From 2d94884c6f6ac35e3bec13a0a729995fde983303 Mon Sep 17 00:00:00 2001
From: TomPallister <TomPallister@users.noreply.github.com>
Date: Fri, 23 Jun 2017 11:25:23 +0100
Subject: [PATCH 1/3] trying to get cluster working

---
 .../IdentityServerConfigurationCreator.cs     |  6 ++-
 .../Provider/IIdentityServerConfiguration.cs  |  2 +
 .../Provider/IdentityServerConfiguration.cs   |  6 ++-
 .../ServiceCollectionExtensions.cs            | 15 +++++-
 .../Ocelot.AcceptanceTests.csproj             |  2 +-
 .../AdministrationTests.cs                    | 48 +++++++++++++++++++
 .../Ocelot.IntegrationTests.csproj            |  2 +-
 7 files changed, 75 insertions(+), 6 deletions(-)

diff --git a/src/Ocelot/Configuration/Creator/IdentityServerConfigurationCreator.cs b/src/Ocelot/Configuration/Creator/IdentityServerConfigurationCreator.cs
index 488196088..6ed3b6c00 100644
--- a/src/Ocelot/Configuration/Creator/IdentityServerConfigurationCreator.cs
+++ b/src/Ocelot/Configuration/Creator/IdentityServerConfigurationCreator.cs
@@ -13,6 +13,8 @@ public static IdentityServerConfiguration GetIdentityServerConfiguration()
             var username = Environment.GetEnvironmentVariable("OCELOT_USERNAME");
             var hash = Environment.GetEnvironmentVariable("OCELOT_HASH");
             var salt = Environment.GetEnvironmentVariable("OCELOT_SALT");
+            var credentialsSigningCertificateLocation = Environment.GetEnvironmentVariable("OCELOT_CERTIFICATE");
+            var credentialsSigningCertificatePassword = Environment.GetEnvironmentVariable("OCELOT_CERTIFICATE_PASSWORD");
 
             return new IdentityServerConfiguration(
                 "admin",
@@ -28,7 +30,9 @@ public static IdentityServerConfiguration GetIdentityServerConfiguration()
                 new List<User>
                 {
                     new User("admin", username, hash, salt)
-                }
+                },
+                credentialsSigningCertificateLocation,
+                credentialsSigningCertificatePassword
             );
         }
     }
diff --git a/src/Ocelot/Configuration/Provider/IIdentityServerConfiguration.cs b/src/Ocelot/Configuration/Provider/IIdentityServerConfiguration.cs
index bb66265f3..0a388abbe 100644
--- a/src/Ocelot/Configuration/Provider/IIdentityServerConfiguration.cs
+++ b/src/Ocelot/Configuration/Provider/IIdentityServerConfiguration.cs
@@ -17,5 +17,7 @@ public interface IIdentityServerConfiguration
         AccessTokenType AccessTokenType {get;}
         bool RequireClientSecret {get;}
         List<User> Users {get;}
+        string CredentialsSigningCertificateLocation { get; }
+        string CredentialsSigningCertificatePassword { get; }
     }
 }
\ No newline at end of file
diff --git a/src/Ocelot/Configuration/Provider/IdentityServerConfiguration.cs b/src/Ocelot/Configuration/Provider/IdentityServerConfiguration.cs
index f0f6897db..881d6f5a0 100644
--- a/src/Ocelot/Configuration/Provider/IdentityServerConfiguration.cs
+++ b/src/Ocelot/Configuration/Provider/IdentityServerConfiguration.cs
@@ -17,7 +17,7 @@ public IdentityServerConfiguration(
             IEnumerable<string>  grantType,
             AccessTokenType accessTokenType,
             bool requireClientSecret,
-            List<User> users)
+            List<User> users, string credentialsSigningCertificateLocation, string credentialsSigningCertificatePassword)
         {
             ApiName = apiName;
             RequireHttps = requireHttps;
@@ -30,6 +30,8 @@ public IdentityServerConfiguration(
             AccessTokenType = accessTokenType;
             RequireClientSecret = requireClientSecret;
             Users = users;
+            CredentialsSigningCertificateLocation = credentialsSigningCertificateLocation;
+            CredentialsSigningCertificatePassword = credentialsSigningCertificatePassword;
         }
 
