diff --git a/identity-server/src/IdentityServer/ResponseHandling/Default/AuthorizeInteractionResponseGenerator.cs b/identity-server/src/IdentityServer/ResponseHandling/Default/AuthorizeInteractionResponseGenerator.cs
index ae3c2ad8c..9d3637230 100644
--- a/identity-server/src/IdentityServer/ResponseHandling/Default/AuthorizeInteractionResponseGenerator.cs
+++ b/identity-server/src/IdentityServer/ResponseHandling/Default/AuthorizeInteractionResponseGenerator.cs
@@ -322,7 +322,7 @@ public class AuthorizeInteractionResponseGenerator : IAuthorizeInteractionRespon
throw new ArgumentException("Invalid PromptMode");
}
- var consentRequired = await Consent.RequiresConsentAsync(request.Subject, request.Client, request.ValidatedResources.ParsedScopes);
+ var consentRequired = await Consent.RequiresConsentAsync(request.Subject, request.Client, request.ValidatedResources.ParsedScopes, default);
if (consentRequired && request.PromptModes.Contains(OidcConstants.PromptModes.None))
{
@@ -399,7 +399,7 @@ public class AuthorizeInteractionResponseGenerator : IAuthorizeInteractionRespon
Logger.LogDebug("User indicated to remember consent for scopes: {scopes}", request.ValidatedResources.RawScopeValues);
}
- await Consent.UpdateConsentAsync(request.Subject, request.Client, parsedScopes);
+ await Consent.UpdateConsentAsync(request.Subject, request.Client, parsedScopes, default);
}
}
}
diff --git a/identity-server/src/IdentityServer/Services/Default/DefaultBackchannelAuthenticationInteractionService.cs b/identity-server/src/IdentityServer/Services/Default/DefaultBackchannelAuthenticationInteractionService.cs
index 3277cd7f1..470eff12c 100644
--- a/identity-server/src/IdentityServer/Services/Default/DefaultBackchannelAuthenticationInteractionService.cs
+++ b/identity-server/src/IdentityServer/Services/Default/DefaultBackchannelAuthenticationInteractionService.cs
@@ -63,7 +63,7 @@ public class DefaultBackchannelAuthenticationInteractionService : IBackchannelAu
Client = client,
Scopes = request.RequestedScopes,
ResourceIndicators = request.RequestedResourceIndicators,
- });
+ }, ct);
return new BackchannelUserLoginRequest
{
diff --git a/identity-server/src/IdentityServer/Services/Default/DefaultConsentService.cs b/identity-server/src/IdentityServer/Services/Default/DefaultConsentService.cs
index 0edb5a95d..ae687391e 100644
--- a/identity-server/src/IdentityServer/Services/Default/DefaultConsentService.cs
+++ b/identity-server/src/IdentityServer/Services/Default/DefaultConsentService.cs
@@ -51,6 +51,7 @@ public class DefaultConsentService : IConsentService
/// The user.
/// The client.
/// The parsed scopes.
+ /// The used to propagate notifications that the operation should be canceled.
///
/// Boolean if consent is required.
///
@@ -59,7 +60,7 @@ public class DefaultConsentService : IConsentService
/// or
/// subject
///
- public virtual async Task RequiresConsentAsync(ClaimsPrincipal subject, Client client, IEnumerable parsedScopes)
+ public virtual async Task RequiresConsentAsync(ClaimsPrincipal subject, Client client, IEnumerable parsedScopes, CT ct)
{
using var activity = Tracing.ServiceActivitySource.StartActivity("DefaultConsentService.RequiresConsent");
@@ -100,7 +101,7 @@ public class DefaultConsentService : IConsentService
return true;
}
- var consent = await UserConsentStore.GetUserConsentAsync(subject.GetSubjectId(), client.ClientId, default);
+ var consent = await UserConsentStore.GetUserConsentAsync(subject.GetSubjectId(), client.ClientId, ct);
if (consent == null)
{
@@ -111,7 +112,7 @@ public class DefaultConsentService : IConsentService
if (consent.Expiration.HasExpired(TimeProvider.GetUtcNow().UtcDateTime))
{
Logger.LogDebug("Consent found in consent store is expired, consent is required");
- await UserConsentStore.RemoveUserConsentAsync(consent.SubjectId, consent.ClientId, default);
+ await UserConsentStore.RemoveUserConsentAsync(consent.SubjectId, consent.ClientId, ct);
return true;
}
@@ -143,13 +144,14 @@ public class DefaultConsentService : IConsentService
/// The client.
