Merge pull request DuendeArchive#157 from balazsmeszegeto/main

brockallen · web-flow · commit f89274c1fd47 · 2022-06-01T09:56:21.000-04:00
Support modifying underlying TokenIntrospectionRequest
diff --git a/src/Context/RequestSendingContext.cs b/src/Context/RequestSendingContext.cs
@@ -0,0 +1,26 @@
+using IdentityModel.Client;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Http;
+
+namespace IdentityModel.AspNetCore.OAuth2Introspection
+{
+    /// <summary>
+    /// Context for the RequestSending event
+    /// </summary>
+    public class RequestSendingContext : BaseContext<OAuth2IntrospectionOptions>
+    {
+        /// <summary>
+        /// ctor
+        /// </summary>
+        public RequestSendingContext(
+            HttpContext context,
+            AuthenticationScheme scheme,
+            OAuth2IntrospectionOptions options)
+            : base(context, scheme, options) { }
+
+        /// <summary>
+        /// The <see cref="TokenIntrospectionRequest"/> request
+        /// </summary>
+        public TokenIntrospectionRequest TokenIntrospectionRequest { get; set; }
+    }
+}
diff --git a/src/OAuth2IntrospectionEvents.cs b/src/OAuth2IntrospectionEvents.cs
@@ -26,6 +26,11 @@ public class OAuth2IntrospectionEvents
         /// </summary>
         public Func<UpdateClientAssertionContext, Task> OnUpdateClientAssertion { get; set; } = context => Task.CompletedTask;
 
+        /// <summary>
+        /// Invoked when sending token introspection request.
+        /// </summary>
+        public Func<RequestSendingContext, Task> OnRequestSending { get; set; } = context => Task.CompletedTask;
+
         /// <summary>
         /// Invoked if exceptions are thrown during request processing. The exceptions will be re-thrown after this event unless suppressed.
         /// </summary>
@@ -40,5 +45,10 @@ public class OAuth2IntrospectionEvents
         /// Invoked when client assertion need to be updated.
         /// </summary>
         public virtual Task UpdateClientAssertion(UpdateClientAssertionContext context) => OnUpdateClientAssertion(context);
+
+        /// <summary>
+        /// Invoked when sending token introspection request.
+        /// </summary>
+        public virtual Task RequestSending(RequestSendingContext context) => OnRequestSending(context);
     }
-}
+}
diff --git a/src/OAuth2IntrospectionHandler.cs b/src/OAuth2IntrospectionHandler.cs
@@ -179,6 +179,14 @@ private static async Task<TokenIntrospectionResponse> LoadClaimsForToken(
         {
             var introspectionClient = await options.IntrospectionClient.Value.ConfigureAwait(false);
             using var request = CreateTokenIntrospectionRequest(token, context, scheme, events, options);
+
+            var requestSendingContext = new RequestSendingContext(context, scheme, options)
+            {
+                TokenIntrospectionRequest = request,
+            };
+
+            await events.RequestSending(requestSendingContext);
+
             return await introspectionClient.IntrospectTokenAsync(request).ConfigureAwait(false);
         }
 
diff --git a/test/Tests/Introspection.cs b/test/Tests/Introspection.cs
@@ -394,6 +394,31 @@ public async Task ActiveToken_With_Discovery_Unavailable_On_First_Request()
             result.StatusCode.Should().Be(HttpStatusCode.OK);
         }
 
+        [Fact]
+        public async Task ActiveToken_RequestSending_AdditionalParameter_with_inline_event()
+        {
+            var handler = new IntrospectionEndpointHandler(IntrospectionEndpointHandler.Behavior.Active);
+
+            var client = PipelineFactory.CreateClient(o =>
+            {
+                _options(o);
+
+                o.Events.OnRequestSending = e =>
+                {
+                    e.TokenIntrospectionRequest.Parameters = Parameters.FromObject(new { additionalParameter = "42" });
+                    return Task.CompletedTask;
+                };
+
+            }, handler);
+
+            client.SetBearerToken("sometoken");
+
+            var result = await client.GetAsync("http://test");
+            result.StatusCode.Should().Be(HttpStatusCode.OK);
+
+            handler.LastRequest.Should().Contain(new KeyValuePair<string, string>("additionalParameter", "42"));
+        }
+
         private void AssertCacheItemExists(TestServer testServer, string cacheKeyPrefix, string token)
         {
             var cache = testServer.Services.GetService<IDistributedCache>();

Original file line number	Diff line number	Diff line change
`@@ -179,6 +179,14 @@ private static async Task<TokenIntrospectionResponse> LoadClaimsForToken(`
`179`	`179`	`{`
`180`	`180`	`var introspectionClient = await options.IntrospectionClient.Value.ConfigureAwait(false);`
`181`	`181`	`using var request = CreateTokenIntrospectionRequest(token, context, scheme, events, options);`
	`182`	`+`
	`183`	`+ var requestSendingContext = new RequestSendingContext(context, scheme, options)`
	`184`	`+ {`
	`185`	`+ TokenIntrospectionRequest = request,`
	`186`	`+ };`
	`187`	`+`
	`188`	`+ await events.RequestSending(requestSendingContext);`
	`189`	`+`
`182`	`190`	`return await introspectionClient.IntrospectTokenAsync(request).ConfigureAwait(false);`
`183`	`191`	`}`
`184`	`192`