Added diagnostic entry for resource info

bhazen · bhazen · commit c4854d69bf7d · 2025-06-11T08:32:26.000-05:00
diff --git a/identity-server/src/IdentityServer/Configuration/DependencyInjection/BuilderExtensions/Core.cs b/identity-server/src/IdentityServer/Configuration/DependencyInjection/BuilderExtensions/Core.cs
@@ -225,6 +225,8 @@ public static IIdentityServerBuilder AddCoreServices(this IIdentityServerBuilder
         builder.Services.AddSingleton<IDiagnosticEntry, EndpointUsageDiagnosticEntry>();
         builder.Services.AddSingleton<ClientLoadedTracker>();
         builder.Services.AddSingleton<IDiagnosticEntry, ClientInfoDiagnosticEntry>();
+        builder.Services.AddSingleton<ResourceLoadedTracker>();
+        builder.Services.AddSingleton<IDiagnosticEntry, ResourceInfoDiagnosticEntry>();
         builder.Services.AddSingleton<DiagnosticSummary>();
         builder.Services.AddHostedService<DiagnosticHostedService>();
 
diff --git a/identity-server/src/IdentityServer/Licensing/V2/Diagnostics/DiagnosticEntries/ResourceInfoDiagnosticEntry.cs b/identity-server/src/IdentityServer/Licensing/V2/Diagnostics/DiagnosticEntries/ResourceInfoDiagnosticEntry.cs
@@ -0,0 +1,63 @@
+// Copyright (c) Duende Software. All rights reserved.
+// See LICENSE in the project root for license information.
+
+using System.Text.Json;
+
+namespace Duende.IdentityServer.Licensing.V2.Diagnostics.DiagnosticEntries;
+
+internal class ResourceInfoDiagnosticEntry(ResourceLoadedTracker resourceLoadedTracker) : IDiagnosticEntry
+{
+    public Task WriteAsync(Utf8JsonWriter writer)
+    {
+        writer.WriteStartObject("Resources");
+
+        var resourceGroups =
+            resourceLoadedTracker.Resources.GroupBy(resource => resource.Value.Type, resource => resource.Value);
+        foreach (var group in resourceGroups)
+        {
+            writer.WriteStartArray(group.Key);
+
+            if (group.Key == "ApiResource")
+            {
+                WriteApiResources(writer, group);
+            }
+            else
+            {
+                WriteSimpleResources(writer, group);
+            }
+
+            writer.WriteEndArray();
+        }
+
+        writer.WriteEndObject();
+
+        return Task.CompletedTask;
+    }
+
+    private static void WriteApiResources(Utf8JsonWriter writer, IEnumerable<TrackedResource> apiResources)
+    {
+        foreach (var resource in apiResources)
+        {
+            writer.WriteStartObject();
+            writer.WriteString("Name", resource.Name);
+            writer.WriteBoolean("ResourceIndicatorRequired", resource.ResourceIndicatorRequired.GetValueOrDefault());
+            writer.WriteStartArray("SecretTypes");
+            foreach (var secretType in resource.SecretTypes ?? [])
+            {
+                writer.WriteStringValue(secretType);
+            }
+
+            writer.WriteEndArray();
+
+            writer.WriteEndObject();
+        }
+    }
+
+    private static void WriteSimpleResources(Utf8JsonWriter writer, IEnumerable<TrackedResource> resources)
+    {
+        foreach (var resource in resources)
+        {
+            writer.WriteStringValue(resource.Name);
+        }
+    }
+}
diff --git a/identity-server/test/IdentityServer.UnitTests/Licensing/v2/DiagnosticEntries/ResourceInfoDiagnosticEntryTests.cs b/identity-server/test/IdentityServer.UnitTests/Licensing/v2/DiagnosticEntries/ResourceInfoDiagnosticEntryTests.cs
@@ -0,0 +1,135 @@
+// Copyright (c) Duende Software. All rights reserved.
+// See LICENSE in the project root for license information.