/// The subject.
/// The parsed scopes.
+ /// The used to propagate notifications that the operation should be canceled.
///
///
/// client
/// or
/// subject
///
- public virtual async Task UpdateConsentAsync(ClaimsPrincipal subject, Client client, IEnumerable parsedScopes)
+ public virtual async Task UpdateConsentAsync(ClaimsPrincipal subject, Client client, IEnumerable parsedScopes, CT ct)
{
using var activity = Tracing.ServiceActivitySource.StartActivity("DefaultConsentService.UpdateConsent");
@@ -179,13 +181,13 @@ public class DefaultConsentService : IConsentService
consent.Expiration = consent.CreationTime.AddSeconds(client.ConsentLifetime.Value);
}
- await UserConsentStore.StoreUserConsentAsync(consent, default);
+ await UserConsentStore.StoreUserConsentAsync(consent, ct);
}
else
{
Logger.LogDebug("Client allows remembering consent, and no scopes provided. Removing consent from consent store for subject: {subject}", subject.GetSubjectId());
- await UserConsentStore.RemoveUserConsentAsync(subjectId, clientId, default);
+ await UserConsentStore.RemoveUserConsentAsync(subjectId, clientId, ct);
}
}
}
diff --git a/identity-server/src/IdentityServer/Services/Default/DefaultDeviceFlowInteractionService.cs b/identity-server/src/IdentityServer/Services/Default/DefaultDeviceFlowInteractionService.cs
index a2df2840e..3c0fd4994 100644
--- a/identity-server/src/IdentityServer/Services/Default/DefaultDeviceFlowInteractionService.cs
+++ b/identity-server/src/IdentityServer/Services/Default/DefaultDeviceFlowInteractionService.cs
@@ -49,7 +49,7 @@ internal class DefaultDeviceFlowInteractionService : IDeviceFlowInteractionServi
{
Client = client,
Scopes = deviceAuth.RequestedScopes,
- });
+ }, ct);
return new DeviceFlowAuthorizationRequest
{
diff --git a/identity-server/src/IdentityServer/Services/IConsentService.cs b/identity-server/src/IdentityServer/Services/IConsentService.cs
index b01057fe2..dc1d5bbc8 100644
--- a/identity-server/src/IdentityServer/Services/IConsentService.cs
+++ b/identity-server/src/IdentityServer/Services/IConsentService.cs
@@ -21,10 +21,11 @@ public interface IConsentService
/// The user.
/// The client.
/// The parsed scopes.
+ /// The used to propagate notifications that the operation should be canceled.
///
/// Boolean if consent is required.
///
- Task RequiresConsentAsync(ClaimsPrincipal subject, Client client, IEnumerable parsedScopes);
+ Task RequiresConsentAsync(ClaimsPrincipal subject, Client client, IEnumerable parsedScopes, CT ct);
///
/// Updates the consent.
@@ -32,6 +33,7 @@ public interface IConsentService
/// The subject.
/// The client.
/// The parsed scopes.
+ /// The used to propagate notifications that the operation should be canceled.
