public void ConstructorB(EncryptingCredentialsTheoryData theoryData)
{
var context = TestUtilities.WriteHeader($"{this}.ConstructorB", theoryData);
try
{
var encryptingCredentials = new EncryptingCredentials((SymmetricSecurityKey)theoryData.Key, theoryData.Enc);
//Algorithm value should be 'None'
IdentityComparer.AreEqual(encryptingCredentials.Alg, SecurityAlgorithms.None, context);
theoryData.ExpectedException.ProcessNoException(context);
}
catch (Exception exception)
{
theoryData.ExpectedException.ProcessException(exception, context);
}
TestUtilities.AssertFailIfErrors(context);
}
public void ComputeJwkThumbprint(JwkThumbprintTheoryData theoryData)
{
Logging.IdentityModelEventSource.ShowPII = true;
var context = TestUtilities.WriteHeader($"{this}.ComputeJwkThumbprint", theoryData);
try
{
var jwkThumbprint = Base64UrlEncoder.Encode(theoryData.JWK.ComputeJwkThumbprint());
IdentityComparer.AreStringsEqual(jwkThumbprint, theoryData.ExpectedBase64UrlEncodedJwkThumbprint, context);
theoryData.ExpectedException.ProcessNoException(context);
}
catch (Exception ex)
{
theoryData.ExpectedException.ProcessException(ex, context);
}
TestUtilities.AssertFailIfErrors(context);
}
public void GetSigningKeys(JsonWebKeySetTheoryData theoryData)
{
var context = TestUtilities.WriteHeader($"{this}.GetSigningKeys", theoryData);
try
{
var signingKeys = theoryData.JsonWebKeySet.GetSigningKeys();
IdentityComparer.AreEqual(signingKeys, theoryData.ExpectedSigningKeys, context);
theoryData.ExpectedException.ProcessNoException(context);
}
catch (Exception ex)
{
theoryData.ExpectedException.ProcessException(ex, context);
}
TestUtilities.AssertFailIfErrors(context);
}
public void Constructors(string json, JsonWebKey compareTo, ExpectedException ee)
{
var context = new CompareContext();
try
{
var jsonWebKey = new JsonWebKey(json);
ee.ProcessNoException(context);
if (compareTo != null)
{
IdentityComparer.AreEqual(jsonWebKey, compareTo, context);
}
}
catch (Exception ex)
{
ee.ProcessException(ex, context.Diffs);
}
TestUtilities.AssertFailIfErrors(context);
}
public void RSAEncryptDecryptValue(RSACryptoServiceProviderProxyTheoryData theoryData)
{
var context = TestUtilities.WriteHeader($"{this}.RSAEncryptDecryptValue", theoryData);
try
{
var proxy = new RSACryptoServiceProviderProxy(theoryData.RsaCryptoServiceProvider);
var cipherTextProxy = proxy.EncryptValue(theoryData.Input);
var cipherTextRsa = theoryData.RsaCryptoServiceProvider.EncryptValue(theoryData.Input);
IdentityComparer.AreBytesEqual(
proxy.DecryptValue(cipherTextProxy),
theoryData.RsaCryptoServiceProvider.DecryptValue(cipherTextRsa),
context);
}
catch (Exception ex)
{
theoryData.ExpectedException.ProcessException(ex, context);
}
TestUtilities.AssertFailIfErrors(context);
}
public void ConvertJsonWebKeyToSecurityKey(JsonWebKeyConverterTheoryData theoryData)
{
var context = TestUtilities.WriteHeader($"{this}.ConvertJsonWebKeyToSecurityKey", theoryData);
try
{
var wasConverted = JsonWebKeyConverter.TryConvertToSecurityKey(theoryData.JsonWebKey, out SecurityKey securityKey);
theoryData.ExpectedException.ProcessNoException(context);
IdentityComparer.AreEqual(securityKey, theoryData.SecurityKey, context);
if (theoryData.JsonWebKey.ConvertedSecurityKey.GetType() != theoryData.SecurityKey.GetType())
{
context.AddDiff($"theoryData.JsonWebKey.RelatedSecurityKey.GetType(): '{theoryData.JsonWebKey.ConvertedSecurityKey.GetType()}' != theoryData.SecurityKey.GetType(): '{theoryData.SecurityKey.GetType()}'.");
