public async Task ShouldNot_ConfirmUserIsAuthorized_InvalidToken() { var client = _factory.CreateClient(); IJwtManager jwtManager = new InMemoryJwtManager(_configuration); JwtSecurityToken token = await jwtManager.GenerateJwtAsync("*****@*****.**", new List <Claim>()); token.Payload["exp"] = DateTimeOffset.Now.ToUnixTimeSeconds(); JwtSecurityTokenHandler handler = new JwtSecurityTokenHandler(); string testToken = handler.WriteToken(token); client.DefaultRequestHeaders.Add("Authorization", "Bearer " + testToken); // get antiforgery token var aftResponse = await client.GetAsync("api/account/getCSRFToken"); var tokenData = JsonConvert.DeserializeAnonymousType(aftResponse.Content.ReadAsStringAsync().Result, new { Token = "", TokenName = "" }); client.DefaultRequestHeaders.Add(tokenData.TokenName, tokenData.Token); var response = await client.GetAsync("/api/account/isAuth"); string content = await response.Content.ReadAsStringAsync(); Assert.Equal("false", content); }
public async void Should_CreateJwtToken() { IJwtManager jwtManager = new InMemoryJwtManager(_configuration); JwtSecurityToken token = await jwtManager.GenerateJwtAsync("*****@*****.**", new List <Claim>()); if (token != null) { Assert.Equal("*****@*****.**", token.Subject); } else { Assert.True(false); } }