Beispiel #1
0
        public void TestJwtTokenCreationAndValidation()
        {
            IdentityModelEventSource.ShowPII = true;
            var handler = new JwtSecurityTokenHandler();

            handler.InboundClaimTypeMap.Clear();
            var jwt      = handler.CreateEncodedJwt(Default.AsymmetricSignSecurityTokenDescriptor(null));
            var jwtToken = new JwtSecurityToken(jwt)
            {
                SigningKey = Default.AsymmetricSigningKey
            };
            SecurityToken token = null;

            handler.ValidateToken(jwt, Default.AsymmetricSignTokenValidationParameters, out token);
            var context = new CompareContext
            {
                PropertiesToIgnoreWhenComparing = new Dictionary <Type, List <string> >
                {
                    { typeof(JwtHeader), new List <string> {
                          "Item"
                      } },
                    { typeof(JwtPayload), new List <string> {
                          "Item"
                      } }
                }
            };

            if (!IdentityComparer.AreJwtSecurityTokensEqual(jwtToken, token as JwtSecurityToken, context))
            {
                TestUtilities.AssertFailIfErrors("TestJwtTokenCreationAndValidation", context.Diffs);
            }
        }
Beispiel #2
0
        public void EmptyToken()
        {
            var handler  = new JwtSecurityTokenHandler();
            var payload  = new JwtPayload();
            var header   = new JwtHeader();
            var jwtToken = new JwtSecurityToken(header, payload, header.Base64UrlEncode(), payload.Base64UrlEncode(), "");
            var jwt      = handler.WriteToken(jwtToken);
            var context  = new CompareContext();

            IdentityComparer.AreJwtSecurityTokensEqual(jwtToken, new JwtSecurityToken(handler.WriteToken(jwtToken)), context);
            TestUtilities.AssertFailIfErrors(context.Diffs);
        }
Beispiel #3
0
        public void EmptyToken()
        {
            var handler  = new JwtSecurityTokenHandler();
            var payload  = new JwtPayload();
            var header   = new JwtHeader();
            var jwtToken = new JwtSecurityToken(header, payload, header.Base64UrlEncode(), payload.Base64UrlEncode(), "");
            var jwt      = handler.WriteToken(jwtToken);
            var context  = new CompareContext();

            context.PropertiesToIgnoreWhenComparing = new Dictionary <Type, List <string> >
            {
                { typeof(JwtHeader), new List <string> {
                      "Item"
                  } },
                { typeof(JwtPayload), new List <string> {
                      "Item"
                  } }
            };
            IdentityComparer.AreJwtSecurityTokensEqual(jwtToken, new JwtSecurityToken(handler.WriteToken(jwtToken)), context);
            TestUtilities.AssertFailIfErrors(context.Diffs);
        }
Beispiel #4
0
#pragma warning restore CS3016 // Arrays as attribute arguments is not CLS-compliant
        public void RoundTripTokens(CreateAndValidateParams createParams)
        {
            var handler = new JwtSecurityTokenHandler();

            handler.InboundClaimTypeMap.Clear();
            var encodedJwt1 = handler.CreateEncodedJwt(createParams.SecurityTokenDescriptor);
            var encodedJwt2 = handler.CreateEncodedJwt(
                createParams.SecurityTokenDescriptor.Issuer,
                createParams.SecurityTokenDescriptor.Audience,
                createParams.SecurityTokenDescriptor.Subject,
                createParams.SecurityTokenDescriptor.NotBefore,
                createParams.SecurityTokenDescriptor.Expires,
                createParams.SecurityTokenDescriptor.IssuedAt,
                createParams.SecurityTokenDescriptor.SigningCredentials);
            var jwtToken1 = new JwtSecurityToken(encodedJwt1);
            var jwtToken2 = new JwtSecurityToken(encodedJwt2);
            var jwtToken3 = handler.CreateJwtSecurityToken(createParams.SecurityTokenDescriptor);
            var jwtToken4 = handler.CreateJwtSecurityToken(
                createParams.SecurityTokenDescriptor.Issuer,
                createParams.SecurityTokenDescriptor.Audience,
                createParams.SecurityTokenDescriptor.Subject,
                createParams.SecurityTokenDescriptor.NotBefore,
                createParams.SecurityTokenDescriptor.Expires,
                createParams.SecurityTokenDescriptor.IssuedAt,
                createParams.SecurityTokenDescriptor.SigningCredentials);
            var jwtToken5   = handler.CreateToken(createParams.SecurityTokenDescriptor) as JwtSecurityToken;
            var encodedJwt3 = handler.WriteToken(jwtToken3);
            var encodedJwt4 = handler.WriteToken(jwtToken4);
            var encodedJwt5 = handler.WriteToken(jwtToken5);

