WHY WON'T MY TESTS WORK AGH

Author: MonkeyJamboree

src/AspNet.Security.OAuth.Introspection/Events/MessageReceivedContext.cs renamed to src/AspNet.Security.OAuth.Introspection/Events/AccessTokenReceivedContext.cs

@@ -1,8 +1,8 @@
 using Microsoft.AspNetCore.Http;
 
 namespace AspNet.Security.OAuth.Introspection {
-    public class MessageReceivedContext : BaseIntrospectionContext {
-        public MessageReceivedContext(
+    public class AccessTokenReceivedContext : BaseIntrospectionContext {
+        public AccessTokenReceivedContext(
             HttpContext context, 
             OAuthIntrospectionOptions options)
             : base(context, options) {

src/AspNet.Security.OAuth.Introspection/Events/IOAuthIntrospectionEvents.cs

@@ -1,7 +1,13 @@
 using System.Threading.Tasks;
 
 namespace AspNet.Security.OAuth.Introspection {
-    public interface IOAuthIntrospectionEvents {
+    public interface IOAuthIntrospectionEvents
+    {
+        /// <summary>
+        /// Invoked when an access token is first received.
+        /// </summary>
+        Task AccessTokenReceived(AccessTokenReceivedContext context);
+
         /// <summary>
         /// Invoked if exceptions are thrown during request processing. The exceptions will be re-thrown after this event unless suppressed.
         /// </summary>
@@ -15,12 +21,7 @@ public interface IOAuthIntrospectionEvents {
         /// <summary>
         /// Invoked when a token is to be sent to the authorization server for introspection.
         /// </summary>
-        Task IntrospectToken(IntrospectTokenContext context);
-
-        /// <summary>
-        /// Invoked when a protocol message is first received.
-        /// </summary>
-        Task MessageRecieved(MessageReceivedContext context);
+        Task RequestTokenIntrospection(RequestTokenIntrospectionContext context);
 
         /// <summary>
         /// Invoked after processing, when a token has been validated.

src/AspNet.Security.OAuth.Introspection/Events/OAuthIntrospectionEvents.cs

@@ -2,7 +2,13 @@
 using System.Threading.Tasks;
 
 namespace AspNet.Security.OAuth.Introspection {
-    public class OAuthIntrospectionEvents : IOAuthIntrospectionEvents {
+    public class OAuthIntrospectionEvents : IOAuthIntrospectionEvents
+    {
+        /// <summary>
+        /// Invoked when an access token is first received.
+        /// </summary>
+        public Func<AccessTokenReceivedContext, Task> OnAccessTokenReceived { get; set; } = context => Task.FromResult(0);
+
         /// <summary>
         /// Invoked if exceptions are thrown during request processing. The exceptions will be re-thrown after this event unless suppressed.
         /// </summary>
@@ -16,13 +22,8 @@ public class OAuthIntrospectionEvents : IOAuthIntrospectionEvents {
         /// <summary>
         /// Invoked when a token is to be sent to the authorization server for introspection.
         /// </summary>
-        public Func<IntrospectTokenContext, Task> OnIntrospectToken { get; set; } = context => Task.FromResult(0);
+        public Func<RequestTokenIntrospectionContext, Task> OnRequestTokenIntrospection { get; set; } = context => Task.FromResult(0);
 
-        /// <summary>
-        /// Invoked when a protocol message is first received.
-        /// </summary>
-        public Func<MessageReceivedContext, Task> OnMessageReceived { get; set; } = context => Task.FromResult(0);
-        
         /// <summary>
         /// Invoked after processing, when a token has been validated.
         /// </summary>
@@ -33,6 +34,11 @@ public class OAuthIntrospectionEvents : IOAuthIntrospectionEvents {
         /// </summary>
         public Func<ValidateAudienceContext, Task> OnValidateAudience { get; set; } = context => Task.FromResult(0);
 
+        /// <summary>
+        /// Invoked when an access token is first received.
+        /// </summary>
+        public virtual Task AccessTokenReceived(AccessTokenReceivedContext context) => OnAccessTokenReceived(context);
+
         /// <summary>
         /// Invoked if exceptions are thrown during request processing. The exceptions will be re-thrown after this event unless suppressed.
         /// </summary>
@@ -46,13 +52,8 @@ public class OAuthIntrospectionEvents : IOAuthIntrospectionEvents {
         /// <summary>
         /// Invoked when a token is to be sent to the authorization server for introspection.
         /// </summary>
-        public virtual Task IntrospectToken(IntrospectTokenContext context) => OnIntrospectToken(context);
+        public virtual Task RequestTokenIntrospection(RequestTokenIntrospectionContext context) => OnRequestTokenIntrospection(context);
 
