From 5dd2bcb6a2d8be5ccab5e3aa44f6c36e1dc779dd Mon Sep 17 00:00:00 2001 From: Joe DeCock Date: Mon, 30 Oct 2023 16:08:30 -0500 Subject: [PATCH 1/4] Remove [Obsolete] code --- src/IdentityServer/Constants.cs | 2 - .../Extensions/HttpContextExtensions.cs | 104 ------------------ .../Extensions/HttpResponseExtensions.cs | 7 -- .../Extensions/IUserSessionExtensions.cs | 45 -------- .../Extensions/PrincipalExtensions.cs | 29 ----- .../Default/EndSessionRequestValidator.cs | 12 -- .../Models/ResourceValidationRequest.cs | 7 -- 7 files changed, 206 deletions(-) delete mode 100644 src/IdentityServer/Extensions/IUserSessionExtensions.cs diff --git a/src/IdentityServer/Constants.cs b/src/IdentityServer/Constants.cs index b7f2dce14..74f84a85f 100644 --- a/src/IdentityServer/Constants.cs +++ b/src/IdentityServer/Constants.cs @@ -202,8 +202,6 @@ public static class DefaultRoutePaths public static class EnvironmentKeys { public const string IdentityServerBasePath = "idsvr:IdentityServerBasePath"; - [Obsolete("The IdentityServerOrigin constant is obsolete.")] - public const string IdentityServerOrigin = "idsvr:IdentityServerOrigin"; // todo: deprecate public const string SignOutCalled = "idsvr:IdentityServerSignOutCalled"; } diff --git a/src/IdentityServer/Extensions/HttpContextExtensions.cs b/src/IdentityServer/Extensions/HttpContextExtensions.cs index 47db6fa59..e24d85607 100644 --- a/src/IdentityServer/Extensions/HttpContextExtensions.cs +++ b/src/IdentityServer/Extensions/HttpContextExtensions.cs @@ -7,11 +7,9 @@ using System; using System.Threading.Tasks; using System.Linq; -using Duende.IdentityServer.Configuration; using Duende.IdentityServer.Models; using Duende.IdentityServer.Services; using Duende.IdentityServer.Stores; -using Microsoft.AspNetCore.Authentication; using static Duende.IdentityServer.IdentityServerConstants; #pragma warning disable 1591 @@ -20,50 +18,6 @@ namespace Duende.IdentityServer.Extensions; public static class HttpContextExtensions { - [Obsolete("For a replacement, use IAuthenticationHandlerProvider.GetHandlerAsync and check if the handler implements IAuthenticationSignOutHandler.")] - public static async Task GetSchemeSupportsSignOutAsync(this HttpContext context, string scheme) - { - var provider = context.RequestServices.GetRequiredService(); - var handler = await provider.GetHandlerAsync(context, scheme); - return (handler is IAuthenticationSignOutHandler); - } - - [Obsolete("Use IServerUrls.Origin instead.")] - public static void SetIdentityServerOrigin(this HttpContext context, string value) - { - if (context == null) throw new ArgumentNullException(nameof(context)); - context.RequestServices.GetRequiredService().Origin = value; - } - - [Obsolete("Use IServerUrls.BasePath instead.")] - public static void SetIdentityServerBasePath(this HttpContext context, string value) - { - if (context == null) throw new ArgumentNullException(nameof(context)); - context.RequestServices.GetRequiredService().BasePath = value; - } - - [Obsolete("Use IIssuerNameService instead.")] - public static string GetIdentityServerOrigin(this HttpContext context) - { - var options = context.RequestServices.GetRequiredService(); - var request = context.Request; - - if (options.MutualTls.Enabled && options.MutualTls.DomainName.IsPresent()) - { - if (!options.MutualTls.DomainName.Contains(".")) - { - if (request.Host.Value.StartsWith(options.MutualTls.DomainName, StringComparison.OrdinalIgnoreCase)) - { - return request.Scheme + "://" + - request.Host.Value.Substring(options.MutualTls.DomainName.Length + 1); - } - } - } - - return request.Scheme + "://" + request.Host.Value; - } - - internal static void SetSignOutCalled(this