         public string ApiName { get; private set; }
@@ -43,5 +45,7 @@ public IdentityServerConfiguration(
         public AccessTokenType AccessTokenType {get;private set;}
         public bool RequireClientSecret {get;private set;}
         public List<User> Users {get;private set;}
+        public string CredentialsSigningCertificateLocation { get; private set; }
+        public string CredentialsSigningCertificatePassword { get; private set; }
     }
 }
\ No newline at end of file
diff --git a/src/Ocelot/DependencyInjection/ServiceCollectionExtensions.cs b/src/Ocelot/DependencyInjection/ServiceCollectionExtensions.cs
index d52341fea..6b33f5c7b 100644
--- a/src/Ocelot/DependencyInjection/ServiceCollectionExtensions.cs
+++ b/src/Ocelot/DependencyInjection/ServiceCollectionExtensions.cs
@@ -41,6 +41,8 @@
 using System.Linq;
 using System.Net.Http;
 using System.Reflection;
+using System.Security.Cryptography.X509Certificates;
+using Microsoft.IdentityModel.Tokens;
 using Ocelot.Configuration;
 using FileConfigurationProvider = Ocelot.Configuration.Provider.FileConfigurationProvider;
 
@@ -87,8 +89,7 @@ public static IServiceCollection AddOcelot(this IServiceCollection services, ICo
             {
                 services.TryAddSingleton<IIdentityServerConfiguration>(identityServerConfiguration);
                 services.TryAddSingleton<IHashMatcher, HashMatcher>();
-                services.AddIdentityServer()
-                    .AddTemporarySigningCredential()
+                var identityServerBuilder = services.AddIdentityServer()
                     .AddInMemoryApiResources(new List<ApiResource>
                     {
                         new ApiResource
@@ -120,6 +121,16 @@ public static IServiceCollection AddOcelot(this IServiceCollection services, ICo
                             RequireClientSecret = identityServerConfiguration.RequireClientSecret
                         }
                     }).AddResourceOwnerValidator<OcelotResourceOwnerPasswordValidator>();
+
+                if (string.IsNullOrEmpty(identityServerConfiguration.CredentialsSigningCertificateLocation) || string.IsNullOrEmpty(identityServerConfiguration.CredentialsSigningCertificatePassword))
+                {
+                    identityServerBuilder.AddTemporarySigningCredential();
+                }
+                else
+                {
+                    var cert = new X509Certificate2(identityServerConfiguration.CredentialsSigningCertificateLocation, identityServerConfiguration.CredentialsSigningCertificatePassword);
+                    identityServerBuilder.AddSigningCredential(cert);
+                }
             }
 
             var assembly = typeof(FileConfigurationController).GetTypeInfo().Assembly;
diff --git a/test/Ocelot.AcceptanceTests/Ocelot.AcceptanceTests.csproj b/test/Ocelot.AcceptanceTests/Ocelot.AcceptanceTests.csproj
index 0faafe844..94e303917 100644
--- a/test/Ocelot.AcceptanceTests/Ocelot.AcceptanceTests.csproj
+++ b/test/Ocelot.AcceptanceTests/Ocelot.AcceptanceTests.csproj
@@ -15,7 +15,7 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <None Update="configuration.json">
+    <None Update="configuration.json;idsrv3test.pfx">
       <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
     </None>
   </ItemGroup>
diff --git a/test/Ocelot.IntegrationTests/AdministrationTests.cs b/test/Ocelot.IntegrationTests/AdministrationTests.cs
index 2fa2c05c5..3f7ea18af 100644
--- a/test/Ocelot.IntegrationTests/AdministrationTests.cs
+++ b/test/Ocelot.IntegrationTests/AdministrationTests.cs
@@ -19,15 +19,19 @@ namespace Ocelot.IntegrationTests
     public class AdministrationTests : IDisposable
     {
         private readonly HttpClient _httpClient;
+        private readonly HttpClient _httpClientTwo;
         private HttpResponseMessage _response;
         private IWebHost _builder;
         private IWebHostBuilder _webHostBuilder;
         private readonly string _ocelotBaseUrl;
         private BearerToken _token;
+        private IWebHostBuilder _webHostBuilderTwo;
+        private IWebHost _builderTwo;
 
         public AdministrationTests()
         {
             _httpClient = new HttpClient();
+            _httpClientTwo = new HttpClient();
             _ocelotBaseUrl = "http://localhost:5000";
             _httpClient.BaseAddress = new Uri(_ocelotBaseUrl);
         }
@@ -70,6 +74,27 @@ public void should_return_response_200_with_call_re_routes_controller()
                  .BDDfy();
          }
 