///
- Task UpdateConsentAsync(ClaimsPrincipal subject, Client client, IEnumerable parsedScopes);
+ Task UpdateConsentAsync(ClaimsPrincipal subject, Client client, IEnumerable parsedScopes, CT ct);
}
diff --git a/identity-server/src/IdentityServer/Validation/Default/AuthorizeRequestValidator.cs b/identity-server/src/IdentityServer/Validation/Default/AuthorizeRequestValidator.cs
index e0c60b684..08b27e9c0 100644
--- a/identity-server/src/IdentityServer/Validation/Default/AuthorizeRequestValidator.cs
+++ b/identity-server/src/IdentityServer/Validation/Default/AuthorizeRequestValidator.cs
@@ -551,7 +551,7 @@ internal class AuthorizeRequestValidator : IAuthorizeRequestValidator
Client = request.Client,
Scopes = request.RequestedScopes,
ResourceIndicators = resourceIndicators,
- });
+ }, default);
if (!validatedResources.Succeeded)
{
diff --git a/identity-server/src/IdentityServer/Validation/Default/BackchannelAuthenticationRequestValidator.cs b/identity-server/src/IdentityServer/Validation/Default/BackchannelAuthenticationRequestValidator.cs
index 9ae8478dd..90310040b 100644
--- a/identity-server/src/IdentityServer/Validation/Default/BackchannelAuthenticationRequestValidator.cs
+++ b/identity-server/src/IdentityServer/Validation/Default/BackchannelAuthenticationRequestValidator.cs
@@ -165,7 +165,7 @@ internal class BackchannelAuthenticationRequestValidator : IBackchannelAuthentic
Client = _validatedRequest.Client,
Scopes = _validatedRequest.RequestedScopes,
ResourceIndicators = resourceIndicators,
- });
+ }, default);
if (!validatedResources.Succeeded)
{
diff --git a/identity-server/src/IdentityServer/Validation/Default/DefaultResourceValidator.cs b/identity-server/src/IdentityServer/Validation/Default/DefaultResourceValidator.cs
index 0af93c407..1696607e4 100644
--- a/identity-server/src/IdentityServer/Validation/Default/DefaultResourceValidator.cs
+++ b/identity-server/src/IdentityServer/Validation/Default/DefaultResourceValidator.cs
@@ -32,7 +32,7 @@ public class DefaultResourceValidator : IResourceValidator
}
///
- public virtual async Task ValidateRequestedResourcesAsync(ResourceValidationRequest request)
+ public virtual async Task ValidateRequestedResourcesAsync(ResourceValidationRequest request, CT ct)
{
ArgumentNullException.ThrowIfNull(request);
using var activity = Tracing.ValidationActivitySource.StartActivity("DefaultResourceValidator.ValidateRequestedResources");
@@ -55,7 +55,7 @@ public class DefaultResourceValidator : IResourceValidator
var scopeNames = parsedScopesResult.ParsedScopes.Select(x => x.ParsedName).Distinct().ToArray();
// todo: this API might want to pass resource indicators to better filter
- var scopeResourcesFromStore = await _store.FindEnabledResourcesByScopeAsync(scopeNames, default);
+ var scopeResourcesFromStore = await _store.FindEnabledResourcesByScopeAsync(scopeNames, ct);
if (request.ResourceIndicators?.Any() == true)
{
diff --git a/identity-server/src/IdentityServer/Validation/Default/DeviceAuthorizationRequestValidator.cs b/identity-server/src/IdentityServer/Validation/Default/DeviceAuthorizationRequestValidator.cs
index 0fa05e93e..a40c9254a 100644
--- a/identity-server/src/IdentityServer/Validation/Default/DeviceAuthorizationRequestValidator.cs
+++ b/identity-server/src/IdentityServer/Validation/Default/DeviceAuthorizationRequestValidator.cs
@@ -148,7 +148,7 @@ internal class DeviceAuthorizationRequestValidator : IDeviceAuthorizationRequest
{
Client = request.Client,
Scopes = request.RequestedScopes