HttpContext context) { if (context == null) throw new ArgumentNullException(nameof(context)); @@ -75,64 +29,6 @@ internal static bool GetSignOutCalled(this HttpContext context) return context.Items.ContainsKey(Constants.EnvironmentKeys.SignOutCalled); } - /// - /// Gets the host name of IdentityServer. - /// - /// The context. - /// - [Obsolete("Use IServerUrls.Origin instead.")] - public static string GetIdentityServerHost(this HttpContext context) - { - return context.RequestServices.GetRequiredService().Origin; - } - - /// - /// Gets the base path of IdentityServer. - /// - /// The context. - /// - [Obsolete("Use IServerUrls.BasePath instead.")] - public static string GetIdentityServerBasePath(this HttpContext context) - { - return context.RequestServices.GetRequiredService().BasePath; - } - - /// - /// Gets the public base URL for IdentityServer. - /// - /// The context. - /// - [Obsolete("Use IServerUrls.BaseUrl instead.")] - public static string GetIdentityServerBaseUrl(this HttpContext context) - { - return context.RequestServices.GetRequiredService().BaseUrl; - } - - /// - /// Gets the identity server relative URL. - /// - /// The context. - /// The path. - /// - [Obsolete("Use IServerUrls.GetIdentityServerRelativeUrl instead.")] - public static string GetIdentityServerRelativeUrl(this HttpContext context, string path) - { - return context.RequestServices.GetRequiredService().GetIdentityServerRelativeUrl(path); - } - - /// - /// Gets the identity server issuer URI. - /// - /// The context. - /// - /// context - [Obsolete("Use the IIssuerNameService instead.")] - public static string GetIdentityServerIssuerUri(this HttpContext context) - { - if (context == null) throw new ArgumentNullException(nameof(context)); - return context.RequestServices.GetRequiredService().GetCurrentAsync().GetAwaiter().GetResult(); - } - internal static async Task GetIdentityServerSignoutFrameCallbackUrlAsync(this HttpContext context, LogoutMessage logoutMessage = null) { var userSession = context.RequestServices.GetRequiredService(); diff --git a/src/IdentityServer/Extensions/HttpResponseExtensions.cs b/src/IdentityServer/Extensions/HttpResponseExtensions.cs index 9ee6ac5d1..5d334caaa 100644 --- a/src/IdentityServer/Extensions/HttpResponseExtensions.cs +++ b/src/IdentityServer/Extensions/HttpResponseExtensions.cs @@ -82,13 +82,6 @@ public static async Task WriteHtmlAsync(this HttpResponse response, string html) await response.Body.FlushAsync(); } - [Obsolete("Use IServerUrls.GetAbsoluteUrl instead.")] - public static void RedirectToAbsoluteUrl(this HttpResponse response, string url) - { - url = response.HttpContext.RequestServices.GetRequiredService().GetAbsoluteUrl(url); - response.Redirect(url); - } - public static void AddScriptCspHeaders(this HttpResponse response, CspOptions options, string hash) { var csp1part = options.Level == CspLevel.One ? "'unsafe-inline' " : string.Empty; diff --git a/src/IdentityServer/Extensions/IUserSessionExtensions.cs b/src/IdentityServer/Extensions/IUserSessionExtensions.cs deleted file mode 100644 index 0ed5b5755..000000000 --- a/src/IdentityServer/Extensions/IUserSessionExtensions.cs +++ /dev/null @@ -1,45 +0,0 @@ -// Copyright (c) Duende Software. All rights reserved. -// See LICENSE in the project root for license information. - - -using Duende.IdentityServer.Extensions; -using System.Linq; -using System.Threading.Tasks; -using Duende.IdentityServer.Models; -using System; - -namespace Duende.IdentityServer.Services; - -/// -/// Extension for IUserSession. -/// -public static class IUserSessionExtensions -{ - // TODO: remove in 7.0 - - /// - /// Creates a LogoutNotificationContext