public void DifferentAlgorithmsProduceDifferentTokens() { var serializer = new JwtSerializer(JwtHashAlgorithm.HMACSHA512, 1, SALT); var payload = new Dictionary <string, string>() { { "test", "test" } }; var jwt512 = serializer.Serialize(payload); serializer.Algorithm = JwtHashAlgorithm.HMACSHA256; var jwt256 = serializer.Serialize(payload); Assert.NotEqual(jwt512, jwt256); }
public void DifferentPayloadsProduceDifferentTokens() { var serializer = new JwtSerializer(JwtHashAlgorithm.HMACSHA512, 1, SALT); var payload = new Dictionary <string, string>() { { "test", "test" } }; var jwt1 = serializer.Serialize(payload); payload.Add("test2", "test2"); var jwt2 = serializer.Serialize(payload); Assert.NotEqual(jwt1, jwt2); }
public void HMACSHA512_2Iterations() { var serializer = new JwtSerializer(JwtHashAlgorithm.HMACSHA512, 2, SALT); var payload = new Dictionary <string, string>() { { "test", "test" } }; var jwt = serializer.Serialize(payload); payload = serializer.Deserialize(jwt); Assert.True(payload.ContainsKey("test")); Assert.Equal("test", payload["test"]); }
public void TamperingCausesTamperingException() { var serializer = new JwtSerializer(JwtHashAlgorithm.HMACSHA512, 2, SALT); var payload = new Dictionary <string, string>() { { "test", "test" } }; var jwt = serializer.Serialize(payload); jwt = jwt + "test"; var e = Assert.Throws <TamperingException>(() => serializer.Deserialize(jwt)); Assert.Equal("JWT shows signs of tampering.", e.Message); }