- });
+ }, default);
if (!validatedResources.Succeeded)
{
diff --git a/identity-server/src/IdentityServer/Validation/Default/TokenRequestValidator.cs b/identity-server/src/IdentityServer/Validation/Default/TokenRequestValidator.cs
index 903a822c4..d71123377 100644
--- a/identity-server/src/IdentityServer/Validation/Default/TokenRequestValidator.cs
+++ b/identity-server/src/IdentityServer/Validation/Default/TokenRequestValidator.cs
@@ -465,7 +465,7 @@ internal class TokenRequestValidator : ITokenRequestValidator
Client = _validatedRequest.Client,
Scopes = _validatedRequest.AuthorizationCode.RequestedScopes,
ResourceIndicators = _validatedRequest.AuthorizationCode.RequestedResourceIndicators,
- });
+ }, _ct);
if (!validatedResources.Succeeded)
{
@@ -813,7 +813,7 @@ internal class TokenRequestValidator : ITokenRequestValidator
Client = _validatedRequest.Client,
Scopes = _validatedRequest.RefreshToken.AuthorizedScopes,
ResourceIndicators = resourceIndicators,
- });
+ }, _ct);
if (!validatedResources.Succeeded)
{
@@ -895,7 +895,7 @@ internal class TokenRequestValidator : ITokenRequestValidator
Client = _validatedRequest.Client,
Scopes = _validatedRequest.DeviceCode.AuthorizedScopes,
ResourceIndicators = null // not supported for device grant
- });
+ }, _ct);
if (!validatedResources.Succeeded)
{
@@ -984,7 +984,7 @@ internal class TokenRequestValidator : ITokenRequestValidator
Client = _validatedRequest.Client,
Scopes = _validatedRequest.BackChannelAuthenticationRequest.AuthorizedScopes,
ResourceIndicators = _validatedRequest.BackChannelAuthenticationRequest.RequestedResourceIndicators,
- });
+ }, _ct);
if (!validatedResources.Succeeded)
{
@@ -1157,7 +1157,7 @@ internal class TokenRequestValidator : ITokenRequestValidator
Client = _validatedRequest.Client,
Scopes = requestedScopes,
ResourceIndicators = resourceIndicators,
- });
+ }, _ct);
if (!resourceValidationResult.Succeeded)
{
diff --git a/identity-server/src/IdentityServer/Validation/IResourceValidator.cs b/identity-server/src/IdentityServer/Validation/IResourceValidator.cs
index c79ab3a42..497da3bec 100644
--- a/identity-server/src/IdentityServer/Validation/IResourceValidator.cs
+++ b/identity-server/src/IdentityServer/Validation/IResourceValidator.cs
@@ -16,5 +16,7 @@ public interface IResourceValidator
///
/// Validates the requested resources for the client.
///
- Task ValidateRequestedResourcesAsync(ResourceValidationRequest request);
+ /// The resource validation request.
+ /// The used to propagate notifications that the operation should be canceled.
+ Task ValidateRequestedResourcesAsync(ResourceValidationRequest request, CT ct);
}
diff --git a/identity-server/test/IdentityServer.IntegrationTests/Common/MockResourceValidator.cs b/identity-server/test/IdentityServer.IntegrationTests/Common/MockResourceValidator.cs
index 3ea0603c2..58b11fb87 100644
--- a/identity-server/test/IdentityServer.IntegrationTests/Common/MockResourceValidator.cs
+++ b/identity-server/test/IdentityServer.IntegrationTests/Common/MockResourceValidator.cs
@@ -12,5 +12,5 @@ internal class MockResourceValidator : IResourceValidator
public Task> ParseRequestedScopesAsync(IEnumerable scopeValues) => Task.FromResult(scopeValues.Select(x => new ParsedScopeValue(x)));
- public Task ValidateRequestedResourcesAsync(ResourceValidationRequest request) => Task.FromResult(Result);
+ public Task ValidateRequestedResourcesAsync(ResourceValidationRequest request, CT ct) => Task.FromResult(Result);
}