            SecurityToken validatedJwtToken1 = null;
            var           claimsPrincipal1   = handler.ValidateToken(encodedJwt1, createParams.TokenValidationParameters, out validatedJwtToken1);

            SecurityToken validatedJwtToken2 = null;
            var           claimsPrincipal2   = handler.ValidateToken(encodedJwt2, createParams.TokenValidationParameters, out validatedJwtToken2);

            SecurityToken validatedJwtToken3 = null;
            var           claimsPrincipal3   = handler.ValidateToken(encodedJwt3, createParams.TokenValidationParameters, out validatedJwtToken3);

            SecurityToken validatedJwtToken4 = null;
            var           claimsPrincipal4   = handler.ValidateToken(encodedJwt4, createParams.TokenValidationParameters, out validatedJwtToken4);

            SecurityToken validatedJwtToken5 = null;
            var           claimsPrincipal5   = handler.ValidateToken(encodedJwt5, createParams.TokenValidationParameters, out validatedJwtToken5);

            var context      = new CompareContext();
            var localContext = new CompareContext();

            if (!IdentityComparer.AreJwtSecurityTokensEqual(jwtToken1, jwtToken2, localContext))
            {
                context.Diffs.Add("jwtToken1 != jwtToken2");
                context.Diffs.AddRange(localContext.Diffs);
            }

            localContext.Diffs.Clear();
            if (!IdentityComparer.AreJwtSecurityTokensEqual(jwtToken3, jwtToken4, localContext))
            {
                context.Diffs.Add("jwtToken3 != jwtToken4");
                context.Diffs.AddRange(localContext.Diffs);
            }

            localContext.Diffs.Clear();
            if (!IdentityComparer.AreJwtSecurityTokensEqual(jwtToken3, jwtToken5, localContext))
            {
                context.Diffs.Add("jwtToken3 != jwtToken5");
                context.Diffs.AddRange(localContext.Diffs);
            }

            localContext.Diffs.Clear();
            if (!IdentityComparer.AreEqual(validatedJwtToken1, validatedJwtToken2, localContext))
            {
                context.Diffs.Add("validatedJwtToken1 != validatedJwtToken2");
                context.Diffs.AddRange(localContext.Diffs);
            }

            localContext.Diffs.Clear();
            if (!IdentityComparer.AreEqual(validatedJwtToken1, validatedJwtToken3, localContext))
            {
                context.Diffs.Add("validatedJwtToken1 != validatedJwtToken3");
                context.Diffs.AddRange(localContext.Diffs);
            }

            localContext.Diffs.Clear();
            if (!IdentityComparer.AreEqual(validatedJwtToken1, validatedJwtToken4, localContext))
            {
                context.Diffs.Add("validatedJwtToken1 != validatedJwtToken4");
                context.Diffs.AddRange(localContext.Diffs);
            }

            localContext.Diffs.Clear();
            if (!IdentityComparer.AreEqual(validatedJwtToken1, validatedJwtToken5, localContext))
            {
                context.Diffs.Add("validatedJwtToken1 != validatedJwtToken5");
                context.Diffs.AddRange(localContext.Diffs);
            }

            localContext.Diffs.Clear();
            if (!IdentityComparer.AreClaimsPrincipalsEqual(claimsPrincipal1, claimsPrincipal2, localContext))
            {
                context.Diffs.Add("claimsPrincipal1 != claimsPrincipal2");
                context.Diffs.AddRange(localContext.Diffs);
            }

            localContext.Diffs.Clear();
            if (!IdentityComparer.AreClaimsPrincipalsEqual(claimsPrincipal1, claimsPrincipal3, localContext))
            {
                context.Diffs.Add("claimsPrincipal1 != claimsPrincipal3");
                context.Diffs.AddRange(localContext.Diffs);
            }

            localContext.Diffs.Clear();
            if (!IdentityComparer.AreClaimsPrincipalsEqual(claimsPrincipal1, claimsPrincipal4, localContext))
            {
                context.Diffs.Add("claimsPrincipal1 != claimsPrincipal4");
                context.Diffs.AddRange(localContext.Diffs);
            }

            localContext.Diffs.Clear();
            if (!IdentityComparer.AreClaimsPrincipalsEqual(claimsPrincipal1, claimsPrincipal5, localContext))
            {
                context.Diffs.Add("claimsPrincipal1 != claimsPrincipal5");
                context.Diffs.AddRange(localContext.Diffs);
            }

