protected override void ValidateLifetime(DateTime?notBefore, DateTime?expires, SecurityToken jwt, TokenValidationParameters validationParameters) { DerivedJwtSecurityToken derivedJwt = jwt as DerivedJwtSecurityToken; Assert.IsNotNull(derivedJwt); ValidateLifetimeCalled = true; base.ValidateLifetime(notBefore, expires, jwt, validationParameters); }
protected override string ValidateIssuer(string issuer, SecurityToken jwt, TokenValidationParameters validationParameters) { DerivedJwtSecurityToken derivedJwt = jwt as DerivedJwtSecurityToken; Assert.IsNotNull(derivedJwt); ValidateIssuerCalled = true; return(base.ValidateIssuer(issuer, jwt, validationParameters)); }
protected override void ValidateIssuerSecurityKey(SecurityKey securityKey, SecurityToken securityToken, TokenValidationParameters validationParameters) { DerivedJwtSecurityToken derivedJwt = securityToken as DerivedJwtSecurityToken; Assert.IsNotNull(derivedJwt); ValidateIssuerSigningKeyCalled = true; base.ValidateIssuerSecurityKey(securityKey, securityToken, validationParameters); }
protected override void ValidateAudience(IEnumerable <string> audiences, SecurityToken jwt, TokenValidationParameters validationParameters) { DerivedJwtSecurityToken derivedJwt = jwt as DerivedJwtSecurityToken; Assert.IsNotNull(derivedJwt); ValidateAudienceCalled = true; base.ValidateAudience(audiences, jwt, validationParameters); }
protected override JwtSecurityToken ValidateSignature(string securityToken, TokenValidationParameters validationParameters) { Jwt = base.ValidateSignature(securityToken, validationParameters); DerivedJwtSecurityToken derivedJwt = Jwt as DerivedJwtSecurityToken; Assert.IsNotNull(derivedJwt); ValidateSignatureCalled = true; return(Jwt); }
public void JwtSecurityTokenHandler_Extensibility() { DerivedJwtSecurityTokenHandler handler = new DerivedJwtSecurityTokenHandler() { DerivedTokenType = typeof(DerivedJwtSecurityToken) }; JwtSecurityToken jwt = new JwtSecurityToken ( issuer: Issuers.GotJwt, audience: Audiences.AuthFactors, claims: ClaimSets.Simple(Issuers.GotJwt, Issuers.GotJwt), signingCredentials: KeyingMaterial.SymmetricSigningCreds_256_Sha2, lifetime: new Lifetime(DateTime.UtcNow, DateTime.UtcNow + TimeSpan.FromHours(10)) ); string encodedJwt = handler.WriteToken(jwt); JwtSecurityToken jwtReadAsDerived = handler.ReadToken(DerivedJwtSecurityToken.Prefix + encodedJwt) as JwtSecurityToken; DerivedJwtSecurityToken jwtDerivedNotValidated = jwtReadAsDerived as DerivedJwtSecurityToken; TokenValidationParameters tvp = new TokenValidationParameters() { SigningToken = KeyingMaterial.BinarySecretToken_256, AudienceUriMode = Selectors.AudienceUriMode.Never, ValidIssuer = Issuers.GotJwt, }; ValidateDerived(jwtReadAsDerived, null, handler, tvp, ExpectedException.Null); ValidateDerived(null, DerivedJwtSecurityToken.Prefix + encodedJwt, handler, tvp, ExpectedException.Null); handler.Configuration = new SecurityTokenHandlerConfiguration() { IssuerTokenResolver = new SetReturnSecurityTokenResolver(KeyingMaterial.BinarySecretToken_256, KeyingMaterial.SymmetricSecurityKey_256), SaveBootstrapContext = true, CertificateValidator = AlwaysSucceedCertificateValidator.New, IssuerNameRegistry = new SetNameIssuerNameRegistry(Audiences.AuthFactors), AudienceRestriction = new AudienceRestriction(AudienceUriMode.Always), }; handler.Configuration.AudienceRestriction.AllowedAudienceUris.Add(new Uri(Audiences.AuthFactors)); ValidateDerived(null, DerivedJwtSecurityToken.Prefix + encodedJwt, handler, null, ExpectedException.Null); ValidateDerived(handler.ReadToken(DerivedJwtSecurityToken.Prefix + encodedJwt) as JwtSecurityToken, null, handler, null, ExpectedException.Null); handler.DerivedTokenType = typeof(JwtSecurityToken); JwtSecurityToken jwtRead = handler.ReadToken(encodedJwt) as JwtSecurityToken; ValidateDerived(jwtRead, null, handler, tvp, ExpectedException.Null); ValidateDerived(null, encodedJwt, handler, tvp, ExpectedException.Null); ValidateDerived(null, encodedJwt, handler, null, ExpectedException.Null); ValidateDerived(jwtRead as JwtSecurityToken, null, handler, null, ExpectedException.Null); }
