Example #1
0
        public void Validate_Throws_WhenTokenEmpty(string testToken)
        {
            var validator = new CbsTokenValidator("name", "key");

            Action action = () => validator.Validate(testToken);

            ArgumentException ex = action.ShouldThrow <ArgumentException>();

            ex.ParamName.ShouldBe("token");
            ex.Message.ShouldStartWith(SR.Format(SR.SbCbsTokenEmpty));
        }
Example #2
0
        public void Validate_Throws_WhenTokenDoesNotStartWithSharedAccessSignature()
        {
            const string testToken = "Bearer 1234";
            var          validator = new CbsTokenValidator("name", "key");

            Action action = () => validator.Validate(testToken);

            ArgumentException ex = action.ShouldThrow <ArgumentException>();

            ex.ParamName.ShouldBe("token");
            ex.Message.ShouldStartWith(SR.Format(SR.SbCbsTokenNoSas, "SharedAccessSignature"));
        }
Example #3
0
        public void Validate_Throws_WhenTokenDoesNotContainValidKeyName()
        {
            const string testToken = "SharedAccessSignature sr=localhost&se=1&skn=meme&sig=fcfcb";
            var          validator = new CbsTokenValidator("mee", "1234");

            Action action = () => validator.Validate(testToken);

            ArgumentException ex = action.ShouldThrow <ArgumentException>();

            ex.ParamName.ShouldBe("token");
            ex.Message.ShouldStartWith(SR.Format(SR.SbCbsTokenNameInvalid, "skn=meme"));
        }
Example #4
0
        public void Validate_Throws_WhenTokenDoesNotContainSignature()
        {
            const string testToken = "SharedAccessSignature sr=b&se=1&skn=2&c=3&d";
            var          validator = new CbsTokenValidator("name", "key");

            Action action = () => validator.Validate(testToken);

            ArgumentException ex = action.ShouldThrow <ArgumentException>();

            ex.ParamName.ShouldBe("token");
            ex.Message.ShouldStartWith(SR.Format(SR.SbCbsTokenNoSignature, "sig="));
        }
Example #5
0
        public void Validate_DoesNotThrow_WhenTokenValid(string testName, string testKey, int testExpiresOn, string testResource)
        {
            var resource  = HttpUtility.UrlEncode(testResource);
            var hmac      = new HMACSHA256(Encoding.UTF8.GetBytes(testKey));
            var signature = Convert.ToBase64String(hmac.ComputeHash(Encoding.UTF8.GetBytes($"{resource}\n{testExpiresOn}")));
            var testToken = $"SharedAccessSignature sr={resource}&se={testExpiresOn}&skn={testName}&sig={HttpUtility.UrlEncode(signature)}";

            var validator = new CbsTokenValidator(testName, testKey);

            Action action = () => validator.Validate(testToken);

            action.ShouldNotThrow();
        }
Example #6
0
        public void Validate_Throws_WhenTokenDoesNotContainValidSignature()
        {
            const string expiresOn = "1528479";
            const string key       = "7ysh4jfk69gdi8rj";
            const string name      = "007";
            var          resource  = HttpUtility.UrlEncode("http://path.io/resource/2?a=b&c=d");
            var          testToken = $"SharedAccessSignature sr={resource}&se={expiresOn}&skn={name}&sig=fcfcb";
            var          validator = new CbsTokenValidator(name, key);

            Action action = () => validator.Validate(testToken);

            ArgumentException ex = action.ShouldThrow <ArgumentException>();

            ex.ParamName.ShouldBe("token");
            ex.Message.ShouldStartWith(SR.Format(SR.SbCbsTokenSignatureInvalid, "sig=fcfcb"));
        }