public void ClientAssertionRequestValidatorExpirationTimeTest()
{
var credential = new ClientCredential(MsalTestConstants.ClientSecret)
{
Audience = "Audience1",
ContainsX5C = false,
Assertion = MsalTestConstants.DefaultClientAssertion,
ValidTo = ConvertToTimeT(DateTime.UtcNow + TimeSpan.FromSeconds(JwtToAadLifetimeInSeconds))
};
var parameters = new AuthenticationRequestParameters
{
ClientCredential = credential,
SendCertificate = false,
Authority = Authority.CreateAuthority(
_serviceBundle,
MsalTestConstants.AuthorityCommonTenant,
false)
};
parameters.Authority.SelfSignedJwtAudience = "Audience1";
// Validate cached client assertion with expiration time
// Cached assertion should be valid
Assert.IsTrue(RequestValidationHelper.ValidateClientAssertion(parameters));
// Setting expiration time to now
credential.ValidTo = ConvertToTimeT(DateTime.UtcNow);
// cached assertion should have expired
Assert.IsFalse(RequestValidationHelper.ValidateClientAssertion(parameters));
}
protected override bool OnAuthorizeUser(string username, string password, HttpActionContext actionContext)
{
if (RequestValidationHelper.ValidateUser(username, password))
{
return(true);
}
Challenge(actionContext);
return(false);
}
public void ClientAssertionRequestValidatorMismatchParameterTest()
{
string Audience1 = "Audience1";
string Audience2 = "Audience2";
var credential = new ClientCredential(MsalTestConstants.ClientSecret)
{
Audience = Audience1,
ContainsX5C = false,
Assertion = MsalTestConstants.DefaultClientAssertion,
ValidTo = ConvertToTimeT(DateTime.UtcNow + TimeSpan.FromSeconds(JwtToAadLifetimeInSeconds))
};
var parameters = new AuthenticationRequestParameters
{
ClientCredential = credential,
SendCertificate = false,
Authority = Authority.CreateAuthority(
_serviceBundle,
MsalTestConstants.AuthorityCommonTenant,
false)
};
parameters.Authority.SelfSignedJwtAudience = Audience1;
// Validate cached client assertion with parameters
Assert.IsTrue(RequestValidationHelper.ValidateClientAssertion(parameters));
// Different audience
credential.Audience = Audience2;
// cached assertion should be invalid
Assert.IsFalse(RequestValidationHelper.ValidateClientAssertion(parameters));
// Different x5c, same audience
credential.Audience = Audience1;
credential.ContainsX5C = true;
// cached assertion should be invalid
Assert.IsFalse(RequestValidationHelper.ValidateClientAssertion(parameters));
// Different audience and x5c
credential.Audience = Audience2;
// cached assertion should be invalid
Assert.IsFalse(RequestValidationHelper.ValidateClientAssertion(parameters));
// No cached Assertion
credential.Assertion = "";
// should return false
Assert.IsFalse(RequestValidationHelper.ValidateClientAssertion(parameters));
}
public ValidateTwilioRequestAttribute()
{
_requestValidator = new RequestValidationHelper();
_authToken = ConfigurationManager.AppSettings["TwilioAuthToken"];
}
public ValidateTwilioRequestAttribute()
{
_requestValidator = new RequestValidationHelper();
_authToken = ConfigurationManager.AppSettings["TwilioAuthToken"];
_isTestEnvironment = bool.Parse(ConfigurationManager.AppSettings["IsTestEnvironment"]);
}