+        [Fact]
+        public void should_be_able_to_use_token_from_ocelot_a_on_ocelot_b()
+        {
+            var configuration = new FileConfiguration
+            {
+                GlobalConfiguration = new FileGlobalConfiguration
+                {
+                    AdministrationPath = "/administration"
+                }
+            };
+
+            this.Given(x => GivenThereIsAConfiguration(configuration))
+                .And(x => GivenOcelotIsRunning())
+                .And(x => GivenIHaveAnOcelotToken("/administration"))
+                .And(x => GivenIHaveAddedATokenToMyRequest())
+                .And(x => GivenAnotherOcelotIsRunning("http://localhost:5007"))
+                .When(x => WhenIGetUrlOnTheSecondOcelot("/administration/configuration"))
+                .Then(x => ThenTheStatusCodeShouldBe(HttpStatusCode.OK))
+                .BDDfy();
+        }
+
         [Fact]
         public void should_return_file_configuration()
         {
@@ -193,6 +218,29 @@ public void should_get_file_configuration_edit_and_post_updated_version()
                 .BDDfy();
         }
 
+        private void GivenAnotherOcelotIsRunning(string baseUrl)
+        {
+            _httpClientTwo.BaseAddress = new Uri(baseUrl);
+
+            _webHostBuilderTwo = new WebHostBuilder()
+               .UseUrls(baseUrl)
+               .UseKestrel()
+               .UseContentRoot(Directory.GetCurrentDirectory())
+               .ConfigureServices(x => {
+                   x.AddSingleton(_webHostBuilder);
+               })
+               .UseStartup<Startup>();
+
+            _builderTwo = _webHostBuilderTwo.Build();
+
+            _builderTwo.Start();
+        }
+
+        private void WhenIGetUrlOnTheSecondOcelot(string url)
+        {
+            _response = _httpClientTwo.GetAsync(url).Result;
+        }
+
         private void WhenIPostOnTheApiGateway(string url, FileConfiguration updatedConfiguration)
         {
             var json = JsonConvert.SerializeObject(updatedConfiguration);
diff --git a/test/Ocelot.IntegrationTests/Ocelot.IntegrationTests.csproj b/test/Ocelot.IntegrationTests/Ocelot.IntegrationTests.csproj
index db4b23d20..59513b383 100644
--- a/test/Ocelot.IntegrationTests/Ocelot.IntegrationTests.csproj
+++ b/test/Ocelot.IntegrationTests/Ocelot.IntegrationTests.csproj
@@ -15,7 +15,7 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <None Update="configuration.json;appsettings.json">
+    <None Update="configuration.json;appsettings.json;idsrv3test.pfx">
       <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
     </None>
   </ItemGroup>

From 6cdf4e67df417bc514da9b445f9053e662f7b525 Mon Sep 17 00:00:00 2001
From: Tom Gardham-Pallister <tom.pallister@fourth.com>
Date: Fri, 23 Jun 2017 15:17:40 +0100
Subject: [PATCH 2/3] can now use tokens from ocelot a on ocelot b when using
 admin area

---
 .gitignore                                       |   1 +
 .../ServiceCollectionExtensions.cs               |   5 ++++-
 .../Middleware/OcelotMiddlewareExtensions.cs     |   1 -
 .../Ocelot.AcceptanceTests.csproj                |   2 +-
 test/Ocelot.AcceptanceTests/appsettings.json     |  10 ++++++++++
 .../AdministrationTests.cs                       |  13 +++++++++++--
 test/Ocelot.IntegrationTests/appsettings.json    |   4 ++--
 test/Ocelot.IntegrationTests/idsrv3test.pfx      | Bin 0 -> 3395 bytes
 8 files changed, 29 insertions(+), 7 deletions(-)
 create mode 100644 test/Ocelot.AcceptanceTests/appsettings.json
 create mode 100644 test/Ocelot.IntegrationTests/idsrv3test.pfx