for the current user session. - /// - /// - [Obsolete("Unused and will be removed in a future version. Use the APIs on the IUserSession directly instead.")] - public static async Task GetLogoutNotificationContext(this IUserSession session) - { - var clientIds = await session.GetClientListAsync(); - - if (clientIds.Any()) - { - var user = await session.GetUserAsync(); - var sub = user.GetSubjectId(); - var sid = await session.GetSessionIdAsync(); - - return new LogoutNotificationContext - { - SubjectId = sub, - SessionId = sid, - ClientIds = clientIds - }; - } - - return null; - } -} \ No newline at end of file diff --git a/src/IdentityServer/Extensions/PrincipalExtensions.cs b/src/IdentityServer/Extensions/PrincipalExtensions.cs index 760b4fe6d..537299f06 100644 --- a/src/IdentityServer/Extensions/PrincipalExtensions.cs +++ b/src/IdentityServer/Extensions/PrincipalExtensions.cs @@ -81,18 +81,6 @@ public static string GetSubjectId(this IIdentity identity) return claim.Value; } - /// - /// Gets the name. - /// - /// The principal. - /// - [DebuggerStepThrough] - [Obsolete("This method will be removed in a future version. Use GetDisplayName instead.")] - public static string GetName(this IPrincipal principal) - { - return principal.Identity.GetName(); - } - /// /// Gets the name. /// @@ -110,23 +98,6 @@ public static string GetDisplayName(this ClaimsPrincipal principal) return string.Empty; } - /// - /// Gets the name. - /// - /// The identity. - /// - /// name claim is missing - [DebuggerStepThrough] - [Obsolete("This method will be removed in a future version. Use GetDisplayName instead.")] - public static string GetName(this IIdentity identity) - { - var id = identity as ClaimsIdentity; - var claim = id.FindFirst(JwtClaimTypes.Name); - - if (claim == null) throw new InvalidOperationException("name claim is missing"); - return claim.Value; - } - /// /// Gets the authentication method. /// diff --git a/src/IdentityServer/Validation/Default/EndSessionRequestValidator.cs b/src/IdentityServer/Validation/Default/EndSessionRequestValidator.cs index 06b7951f8..8eaf4b29e 100644 --- a/src/IdentityServer/Validation/Default/EndSessionRequestValidator.cs +++ b/src/IdentityServer/Validation/Default/EndSessionRequestValidator.cs @@ -9,7 +9,6 @@ using System.Linq; using System.Security.Claims; using System.Threading.Tasks; -using Microsoft.AspNetCore.Http; using System; using Duende.IdentityServer.Configuration; using Duende.IdentityServer.Logging.Models; @@ -59,16 +58,9 @@ public class EndSessionRequestValidator : IEndSessionRequestValidator /// protected readonly IMessageStore EndSessionMessageStore; - /// - /// The HTTP context accessor. - /// - [Obsolete("Unused. Will remove in a future release.")] - protected readonly IHttpContextAccessor Context; - /// /// Creates a new instance of the EndSessionRequestValidator. /// - /// /// /// /// @@ -77,7 +69,6 @@ public class EndSessionRequestValidator : IEndSessionRequestValidator /// /// public EndSessionRequestValidator( - IHttpContextAccessor context, IdentityServerOptions options, ITokenValidator tokenValidator, IRedirectUriValidator uriValidator, @@ -86,9 +77,6 @@ public EndSessionRequestValidator( IMessageStore endSessionMessageStore, ILogger logger) { -#pragma warning disable CS0618 // Type or member is obsolete - Context = context; -#pragma warning restore CS0618 // Type or member is obsolete Options = options; TokenValidator = tokenValidator; UriValidator = uriValidator; diff --git a/src/IdentityServer/Validation/Models/ResourceValidationRequest.cs b/src/IdentityServer/Validation/Models/ResourceValidationRequest.cs index 1b7f06cd8..6667ec8e5 100644 --- a/src/IdentityServer/Validation/Models/ResourceValidationRequest.cs +++ b/src/IdentityServer/Validation/Models/ResourceValidationRequest.cs @@ -29,11 +29,4 @@ public class ResourceValidationRequest /// The requested resource indicators. /// public IEnumerable? ResourceIndicators { get; set; } - - /// - /// Flag that indicates that validation should allow requested scopes to match non-isolated resources. - /// If set to false, then only the scopes that match the exact resource indicators requested will be allowed. - /// - [Obsolete("IncludeNonIsolatedApiResources is no longer used and will be removed in a future version.")] - public bool IncludeNonIsolatedApiResources { get; set; } } From aade45c4aec88192844a68f2d6772fa9f3f20e21 Mon Sep 17 00:00:00 2001 From: Joe DeCock Date: Mon, 30 Oct 2023 17:06:45 -0500 Subject: [PATCH 2/4] Miscellaneous fixes from review of TODOs - Remove code marked as unused/to be removed in 7.0 - Fix typo in name - Clean up some very old todos that don't need to be done anymore --- .../BuilderExtensions/Additional.cs | 3 --- .../Options/InputLengthRestrictions.cs | 6 ------ src/IdentityServer/Events/UserLoginSuccessEvent.cs | 2 -- .../Default/AuthorizeResponseGenerator.cs | 2 +- .../Services/Default/DefaultTokenService.cs | 10 ---------- .../Validation/Default/AuthorizeRequestValidator.cs | 8 +++----- .../Validation/Default/TokenRequestValidator.cs | 2 +- .../Validation/Models/ValidatedAuthorizeRequest.cs | 3 +-- src/Storage/Constants.cs | 2 +- src/Storage/Models/AuthorizationCode.cs | 1 - .../Authorize_ProtocolValidation_Resources.cs | 4 ++-- 11 files changed, 9 insertions(+), 34 deletions(-) diff --git a/src/IdentityServer/Configuration/DependencyInjection/BuilderExtensions/Additional.cs b/src/IdentityServer/Configuration/DependencyInjection/BuilderExtensions/Additional.cs index 9510adfbb..03f6e3e5a 100644 --- a/src/IdentityServer/Configuration/DependencyInjection/BuilderExtensions/Additional.cs +++ b/src/IdentityServer/Configuration/DependencyInjection/BuilderExtensions/Additional.cs @@ -415,7 +415,6 @@ public static IIdentityServerBuilder AddBackChannelLogoutService(this IIdenti return builder; } - // todo: check with later previews of ASP.NET Core if this is still required /// /// Adds configuration for the HttpClient used for back-channel logout notifications. /// @@ -451,8 +450,6 @@ public static IHttpClientBuilder AddBackChannelLogoutHttpClient(this IIdentitySe return httpBuilder; } - - // todo: check with later previews of ASP.NET Core if this is still required /// /// Adds configuration for the HttpClient used for JWT request_uri requests. /// diff --git a/src/IdentityServer/Configuration/DependencyInjection/Options/InputLengthRestrictions.cs b/src/IdentityServer/Configuration/DependencyInjection/Options/InputLengthRestrictions.cs index 9acbfc9fb..1312c1bdd 100644 --- a/src/IdentityServer/Configuration/DependencyInjection/Options/InputLengthRestrictions.cs +++ b/src/IdentityServer/Configuration/DependencyInjection/Options/InputLengthRestrictions.cs @@ -167,10 +167,4 @@ public class InputLengthRestrictions /// Max length for DPoP proof token /// public int DPoPProofToken { get; set; } = 4000; - - //// todo: review this default - ///// - ///// Max value allowed for requested_expiry - ///// - //public TimeSpan RequestedExpiry { get; set; } = TimeSpan.FromMinutes(15); } diff --git a/src/IdentityServer/Events/UserLoginSuccessEvent.cs b/src/IdentityServer/Events/UserLoginSuccessEvent.cs index c25607ca4..31a10e217 100644 --- a/src/IdentityServer/Events/UserLoginSuccessEvent.cs +++ b/src/IdentityServer/Events/UserLoginSuccessEvent.cs @@ -10,8 +10,6 @@ namespace Duende.IdentityServer.Events; /// public