public async Task JsonWebTokenWithDeveloperImplementedClientAssertionTest() { var certificate = new X509Certificate2("valid_cert.pfx", TestConstants.DefaultPassword); var clientAssertion = new ClientAssertionTestImplementation(); var context = new AuthenticationContext(TestConstants.TenantSpecificAuthority, new TokenCache()); var validCertClaim = "\"x5c\":\"" + Convert.ToBase64String(certificate.GetRawCertData()); HttpMessageHandlerFactory.AddMockHandler(new MockHttpMessageHandler(TestConstants.GetTokenEndpoint(TestConstants.TenantSpecificAuthority)) { Method = HttpMethod.Post, ResponseMessage = new HttpResponseMessage(HttpStatusCode.OK) { Content = new StringContent("{\"token_type\":\"Bearer\",\"expires_in\":\"3599\",\"access_token\":\"some-access-token\"}") }, AdditionalRequestValidation = request => { var requestContent = request.Content.ReadAsStringAsync().GetAwaiter().GetResult(); var formsData = EncodingHelper.ParseKeyValueList(requestContent, '&', true, null); // Check presence of client_assertion in request string encodedJwt; Assert.IsTrue(formsData.TryGetValue("client_assertion", out encodedJwt), "Missing client_assertion from request"); // Check presence of x5c cert claim. It should not exist. var jwtHeader = EncodingHelper.UrlDecode(encodedJwt.Split('.')[0]); Assert.IsTrue(!jwtHeader.Contains("\"x5c\":")); } }); AuthenticationResult result = await context.AcquireTokenAsync(TestConstants.DefaultResource, clientAssertion); Assert.IsNotNull(result.AccessToken); }
public async Task JsonWebTokenWithDeveloperImplementedClientAssertionTest() { var certificate = new X509Certificate2("valid_cert.pfx", TestConstants.DefaultPassword); var clientAssertion = new ClientAssertionTestImplementation(); var context = new AuthenticationContext(TestConstants.TenantSpecificAuthority, new TokenCache()); HttpMessageHandlerFactory.AddMockHandler(EmptyX5CMockHandler); AuthenticationResult result = await context.AcquireTokenAsync(TestConstants.DefaultResource, clientAssertion, true); Assert.IsNotNull(result.AccessToken); }