diff --git a/.gitignore b/.gitignore
index a2902800e..f5dfbc4d0 100644
--- a/.gitignore
+++ b/.gitignore
@@ -183,6 +183,7 @@ ClientBin/
 *.dbmdl
 *.dbproj.schemaview
 *.pfx
+!idsrv3test.pfx
 *.publishsettings
 node_modules/
 orleans.codegen.cs
diff --git a/src/Ocelot/DependencyInjection/ServiceCollectionExtensions.cs b/src/Ocelot/DependencyInjection/ServiceCollectionExtensions.cs
index 6b33f5c7b..ae0e35dee 100644
--- a/src/Ocelot/DependencyInjection/ServiceCollectionExtensions.cs
+++ b/src/Ocelot/DependencyInjection/ServiceCollectionExtensions.cs
@@ -89,7 +89,10 @@ public static IServiceCollection AddOcelot(this IServiceCollection services, ICo
             {
                 services.TryAddSingleton<IIdentityServerConfiguration>(identityServerConfiguration);
                 services.TryAddSingleton<IHashMatcher, HashMatcher>();
-                var identityServerBuilder = services.AddIdentityServer()
+                var identityServerBuilder = services
+                    .AddIdentityServer(options => {
+                        options.IssuerUri = "Ocelot";
+                    })
                     .AddInMemoryApiResources(new List<ApiResource>
                     {
                         new ApiResource
diff --git a/src/Ocelot/Middleware/OcelotMiddlewareExtensions.cs b/src/Ocelot/Middleware/OcelotMiddlewareExtensions.cs
index 3f98f9594..d2e91c6d9 100644
--- a/src/Ocelot/Middleware/OcelotMiddlewareExtensions.cs
+++ b/src/Ocelot/Middleware/OcelotMiddlewareExtensions.cs
@@ -181,7 +181,6 @@ private static async Task CreateAdministrationArea(IApplicationBuilder builder)
                 builder.Map(configuration.AdministrationPath, app =>
                 {
                     var identityServerUrl = $"{baseSchemeUrlAndPort}/{configuration.AdministrationPath.Remove(0,1)}";
-
                     app.UseIdentityServerAuthentication(new IdentityServerAuthenticationOptions
                     {
                         Authority = identityServerUrl,
diff --git a/test/Ocelot.AcceptanceTests/Ocelot.AcceptanceTests.csproj b/test/Ocelot.AcceptanceTests/Ocelot.AcceptanceTests.csproj
index 94e303917..08bbf5272 100644
--- a/test/Ocelot.AcceptanceTests/Ocelot.AcceptanceTests.csproj
+++ b/test/Ocelot.AcceptanceTests/Ocelot.AcceptanceTests.csproj
@@ -15,7 +15,7 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <None Update="configuration.json;idsrv3test.pfx">
+    <None Update="configuration.json;appsettings.json">
       <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
     </None>
   </ItemGroup>
diff --git a/test/Ocelot.AcceptanceTests/appsettings.json b/test/Ocelot.AcceptanceTests/appsettings.json
new file mode 100644
index 000000000..df0788dea
--- /dev/null
+++ b/test/Ocelot.AcceptanceTests/appsettings.json
@@ -0,0 +1,10 @@
+{
+  "Logging": {
+    "IncludeScopes": true,
+    "LogLevel": {
+      "Default": "Error",
+      "System": "Error",
+      "Microsoft": "Error"
+    }
+  }
+}
diff --git a/test/Ocelot.IntegrationTests/AdministrationTests.cs b/test/Ocelot.IntegrationTests/AdministrationTests.cs
index 3f7ea18af..b03d587e8 100644
--- a/test/Ocelot.IntegrationTests/AdministrationTests.cs
+++ b/test/Ocelot.IntegrationTests/AdministrationTests.cs
@@ -86,9 +86,9 @@ public void should_be_able_to_use_token_from_ocelot_a_on_ocelot_b()
             };
 
             this.Given(x => GivenThereIsAConfiguration(configuration))
+                .And(x => GivenIdentityServerSigningEnvironmentalVariablesAreSet())
                 .And(x => GivenOcelotIsRunning())
                 .And(x => GivenIHaveAnOcelotToken("/administration"))
-                .And(x => GivenIHaveAddedATokenToMyRequest())
                 .And(x => GivenAnotherOcelotIsRunning("http://localhost:5007"))
                 .When(x => WhenIGetUrlOnTheSecondOcelot("/administration/configuration"))
                 .Then(x => ThenTheStatusCodeShouldBe(HttpStatusCode.OK))
@@ -227,7 +227,7 @@ private void GivenAnotherOcelotIsRunning(string baseUrl)
                .UseKestrel()
                .UseContentRoot(Directory.GetCurrentDirectory())
                .ConfigureServices(x => {
-                   x.AddSingleton(_webHostBuilder);
+                   x.AddSingleton(_webHostBuilderTwo);
                })
                .UseStartup<Startup>();
 
@@ -236,8 +236,15 @@ private void GivenAnotherOcelotIsRunning(string baseUrl)
             _builderTwo.Start();
         }
 
+        private void GivenIdentityServerSigningEnvironmentalVariablesAreSet()
+        {
+            Environment.SetEnvironmentVariable("OCELOT_CERTIFICATE", "idsrv3test.pfx");
+            Environment.SetEnvironmentVariable("OCELOT_CERTIFICATE_PASSWORD", "idsrv3test");
+        }
+
         private void WhenIGetUrlOnTheSecondOcelot(string url)
         {
+            _httpClientTwo.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", _token.AccessToken);
             _response = _httpClientTwo.GetAsync(url).Result;
         }
 