diff --git a/identity-server/test/IdentityServer.UnitTests/Common/MockConsentService.cs b/identity-server/test/IdentityServer.UnitTests/Common/MockConsentService.cs
index 050574704..d84e819bf 100644
--- a/identity-server/test/IdentityServer.UnitTests/Common/MockConsentService.cs
+++ b/identity-server/test/IdentityServer.UnitTests/Common/MockConsentService.cs
@@ -13,13 +13,13 @@ public class MockConsentService : IConsentService
{
public bool RequiresConsentResult { get; set; }
- public Task RequiresConsentAsync(ClaimsPrincipal subject, Client client, IEnumerable parsedScopes) => Task.FromResult(RequiresConsentResult);
+ public Task RequiresConsentAsync(ClaimsPrincipal subject, Client client, IEnumerable parsedScopes, CT ct) => Task.FromResult(RequiresConsentResult);
public ClaimsPrincipal ConsentSubject { get; set; }
public Client ConsentClient { get; set; }
public IEnumerable ConsentScopes { get; set; }
- public Task UpdateConsentAsync(ClaimsPrincipal subject, Client client, IEnumerable parsedScopes)
+ public Task UpdateConsentAsync(ClaimsPrincipal subject, Client client, IEnumerable parsedScopes, CT ct)
{
ConsentSubject = subject;
ConsentClient = client;
diff --git a/identity-server/test/IdentityServer.UnitTests/Common/MockResourceValidator.cs b/identity-server/test/IdentityServer.UnitTests/Common/MockResourceValidator.cs
index c6c01c489..20578827e 100644
--- a/identity-server/test/IdentityServer.UnitTests/Common/MockResourceValidator.cs
+++ b/identity-server/test/IdentityServer.UnitTests/Common/MockResourceValidator.cs
@@ -12,5 +12,5 @@ internal class MockResourceValidator : IResourceValidator
public Task> ParseRequestedScopesAsync(IEnumerable scopeValues) => Task.FromResult(scopeValues.Select(x => new ParsedScopeValue(x)));
- public Task ValidateRequestedResourcesAsync(ResourceValidationRequest request) => Task.FromResult(Result);
+ public Task ValidateRequestedResourcesAsync(ResourceValidationRequest request, CT ct) => Task.FromResult(Result);
}
diff --git a/identity-server/test/IdentityServer.UnitTests/Services/Default/DefaultConsentServiceTests.cs b/identity-server/test/IdentityServer.UnitTests/Services/Default/DefaultConsentServiceTests.cs
index a57161af8..3f2ec973d 100644
--- a/identity-server/test/IdentityServer.UnitTests/Services/Default/DefaultConsentServiceTests.cs
+++ b/identity-server/test/IdentityServer.UnitTests/Services/Default/DefaultConsentServiceTests.cs
@@ -71,7 +71,7 @@ public class DefaultConsentServiceTests
{
_client.AllowRememberConsent = false;
- await _subject.UpdateConsentAsync(_user, _client, new[] { new ParsedScopeValue("scope1"), new ParsedScopeValue("scope2") });
+ await _subject.UpdateConsentAsync(_user, _client, new[] { new ParsedScopeValue("scope1"), new ParsedScopeValue("scope2") }, _ct);
var consent = await _userConsentStore.GetUserConsentAsync(_user.GetSubjectId(), _client.ClientId, _ct);
consent.ShouldBeNull();
@@ -80,7 +80,7 @@ public class DefaultConsentServiceTests
[Fact]
public async Task UpdateConsentAsync_should_persist_consent()
{
- await _subject.UpdateConsentAsync(_user, _client, new[] { new ParsedScopeValue("scope1"), new ParsedScopeValue("scope2") });
+ await _subject.UpdateConsentAsync(_user, _client, new[] { new ParsedScopeValue("scope1"), new ParsedScopeValue("scope2") }, _ct);
var consent = await _userConsentStore.GetUserConsentAsync(_user.GetSubjectId(), _client.ClientId, _ct);
consent.Scopes.Count().ShouldBe(2);
@@ -91,9 +91,9 @@ public class DefaultConsentServiceTests
[Fact]