            TestUtilities.AssertFailIfErrors(string.Format(CultureInfo.InvariantCulture, "RoundTripTokens: Case '{0}'", createParams.Case), context.Diffs);
        }
Beispiel #5
0
        public void RoundTripTokens(JwtTheoryData theoryData)
        {
            var handler = new JwtSecurityTokenHandler();

            handler.InboundClaimTypeMap.Clear();
            var encodedJwt1 = handler.CreateEncodedJwt(theoryData.TokenDescriptor);
            var encodedJwt2 = handler.CreateEncodedJwt(
                theoryData.TokenDescriptor.Issuer,
                theoryData.TokenDescriptor.Audience,
                theoryData.TokenDescriptor.Subject,
                theoryData.TokenDescriptor.NotBefore,
                theoryData.TokenDescriptor.Expires,
                theoryData.TokenDescriptor.IssuedAt,
                theoryData.TokenDescriptor.SigningCredentials);
            var jwtToken1 = new JwtSecurityToken(encodedJwt1);
            var jwtToken2 = new JwtSecurityToken(encodedJwt2);
            var jwtToken3 = handler.CreateJwtSecurityToken(theoryData.TokenDescriptor);
            var jwtToken4 = handler.CreateJwtSecurityToken(
                theoryData.TokenDescriptor.Issuer,
                theoryData.TokenDescriptor.Audience,
                theoryData.TokenDescriptor.Subject,
                theoryData.TokenDescriptor.NotBefore,
                theoryData.TokenDescriptor.Expires,
                theoryData.TokenDescriptor.IssuedAt,
                theoryData.TokenDescriptor.SigningCredentials);
            var jwtToken5 = handler.CreateToken(theoryData.TokenDescriptor) as JwtSecurityToken;
            var jwtToken6 = handler.CreateJwtSecurityToken(
                theoryData.TokenDescriptor.Issuer,
                theoryData.TokenDescriptor.Audience,
                theoryData.TokenDescriptor.Subject,
                theoryData.TokenDescriptor.NotBefore,
                theoryData.TokenDescriptor.Expires,
                theoryData.TokenDescriptor.IssuedAt,
                theoryData.TokenDescriptor.SigningCredentials,
                theoryData.TokenDescriptor.EncryptingCredentials);
            var encodedJwt3 = handler.WriteToken(jwtToken3);
            var encodedJwt4 = handler.WriteToken(jwtToken4);
            var encodedJwt5 = handler.WriteToken(jwtToken5);
            var encodedJwt6 = handler.WriteToken(jwtToken6);

            SecurityToken validatedJwtToken1 = null;
            var           claimsPrincipal1   = handler.ValidateToken(encodedJwt1, theoryData.ValidationParameters, out validatedJwtToken1);

            SecurityToken validatedJwtToken2 = null;
            var           claimsPrincipal2   = handler.ValidateToken(encodedJwt2, theoryData.ValidationParameters, out validatedJwtToken2);

            SecurityToken validatedJwtToken3 = null;
            var           claimsPrincipal3   = handler.ValidateToken(encodedJwt3, theoryData.ValidationParameters, out validatedJwtToken3);

            SecurityToken validatedJwtToken4 = null;
            var           claimsPrincipal4   = handler.ValidateToken(encodedJwt4, theoryData.ValidationParameters, out validatedJwtToken4);

            SecurityToken validatedJwtToken5 = null;
            var           claimsPrincipal5   = handler.ValidateToken(encodedJwt5, theoryData.ValidationParameters, out validatedJwtToken5);