}
}
catch (Exception ex)
{
theoryData.ExpectedException.ProcessException(ex, context);
}
TestUtilities.AssertFailIfErrors(context);
}
public void Constructors(X509EncryptingCredentialsTheoryData theoryData)
{
var context = TestUtilities.WriteHeader($"{this}.Constructors", theoryData);
try
{
var encryptingCredentials = new X509EncryptingCredentials(theoryData.Certificate, theoryData.Alg, theoryData.Enc);
var encryptingCredentialsFromCert = new X509EncryptingCredentials(theoryData.Certificate);
IdentityComparer.AreEqual(encryptingCredentials.Certificate, encryptingCredentialsFromCert.Certificate, context);
IdentityComparer.AreEqual(encryptingCredentials.Key, encryptingCredentialsFromCert.Key, context);
IdentityComparer.AreEqual(encryptingCredentials.Certificate, encryptingCredentialsFromCert.Certificate, context);
IdentityComparer.AreEqual(encryptingCredentials.Alg, encryptingCredentialsFromCert.Alg, context);
IdentityComparer.AreEqual(encryptingCredentials.Enc, encryptingCredentialsFromCert.Enc, context);
theoryData.ExpectedException.ProcessNoException(context);
}
catch (Exception exception)
{
theoryData.ExpectedException.ProcessException(exception, context);
}
TestUtilities.AssertFailIfErrors(context);
}
public void ConvertX509SecurityKeyAsRsaSecurityKeyToJsonWebKey(JsonWebKeyConverterTheoryData theoryData)
{
var context = TestUtilities.WriteHeader($"{this}.ConvertX509SecurityKeyToJsonWebKeyTheoryData", theoryData);
try
{
var convertedKey = JsonWebKeyConverter.ConvertFromX509SecurityKey(theoryData.SecurityKey as X509SecurityKey, theoryData.RepresentAsRsaKey);
theoryData.ExpectedException.ProcessNoException(context);
IdentityComparer.AreEqual(convertedKey, theoryData.JsonWebKey, context);
var expectedConvertedKeyType = theoryData.RepresentAsRsaKey == true ? typeof(RsaSecurityKey) : typeof(X509SecurityKey);
if (convertedKey.ConvertedSecurityKey.GetType() != expectedConvertedKeyType)
{
context.AddDiff($"convertedKey.ConvertedSecurityKey.GetType(): '{convertedKey.ConvertedSecurityKey.GetType()}' != expectedConvertedKeyType: '{expectedConvertedKeyType}'.");
}
}
catch (Exception ex)
{
theoryData.ExpectedException.ProcessException(ex, context);
}
TestUtilities.AssertFailIfErrors(context);
}
public void Publics()
{
TokenValidationParameters validationParameters = new TokenValidationParameters();
Type type = typeof(TokenValidationParameters);
PropertyInfo[] properties = type.GetProperties();
if (properties.Length != 35)
{
Assert.True(false, "Number of properties has changed from 35 to: " + properties.Length + ", adjust tests");
}
TokenValidationParameters actorValidationParameters = new TokenValidationParameters();
SecurityKey issuerSigningKey = KeyingMaterial.DefaultX509Key_Public_2048;
SecurityKey issuerSigningKey2 = KeyingMaterial.RsaSecurityKey_2048;
List <SecurityKey> issuerSigningKeys =
new List <SecurityKey>
{
KeyingMaterial.DefaultX509Key_Public_2048,
KeyingMaterial.RsaSecurityKey_2048
};
List <SecurityKey> issuerSigningKeysDup =
new List <SecurityKey>
{
KeyingMaterial.DefaultX509Key_Public_2048,
KeyingMaterial.RsaSecurityKey_2048
};
string validAudience = "ValidAudience";
List <string> validAudiences = new List <string> {
validAudience
};
string validIssuer = "ValidIssuer";
List <string> validIssuers = new List <string> {
validIssuer
};