public async Task UpdateConsentAsync_empty_scopes_should_remove_consent()
{
- await _subject.UpdateConsentAsync(_user, _client, new[] { new ParsedScopeValue("scope1"), new ParsedScopeValue("scope2") });
+ await _subject.UpdateConsentAsync(_user, _client, new[] { new ParsedScopeValue("scope1"), new ParsedScopeValue("scope2") }, _ct);
- await _subject.UpdateConsentAsync(_user, _client, new ParsedScopeValue[] { });
+ await _subject.UpdateConsentAsync(_user, _client, new ParsedScopeValue[] { }, _ct);
var consent = await _userConsentStore.GetUserConsentAsync(_user.GetSubjectId(), _client.ClientId, _ct);
consent.ShouldBeNull();
@@ -104,7 +104,7 @@ public class DefaultConsentServiceTests
{
_client.RequireConsent = false;
- var result = await _subject.RequiresConsentAsync(_user, _client, new[] { new ParsedScopeValue("scope1"), new ParsedScopeValue("scope2") });
+ var result = await _subject.RequiresConsentAsync(_user, _client, new[] { new ParsedScopeValue("scope1"), new ParsedScopeValue("scope2") }, _ct);
result.ShouldBeFalse();
}
@@ -114,7 +114,7 @@ public class DefaultConsentServiceTests
{
_client.AllowRememberConsent = false;
- var result = await _subject.RequiresConsentAsync(_user, _client, new[] { new ParsedScopeValue("scope1"), new ParsedScopeValue("scope2") });
+ var result = await _subject.RequiresConsentAsync(_user, _client, new[] { new ParsedScopeValue("scope1"), new ParsedScopeValue("scope2") }, _ct);
result.ShouldBeTrue();
}
@@ -122,7 +122,7 @@ public class DefaultConsentServiceTests
[Fact]
public async Task RequiresConsentAsync_no_scopes_should_not_require_consent()
{
- var result = await _subject.RequiresConsentAsync(_user, _client, new ParsedScopeValue[] { });
+ var result = await _subject.RequiresConsentAsync(_user, _client, new ParsedScopeValue[] { }, _ct);
result.ShouldBeFalse();
}
@@ -130,7 +130,7 @@ public class DefaultConsentServiceTests
[Fact]
public async Task RequiresConsentAsync_offline_access_should_require_consent()
{
- var result = await _subject.RequiresConsentAsync(_user, _client, new[] { new ParsedScopeValue("scope1"), new ParsedScopeValue("offline_access") });
+ var result = await _subject.RequiresConsentAsync(_user, _client, new[] { new ParsedScopeValue("scope1"), new ParsedScopeValue("offline_access") }, _ct);
result.ShouldBeTrue();
}
@@ -138,7 +138,7 @@ public class DefaultConsentServiceTests
[Fact]
public async Task RequiresConsentAsync_no_prior_consent_should_require_consent()
{
- var result = await _subject.RequiresConsentAsync(_user, _client, new[] { new ParsedScopeValue("scope1"), new ParsedScopeValue("scope2") });
+ var result = await _subject.RequiresConsentAsync(_user, _client, new[] { new ParsedScopeValue("scope1"), new ParsedScopeValue("scope2") }, _ct);
result.ShouldBeTrue();
}
@@ -146,9 +146,9 @@ public class DefaultConsentServiceTests
[Fact]
public async Task RequiresConsentAsync_prior_consent_should_not_require_consent()
{
- await _subject.UpdateConsentAsync(_user, _client, new[] { new ParsedScopeValue("scope1"), new ParsedScopeValue("scope2") });
+ await _subject.UpdateConsentAsync(_user, _client, new[] { new ParsedScopeValue("scope1"), new ParsedScopeValue("scope2") }, _ct);
- var result = await _subject.RequiresConsentAsync(_user, _client, new[] { new ParsedScopeValue("scope1"), new ParsedScopeValue("scope2") });
+ var result = await _subject.RequiresConsentAsync(_user, _client, new[] { new ParsedScopeValue("scope1"), new ParsedScopeValue("scope2") }, _ct);
result.ShouldBeFalse();
}