-        /// <summary>
-        /// Invoked when a protocol message is first received.
-        /// </summary>
-        public virtual Task MessageRecieved(MessageReceivedContext context) => OnMessageReceived(context);
-        
         /// <summary>
         /// Invoked after processing, when a token has been validated.
         /// </summary>

src/AspNet.Security.OAuth.Introspection/Events/IntrospectTokenContext.cs renamed to src/AspNet.Security.OAuth.Introspection/Events/RequestTokenIntrospectionContext.cs

@@ -2,8 +2,8 @@
 using Newtonsoft.Json.Linq;
 
 namespace AspNet.Security.OAuth.Introspection {
-    public class IntrospectTokenContext : BaseIntrospectionContext {
-        public IntrospectTokenContext(
+    public class RequestTokenIntrospectionContext : BaseIntrospectionContext {
+        public RequestTokenIntrospectionContext(
             HttpContext context,
             OAuthIntrospectionOptions options,
             string token)

src/AspNet.Security.OAuth.Introspection/Events/ValidateAudienceContext.cs

@@ -15,11 +15,11 @@ public ValidateAudienceContext(
             var audiences = payload[OAuthIntrospectionConstants.Claims.Audience];
             if(audiences != null) {
                 if(audiences.Type == JTokenType.String) {
-                    Audiences = payload.Value<JArray>(OAuthIntrospectionConstants.Claims.Audience)
-                                           .Select(audience => audience.Value<string>());
+                    Audiences = new[] { payload.Value<string>(OAuthIntrospectionConstants.Claims.Audience) };
                 }
                 else if (audiences.Type == JTokenType.Array) {
-                    Audiences = new[] { payload.Value<string>(OAuthIntrospectionConstants.Claims.Audience) };
+                    Audiences = payload.Value<JArray>(OAuthIntrospectionConstants.Claims.Audience)
+                                           .Select(audience => audience.Value<string>());
                 }
             }
             Validate();
@@ -35,8 +35,11 @@ public bool Validate() {
             return IsValid = Validate(Audiences);
         }
 
-        public bool Validate(IEnumerable<string> audiences) {
-            return IsValid = Options.Audiences.Count == 0 || !audiences.Intersect(Options.Audiences, StringComparer.Ordinal).Any();
+        public bool Validate(IEnumerable<string> audiences)
+        {
+            IsValid = (audiences == null && Options.Audiences.Count > 0) || Options.Audiences.Count == 0 ||
+                      !audiences.Intersect(Options.Audiences, StringComparer.Ordinal).Any();
+            return IsValid;
         }
     }
 }

src/AspNet.Security.OAuth.Introspection/OAuthIntrospectionHandler.cs

@@ -25,21 +25,21 @@ public class OAuthIntrospectionHandler : AuthenticationHandler<OAuthIntrospectio
         protected override async Task<AuthenticateResult> HandleAuthenticateAsync() {
             try {
                 // Give application opportunity to find from a different location, adjust, or reject token
-                var messageReceivedContext = new MessageReceivedContext(Context, Options);
+                var accessTokenReceivedContext = new AccessTokenReceivedContext(Context, Options);
 
                 // event can set the token
-                await Options.Events.MessageRecieved(messageReceivedContext);
-                if (messageReceivedContext.HandledResponse) {
-                    return AuthenticateResult.Success(messageReceivedContext.Ticket);
+                await Options.Events.AccessTokenReceived(accessTokenReceivedContext);
+                if (accessTokenReceivedContext.HandledResponse) {
+                    return AuthenticateResult.Success(accessTokenReceivedContext.Ticket);
                 }
-                if (messageReceivedContext.Skipped) {
+                if (accessTokenReceivedContext.Skipped) {
                     Logger.LogInformation("Authentication was skipped by event processing.");
 
-                    return null;
+                    return AuthenticateResult.Skip();
                 }
 