@@ -353,6 +360,8 @@ private void ThenTheStatusCodeShouldBe(HttpStatusCode expectedHttpStatusCode)
 
         public void Dispose()
         {
+            Environment.SetEnvironmentVariable("OCELOT_CERTIFICATE", "");
+            Environment.SetEnvironmentVariable("OCELOT_CERTIFICATE_PASSWORD", "");
             _builder?.Dispose();
             _httpClient?.Dispose();
         }
diff --git a/test/Ocelot.IntegrationTests/appsettings.json b/test/Ocelot.IntegrationTests/appsettings.json
index 503cc7786..df0788dea 100644
--- a/test/Ocelot.IntegrationTests/appsettings.json
+++ b/test/Ocelot.IntegrationTests/appsettings.json
@@ -3,8 +3,8 @@
     "IncludeScopes": true,
     "LogLevel": {
       "Default": "Error",
-      "System": "Information",
-      "Microsoft": "Information"
+      "System": "Error",
+      "Microsoft": "Error"
     }
   }
 }
diff --git a/test/Ocelot.IntegrationTests/idsrv3test.pfx b/test/Ocelot.IntegrationTests/idsrv3test.pfx
new file mode 100644
index 0000000000000000000000000000000000000000..0247dea03f0cc23694291f21310f3ae88880e2bb
GIT binary patch
literal 3395
zcmY*ac{tQ<7yiu{V_$|rA%;e>y=E+9O_nU#g|hFBC`-tmWsqeoSyGW9LYA!AlQm0d
zlqs?cuRUcMvVK$7_r34+{c)aipZh-Nxy~QY_1q{N(`7J-3WZ}lgwlyV(0Q=O1fl`u
z;TYE;IL2iPy@0|&nf_0rK7rt<4^TL2G9|X44F8>Cqz8fXaF7!e4sw9vh0_0zrd-Yp
zq5aB`c0pwf*#!pE3`1~`u};|qLmAL66%SqGD&c1ok7w*g=3CPGVk4GBqUnz5R$^lb
z8Dv(rRpfX7yvJ$AZ8B=IukK|?oWq7THPW9AE8<%>%oONtPAOw&x8_?KHa0J|WVwA0
zIe9<A-tS6~Vo1?Aon^Vz8@TOK!&HCY29BY>iq|#j@0h-r2z9#p>N7n4=mGfXBZdZv
zm>}$|9($ZRdyt-g#VGBa?>B!qNzif-i+FE)kucwfM0uQ_?eH5E22H7{O&W(b9&xxe
z%p<>vWCX)-exQO)Be<qbj|d8Up=IFA%(u$H!C8Zsu`($IyxGM@PgbL%;oL8B@}w;<
zslw&;Ie)4@ZgX%Y+K@XJ+plI+SDf=!DcPJ^uitp_G{fmw*x0Z_v4Ri_xPZDuTfTZE
zj@BPs*y}mEakcd{`vfmJu{&XQThbwL+Jx9nOQxl@_KXgeSx2}lR--kzCTbHWm<<%F
z-wG7qvy%!%-b|qE?yEcLMcm}PE*kp4;n&g}Eb*>=&=gf&-c#+j`(NUetfn}WVXG{=