@@ -156,9 +156,9 @@ public class DefaultConsentServiceTests
[Fact]
public async Task RequiresConsentAsync_prior_consent_with_more_scopes_should_not_require_consent()
{
- await _subject.UpdateConsentAsync(_user, _client, new[] { new ParsedScopeValue("scope1"), new ParsedScopeValue("scope2"), new ParsedScopeValue("scope3") });
+ await _subject.UpdateConsentAsync(_user, _client, new[] { new ParsedScopeValue("scope1"), new ParsedScopeValue("scope2"), new ParsedScopeValue("scope3") }, _ct);
- var result = await _subject.RequiresConsentAsync(_user, _client, new[] { new ParsedScopeValue("scope2") });
+ var result = await _subject.RequiresConsentAsync(_user, _client, new[] { new ParsedScopeValue("scope2") }, _ct);
result.ShouldBeFalse();
}
@@ -166,9 +166,9 @@ public class DefaultConsentServiceTests
[Fact]
public async Task RequiresConsentAsync_prior_consent_with_too_few_scopes_should_require_consent()
{
- await _subject.UpdateConsentAsync(_user, _client, new[] { new ParsedScopeValue("scope2"), new ParsedScopeValue("scope3") });
+ await _subject.UpdateConsentAsync(_user, _client, new[] { new ParsedScopeValue("scope2"), new ParsedScopeValue("scope3") }, _ct);
- var result = await _subject.RequiresConsentAsync(_user, _client, new[] { new ParsedScopeValue("scope1"), new ParsedScopeValue("scope2") });
+ var result = await _subject.RequiresConsentAsync(_user, _client, new[] { new ParsedScopeValue("scope1"), new ParsedScopeValue("scope2") }, _ct);
result.ShouldBeTrue();
}
@@ -181,12 +181,12 @@ public class DefaultConsentServiceTests
var scopes = new[] { new ParsedScopeValue("foo"), new ParsedScopeValue("bar") };
_client.ConsentLifetime = 2;
- await _subject.UpdateConsentAsync(_user, _client, scopes);
+ await _subject.UpdateConsentAsync(_user, _client, scopes, _ct);
now = now.AddSeconds(3);
_timeProvider.SetUtcNow(now);
- var result = await _subject.RequiresConsentAsync(_user, _client, scopes);
+ var result = await _subject.RequiresConsentAsync(_user, _client, scopes, _ct);
result.ShouldBeTrue();
}
@@ -199,12 +199,12 @@ public class DefaultConsentServiceTests
var scopes = new[] { new ParsedScopeValue("foo"), new ParsedScopeValue("bar") };
_client.ConsentLifetime = 2;
- await _subject.UpdateConsentAsync(_user, _client, scopes);
+ await _subject.UpdateConsentAsync(_user, _client, scopes, _ct);
now = now.AddSeconds(3);
_timeProvider.SetUtcNow(now);
- await _subject.RequiresConsentAsync(_user, _client, scopes);
+ await _subject.RequiresConsentAsync(_user, _client, scopes, _ct);
var result = await _userConsentStore.GetUserConsentAsync(_user.GetSubjectId(), _client.ClientId, _ct);
diff --git a/identity-server/test/IdentityServer.UnitTests/Validation/ResourceValidation.cs b/identity-server/test/IdentityServer.UnitTests/Validation/ResourceValidation.cs
index 8f4467ce9..0f5edb27d 100644
--- a/identity-server/test/IdentityServer.UnitTests/Validation/ResourceValidation.cs
+++ b/identity-server/test/IdentityServer.UnitTests/Validation/ResourceValidation.cs
@@ -103,6 +103,7 @@ public class ResourceValidation
};
private IResourceStore _subject;
+ private readonly CT _ct = TestContext.Current.CancellationToken;
public ResourceValidation() => _subject = new InMemoryResourcesStore(_identityResources, _apiResources, _scopes);
@@ -117,7 +118,7 @@ public class ResourceValidation
{
Client = _restrictedClient,
Scopes = new[] { "offline_access" }
- });
+ }, _ct);
result.Succeeded.ShouldBeFalse();
result.InvalidScopes.ShouldContain("offline_access");
@@ -132,7 +133,7 @@ public class ResourceValidation