                 // If application retrieved token from somewhere else, use that.
-                string token = messageReceivedContext.Token;
+                string token = accessTokenReceivedContext.Token;
 
                 if (string.IsNullOrWhiteSpace(token)) {
                     string header = Request.Headers[HeaderNames.Authorization];
@@ -68,18 +68,18 @@ protected override async Task<AuthenticateResult> HandleAuthenticateAsync() {
                 if (ticket == null) {
                     JObject payload;
                     // Allow interception of the introspection retrieval process via events
-                    var introspectTokenContext = new IntrospectTokenContext(Context, Options, token);
-                    await Options.Events.IntrospectToken(introspectTokenContext);
-                    if (introspectTokenContext.HandledResponse) {
-                        return AuthenticateResult.Success(introspectTokenContext.Ticket);
+                    var requestTokenIntrospectionContext = new RequestTokenIntrospectionContext(Context, Options, token);
+                    await Options.Events.RequestTokenIntrospection(requestTokenIntrospectionContext);
+                    if (requestTokenIntrospectionContext.HandledResponse) {
+                        return AuthenticateResult.Success(requestTokenIntrospectionContext.Ticket);
                     }
-                    else if (introspectTokenContext.Skipped) {
+                    else if (requestTokenIntrospectionContext.Skipped) {
                         return AuthenticateResult.Skip();
                     }
                     else {
                         // Return a failed authentication result if the introspection
                         // request failed or if the "active" claim was false.
-                        payload = introspectTokenContext.Payload ?? await GetIntrospectionPayloadAsync(token);
+                        payload = requestTokenIntrospectionContext.Payload ?? await GetIntrospectionPayloadAsync(token);
                     }
 
                     if (payload == null || !payload.Value<bool>(OAuthIntrospectionConstants.Claims.Active)) {

src/AspNet.Security.OAuth.Validation/Events/AccessTokenReceivedContext.cs

@@ -0,0 +1,17 @@
+using Microsoft.AspNetCore.Http;
+
+namespace AspNet.Security.OAuth.Validation
+{
+    public class AccessTokenReceivedContext : BaseOAuthValidationContext
+    {
+        public AccessTokenReceivedContext(HttpContext context, OAuthValidationOptions options)
+            : base(context, options)
+        {
+        }
+
+        /// <summary>
+        /// Bearer Token. This will give application an opportunity to retrieve token from an alternation location.
+        /// </summary>
+        public string Token { get; set; }
+    }
+}

src/AspNet.Security.OAuth.Validation/Events/AuthenticationFailedContext.cs

@@ -1,17 +1,14 @@
-using Microsoft.AspNetCore.Authentication;
-using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Http;
 using System;
 
 namespace AspNet.Security.OAuth.Validation
 {
-    public class AuthenticationFailedContext : BaseControlContext
+    public class AuthenticationFailedContext : BaseOAuthValidationContext
     {
         public AuthenticationFailedContext(HttpContext context, OAuthValidationOptions options)
-            : base(context)
+            : base(context, options)
         {
-            Options = options;
         }
-        public OAuthValidationOptions Options { get; }
         public Exception Exception { get; set; }
     }
 }

src/AspNet.Security.OAuth.Validation/Events/IOAuthValidationEvents.cs

@@ -5,14 +5,14 @@ namespace AspNet.Security.OAuth.Validation
     public interface IOAuthValidationEvents
     {
         /// <summary>
-        /// Invoked if exceptions are thrown during request processing. The exceptions will be re-thrown after this event unless suppressed.
+        /// Invoked when an access token is first received.
         /// </summary>
-        Task AuthenticationFailed(AuthenticationFailedContext context);
+        Task AccessTokenReceived(AccessTokenReceivedContext context);
 
         /// <summary>
-        /// Invoked when a protocol message is first received.
+        /// Invoked if exceptions are thrown during request processing. The exceptions will be re-thrown after this event unless suppressed.
         /// </summary>
-        Task MessageRecieved(MessageReceivedContext context);
+        Task AuthenticationFailed(AuthenticationFailedContext context);
 
         /// <summary>
         /// Invoked after processing, when a token has been validated.

