Beispiel #1
0
        public void AsymmetricSignatureProvider_Extensibility()
        {
            JwtSecurityTokenHandler handler = new JwtSecurityTokenHandler();

            Console.WriteLine("Testvariation: " + "outbound signature algorithm - bobsYourUncle");

            // inbound signature algorithm - bobsYourUncle
            JwtSecurityTokenHandler.OutboundAlgorithmMap.Remove(SecurityAlgorithms.RsaSha256Signature);
            JwtSecurityTokenHandler.OutboundAlgorithmMap.Add(new KeyValuePair <string, string>(SecurityAlgorithms.RsaSha256Signature, "bobsYourUncle"));
            JwtSecurityToken     jwt    = handler.CreateToken(issuer: Issuers.GotJwt, signingCredentials: KeyingMaterial.X509SigningCreds_2048_RsaSha2_Sha2) as JwtSecurityToken;
            List <SecurityToken> tokens = new List <SecurityToken>()
            {
                KeyingMaterial.X509Token_2048
            };

            handler.Configuration = new SecurityTokenHandlerConfiguration()
            {
                IssuerTokenResolver  = SecurityTokenResolver.CreateDefaultSecurityTokenResolver(tokens.AsReadOnly(), true),
                SaveBootstrapContext = true,
                CertificateValidator = AlwaysSucceedCertificateValidator.New,
                AudienceRestriction  = new AudienceRestriction(AudienceUriMode.Never),
            };

            // inbound unknown algorithm
            ExpectedException expectedException = ExpectedException.SecVal(id: "Jwt10316");

            try
            {
                handler.ValidateToken(jwt);
                ExpectedException.ProcessNoException(expectedException);
            }
            catch (Exception ex)
            {
                ExpectedException.ProcessException(expectedException, ex);
            }
            finally
            {
                JwtSecurityTokenHandler.OutboundAlgorithmMap.Remove(SecurityAlgorithms.RsaSha256Signature);
                JwtSecurityTokenHandler.OutboundAlgorithmMap.Add(new KeyValuePair <string, string>(SecurityAlgorithms.RsaSha256Signature, "RS256"));
            }
        }
Beispiel #2
0
        public void SymmetricSignatureProvider_Extensibility()
        {
            JwtSecurityTokenHandler handler = new JwtSecurityTokenHandler();

            Console.WriteLine("Testvariation: " + "outbound signature algorithm - bobsYourUncle");

            // inbound signature algorithm - bobsYourUncle
            JwtSecurityTokenHandler.OutboundAlgorithmMap.Remove(SecurityAlgorithms.HmacSha256Signature);
            JwtSecurityTokenHandler.OutboundAlgorithmMap.Add(new KeyValuePair <string, string>(SecurityAlgorithms.HmacSha256Signature, "bobsYourUncle"));
            JwtSecurityToken     jwt    = handler.CreateToken(issuer: "http://GotJwt.com", signingCredentials: KeyingMaterial.SymmetricSigningCreds_256_Sha2) as JwtSecurityToken;
            List <SecurityToken> tokens = new List <SecurityToken>()
            {
                KeyingMaterial.BinarySecretToken_256
            };
            TokenValidationParameters tvp = new TokenValidationParameters()
            {
                SigningToken    = KeyingMaterial.BinarySecretToken_256,
                AudienceUriMode = AudienceUriMode.Never,
                ValidIssuer     = "http://GotJwt.com",
            };

            // inbound unknown algorithm
            ExpectedException expectedException = ExpectedException.SecVal(id: "Jwt10316");

            try
            {
                ClaimsPrincipal principal = handler.ValidateToken(jwt, tvp);
                ExpectedException.ProcessNoException(expectedException);
            }
            catch (Exception ex)
            {
                ExpectedException.ProcessException(expectedException, ex);
            }
            finally
            {
                JwtSecurityTokenHandler.OutboundAlgorithmMap.Remove(SecurityAlgorithms.HmacSha256Signature);
                JwtSecurityTokenHandler.OutboundAlgorithmMap.Add(new KeyValuePair <string, string>(SecurityAlgorithms.HmacSha256Signature, "HS256"));
            }
        }