private static void ValidateSwtToken(string tokenString)
{
var configuration = new SecurityTokenHandlerConfiguration();
var validationKey = new InMemorySymmetricSecurityKey(Convert.FromBase64String(signingKey));
// audience validation
configuration.AudienceRestriction.AllowedAudienceUris.Add(new Uri(realm));
// signature & issuer validation
var resolverTable = new Dictionary<string, IList<SecurityKey>>
{
{ issuerUri, new SecurityKey[] { validationKey } }
};
configuration.IssuerTokenResolver = new NamedKeyIssuerTokenResolver(resolverTable);
var handler = new SimpleWebTokenHandler();
handler.Configuration = configuration;
var token = handler.ReadToken(tokenString);
var ids = handler.ValidateToken(token);
"\n\nValidated Claims:".ConsoleYellow();
foreach (var claim in ids.First().Claims)
{
Console.WriteLine("{0}\n {1}\n", claim.Type, claim.Value);
}
}
public void CreateTokenAndParseEncodedMultipleClaims()
{
var handler = new SimpleWebTokenHandler();
byte[] key = GetKey();
var token = this.CreateToken(key);
var tokenString = TokenToString(token);
var signedToken = handler.ReadToken(new XmlTextReader(new StringReader(tokenString)));
handler.Configuration = new SecurityTokenHandlerConfiguration();
var symmetricKey = new InMemorySymmetricSecurityKey(key);
handler.Configuration.AudienceRestriction.AllowedAudienceUris.Add(
new Uri("http://audience"));
var resolverTable = new Dictionary<string, IList<SecurityKey>>
{
{ "http://issuer", new SecurityKey[] { symmetricKey } }
};
handler.Configuration.IssuerTokenResolver = new NamedKeyIssuerTokenResolver(resolverTable);
var ids = handler.ValidateToken(signedToken);
var id = ids.FirstOrDefault();
Assert.IsNotNull(id);
var testClaims = GetClaims();
Assert.IsTrue(id.Claims.Count() == 3);
Assert.IsTrue(id.HasClaim(testClaims[0].Type, testClaims[0].Value));
Assert.IsTrue(id.HasClaim(testClaims[1].Type, testClaims[1].Value));
Assert.IsTrue(id.HasClaim(testClaims[2].Type, testClaims[2].Value));
}
public void CreateTokenAndParseEncodedMultipleClaims()
{
var handler = new SimpleWebTokenHandler();
string key;
var token = this.GetToken(out key);
var tokenString = TokenToString(token);
var signedToken = handler.ReadToken(new XmlTextReader(new StringReader(tokenString)));
handler.Configuration = new SecurityTokenHandlerConfiguration();
var registry = new WebTokenIssuerNameRegistry();
//I think there is currently a bug in this issuer as this really doesn't make sense to me
registry.AddTrustedIssuer("http://www.thinktecture.com", "TestIssuerName");
handler.Configuration.IssuerNameRegistry = registry;
handler.Configuration.AudienceRestriction.AllowedAudienceUris.Add(new Uri("https://www.thinktecture.com/"));
var tokenResolver = new WebTokenIssuerTokenResolver();
tokenResolver.AddSigningKey("http://www.thinktecture.com", key);
handler.Configuration.IssuerTokenResolver = tokenResolver;
var claims = handler.ValidateToken(signedToken);
Assert.IsTrue(claims[0].Claims.Count == 3);
Assert.IsTrue(claims[0].Claims[0].Value == this.Claims()[0].Value);
Assert.IsTrue(claims[0].Claims[1].Value == this.Claims()[1].Value);
Assert.IsTrue(claims[0].Claims[2].Value == this.Claims()[2].Value);
}