src/AspNet.Security.OAuth.Validation/Events/MessageReceivedContext.cs

@@ -2,17 +2,18 @@
 using System.Threading.Tasks;
 
 namespace AspNet.Security.OAuth.Validation {
-    public class OAuthValidationEvents : IOAuthValidationEvents {
+    public class OAuthValidationEvents : IOAuthValidationEvents
+    {
         /// <summary>
-        /// Invoked if exceptions are thrown during request processing. The exceptions will be re-thrown after this event unless suppressed.
+        /// Invoked when an access token is first received.
         /// </summary>
-        public Func<AuthenticationFailedContext, Task> OnAuthenticationFailed { get; set; } = context => Task.FromResult(0);
+        public Func<AccessTokenReceivedContext, Task> OnAccessTokenReceived { get; set; } = context => Task.FromResult(0);
 
         /// <summary>
-        /// Invoked when a protocol message is first received.
+        /// Invoked if exceptions are thrown during request processing. The exceptions will be re-thrown after this event unless suppressed.
         /// </summary>
-        public Func<MessageReceivedContext, Task> OnMessageReceived { get; set; } = context => Task.FromResult(0);
-        
+        public Func<AuthenticationFailedContext, Task> OnAuthenticationFailed { get; set; } = context => Task.FromResult(0);
+
         /// <summary>
         /// Invoked after processing, when a token has been validated.
         /// </summary>
@@ -24,15 +25,15 @@ public class OAuthValidationEvents : IOAuthValidationEvents {
         public Func<ValidateAudienceContext, Task> OnValidateAudience { get; set; } = context => Task.FromResult(0);
 
         /// <summary>
-        /// Invoked if exceptions are thrown during request processing. The exceptions will be re-thrown after this event unless suppressed.
+        /// Invoked when an access token is first received.
         /// </summary>
-        public virtual Task AuthenticationFailed(AuthenticationFailedContext context) => OnAuthenticationFailed(context);
+        public virtual Task AccessTokenReceived(AccessTokenReceivedContext context) => OnAccessTokenReceived(context);
 
         /// <summary>
-        /// Invoked when a protocol message is first received.
+        /// Invoked if exceptions are thrown during request processing. The exceptions will be re-thrown after this event unless suppressed.
         /// </summary>
-        public virtual Task MessageRecieved(MessageReceivedContext context) => OnMessageReceived(context);
-        
+        public virtual Task AuthenticationFailed(AuthenticationFailedContext context) => OnAuthenticationFailed(context);
+
         /// <summary>
         /// Invoked after processing, when a token has been validated.
         /// </summary>

src/AspNet.Security.OAuth.Validation/Events/OAuthValidationEvents.cs

@@ -1,13 +1,17 @@
-using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Http;
 
 namespace AspNet.Security.OAuth.Validation
 {
     public class TokenValidatedContext : BaseOAuthValidationContext
     {
         public TokenValidatedContext(
             HttpContext context, 
-            OAuthValidationOptions options) 
-            : base(context, options) {
+            OAuthValidationOptions options,
+            AuthenticationTicket ticket) 
+            : base(context, options)
+        {
+            Ticket = ticket;
         }
     }
 }

src/AspNet.Security.OAuth.Validation/Events/TokenValidatedContext.cs

@@ -6,25 +6,22 @@
 
 namespace AspNet.Security.OAuth.Validation
 {
-    public class ValidateAudienceContext : BaseControlContext
+    public class ValidateAudienceContext : BaseOAuthValidationContext
     {
         public ValidateAudienceContext(
-            HttpContext context, 
+            HttpContext context,
             OAuthValidationOptions options,
             AuthenticationTicket ticket)
-            : base(context) {
-            Options = options;
+            : base(context, options) {
             Ticket = ticket;
             string audiences;
-            if (!ticket.Properties.Items.TryGetValue(OAuthValidationConstants.Properties.Audiences, out audiences))
+            if (ticket.Properties.Items.TryGetValue(OAuthValidationConstants.Properties.Audiences, out audiences))
             {
                 Audiences = audiences.Split(' ');
             }
             Validate();
         }
 
-        public OAuthValidationOptions Options { get; set; }
-
         public IEnumerable<string> Audiences { get; set; }
 
         public bool IsValid { get; set; }
@@ -36,7 +33,8 @@ public bool Validate()
 
         public bool Validate(IEnumerable<string> audiences)
         {
-            IsValid = Options.Audiences.Count == 0 || !audiences.Intersect(Options.Audiences, StringComparer.Ordinal).Any();
+            IsValid = (audiences == null && Options.Audiences.Count > 0) || Options.Audiences.Count == 0 ||
+                      !audiences.Intersect(Options.Audiences, StringComparer.Ordinal).Any();
             return IsValid;
         }
     }