class UserLoginSuccessEvent : Event { - // todo: consolidate ctors in 3.0 - /// /// Initializes a new instance of the class. /// diff --git a/src/IdentityServer/ResponseHandling/Default/AuthorizeResponseGenerator.cs b/src/IdentityServer/ResponseHandling/Default/AuthorizeResponseGenerator.cs index a65315022..04a2c5cac 100644 --- a/src/IdentityServer/ResponseHandling/Default/AuthorizeResponseGenerator.cs +++ b/src/IdentityServer/ResponseHandling/Default/AuthorizeResponseGenerator.cs @@ -264,7 +264,7 @@ protected virtual async Task CreateCodeAsync(ValidatedAuthori IsOpenId = request.IsOpenIdRequest, RequestedScopes = request.ValidatedResources.RawScopeValues, - RequestedResourceIndicators = request.RequestedResourceIndiators, + RequestedResourceIndicators = request.RequestedResourceIndicators, RedirectUri = request.RedirectUri, Nonce = request.Nonce, StateHash = stateHash, diff --git a/src/IdentityServer/Services/Default/DefaultTokenService.cs b/src/IdentityServer/Services/Default/DefaultTokenService.cs index 9ed345514..bc08bee29 100644 --- a/src/IdentityServer/Services/Default/DefaultTokenService.cs +++ b/src/IdentityServer/Services/Default/DefaultTokenService.cs @@ -5,7 +5,6 @@ using IdentityModel; using Duende.IdentityServer.Extensions; using Duende.IdentityServer.Stores; -using Microsoft.AspNetCore.Http; using Microsoft.Extensions.Logging; using System; using System.Collections.Generic; @@ -27,12 +26,6 @@ public class DefaultTokenService : ITokenService /// protected readonly ILogger Logger; - // TODO: unused, so remove in 7.0? - /// - /// The HTTP context accessor - /// - protected readonly IHttpContextAccessor ContextAccessor; - /// /// The claims provider /// @@ -69,7 +62,6 @@ public class DefaultTokenService : ITokenService /// The claims provider. /// The reference token store. /// The signing service. - /// The HTTP context accessor. /// The clock. /// /// The IdentityServer options @@ -78,13 +70,11 @@ public DefaultTokenService( IClaimsService claimsProvider, IReferenceTokenStore referenceTokenStore, ITokenCreationService creationService, - IHttpContextAccessor contextAccessor, IClock clock, IKeyMaterialService keyMaterialService, IdentityServerOptions options, ILogger logger) { - ContextAccessor = contextAccessor; ClaimsProvider = claimsProvider; ReferenceTokenStore = referenceTokenStore; CreationService = creationService; diff --git a/src/IdentityServer/Validation/Default/AuthorizeRequestValidator.cs b/src/IdentityServer/Validation/Default/AuthorizeRequestValidator.cs index d8efa2cda..47404e095 100644 --- a/src/IdentityServer/Validation/Default/AuthorizeRequestValidator.cs +++ b/src/IdentityServer/Validation/Default/AuthorizeRequestValidator.cs @@ -478,7 +478,7 @@ private async Task ValidateScopeAndResourceAsy return Invalid(request, OidcConstants.AuthorizeErrors.InvalidTarget, "Resource indicators not allowed for response_type 'token'."); } - request.RequestedResourceIndiators = resourceIndicators; + request.RequestedResourceIndicators = resourceIndicators; ////////////////////////////////////////////////////////// // check if scopes are valid/supported and check for resource scopes @@ -631,10 +631,8 @@ private async Task ValidateOptionalParametersA } else { - // TODO: change to error in a major release? - // https://github.com/DuendeSoftware/IdentityServer/issues/845#issuecomment-1405377531 - // https://openid.net/specs/openid-connect-prompt-create-1_0.html#name-authorization-request - _logger.LogDebug("Unsupported suppressed_prompt mode - ignored: " + prompt); + _logger.LogError("Unsupported prompt mode - ignored: " + prompt); + return Invalid(request, description: "Invalid prompt"); } } diff --git a/src/IdentityServer/Validation/Default/TokenRequestValidator.cs b/src/IdentityServer/Validation/Default/TokenRequestValidator.cs index 32e40b400..0d3fd01f1 100644 --- a/src/IdentityServer/Validation/Default/TokenRequestValidator.cs +++ b/src/IdentityServer/Validation/Default/TokenRequestValidator.cs @@ -1048,7 +1048,7 @@ private async Task ValidateExtensionGrantRequestAs if (isActiveCtx.IsActive == false) { - // todo: raise event? + // todo: raise event (or an OTEL metric event)? LogError("User has been disabled", new { subjectId = result.Subject.GetSubjectId() }); return Invalid(OidcConstants.TokenErrors.InvalidGrant); diff --git a/src/IdentityServer/Validation/Models/ValidatedAuthorizeRequest.cs b/src/IdentityServer/Validation/Models/ValidatedAuthorizeRequest.cs index a63e67288..3b2a10523 100644 --- a/src/IdentityServer/Validation/Models/ValidatedAuthorizeRequest.cs +++ b/src/IdentityServer/Validation/Models/ValidatedAuthorizeRequest.cs @@ -57,11 +57,10 @@ public class ValidatedAuthorizeRequest : ValidatedRequest // todo: consider replacing with extension method to access Raw collection; would need to be done wholesale for all props. public List RequestedScopes { get; set; } = default!; - // TODO: typo /// /// Gets or sets the requested resource indicators. /// - public IEnumerable? RequestedResourceIndiators { get; set; } + public IEnumerable? RequestedResourceIndicators { get; set; } /// /// Gets or sets a value indicating whether consent was shown. diff --git a/src/Storage/Constants.cs b/src/Storage/Constants.cs index cf4e539ab..4d8bae9ba 100644 --- a/src/Storage/Constants.cs +++ b/src/Storage/Constants.cs @@ -6,6 +6,6 @@ namespace Duende.IdentityServer; internal static class Constants { - public const string IdentityServerName = "IdentityServer4"; + public const string IdentityServerName = "Duende.IdentityServer"; public const string IdentityServerAuthenticationType = IdentityServerName; } \ No newline at end of file diff --git a/src/Storage/Models/AuthorizationCode.cs b/src/Storage/Models/AuthorizationCode.cs index ea33a6176..fb283e1cb 100644 --- a/src/Storage/Models/AuthorizationCode.cs +++ b/src/Storage/Models/AuthorizationCode.cs @@ -61,7 +61,6 @@ public class AuthorizationCode /// /// The requested scopes. /// - // todo: brock, change to parsed scopes public IEnumerable RequestedScopes { get; set; } = default!; /// diff --git a/test/IdentityServer.UnitTests/Validation/AuthorizeRequest Validation/Authorize_ProtocolValidation_Resources.cs b/test/IdentityServer.UnitTests/Validation/AuthorizeRequest Validation/Authorize_ProtocolValidation_Resources.cs index 914849d22..0b662d28b 100644 --- a/test/IdentityServer.UnitTests/Validation/AuthorizeRequest Validation/Authorize_ProtocolValidation_Resources.cs +++ b/test/IdentityServer.UnitTests/Validation/AuthorizeRequest Validation/Authorize_ProtocolValidation_Resources.cs @@ -72,7 +72,7 @@ public async Task no_resourceindicators_should_succeed() var result = await _subject.ValidateAsync(parameters); result.IsError.Should().Be(false); - result.ValidatedRequest.RequestedResourceIndiators.Should().BeEmpty(); + result.ValidatedRequest.RequestedResourceIndicators.Should().BeEmpty(); } [Fact] @@ -175,7 +175,7 @@ public async Task multiple_uri_resourceindicators_should_succeed() var result = await _subject.ValidateAsync(parameters); result.IsError.Should().BeFalse(); - result.ValidatedRequest.RequestedResourceIndiators.Should() + result.ValidatedRequest.RequestedResourceIndicators.Should() .BeEquivalentTo(new[] { "urn:test1", "http://resource1", "http://resource2" }); } From 541c5c17499e82bfae3a64bee5d4259c33b7e423 Mon Sep 17 00:00:00 2001 From: Joe DeCock