TransactionProcessing · StuartFerguson · Jul 4, 2020 · Jul 4, 2020 · Jul 4, 2020
diff --git a/SecurityService.OpenIdConnect.IntegrationTests/Common/DockerHelper.cs b/SecurityService.OpenIdConnect.IntegrationTests/Common/DockerHelper.cs
@@ -70,7 +70,7 @@ private void SetupSecurityServiceTestUIContainer(String traceFolder)
             // Management API Container
             this.SecurityServiceTestUIContainer = new Builder().UseContainer().WithName(this.SecurityServiceTestUIContainerName)
                                                          .WithEnvironment($"Authority=http://sferguson.ddns.net:55001",
-                                                                          $"ClientId=estateUIClient{this.TestId.ToString("N")}",
+                                                                          $"ClientId=estateUIClient{this.TestId:N}",
                                                                           "ClientSecret=Secret1")
                                                          .UseImage("securityservicetestwebclient").ExposePort(5004)
                                                          .UseNetwork(new List<INetworkService>
@@ -120,10 +120,11 @@ public Hooks(IObjectContainer objectContainer)
         [BeforeScenario(Order = 0)]
         public async Task BeforeScenario()
         {
-            ChromeOptions option = new ChromeOptions();
-            option.AddArgument("--headless");
-            this.WebDriver = new ChromeDriver(option);
-            //this.WebDriver = new ChromeDriver();
+            ChromeOptions options = new ChromeOptions();
+            options.AddArguments("--window-size=1920,1080");
+            options.AddArguments("--start-maximized");
+            options.AddArguments("--headless");
+            this.WebDriver = new ChromeDriver(options);
             this.ObjectContainer.RegisterInstanceAs(this.WebDriver);
         }
 

diff --git a/SecurityService.OpenIdConnect.IntegrationTests/Common/SharedSteps.cs b/SecurityService.OpenIdConnect.IntegrationTests/Common/SharedSteps.cs
@@ -64,6 +64,28 @@ private async Task<CreateClientResponse> CreateClient(CreateClientRequest create
             return createClientResponse;
         }
 
+        [Given(@"I create the following identity resources")]
+        public async Task GivenICreateTheFollowingIdentityResources(Table table)
+        {
+            foreach (TableRow tableRow in table.Rows)
+            {
+                // Get the scopes
+                String userClaims = SpecflowTableHelper.GetStringRowValue(tableRow, "UserClaims");
+
+                CreateIdentityResourceRequest createIdentityResourceRequest = new CreateIdentityResourceRequest
+                                                                              {
+                                                                                  Name = SpecflowTableHelper
+                                                                                         .GetStringRowValue(tableRow, "Name")
+                                                                                         .Replace("[id]", this.TestingContext.DockerHelper.TestId.ToString("N")),
+                                                                                  Claims = string.IsNullOrEmpty(userClaims) ? null : userClaims.Split(",").ToList(),
+                                                                                  Description = SpecflowTableHelper.GetStringRowValue(tableRow, "Description"),
+                                                                                  DisplayName = SpecflowTableHelper.GetStringRowValue(tableRow, "DisplayName")
+                                                                              };
+
+                await this.CreateIdentityResource(createIdentityResourceRequest, CancellationToken.None).ConfigureAwait(false);
+            }
+        }
+
         [Given(@"I create the following api resources")]
         public async Task GivenICreateTheFollowingApiResources(Table table)
         {
@@ -93,6 +115,42 @@ public async Task GivenICreateTheFollowingApiResources(Table table)
             }
         }
 
