public async Task JsonWebTokenWithDeveloperImplementedClientAssertionTest()
{
var certificate = new X509Certificate2("valid_cert.pfx", TestConstants.DefaultPassword);
var clientAssertion = new ClientAssertionTestImplementation();
var context = new AuthenticationContext(TestConstants.TenantSpecificAuthority, new TokenCache());
var validCertClaim = "\"x5c\":\"" + Convert.ToBase64String(certificate.GetRawCertData());
HttpMessageHandlerFactory.AddMockHandler(new MockHttpMessageHandler(TestConstants.GetTokenEndpoint(TestConstants.TenantSpecificAuthority))
{
Method = HttpMethod.Post,
ResponseMessage = new HttpResponseMessage(HttpStatusCode.OK)
{
Content = new StringContent("{\"token_type\":\"Bearer\",\"expires_in\":\"3599\",\"access_token\":\"some-access-token\"}")
},
AdditionalRequestValidation = request =>
{
var requestContent = request.Content.ReadAsStringAsync().GetAwaiter().GetResult();
var formsData = EncodingHelper.ParseKeyValueList(requestContent, '&', true, null);
// Check presence of client_assertion in request
string encodedJwt;
Assert.IsTrue(formsData.TryGetValue("client_assertion", out encodedJwt), "Missing client_assertion from request");
// Check presence of x5c cert claim. It should not exist.
var jwtHeader = EncodingHelper.UrlDecode(encodedJwt.Split('.')[0]);
Assert.IsTrue(!jwtHeader.Contains("\"x5c\":"));
}
});
AuthenticationResult result = await context.AcquireTokenAsync(TestConstants.DefaultResource, clientAssertion);
Assert.IsNotNull(result.AccessToken);
}
public async Task JsonWebTokenWithDeveloperImplementedClientAssertionTest()
{
var certificate = new X509Certificate2("valid_cert.pfx", TestConstants.DefaultPassword);
var clientAssertion = new ClientAssertionTestImplementation();
var context = new AuthenticationContext(TestConstants.TenantSpecificAuthority, new TokenCache());
HttpMessageHandlerFactory.AddMockHandler(EmptyX5CMockHandler);
AuthenticationResult result = await context.AcquireTokenAsync(TestConstants.DefaultResource, clientAssertion, true);
Assert.IsNotNull(result.AccessToken);
}