TokenValidationParameters validationParametersInline = new TokenValidationParameters()
{
ActorValidationParameters = actorValidationParameters,
AudienceValidator = ValidationDelegates.AudienceValidatorReturnsTrue,
IssuerSigningKey = issuerSigningKey,
IssuerSigningKeyResolver = (token, securityToken, keyIdentifier, tvp) => { return(new List <SecurityKey> {
issuerSigningKey
}); },
IssuerSigningKeys = issuerSigningKeys,
IssuerValidator = ValidationDelegates.IssuerValidatorEcho,
LifetimeValidator = ValidationDelegates.LifetimeValidatorReturnsTrue,
SignatureValidator = ValidationDelegates.SignatureValidatorReturnsJwtTokenAsIs,
SaveSigninToken = true,
ValidateAudience = false,
ValidateIssuer = false,
ValidAudience = validAudience,
ValidAudiences = validAudiences,
ValidIssuer = validIssuer,
ValidIssuers = validIssuers,
};
Assert.True(object.ReferenceEquals(actorValidationParameters, validationParametersInline.ActorValidationParameters));
Assert.True(object.ReferenceEquals(validationParametersInline.IssuerSigningKey, issuerSigningKey));
Assert.True(validationParametersInline.SaveSigninToken);
Assert.False(validationParametersInline.ValidateAudience);
Assert.False(validationParametersInline.ValidateIssuer);
Assert.True(object.ReferenceEquals(validationParametersInline.ValidAudience, validAudience));
Assert.True(object.ReferenceEquals(validationParametersInline.ValidAudiences, validAudiences));
Assert.True(object.ReferenceEquals(validationParametersInline.ValidIssuer, validIssuer));
TokenValidationParameters validationParametersSets = new TokenValidationParameters();
validationParametersSets.ActorValidationParameters = actorValidationParameters;
validationParametersSets.AudienceValidator = ValidationDelegates.AudienceValidatorReturnsTrue;
validationParametersSets.IssuerSigningKey = KeyingMaterial.DefaultX509Key_Public_2048;
validationParametersSets.IssuerSigningKeyResolver = (token, securityToken, keyIdentifier, tvp) => { return(new List <SecurityKey> {
issuerSigningKey2
}); };
validationParametersSets.IssuerSigningKeys = issuerSigningKeysDup;
validationParametersSets.IssuerValidator = ValidationDelegates.IssuerValidatorEcho;
validationParametersSets.LifetimeValidator = ValidationDelegates.LifetimeValidatorReturnsTrue;
validationParametersSets.SignatureValidator = ValidationDelegates.SignatureValidatorReturnsJwtTokenAsIs;
validationParametersSets.SaveSigninToken = true;
validationParametersSets.ValidateAudience = false;
validationParametersSets.ValidateIssuer = false;
validationParametersSets.ValidAudience = validAudience;
validationParametersSets.ValidAudiences = validAudiences;
validationParametersSets.ValidIssuer = validIssuer;
validationParametersSets.ValidIssuers = validIssuers;
var compareContext = new CompareContext();
IdentityComparer.AreEqual(validationParametersInline, validationParametersSets, compareContext);
TokenValidationParameters tokenValidationParametersCloned = validationParametersInline.Clone() as TokenValidationParameters;
IdentityComparer.AreEqual(tokenValidationParametersCloned, validationParametersInline, compareContext);
//tokenValidationParametersCloned.AudienceValidator(new string[]{"bob"}, JwtTestTokens.Simple();
string id = Guid.NewGuid().ToString();
DerivedTokenValidationParameters derivedValidationParameters = new DerivedTokenValidationParameters(id, validationParametersInline);
DerivedTokenValidationParameters derivedValidationParametersCloned = derivedValidationParameters.Clone() as DerivedTokenValidationParameters;