z^!3S{N|*XdJW@10Ikf3}LcuN>qA~Ixlg<<TFYaZ=K7Q-_&^a?WkN7|@M{JM5(?#_b
zw4(#5W!UeEu>}c;<Q6L}t+tdP4#Sp!Mselu?(zp`((9ImAM7xHYR^47Hkrx^p4vcp
z4QnX-mlDq#2=%1fOW}2U8DG&~d?<y{ft>VO{NzpbcV)gX{XXMvCF$|Bihu8%Mj`v7
z@JI#bMy0mL?ntjDyu>tItFCrcM?2T4qxi{DAYXF4re+jt!0KM!4AX1-`m6J2B-j7$
ztQmXW9+nsyVA76pGD!SNDBJX7<=P3^TAtMP*S&|$8V_zcInNp6F})=P6L9WM3skx(
zrU*k+zF?-S=h<kN^8F&zSe1S~eK^iJHSLX(<0w2REgl1<(>mjpL4Q3zv>!AS5ZdH`
zP7@1%4o~2pGsTCkqHI#fTE9t6L}0I0RV#X80*5W8dQ!d^3i!EAcx!{g?Ymhx9_uH|
z%5-;5L5^5@FPajHS9ShoBMyy!p(c{qxOAL#hI6ENh505_rZ0?SGHg>G?cH-JcX$bP
zvvcygKZ|q33xcOvl0F>Lq;-3oT1}&U{+hFQhdrnZ&f3Cd?*G~+e;NZj-CLQ#d7u*d
z-zLck*=~$_*oTD=7glD2s_n4ZBbndKCJM<*Y#U_RIHLGB-|y!WU`T^)1|P6xbeP|G
zVeM+?bDY~u1~eh71YCS>5m|2W++)$^^VxHSdmxwhWqlh$#}_R*QJIE}!YhyC22(}y
z-pGi)Mp$4isupi_SdyK1kwa|ypqYxD<VWO;AKXtGgharI<HJRRfwG6UIvsr2SG4eL
z1qZT8{904!Y!=Vb8M8eXns!3ng{RM#%k?-NNK@V`RpP=1Vi7meTMHD9tGMF^OOu*&
zKkEJ<QyCrXmk4v>ZM%%-W8XLUrq=uHuIVLfoLXn0Ft*+*&7DasMmP3gdi3$so3cjv
zU3_I_!HIUJ-KLn$?<Oy=$2>yVs^q%Nt?{K4vH$8|KG-fP7I-JGh){ZkukKp&IeTFS
zofK|@;`zesc<{wV&~=^Lpxwgq@1SZU!pFuL4xnXwJhXzpFXWPHqe<o{of=?@4QPh<
zCfXK}C3?e>5C^&F$XOKSyA*?hARwF^42%X)?En0pbR1|X1Ofs80A>9z2}c|9=>s8v
zEFceP0#bk)B`W|LfCL~z!7_mQA0!RPQ8WpPf}*g$)hhsoqDlYhLQ^z_KfESzA7%UR
z0wA<8pCMoXxB<?958ws(QUVM30SLg9a{gvK0ar?;LBT<QH-+<})INYC1>gEJg#e8I
z^!ZaN7vLt~Loo#6Kiktl^Kj613iSpI0w}5OUj_7kE&%=Q0@7Z?>>U#@$=@yzfrG{o
ztFTv(L~LX}xO!x<I991&uguEr^F_*S_9$Z3Kh$$VI@4{8Td_E+dsdAH1C#2D#%yJ2
z;V}KTI__UD&7O=vR{~tE)eh?>0^EITtLxl@_o6uy5gghAR{hz9rAUI9X6qKa_Nw%q
za~SdO27));Ss1O7WmAmU?z>@+sX7%|EH>F*@OZUVn!`%vFPjg13@<L=t?a0liz4u^
zpgv!|Ht?Z163@(NQBf<RJoF6Yt=m!NO!Zbh03)F2$7|p2!t1G(MX;6syvxu~wYV@w
zYOdK96hsL@cwM6EZia~M%7^h>;Tl|_JIFJuO?ibe+@(=Ci<oMW0_}<zziSP>tY0KN
zmhw8P&DGlJBqvEH_i~51(xCCqvU$O5a^w(gap!{;x$=mI;>(I{4_^3{xSVl<tRt0i
zwJ}`+pMnKj)Qi^mQm@JMGlcB)uS|q|CAUU^iT?NHv`}YjOLMk_xK{gpmUaLmQm{$g