            SecurityToken validatedJwtToken6 = null;
            var           claimsPrincipal6   = handler.ValidateToken(encodedJwt6, theoryData.ValidationParameters, out validatedJwtToken6);

            var context      = new CompareContext();
            var localContext = new CompareContext
            {
                PropertiesToIgnoreWhenComparing = new Dictionary <Type, List <string> >
                {
                    { typeof(JwtHeader), new List <string> {
                          "Item"
                      } },
                    { typeof(JwtPayload), new List <string> {
                          "Item"
                      } }
                }
            };

            if (!IdentityComparer.AreJwtSecurityTokensEqual(jwtToken1, jwtToken2, localContext))
            {
                context.Diffs.Add("jwtToken1 != jwtToken2");
                context.Diffs.AddRange(localContext.Diffs);
            }

            localContext.Diffs.Clear();
            if (!IdentityComparer.AreJwtSecurityTokensEqual(jwtToken3, jwtToken4, localContext))
            {
                context.Diffs.Add("jwtToken3 != jwtToken4");
                context.Diffs.AddRange(localContext.Diffs);
            }

            localContext.Diffs.Clear();
            if (!IdentityComparer.AreJwtSecurityTokensEqual(jwtToken3, jwtToken5, localContext))
            {
                context.Diffs.Add("jwtToken3 != jwtToken5");
                context.Diffs.AddRange(localContext.Diffs);
            }

            localContext.Diffs.Clear();
            if (!IdentityComparer.AreEqual(validatedJwtToken1, validatedJwtToken2, localContext))
            {
                context.Diffs.Add("validatedJwtToken1 != validatedJwtToken2");
                context.Diffs.AddRange(localContext.Diffs);
            }

            localContext.Diffs.Clear();
            if (!IdentityComparer.AreEqual(validatedJwtToken1, validatedJwtToken3, localContext))
            {
                context.Diffs.Add("validatedJwtToken1 != validatedJwtToken3");
                context.Diffs.AddRange(localContext.Diffs);
            }

            localContext.Diffs.Clear();
            if (!IdentityComparer.AreEqual(validatedJwtToken1, validatedJwtToken4, localContext))
            {
                context.Diffs.Add("validatedJwtToken1 != validatedJwtToken4");
                context.Diffs.AddRange(localContext.Diffs);
            }

            localContext.Diffs.Clear();
            if (!IdentityComparer.AreEqual(validatedJwtToken1, validatedJwtToken5, localContext))
            {
                context.Diffs.Add("validatedJwtToken1 != validatedJwtToken5");
                context.Diffs.AddRange(localContext.Diffs);
            }

            localContext.Diffs.Clear();
            if (!IdentityComparer.AreEqual(validatedJwtToken1, validatedJwtToken6, localContext))
            {
                context.Diffs.Add("validatedJwtToken1 != validatedJwtToken6");
                context.Diffs.AddRange(localContext.Diffs);
            }

            localContext.Diffs.Clear();
            if (!IdentityComparer.AreClaimsPrincipalsEqual(claimsPrincipal1, claimsPrincipal2, localContext))
            {
                context.Diffs.Add("claimsPrincipal1 != claimsPrincipal2");
                context.Diffs.AddRange(localContext.Diffs);
            }

            localContext.Diffs.Clear();
            if (!IdentityComparer.AreClaimsPrincipalsEqual(claimsPrincipal1, claimsPrincipal3, localContext))
            {
                context.Diffs.Add("claimsPrincipal1 != claimsPrincipal3");
                context.Diffs.AddRange(localContext.Diffs);
            }

            localContext.Diffs.Clear();
            if (!IdentityComparer.AreClaimsPrincipalsEqual(claimsPrincipal1, claimsPrincipal4, localContext))
            {
                context.Diffs.Add("claimsPrincipal1 != claimsPrincipal4");
                context.Diffs.AddRange(localContext.Diffs);
            }

            localContext.Diffs.Clear();
            if (!IdentityComparer.AreClaimsPrincipalsEqual(claimsPrincipal1, claimsPrincipal5, localContext))
            {
                context.Diffs.Add("claimsPrincipal1 != claimsPrincipal5");
                context.Diffs.AddRange(localContext.Diffs);
            }

            localContext.Diffs.Clear();
            if (!IdentityComparer.AreClaimsPrincipalsEqual(claimsPrincipal1, claimsPrincipal6, localContext))
            {
                context.Diffs.Add("claimsPrincipal1 != claimsPrincipal6");
                context.Diffs.AddRange(localContext.Diffs);
            }

            TestUtilities.AssertFailIfErrors(string.Format(CultureInfo.InvariantCulture, "RoundTripTokens: Case '{0}'", theoryData.TestId), context.Diffs);
        }