+
+using Duende.IdentityModel.Client;
+using Duende.IdentityServer.Licensing.V2.Diagnostics;
+using Duende.IdentityServer.Licensing.V2.Diagnostics.DiagnosticEntries;
+using Duende.IdentityServer.Models;
+using IdentityServer.UnitTests.Licensing.V2.DiagnosticEntries;
+
+namespace IdentityServer.UnitTests.Licensing.v2.DiagnosticEntries;
+
+public class ResourceInfoDiagnosticEntryTests
+{
+    [Fact]
+    public async Task Should_Write_Resource_Info()
+    {
+        var tracker = new ResourceLoadedTracker();
+        tracker.TrackResources(new Resources
+        {
+            ApiResources = new List<ApiResource>
+            {
+                new("TestApi", "Test API")
+                {
+                    RequireResourceIndicator = true,
+                    ApiSecrets = new List<Secret> { new Secret { Type = "Test" } }
+                }
+            },
+            IdentityResources = new List<IdentityResource>
+            {
+                new("TestIdentity", ["IrrelevantClaim"])
+            },
+            ApiScopes = new List<ApiScope>
+            {
+                new("TestScope", "Test Scope")
+            }
+        });
+        var subject = new ResourceInfoDiagnosticEntry(tracker);
+
+        var result = await DiagnosticEntryTestHelper.WriteEntryToJson(subject);
+
+        var resources = result.RootElement.GetProperty("Resources");
+        var apiResources = resources.GetProperty("ApiResource").EnumerateArray();
+        var apiResource = apiResources.First();
+        apiResource.GetProperty("Name").GetString().ShouldBe("TestApi");
+        apiResource.GetProperty("ResourceIndicatorRequired").GetBoolean().ShouldBeTrue();
+        apiResource.TryGetStringArray("SecretTypes").ShouldBe(["Test"]);
+        resources.TryGetStringArray("IdentityResource").ShouldBe(["TestIdentity"]);
+        resources.TryGetStringArray("ApiScope").ShouldBe(["TestScope"]);
+    }
+
+    [Fact]
+    public async Task Should_Write_Empty_Resource_Info()
+    {
+        var tracker = new ResourceLoadedTracker();
+        var subject = new ResourceInfoDiagnosticEntry(tracker);
+
+        var result = await DiagnosticEntryTestHelper.WriteEntryToJson(subject);
+
+        result.RootElement.GetProperty("Resources").GetRawText().ShouldBe("{}");
+    }
+
+    [Fact]
+    public async Task Should_Write_Resource_Info_With_Empty_Secret_Types()
+    {
+        var tracker = new ResourceLoadedTracker();
+        tracker.TrackResources(new Resources
+        {
+            ApiResources = new List<ApiResource>
+            {
+                new("TestApi", "Test API")
+                {
+                    RequireResourceIndicator = true,
+                    ApiSecrets = new List<Secret>()
+                }
+            }
+        });
+        var subject = new ResourceInfoDiagnosticEntry(tracker);
+
+        var result = await DiagnosticEntryTestHelper.WriteEntryToJson(subject);
+
+        var resources = result.RootElement.GetProperty("Resources");
+        var apiResources = resources.GetProperty("ApiResource").EnumerateArray();
+        var apiResource = apiResources.First();
+        apiResource.GetProperty("Name").GetString().ShouldBe("TestApi");
+        apiResource.GetProperty("ResourceIndicatorRequired").GetBoolean().ShouldBeTrue();
+        apiResource.TryGetStringArray("SecretTypes").ShouldBe([]);
+    }
+
+    [Fact]
+    public async Task Should_Write_Multiple_Resources()
+    {
+        var tracker = new ResourceLoadedTracker();
+        tracker.TrackResources(new Resources
+        {
+            ApiResources = new List<ApiResource>
+            {
+                new("ApiResourceOne", "Test API 1")
+                {
+                    RequireResourceIndicator = true
+                },
+                new("ApiResourceTwo", "Test API 2")
+                {
+                    RequireResourceIndicator = false,
+                    ApiSecrets = new List<Secret> { new() { Type = "SecretType" } }
+                }
+            },
+            IdentityResources = new List<IdentityResource>
+            {
+                new("IdentityResourceOne", ["Claim1"]),
+                new("IdentityResourceTwo", ["Claim2"])
+            },
+            ApiScopes = new List<ApiScope>
+            {
+                new("ApiScopeOne", "Test Scope 1"),
+                new("ApiScopeTwo", "Test Scope 2")
+            }
+        });
+        var subject = new ResourceInfoDiagnosticEntry(tracker);
+
+        var result = await DiagnosticEntryTestHelper.WriteEntryToJson(subject);
+
+        var resources = result.RootElement.GetProperty("Resources");
+        var apiResources = resources.GetProperty("ApiResource").EnumerateArray().OrderBy(resource => resource.GetProperty("Name").GetString()).ToList();
+        var firstApiResource = apiResources.First();
+        firstApiResource.GetProperty("Name").GetString().ShouldBe("ApiResourceOne");
+        firstApiResource.GetProperty("ResourceIndicatorRequired").GetBoolean().ShouldBeTrue();
+        firstApiResource.TryGetStringArray("SecretTypes").ShouldBe([]);
+        var secondApiResource = apiResources.Last();
+        secondApiResource.GetProperty("Name").GetString().ShouldBe("ApiResourceTwo");
+        secondApiResource.GetProperty("ResourceIndicatorRequired").GetBoolean().ShouldBeFalse();
+        secondApiResource.TryGetStringArray("SecretTypes").ShouldBe(["SecretType"]);
+        resources.TryGetStringArray("IdentityResource").ShouldBe(["IdentityResourceOne", "IdentityResourceTwo"], ignoreOrder: true);
+        resources.TryGetStringArray("ApiScope").ShouldBe(["ApiScopeOne", "ApiScopeTwo"], ignoreOrder: true);
+    }
+}