IdentityComparer.AreEqual(derivedValidationParameters, derivedValidationParametersCloned, compareContext);
IdentityComparer.AreEqual(derivedValidationParameters.InternalString, derivedValidationParametersCloned.InternalString, compareContext);
TestUtilities.AssertFailIfErrors("TokenValidationParameters", compareContext.Diffs);
}
public void GetSets()
{
TestUtilities.WriteHeader($"{this}.GetSets");
var context = new CompareContext($"{this}.GetSets");
CryptoProviderFactory cryptoProviderFactory = new CryptoProviderFactory();
Type type = typeof(CryptoProviderFactory);
PropertyInfo[] properties = type.GetProperties();
if (properties.Length != 7)
{
Assert.True(false, "Number of public fields has changed from 7 to: " + properties.Length + ", adjust tests");
}
CustomCryptoProvider customCryptoProvider = new CustomCryptoProvider();
GetSetContext getSetContext =
new GetSetContext
{
PropertyNamesAndSetGetValue = new List <KeyValuePair <string, List <object> > >
{
new KeyValuePair <string, List <object> >("SignatureProviderObjectPoolCacheSize", new List <object> {
CryptoProviderFactory.DefaultSignatureProviderObjectPoolCacheSize, 20, 10
}),
new KeyValuePair <string, List <object> >("CacheSignatureProviders", new List <object> {
CryptoProviderFactory.DefaultCacheSignatureProviders, false, true
}),
new KeyValuePair <string, List <object> >("CustomCryptoProvider", new List <object> {
(ICryptoProvider)null, customCryptoProvider, null
}),
},
Object = cryptoProviderFactory,
};
TestUtilities.GetSet(getSetContext);
cryptoProviderFactory.SignatureProviderObjectPoolCacheSize = 42;
cryptoProviderFactory.CacheSignatureProviders = false;
cryptoProviderFactory.CustomCryptoProvider = customCryptoProvider;
CryptoProviderFactory clone = new CryptoProviderFactory(cryptoProviderFactory);
IdentityComparer.CompareAllPublicProperties(clone, cryptoProviderFactory, context);
try
{
cryptoProviderFactory.SignatureProviderObjectPoolCacheSize = 0;
context.AddDiff("cryptoProviderFactory.SignatureProviderObjectPoolCacheSize = 0; - Succeeded");
}
catch
{
}
try
{
cryptoProviderFactory.SignatureProviderObjectPoolCacheSize = -1;
context.AddDiff("cryptoProviderFactory.SignatureProviderObjectPoolCacheSize = -1; - Succeeded");
}
catch
{
}
context.Diffs.AddRange(getSetContext.Errors);
TestUtilities.AssertFailIfErrors(context);
}
public void Constructor()
{
var context = new CompareContext();
var expectedException = new ExpectedException(typeExpected: typeof(ArgumentNullException), substringExpected: "certificate");
try
{
new X509SecurityKey((X509Certificate2)null);
expectedException.ProcessNoException(context);
}
catch (Exception exception)
{
expectedException.ProcessException(exception, context);
}
var certificate = KeyingMaterial.DefaultCert_2048;
expectedException = new ExpectedException(typeExpected: typeof(ArgumentNullException), substringExpected: "keyId");
try
{
new X509SecurityKey(certificate, null);
expectedException.ProcessNoException(context);
}
catch (Exception exception)
{
expectedException.ProcessException(exception, context);
}
try
{
new X509SecurityKey(certificate, string.Empty);
expectedException.ProcessNoException(context);
}
catch (Exception exception)
{
expectedException.ProcessException(exception, context);
}
expectedException = ExpectedException.NoExceptionExpected;
try
{
var x509SecurityKey = new X509SecurityKey(certificate);