Date: Wed, 1 Nov 2023 15:14:38 -0500 Subject: [PATCH 3/4] Fix tests --- .../Services/Default/DefaultTokenServiceTests.cs | 3 --- .../EndSessionRequestValidatorTests.cs | 2 -- 2 files changed, 5 deletions(-) diff --git a/test/IdentityServer.UnitTests/Services/Default/DefaultTokenServiceTests.cs b/test/IdentityServer.UnitTests/Services/Default/DefaultTokenServiceTests.cs index 538bd6e2a..7c142aa98 100644 --- a/test/IdentityServer.UnitTests/Services/Default/DefaultTokenServiceTests.cs +++ b/test/IdentityServer.UnitTests/Services/Default/DefaultTokenServiceTests.cs @@ -25,7 +25,6 @@ public class DefaultTokenServiceTests MockClaimsService _mockClaimsService = new MockClaimsService(); MockReferenceTokenStore _mockReferenceTokenStore = new MockReferenceTokenStore(); MockTokenCreationService _mockTokenCreationService = new MockTokenCreationService(); - DefaultHttpContext _httpContext = new DefaultHttpContext(); MockSystemClock _mockSystemClock = new MockSystemClock(); MockKeyMaterialService _mockKeyMaterialService = new MockKeyMaterialService(); IdentityServerOptions _options = new IdentityServerOptions(); @@ -36,13 +35,11 @@ public DefaultTokenServiceTests() var svcs = new ServiceCollection(); svcs.AddSingleton(_options); - _httpContext.RequestServices = svcs.BuildServiceProvider(); _subject = new DefaultTokenService( _mockClaimsService, _mockReferenceTokenStore, _mockTokenCreationService, - new HttpContextAccessor { HttpContext = _httpContext }, _mockSystemClock, _mockKeyMaterialService, _options, diff --git a/test/IdentityServer.UnitTests/Validation/EndSessionRequestValidation/EndSessionRequestValidatorTests.cs b/test/IdentityServer.UnitTests/Validation/EndSessionRequestValidation/EndSessionRequestValidatorTests.cs index 652dde92a..5cfe9d9d9 100644 --- a/test/IdentityServer.UnitTests/Validation/EndSessionRequestValidation/EndSessionRequestValidatorTests.cs +++ b/test/IdentityServer.UnitTests/Validation/EndSessionRequestValidation/EndSessionRequestValidatorTests.cs @@ -23,7 +23,6 @@ public class EndSessionRequestValidatorTests private IdentityServerOptions _options; private StubTokenValidator _stubTokenValidator = new StubTokenValidator(); private StubRedirectUriValidator _stubRedirectUriValidator = new StubRedirectUriValidator(); - private MockHttpContextAccessor _context = new MockHttpContextAccessor(); private MockUserSession _userSession = new MockUserSession(); private MockLogoutNotificationService _mockLogoutNotificationService = new MockLogoutNotificationService(); private MockMessageStore _mockEndSessionMessageStore = new MockMessageStore(); @@ -36,7 +35,6 @@ public EndSessionRequestValidatorTests() _options = TestIdentityServerOptions.Create(); _subject = new EndSessionRequestValidator( - _context, _options, _stubTokenValidator, _stubRedirectUriValidator, From 9b2d78f2d71f746a2e5a4e38fac716ff3aeb1ef4 Mon Sep 17 00:00:00 2001 From: Joe DeCock Date: Wed, 1 Nov 2023 15:40:21 -0500 Subject: [PATCH 4/4] Minor adjustment to (hopefully) avoid codeql flag --- .../Validation/Default/AuthorizeRequestValidator.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/IdentityServer/Validation/Default/AuthorizeRequestValidator.cs b/src/IdentityServer/Validation/Default/AuthorizeRequestValidator.cs index 47404e095..98775f20d 100644 --- a/src/IdentityServer/Validation/Default/AuthorizeRequestValidator.cs +++ b/src/IdentityServer/Validation/Default/AuthorizeRequestValidator.cs @@ -631,7 +631,7 @@ private async Task ValidateOptionalParametersA } else { - _logger.LogError("Unsupported prompt mode - ignored: " + prompt); + LogError("Unsupported prompt mode.", request); return Invalid(request, description: "Invalid prompt"); } }