zz|u)aN0t>t0*&Z-y38aD8;?f`*U1VzA?{YPa$fn^V7$cGLd)&c%khfmt-qvZ_d8X!
z7hHsG8{dHEPrBwl**uN9qgJ5p<XGn1KpP(FMyoH}katpql14K%=tN$6%?(!LZ+O?s
zy8nIq2}0!AOtMjAZ@#5Xc7y~uHoKSmLpBw`;ed80>Da-DS;*TkBvMr}WsGRp(tl&q
zOLj#>q5fr!g3h>N*4Lo!^2f&yedb9`Kc@UII#(J*#=~mQpg7_^@Qad_`7&Rw^Q13P
zmkj26C2^Lfg&(Un^M{l&&Z~Al#>~&po-IRgbH;zV|EZU6sq2W4r<`>`jAnHJX0F#X
zoYLuTJJ&S<F2|5hzOCIhUt<&!av#5|V5U44K6<y^>__HOHM}CU)!}{mUnHM4&H-PJ
zDgU|rTaFE6VJ^#8$-<D<8ue5=5aQk>7}h}^b=$AFm^Ju%|Irt#Xm@y!x8ht)nP}yX
zak6LD=XrWjz}YIk=NKi;Oyzuyhr4N#>$;BIHeVmO7CwR&BH~$h($R>lxm#|jH)hMo
z7Cl?fME$4w@i!`TUwnfzepq`tb2MXQ<j#0~X0oASJ@eDDWUPPuWR>>vjOez4DO&G+
zwbxqf;c;Lz7e^2GJN4&pn)*n036&#X{M)L}<CkZ5u}z~1rU&7O>3jNt9WQoG#Ltw0
zBSd@4uASn_19~vFMd|jhEOlmOnzg#t-W`Y8`{ihls#Ej*@-YyvQR5@XB{Zg<SH{{w
z(wx*R^}jJk(~`ojL>n*UU@bPjBb)ma-dM*TyAY#Qr-I?}ssTqWiQUU~9nVL8urj8g
z<Pm|D7H-y@q`>B=?6~(E%Bt>5<*!OPB%-9y0pkl!uu8}JyuP^C{VwK-!6&8CcOsFR
z#AD|e+mNE9i#41w#l(h}rbw&h^*Xp8>93ZTvg}r-DJps1W6hRpeV*HGw|(EWnX7>t
zi;7~9X)yDN{8DJzLpxCoH*tL3SHK!$Z}tQc<%NTk$t)S*4<=4>wFvMd!y)pV_liw)
z7<i2&;d(y0J`(1*b*RZ|8eAIP`Tp)H+XtcCSfO)N7aCvm4XZCFP%F;c%VAcr%jrKb
z225ixtBBLHrMvxFL|f7tn)hxOF0o*j4qD|w!iB&Qt7=9YBZuzRTRb%#r^bpO*-r%%
ziGj3KOFgV=V$^}Eh8nv$E?L<Fl~^UaFm_cAvHl$EqI9{3VDlg@RtR=9fp$|-PFe$H
z<hg(45ieI8-MIAof<pM3XjA@~lp?z)gSl1vBbt->Z+8=AXg^<jU4rsv&mP@Oc+;10
zcri;=*ygm23CSF<fZPf`tEk^$33d3@`=cj&C09_JI1;LcOpLQ3LC=qQ)X<6A#TG8;
zSG4EbN^d9A2uM;1G=h`PO&fv7ys<y!5++xcYCns=q|&~cb~_+IWg+TH-Ct0G)w9au
zfuJm*2>QgwL(&DRsQU5*({(LDt{G-4Rx#dhx6AP+_msH%Jue6QCy=B0w?y#4k$7;>
z=5ttmpV&vFVv}ZY>6NE%#+W))M)<U8<EO9Y<&?BHIiyR71zl|wTpCGVmTo(h&HuIJ
z=gZ(OII_T^r>nU;WMS%-mtLT!)&4oAMhnY2Hb@dJUGXLb^4wIex}=co7n{7tD1N!|
zw63xzN%ImPTf3iZ?X@yq6*F$jX5my$Q%SSyOrlD)y}jkyw`e{y&l34ahp)821A!iS
z4-;-p@j6Gn!f>FJQ2ZzwD76?f6_^_WN5dA?3G%E0bF79+L#MT|(Yv~t5ct?-mV0Fj
V%$88{h~I%@Xjg7x^oQR@_8&Ry9S;Bi

