Skip to content
This repository was archived by the owner on Sep 8, 2025. It is now read-only.

Commit c1a22bf

Browse files
leastprivilegeleastprivilege
committed
added tests for end session URL creation
1 parent f06ee9e commit c1a22bf

File tree

2 files changed

+64
-1
lines changed

2 files changed

+64
-1
lines changed

src/IdentityModel.OidcClient/AuthorizeClient.cs

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -131,7 +131,8 @@ internal string CreateEndSessionUrl(string endpoint, LogoutRequest request)
131131
parameters.Add(OidcConstants.EndSessionRequest.PostLogoutRedirectUri, _options.PostLogoutRedirectUri);
132132
}
133133

134-
return new AuthorizeRequest(endpoint).Create(parameters);
134+
// workaround bug in IdentityModel
135+
return new AuthorizeRequest(endpoint).Create(parameters).TrimEnd('?');
135136
}
136137

137138
internal Dictionary<string, string> CreateAuthorizeParameters(string state, string nonce, string codeChallenge, object extraParameters)

test/IdentityModel.OidcClient.Tests/EndSessionUrlTests.cs

Lines changed: 62 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,62 @@
1+
// Copyright (c) Brock Allen & Dominick Baier. All rights reserved.
2+
// Licensed under the Apache License, Version 2.0. See LICENSE in the project root for license information.
3+
4+
5+
using FluentAssertions;
6+
using Xunit;
7+
8+
namespace IdentityModel.OidcClient.Tests
9+
{
10+
public class EndSessionUrlTests
11+
{
12+
[Fact]
13+
public void default_parameters_should_create_expected_end_session_url()
14+
{
15+
var options = new OidcClientOptions();
16+
var client = new AuthorizeClient(options);
17+
18+
var url = client.CreateEndSessionUrl("https://server/end_session", new LogoutRequest());
19+
20+
url.Should().Be("https://server/end_session");
21+
}
22+
23+
[Fact]
24+
public void post_logout_redirect_parameter_should_create_expected_end_session_url()
25+
{
26+
var options = new OidcClientOptions
27+
{
28+
PostLogoutRedirectUri = "https://client.com/page"
29+
};
30+
31+
var client = new AuthorizeClient(options);
32+
var url = client.CreateEndSessionUrl("https://server/end_session", new LogoutRequest());
33+
34+
url.Should().Be("https://server/end_session?post_logout_redirect_uri=https%3A%2F%2Fclient.com%2Fpage");
35+
}
36+
37+
[Fact]
38+
public void post_logout_redirect_parameter_and_id_token_hint_should_create_expected_end_session_url()
39+
{
40+
var options = new OidcClientOptions
41+
{
42+
PostLogoutRedirectUri = "https://client.com/page"
43+
};
44+
45+
var client = new AuthorizeClient(options);
46+
var url = client.CreateEndSessionUrl("https://server/end_session", new LogoutRequest { IdTokenHint = "id_token" });
47+
48+
url.Should().Be("https://server/end_session?id_token_hint=id_token&post_logout_redirect_uri=https%3A%2F%2Fclient.com%2Fpage");
49+
}
50+
51+
[Fact]
52+
public void id_token_hint_should_create_expected_end_session_url()
53+
{
54+
var options = new OidcClientOptions();
55+
var client = new AuthorizeClient(options);
56+
57+
var url = client.CreateEndSessionUrl("https://server/end_session", new LogoutRequest { IdTokenHint = "id_token" });
58+
59+
url.Should().Be("https://server/end_session?id_token_hint=id_token");
60+
}
61+
}
62+
}

0 commit comments

Comments
 (0)