{
Client = _restrictedClient,
Scopes = new[] { "openid", "scope1" }
- });
+ }, _ct);
result.Succeeded.ShouldBeTrue();
result.InvalidScopes.ShouldBeEmpty();
@@ -148,7 +149,7 @@ public class ResourceValidation
{
Client = _restrictedClient,
Scopes = new[] { "openid", "email", "scope1", "unknown" }
- });
+ }, _ct);
result.Succeeded.ShouldBeFalse();
result.InvalidScopes.ShouldContain("unknown");
@@ -160,7 +161,7 @@ public class ResourceValidation
{
Client = _restrictedClient,
Scopes = new[] { "openid", "scope1", "scope2" }
- });
+ }, _ct);
result.Succeeded.ShouldBeFalse();
result.InvalidScopes.ShouldContain("scope2");
@@ -171,7 +172,7 @@ public class ResourceValidation
{
Client = _restrictedClient,
Scopes = new[] { "openid", "email", "scope1" }
- });
+ }, _ct);
result.Succeeded.ShouldBeFalse();
result.InvalidScopes.ShouldContain("email");
@@ -187,7 +188,7 @@ public class ResourceValidation
{
Client = _restrictedClient,
Scopes = new[] { "openid", "scope1", "disabled_scope" }
- });
+ }, _ct);
result.Succeeded.ShouldBeFalse();
result.InvalidScopes.ShouldContain("disabled_scope");
@@ -202,7 +203,7 @@ public class ResourceValidation
{
Client = _restrictedClient,
Scopes = new[] { "openid", "scope1" }
- });
+ }, _ct);
result.Succeeded.ShouldBeTrue();
result.InvalidScopes.ShouldBeEmpty();
@@ -217,7 +218,7 @@ public class ResourceValidation
{
Client = _restrictedClient,
Scopes = new[] { "openid", "email", "scope1", "scope2" }
- });
+ }, _ct);
result.Succeeded.ShouldBeFalse();
result.InvalidScopes.ShouldContain("email");
@@ -233,7 +234,7 @@ public class ResourceValidation
{
Client = _restrictedClient,
Scopes = new[] { "openid", "scope1" }
- });
+ }, _ct);
result.Succeeded.ShouldBeTrue();
result.Resources.IdentityResources.Select(x => x.Name).ShouldBe(["openid"]);
@@ -250,7 +251,7 @@ public class ResourceValidation
{
Client = _restrictedClient,
Scopes = new[] { "scope1" }
- });
+ }, _ct);
result.Succeeded.ShouldBeTrue();
result.Resources.IdentityResources.ShouldBeEmpty();
@@ -267,7 +268,7 @@ public class ResourceValidation
{
Client = _restrictedClient,
Scopes = new[] { "openid" }
- });
+ }, _ct);
result.Succeeded.ShouldBeTrue();
result.Resources.IdentityResources.Select(x => x.Name).ShouldContain("openid");
@@ -291,7 +292,7 @@ public class ResourceValidation
{
Client = new Client { AllowedScopes = { "s" } },
Scopes = new[] { "s" }
- });
+ }, _ct);
result.Succeeded.ShouldBeTrue();
result.Resources.ApiResources.Count.ShouldBe(2);
@@ -312,7 +313,7 @@ public class ResourceValidation
Client = _resourceClient,
Scopes = new[] { "scope1", "offline_access" },
ResourceIndicators = new[] { "isolated1" },
- });
+ }, _ct);
result.Succeeded.ShouldBeTrue();
result.Resources.ApiResources.Select(x => x.Name).ShouldBe(["resource1", "isolated1"]);
@@ -329,7 +330,7 @@ public class ResourceValidation
{
Client = _resourceClient,
Scopes = new[] { "scope1" },
- });
+ }, _ct);
result.Succeeded.ShouldBeTrue();
result.Resources.ApiResources.Select(x => x.Name).ShouldBe(["resource1"]);
@@ -346,7 +347,7 @@ public class ResourceValidation
Client = _resourceClient,
Scopes = new[] { "scope1" },
ResourceIndicators = new[] { "invalid" }
- });
+ }, _ct);
result.Succeeded.ShouldBeFalse();
result.InvalidScopes.ShouldBeEmpty();
@@ -363,7 +364,7 @@ public class ResourceValidation
Client = _resourceClient,
Scopes = new[] { "scope1" },
ResourceIndicators = new[] { "resource3" }
- });
+ }, _ct);
result.Succeeded.ShouldBeFalse();
result.InvalidScopes.ShouldBeEmpty();