literal 0
HcmV?d00001


From e96d66139f58ea94352b1d2b85d9b0e5bd4025b1 Mon Sep 17 00:00:00 2001
From: Tom Gardham-Pallister <tom.pallister@fourth.com>
Date: Sat, 24 Jun 2017 13:04:25 +0100
Subject: [PATCH 3/3] boost test coverage

---
 .../Creator/AuthenticationHandlerCreator.cs   |   1 +
 ...IdentityServerConfigurationCreatorTests.cs |  16 +++
 .../Errors/ExceptionHandlerMiddlewareTests.cs | 125 ++++++++++++++++++
 3 files changed, 142 insertions(+)
 create mode 100644 test/Ocelot.UnitTests/Configuration/IdentityServerConfigurationCreatorTests.cs
 create mode 100644 test/Ocelot.UnitTests/Errors/ExceptionHandlerMiddlewareTests.cs

diff --git a/src/Ocelot/Authentication/Handler/Creator/AuthenticationHandlerCreator.cs b/src/Ocelot/Authentication/Handler/Creator/AuthenticationHandlerCreator.cs
index 96713fb0d..1fcc50fbf 100644
--- a/src/Ocelot/Authentication/Handler/Creator/AuthenticationHandlerCreator.cs
+++ b/src/Ocelot/Authentication/Handler/Creator/AuthenticationHandlerCreator.cs
@@ -1,3 +1,4 @@
+using System;
 using IdentityServer4.AccessTokenValidation;
 using Microsoft.AspNetCore.Builder;
 using Microsoft.AspNetCore.Http;
diff --git a/test/Ocelot.UnitTests/Configuration/IdentityServerConfigurationCreatorTests.cs b/test/Ocelot.UnitTests/Configuration/IdentityServerConfigurationCreatorTests.cs
new file mode 100644
index 000000000..8d100e10b
--- /dev/null
+++ b/test/Ocelot.UnitTests/Configuration/IdentityServerConfigurationCreatorTests.cs
@@ -0,0 +1,16 @@
+using Ocelot.Configuration.Creator;
+using Shouldly;
+using Xunit;
+
+namespace Ocelot.UnitTests.Configuration
+{
+    public class IdentityServerConfigurationCreatorTests
+    {
+        [Fact]
+        public void happy_path_only_exists_for_test_coverage_even_uncle_bob_probably_wouldnt_test_this()
+        {
+            var result = IdentityServerConfigurationCreator.GetIdentityServerConfiguration();
+            result.ApiName.ShouldBe("admin");
+        }
+    }
+}
\ No newline at end of file
diff --git a/test/Ocelot.UnitTests/Errors/ExceptionHandlerMiddlewareTests.cs b/test/Ocelot.UnitTests/Errors/ExceptionHandlerMiddlewareTests.cs
new file mode 100644
index 000000000..41beffdcd
--- /dev/null
+++ b/test/Ocelot.UnitTests/Errors/ExceptionHandlerMiddlewareTests.cs
@@ -0,0 +1,125 @@
+using System;
+using System.IO;
+using System.Net;
+using System.Net.Http;
+using Microsoft.AspNetCore.Builder;
+using Microsoft.AspNetCore.Hosting;
+using Microsoft.AspNetCore.TestHost;
+using Microsoft.Extensions.DependencyInjection;
+using Moq;
+using Ocelot.DownstreamRouteFinder;
+using Ocelot.DownstreamUrlCreator;
+using Ocelot.DownstreamUrlCreator.UrlTemplateReplacer;
+using Ocelot.Errors.Middleware;
+using Ocelot.Infrastructure.RequestData;
+using Ocelot.Logging;
+using Ocelot.Responses;
+using Ocelot.Values;
+using Shouldly;
+using TestStack.BDDfy;
+using Xunit;
+
+namespace Ocelot.UnitTests.Errors
+{
+    public class ExceptionHandlerMiddlewareTests
+    {
+        private readonly Mock<IRequestScopedDataRepository> _scopedRepository;
+        private readonly string _url;
+        private TestServer _server;
+        private HttpClient _client;
+        private HttpResponseMessage _result;
+
+        public ExceptionHandlerMiddlewareTests()
+        {
+            _url = "http://localhost:52879";
+            _scopedRepository = new Mock<IRequestScopedDataRepository>();
+        }
+        
+        [Fact]
+        public void should_call_next_middleware()
+        {
+            this.Given(_ => GivenASuccessfulRequest())
+                .When(_ => WhenIMakeTheRequest())
+                .Then(_ => ThenTheResponseIsOk())
+                .BDDfy();
+        }
+
+        [Fact]
+        public void should_call_return_error()
+        {
+            this.Given(_ => GivenAnError())
+                .When(_ => WhenIMakeTheRequest())
+                .Then(_ => ThenTheResponseIsError())
+                .BDDfy();
+        }
+
+        private void ThenTheResponseIsOk()
+        {
+            _result.StatusCode.ShouldBe(HttpStatusCode.OK);
+        }
+
+         private void ThenTheResponseIsError()
+        {
+            _result.StatusCode.ShouldBe(HttpStatusCode.InternalServerError);
+        }
+
+        private void WhenIMakeTheRequest()
+        {
+            _result = _client.GetAsync("/").Result;
+        }
+
+        private void GivenASuccessfulRequest()
+        {
+            var builder = new WebHostBuilder()
+              .ConfigureServices(x =>
+              {
+                  x.AddSingleton<IOcelotLoggerFactory, AspDotNetLoggerFactory>();
+                  x.AddLogging();
+                  x.AddSingleton(_scopedRepository.Object);
+              })
+              .UseUrls(_url)
+              .UseKestrel()
+              .UseContentRoot(Directory.GetCurrentDirectory())
+              .UseIISIntegration()
+              .UseUrls(_url)
+              .Configure(app =>
+              {
+                  app.UseExceptionHandlerMiddleware();
+                  app.Run(async context =>
+                    {
+                        context.Response.StatusCode = 200;
+                    });
+              });
+
+            _server = new TestServer(builder);
+            _client = _server.CreateClient();
+        }
+
+        private void GivenAnError()
+        {
+            var builder = new WebHostBuilder()
+              .ConfigureServices(x =>
+              {
+                  x.AddSingleton<IOcelotLoggerFactory, AspDotNetLoggerFactory>();
+                  x.AddLogging();
+                  x.AddSingleton(_scopedRepository.Object);
+              })
+              .UseUrls(_url)
+              .UseKestrel()
+              .UseContentRoot(Directory.GetCurrentDirectory())
+              .UseIISIntegration()
+              .UseUrls(_url)
+              .Configure(app =>
+              {
+                    app.UseExceptionHandlerMiddleware();
+                    app.Use(async (context, next) =>
+                    {
+                        throw new Exception("BOOM");
+                    });
+              });
+
+            _server = new TestServer(builder);
+            _client = _server.CreateClient();
+        }
+    }
+}
\ No newline at end of file