IdentityComparer.AreEqual(x509SecurityKey.KeyId, certificate.Thumbprint, context);
IdentityComparer.AreEqual(x509SecurityKey.X5t, Base64UrlEncoder.Encode(certificate.GetCertHash()), context);
IdentityComparer.AreEqual(certificate, x509SecurityKey.Certificate, context);
}
catch (Exception exception)
{
expectedException.ProcessException(exception, context);
}
try
{
var x509SecurityKey = new X509SecurityKey(certificate, "KID");
IdentityComparer.AreEqual(x509SecurityKey.KeyId, "KID", context);
IdentityComparer.AreEqual(x509SecurityKey.X5t, Base64UrlEncoder.Encode(certificate.GetCertHash()), context);
IdentityComparer.AreEqual(certificate, x509SecurityKey.Certificate, context);
}
catch (Exception exception)
{
expectedException.ProcessException(exception, context);
}
TestUtilities.AssertFailIfErrors(context);
}
public void Publics()
{
TokenValidationParameters validationParameters = new TokenValidationParameters();
Type type = typeof(TokenValidationParameters);
PropertyInfo[] properties = type.GetProperties();
if (properties.Length != 43)
{
Assert.True(false, "Number of properties has changed from 43 to: " + properties.Length + ", adjust tests");
}
TokenValidationParameters actorValidationParameters = new TokenValidationParameters();
SecurityKey issuerSigningKey = KeyingMaterial.DefaultX509Key_2048_Public;
SecurityKey issuerSigningKey2 = KeyingMaterial.RsaSecurityKey_2048;
List <SecurityKey> issuerSigningKeys =
new List <SecurityKey>
{
KeyingMaterial.DefaultX509Key_2048_Public,
KeyingMaterial.RsaSecurityKey_2048
};
List <SecurityKey> issuerSigningKeysDup =
new List <SecurityKey>
{
KeyingMaterial.DefaultX509Key_2048_Public,
KeyingMaterial.RsaSecurityKey_2048
};
string validAudience = "ValidAudience";
List <string> validAudiences = new List <string> {
validAudience
};
string validIssuer = "ValidIssuer";
List <string> validIssuers = new List <string> {
validIssuer
};
var propertyBag =
new Dictionary <string, Object>
{
{ "CustomKey", "CustomValue" }
};
TypeValidator typeValidator = (typ, token, parameters) => "ActualType";
AlgorithmValidator algorithmValidator = ValidationDelegates.AlgorithmValidatorBuilder(false);
var validTypes = new List <string> {
"ValidType1", "ValidType2", "ValidType3"
};
var validAlgorithms = new List <string> {
"RSA2048", "RSA1024"
};
TokenValidationParameters validationParametersInline = new TokenValidationParameters()
{
AlgorithmValidator = algorithmValidator,
ActorValidationParameters = actorValidationParameters,
AudienceValidator = ValidationDelegates.AudienceValidatorReturnsTrue,
IssuerSigningKey = issuerSigningKey,
IssuerSigningKeyResolver = (token, securityToken, keyIdentifier, tvp) => { return(new List <SecurityKey> {
issuerSigningKey
}); },
IssuerSigningKeys = issuerSigningKeys,
IssuerValidator = ValidationDelegates.IssuerValidatorEcho,
LifetimeValidator = ValidationDelegates.LifetimeValidatorReturnsTrue,
PropertyBag = propertyBag,
SignatureValidator = ValidationDelegates.SignatureValidatorReturnsJwtTokenAsIs,
SaveSigninToken = true,
TypeValidator = typeValidator,
ValidAlgorithms = validAlgorithms,
ValidateAudience = false,
ValidateIssuer = false,
ValidAudience = validAudience,
ValidAudiences = validAudiences,
ValidIssuer = validIssuer,
ValidIssuers = validIssuers,
ValidTypes = validTypes
};
Assert.True(object.ReferenceEquals(actorValidationParameters, validationParametersInline.ActorValidationParameters));
