerMiddlewareTests
✅ expected_exception_types_are_filtered_from_logs_when_incoming_requests_are_canceled(t: typeof(System.ArgumentException), filteringExpected: False)
✅ expected_exception_types_are_filtered_from_logs_when_incoming_requests_are_canceled(t: typeof(System.Exception), filteringExpected: False)
✅ expected_exception_types_are_filtered_from_logs_when_incoming_requests_are_canceled(t: typeof(System.InvalidOperationException), filteringExpected: False)
✅ expected_exception_types_are_filtered_from_logs_when_incoming_requests_are_canceled(t: typeof(System.NullReferenceException), filteringExpected: False)
✅ expected_exception_types_are_filtered_from_logs_when_incoming_requests_are_canceled(t: typeof(System.OperationCanceledException), filteringExpected: True)
✅ expected_exception_types_are_filtered_from_logs_when_incoming_requests_are_canceled(t: typeof(System.Threading.Tasks.TaskCanceledException), filteringExpected: True)
✅ IntegrationTests.Hosting.LicenseTests
✅ unlicensed_protocol_requests_log_a_warning
✅ IntegrationTests.Hosting.LocalApiAuthentication.LocalApiAuthenticationTests
✅ bearer_jwt_token_should_validate
✅ bearer_only_dpop_token_should_fail
✅ bearer_ref_token_should_validate
✅ dpop_nonce_required_should_require_nonce
✅ dpop_nonce_should_validate
✅ dpop_only_bearer_should_fail
✅ dpop_token_for_disabled_client_should_fail
✅ dpop_token_should_not_validate_if_cnf_from_introspection_does_not_match_proof_token
✅ dpop_token_should_not_validate_if_cnf_from_jwt_access_token_does_not_match_proof_token
✅ dpop_token_should_validate
✅ dpop_token_using_bearer_scheme_should_fail
✅ dpop_validation_failure_should_fail
✅ malformed_token_should_fail
✅ missing_authz_should_fail
✅ missing_token_should_fail
✅ IntegrationTests.Hosting.ServerSideSessionTests
✅ changing_users_should_create_new_server_side_session
✅ claim_issuers_should_be_persisted
✅ corrupted_server_side_session_should_logout_user
✅ expired_sessions_should_invoke_backchannel_logout
✅ expired_sessions_should_revoke_refresh_token
✅ getsessions_on_ticket_store_should_use_session_store
✅ login_should_create_server_side_session
✅ logout_should_remove_server_side_session
✅ logout_should_revoke_refresh_token
✅ querysessions_on_session_mgmt_service_should_use_ticket_store
✅ querysessions_on_ticket_store_should_use_session_store
✅ remove_server_side_session_should_logout_user
✅ remove_sessions_should_delete_refresh_tokens
✅ remove_sessions_should_invoke_backchannel_logout
✅ remove_sessions_should_remove_server_sessions
✅ remove_sessions_with_clientid_filter_should_filter_backchannel_logout
✅ remove_sessions_with_clientid_filter_should_filter_delete_refresh_tokens
✅ renewal_should_create_new_record_if_missing
✅ subsequent_logins_should_update_server_side_session
✅ using_access_token_for_expired_session_should_fail
✅ using_access_token_should_extend_session
✅ using_refresh_token_for_expired_session_should_fail
✅ using_refresh_token_should_extend_session
✅ IntegrationTests.Hosting.SubpathHosting
✅ anonymous_user_should_be_redirected_to_login_page
Loading