private void ValidateDerived(JwtSecurityToken jwt, string encodedJwt, DerivedJwtSecurityTokenHandler derivedHandler, TokenValidationParameters tvp, ExpectedException ee) { try { if (tvp != null) { if (jwt != null) { derivedHandler.ValidateToken(jwt, tvp); } else { derivedHandler.ValidateToken(encodedJwt, tvp); } } else { if (jwt != null) { derivedHandler.ValidateToken(jwt); } else { derivedHandler.ValidateToken(encodedJwt); } } DerivedJwtSecurityToken jwtDerived = jwt as DerivedJwtSecurityToken; if (jwtDerived == null && jwt != null) { Assert.IsFalse(derivedHandler.DerivedTokenType == typeof(DerivedJwtSecurityToken), "Expected DerivedJwtSecurityToken type, got: " + jwt.GetType()); } else if (jwtDerived != null) { Assert.IsFalse(!jwtDerived.ValidateAudienceCalled, "!jwtDerived.ValidateAudienceCalled"); Assert.IsFalse(!jwtDerived.ValidateIssuerCalled, "!jwtDerived.ValidateAudienceCalled"); Assert.IsFalse(!jwtDerived.ValidateLifetimeCalled, "!jwtDerived.ValidateLifetimeCalled"); Assert.IsFalse(!jwtDerived.ValidateSignatureCalled, "!jwtDerived.ValidateSignatureCalled"); Assert.IsFalse(!jwtDerived.ValidateSigningTokenCalled, "!jwtDerived.ValidateSigningTokenCalled"); } ExpectedException.ProcessNoException(ee); } catch (Exception ex) { ExpectedException.ProcessException(ee, ex); } }
protected override void ValidateSigningToken(JwtSecurityToken jwt) { DerivedJwtSecurityToken derivedJwt = jwt as DerivedJwtSecurityToken; if (derivedJwt != null) { derivedJwt.ValidateSigningTokenCalled = true; } Assert.IsFalse(jwt.GetType() != DerivedTokenType, "jwt.GetType() != DerivedTokenType, types:" + jwt.GetType() + ", " + DerivedTokenType.ToString()); base.ValidateSigningToken(jwt); }
protected override void ValidateSignature(JwtSecurityToken jwt, byte[] encodedBytes, byte[] signatureBytes, IEnumerable <SecurityToken> signingTokens) { DerivedJwtSecurityToken derivedJwt = jwt as DerivedJwtSecurityToken; if (derivedJwt != null) { derivedJwt.ValidateSignatureCalled = true; } Assert.IsFalse(jwt.GetType() != DerivedTokenType, "jwt.GetType() != DerivedTokenType, types:" + jwt.GetType() + ", " + DerivedTokenType.ToString()); base.ValidateSignature(jwt, encodedBytes, signatureBytes, signingTokens); }
protected override string ValidateIssuer(JwtSecurityToken jwt, TokenValidationParameters validationParameters) { DerivedJwtSecurityToken derivedJwt = jwt as DerivedJwtSecurityToken; if (derivedJwt != null) { derivedJwt.ValidateIssuerCalled = true; } Assert.IsFalse(jwt.GetType() != DerivedTokenType, "jwt.GetType() != DerivedTokenType, types:" + jwt.GetType() + ", " + DerivedTokenType.ToString()); return(base.ValidateIssuer(jwt, validationParameters)); }
protected override void ValidateAudience(JwtSecurityToken jwt, TokenValidationParameters validationParameters) { DerivedJwtSecurityToken derivedJwt = jwt as DerivedJwtSecurityToken; if (derivedJwt != null) { derivedJwt.ValidateAudienceCalled = true; } Assert.IsFalse(jwt.GetType() != DerivedTokenType, "jwt.GetType() != DerivedTokenType, types:" + jwt.GetType() + ", " + DerivedTokenType.ToString()); base.ValidateAudience(jwt, validationParameters); }