Assert.True(object.ReferenceEquals(validationParametersInline.IssuerSigningKey, issuerSigningKey));
Assert.True(object.ReferenceEquals(validationParametersInline.PropertyBag, propertyBag));
Assert.True(validationParametersInline.SaveSigninToken);
Assert.False(validationParametersInline.ValidateAudience);
Assert.False(validationParametersInline.ValidateIssuer);
Assert.True(object.ReferenceEquals(validationParametersInline.ValidAlgorithms, validAlgorithms));
Assert.True(object.ReferenceEquals(validationParametersInline.AlgorithmValidator, algorithmValidator));
Assert.True(object.ReferenceEquals(validationParametersInline.TypeValidator, typeValidator));
Assert.True(object.ReferenceEquals(validationParametersInline.ValidAudience, validAudience));
Assert.True(object.ReferenceEquals(validationParametersInline.ValidAudiences, validAudiences));
Assert.True(object.ReferenceEquals(validationParametersInline.ValidIssuer, validIssuer));
Assert.True(validationParametersInline.IgnoreTrailingSlashWhenValidatingAudience);
TokenValidationParameters validationParametersSets = new TokenValidationParameters();
validationParametersSets.AlgorithmValidator = algorithmValidator;
validationParametersSets.ActorValidationParameters = actorValidationParameters;
validationParametersSets.AudienceValidator = ValidationDelegates.AudienceValidatorReturnsTrue;
validationParametersSets.IssuerSigningKey = KeyingMaterial.DefaultX509Key_2048_Public;
validationParametersSets.IssuerSigningKeyResolver = (token, securityToken, keyIdentifier, tvp) => { return(new List <SecurityKey> {
issuerSigningKey2
}); };
validationParametersSets.IssuerSigningKeys = issuerSigningKeysDup;
validationParametersSets.IssuerValidator = ValidationDelegates.IssuerValidatorEcho;
validationParametersSets.LifetimeValidator = ValidationDelegates.LifetimeValidatorReturnsTrue;
validationParametersSets.PropertyBag = propertyBag;
validationParametersSets.SignatureValidator = ValidationDelegates.SignatureValidatorReturnsJwtTokenAsIs;
validationParametersSets.SaveSigninToken = true;
validationParametersSets.TypeValidator = typeValidator;
validationParametersSets.ValidateAudience = false;
validationParametersSets.ValidateIssuer = false;
validationParametersSets.ValidAlgorithms = validAlgorithms;
validationParametersSets.ValidAudience = validAudience;
validationParametersSets.ValidAudiences = validAudiences;
validationParametersSets.ValidIssuer = validIssuer;
validationParametersSets.ValidIssuers = validIssuers;
validationParametersSets.ValidTypes = validTypes;
var compareContext = new CompareContext();
IdentityComparer.AreEqual(validationParametersInline, validationParametersSets, compareContext);
IdentityComparer.AreEqual(validationParametersInline.Clone() as TokenValidationParameters, validationParametersInline, compareContext);
string id = Guid.NewGuid().ToString();
DerivedTokenValidationParameters derivedValidationParameters = new DerivedTokenValidationParameters(id, validationParametersInline);
DerivedTokenValidationParameters derivedValidationParametersCloned = derivedValidationParameters.Clone() as DerivedTokenValidationParameters;
IdentityComparer.AreEqual(derivedValidationParameters, derivedValidationParametersCloned, compareContext);
IdentityComparer.AreEqual(derivedValidationParameters.InternalString, derivedValidationParametersCloned.InternalString, compareContext);
TestUtilities.AssertFailIfErrors(compareContext);
}