+        private async Task CreateIdentityResource(CreateIdentityResourceRequest createIdentityResourceRequest,
+                                                                             CancellationToken cancellationToken)
+        {
+            CreateIdentityResourceResponse createIdentityResourceResponse = null;
+
+            List<IdentityResourceDetails> identityResourceList = await this.TestingContext.DockerHelper.SecurityServiceClient.GetIdentityResources(cancellationToken);
+
+            if (identityResourceList == null || identityResourceList.Any() == false)
+            {
+                createIdentityResourceResponse = await this
+                                                                                 .TestingContext.DockerHelper.SecurityServiceClient
+                                                                                 .CreateIdentityResource(createIdentityResourceRequest, cancellationToken)
+                                                                                 .ConfigureAwait(false);
+                createIdentityResourceResponse.ShouldNotBeNull();
+                createIdentityResourceResponse.IdentityResourceName.ShouldNotBeNullOrEmpty();
+
+                this.TestingContext.IdentityResources.Add(createIdentityResourceResponse.IdentityResourceName);
+            }
+            else
+            {
+                if (identityResourceList.Where(i => i.Name == createIdentityResourceRequest.Name).Any())
+                {
+                    return;
+                }
+
+                createIdentityResourceResponse = await this
+                                                       .TestingContext.DockerHelper.SecurityServiceClient
+                                                       .CreateIdentityResource(createIdentityResourceRequest, cancellationToken)
+                                                       .ConfigureAwait(false);
+                createIdentityResourceResponse.ShouldNotBeNull();
+                createIdentityResourceResponse.IdentityResourceName.ShouldNotBeNullOrEmpty();
+
+                this.TestingContext.IdentityResources.Add(createIdentityResourceResponse.IdentityResourceName);
+            }
+        }
+
         [Given(@"I create the following clients")]
         public async Task GivenICreateTheFollowingClients(Table table)
         {

diff --git a/SecurityService.OpenIdConnect.IntegrationTests/Common/TestingContext.cs b/SecurityService.OpenIdConnect.IntegrationTests/Common/TestingContext.cs
@@ -15,6 +15,8 @@ public class TestingContext
 
         public List<String> ApiResources;
 
+        public List<String> IdentityResources;
+
         public TokenResponse TokenResponse;
 
         public TestingContext()
@@ -23,6 +25,7 @@ public TestingContext()
             this.Roles= new Dictionary<String, Guid>();
             this.Clients=new List<String>();
             this.ApiResources=new List<String>();
+            this.IdentityResources= new List<String>();
         }
     }
 }
diff --git a/SecurityService.OpenIdConnect.IntegrationTests/UserLogin/UserLogin.feature b/SecurityService.OpenIdConnect.IntegrationTests/UserLogin/UserLogin.feature
@@ -11,6 +11,12 @@ Background:
 	| Name                 | DisplayName            | Secret  | Scopes           | UserClaims               |
 	| estateManagement[id] | Estate Managememt REST | Secret1 | estateManagement[id] | MerchantId,EstateId,role |
 
+	Given I create the following identity resources
+	| Name        | DisplayName          | Description                                                 | UserClaims                                                             |
+	| openid  | Your user identifier |                                                             | sub                                                                    |
+	| profile | User profile         | Your user profile information (first name, last name, etc.) | name,role,email,given_name,middle_name,family_name,EstateId,MerchantId |
+	| email   | Email                | Email and Email Verified Flags                              | email_verified,email                                                   |
+
 	Given I create the following clients
 	| ClientId           | Name            | Secret  | Scopes                                    | GrantTypes | RedirectUris                        | PostLogoutRedirectUris               | RequireConsent | AllowOfflineAccess |
 	| estateUIClient[id] | Merchant Client | Secret1 | estateManagement[id],openid,email,profile | hybrid     | http://localhost:[port]/signin-oidc | http://localhost:[port]/signout-oidc | false          | true               |

diff --git a/SecurityService.OpenIdConnect.IntegrationTests/UserLogin/UserLogin.feature.cs b/SecurityService.OpenIdConnect.IntegrationTests/UserLogin/UserLogin.feature.cs
diff --git a/SecurityService/ca.tf b/SecurityService/ca.tf
@@ -0,0 +1,27 @@
+resource "tls_private_key" "root" {
+  algorithm = "RSA"
+  rsa_bits = "2048"
+}
+
+resource "tls_self_signed_cert" "root" {
+  key_algorithm = tls_private_key.root.algorithm
+  private_key_pem = tls_private_key.root.private_key_pem
+
+  validity_period_hours = 87600
+  early_renewal_hours = 8760
+
+  is_ca_certificate = true
+
+  allowed_uses = ["cert_signing"]
+
+  subject {
+    common_name = "Event Store Development CA"
+    organization = "Event Store Ltd"
+    organizational_unit = "Testing"
+  }
+}
+
+resource "local_file" "ca_cert" {
+  filename = "../ca.pem"
+  content = tls_self_signed_cert.root.cert_pem
+}