public static void AddValidateIssuerTheoryData(List <TokenTheoryData> theoryData)
{
theoryData.Add(new TokenTheoryData
{
ExpectedException = ExpectedException.ArgumentNullException("IDX10000:"),
First = true,
Issuer = "bob",
TestId = "ValidationParameters null",
ValidationParameters = null,
});
theoryData.Add(new TokenTheoryData
{
TestId = "ValidateIssuer == false",
ValidationParameters = new TokenValidationParameters {
ValidateIssuer = false
},
});
theoryData.Add(new TokenTheoryData
{
ExpectedException = ExpectedException.SecurityTokenInvalidIssuerException("IDX10205:"),
Issuer = "bob",
TestId = "Issuer not matched",
ValidationParameters = new TokenValidationParameters {
ValidIssuer = "frank"
}
});
theoryData.Add(new TokenTheoryData
{
Issuer = "bob",
TestId = "Issuer matched",
ValidationParameters = new TokenValidationParameters
{
ValidateAudience = false,
ValidIssuer = "bob"
}
});
theoryData.Add(new TokenTheoryData
{
ExpectedException = ExpectedException.SecurityTokenInvalidIssuerException(substringExpected: "IDX10205:"),
Issuer = "bob",
TestId = "ValidIssuers set but not matched",
ValidationParameters = new TokenValidationParameters
{
ValidateAudience = false,
ValidIssuers = new List <string> {
"john", "paul", "george", "ringo"
}
}
});
theoryData.Add(new TokenTheoryData
{
Issuer = "bob",
TestId = "IssuerValidator - echo",
ValidationParameters = new TokenValidationParameters
{
IssuerValidator = ValidationDelegates.IssuerValidatorEcho,
ValidateAudience = false
}
});
}
private void ValidateIssuer()
{
DerivedSamlSecurityTokenHandler samlSecurityTokenHandler = new DerivedSamlSecurityTokenHandler();
ExpectedException expectedException = ExpectedException.NoExceptionExpected;
ValidateIssuer(null, new TokenValidationParameters {
ValidateIssuer = false
}, samlSecurityTokenHandler, expectedException);
expectedException = ExpectedException.ArgumentNullException(substringExpected: "Parameter name: validationParameters");
ValidateIssuer("bob", null, samlSecurityTokenHandler, expectedException);
expectedException = ExpectedException.SecurityTokenInvalidIssuerException(substringExpected: "IDX10204");
ValidateIssuer("bob", new TokenValidationParameters {
}, samlSecurityTokenHandler, expectedException);
expectedException = ExpectedException.NoExceptionExpected;
string issuer = ValidateIssuer("bob", new TokenValidationParameters {
ValidIssuer = "bob"
}, samlSecurityTokenHandler, expectedException);
Assert.IsTrue(issuer == "bob", "issuer mismatch");
expectedException = ExpectedException.SecurityTokenInvalidIssuerException(substringExpected: "IDX10205");
ValidateIssuer("bob", new TokenValidationParameters {
ValidIssuer = "frank"
}, samlSecurityTokenHandler, expectedException);
List <string> validIssuers = new List <string> {
"john", "paul", "george", "ringo"
};
expectedException = ExpectedException.SecurityTokenInvalidIssuerException(substringExpected: "IDX10205");
ValidateIssuer("bob", new TokenValidationParameters {
ValidIssuers = validIssuers
}, samlSecurityTokenHandler, expectedException);
expectedException = ExpectedException.NoExceptionExpected;
ValidateIssuer("bob", new TokenValidationParameters {
ValidateIssuer = false
}, samlSecurityTokenHandler, expectedException);
validIssuers.Add("bob");
expectedException = ExpectedException.NoExceptionExpected;
issuer = ValidateIssuer("bob", new TokenValidationParameters {
ValidIssuers = validIssuers
}, samlSecurityTokenHandler, expectedException);
Assert.IsTrue(issuer == "bob", "issuer mismatch");
expectedException = ExpectedException.SecurityTokenInvalidIssuerException(substringExpected: "IDX10204");
TokenValidationParameters validationParameters = new TokenValidationParameters
{
ValidateAudience = false,
IssuerValidator = IdentityUtilities.IssuerValidatorEcho,
};
ValidateIssuer("bob", validationParameters, samlSecurityTokenHandler, expectedException);
// no delegate secondary should still succeed
expectedException = ExpectedException.NoExceptionExpected;
validationParameters = new TokenValidationParameters
{
ValidateAudience = false,
ValidIssuers = validIssuers,
};
issuer = ValidateIssuer("bob", validationParameters, samlSecurityTokenHandler, expectedException);
Assert.IsTrue(issuer == "bob", "issuer mismatch");
// no delegate, secondary should fail
validIssuers = new List <string> {
"john", "paul", "george", "ringo"
};
expectedException = ExpectedException.SecurityTokenInvalidIssuerException(substringExpected: "IDX10205");
validationParameters = new TokenValidationParameters
{
IssuerSigningKey = new X509SecurityKey(KeyingMaterial.DefaultCert_2048),
ValidateAudience = false,
ValidIssuer = "http://Bob",
};
ValidateIssuer("bob", validationParameters, samlSecurityTokenHandler, expectedException);
validationParameters.ValidateIssuer = false;
validationParameters.IssuerValidator = IdentityUtilities.IssuerValidatorThrows;
ValidateIssuer("bob", validationParameters, samlSecurityTokenHandler, ExpectedException.NoExceptionExpected);
}