public void OAuth2CryptographicCodeGenerator_CreatePkceCodeVerifier_IsUniqueBase64UrlStringWithoutPaddingAndLengthBetween43And128()
{
var generator = new OAuth2CryptographicCodeGenerator();
// Create a bunch of verifiers
var verifiers = new string[32];
for (int i = 0; i < verifiers.Length; i++)
{
string v = generator.CreatePkceCodeVerifier();
// Assert the verifier is a base64url string without padding
char[] vs = v.ToCharArray();
Assert.All(vs, x => Assert.Contains(x, ValidBase64UrlCharsNoPad));
// Assert the verifier is a string of length [43, 128] (inclusive)
Assert.InRange(v.Length, 43, 128);
verifiers[i] = v;
}
// There should be no duplicates
string[] uniqueVerifiers = verifiers.Distinct().ToArray();
Assert.Equal(uniqueVerifiers, verifiers);
}
public void OAuth2CryptographicCodeGenerator_CreatePkceCodeChallenge_Plain_ReturnsVerifierUnchanged()
{
var generator = new OAuth2CryptographicCodeGenerator();
var verifier = generator.CreatePkceCodeVerifier();
var challenge = generator.CreatePkceCodeChallenge(OAuth2PkceChallengeMethod.Plain, verifier);
Assert.Equal(verifier, challenge);
}
public void OAuth2CryptographicCodeGenerator_CreatePkceCodeChallenge_Sha256_ReturnsBase64UrlEncodedSha256HashOfAsciiVerifier()
{
var generator = new OAuth2CryptographicCodeGenerator();
var verifier = generator.CreatePkceCodeVerifier();
byte[] verifierAsciiBytes = Encoding.ASCII.GetBytes(verifier);
byte[] hashedBytes;
using (var sha256 = SHA256.Create())
{
hashedBytes = sha256.ComputeHash(verifierAsciiBytes);
}
var expectedChallenge = Base64UrlConvert.Encode(hashedBytes, false);
var actualChallenge = generator.CreatePkceCodeChallenge(OAuth2PkceChallengeMethod.Sha256, verifier);
Assert.Equal(expectedChallenge, actualChallenge);
}