public MockIdentityServerShould()
{
_sut = MockIdentityServer.Configure(c => {
c.AddApiResources(new ApiResource()
{
Name = "testscope",
Scopes = new[] { new Scope("testscope") },
ApiSecrets = new[] { new Secret("apisecret".Sha256()) }
})
.AddClients(new Client()
{
ClientId = "testclient",
ClientSecrets = new[] { new Secret("clientsecret".Sha256()) },
AllowedGrantTypes = GrantTypes.ClientCredentials,
AllowedScopes = new[] { "testscope" }
});
}).Start();
}
public async Task RequestToken_ValidateUsingExposedPublicKey_ValidationSucceded()
{
var mockServer = new MockIdentityServer();
var token = await mockServer.GetTokenForUser("blah");
var valParams = new TokenValidationParameters {
IssuerSigningKeyResolver =
(t, securityToken, keyIdentifier, validationParameters) =>
{
var kid =
keyIdentifier.OfType <NamedKeySecurityKeyIdentifierClause>()
.Where(identifier => identifier.Name.Equals("kid"))
.Select(identifier => identifier.Id)
.Single();
return(validationParameters.IssuerSigningTokens.Single(key => key.Id == kid).SecurityKeys.First());
},
ValidAudience = "http://localhost/resources"
};
var format = new JwtFormat(valParams, new Provider((await mockServer.GetPublicKeys()).Keys));
format.Unprotect(token);
}
