public async Task Valid_JWT_Token()
{
var signer = new DefaultTokenSigningService(TestIdentityServerOptions.Create());
var jwt = await signer.SignTokenAsync(TokenFactory.CreateAccessToken("roclient", "valid", 600, "read", "write"));
var validator = Factory.CreateTokenValidator(null);
var result = await validator.ValidateAccessTokenAsync(jwt);
Assert.IsFalse(result.IsError);
}
public async Task Valid_IdentityToken_SymmetricKeyType()
{
var signer = new DefaultTokenSigningService(TestIdentityServerOptions.Create());
var jwt = await signer.SignTokenAsync(TokenFactory.CreateIdentityToken("roclient_symmetric", "valid"));
var validator = Factory.CreateTokenValidator();
var result = await validator.ValidateIdentityTokenAsync(jwt, "roclient_symmetric");
Assert.IsFalse(result.IsError);
}
public async Task Valid_IdentityToken_no_ClientId_supplied()
{
var signer = new DefaultTokenSigningService(TestIdentityServerOptions.Create());
var jwt = await signer.SignTokenAsync(TokenFactory.CreateIdentityToken("roclient", "valid"));
var validator = Factory.CreateTokenValidator();
var result = await validator.ValidateIdentityTokenAsync(jwt);
result.IsError.Should().BeFalse();
}
public async Task IdentityToken_InvalidClientId()
{
var signer = new DefaultTokenSigningService(TestIdentityServerOptions.Create());
var jwt = await signer.SignTokenAsync(TokenFactory.CreateIdentityToken("roclient", "valid"));
var validator = Factory.CreateTokenValidator();
var result = await validator.ValidateIdentityTokenAsync(jwt, "invalid");
Assert.IsTrue(result.IsError);
Assert.AreEqual(Constants.ProtectedResourceErrors.InvalidToken, result.Error);
}
public async Task IdentityToken_Too_Long()
{
var signer = new DefaultTokenSigningService(TestIdentityServerOptions.Create());
var jwt = await signer.SignTokenAsync(TokenFactory.CreateIdentityTokenLong("roclient", "valid", 1000));
var validator = Factory.CreateTokenValidator();
var result = await validator.ValidateIdentityTokenAsync(jwt, "roclient");
result.IsError.Should().BeTrue();
result.Error.Should().Be(Constants.ProtectedResourceErrors.InvalidToken);
}
public async Task JWT_Token_Too_Long()
{
var signer = new DefaultTokenSigningService(TestIdentityServerOptions.Create());
var jwt = await signer.SignTokenAsync(TokenFactory.CreateAccessTokenLong(new Client {
ClientId = "roclient"
}, "valid", 600, 1000, "read", "write"));
var validator = Factory.CreateTokenValidator(null);
var result = await validator.ValidateAccessTokenAsync(jwt);
result.IsError.Should().BeTrue();
result.Error.Should().Be(Constants.ProtectedResourceErrors.InvalidToken);
}
public async Task JWT_Token_invalid_Audience()
{
var signer = new DefaultTokenSigningService(TestIdentityServerOptions.Create());
var token = TokenFactory.CreateAccessToken("roclient", "valid", 600, "read", "write");
token.Audience = "invalid";
var jwt = await signer.SignTokenAsync(token);
var validator = Factory.CreateTokenValidator(null);
var result = await validator.ValidateAccessTokenAsync(jwt);
Assert.IsTrue(result.IsError);
Assert.AreEqual(Constants.ProtectedResourceErrors.InvalidToken, result.Error);
}
public static ComoRequestValidator CreateComoRequestValidator(IRequestValidatorHelper requestValidatorHelper, IdentityServerOptions options = null, ITokenSigningService signingService = null)
{
if (options == null)
{
options = TestIdentityServerOptions.Create();
}
if (signingService == null)
{
signingService = new DefaultTokenSigningService(options);
}
if (requestValidatorHelper == null)
{
requestValidatorHelper = new Mock <IRequestValidatorHelper>().Object;
}
return(new ComoRequestValidator(requestValidatorHelper, options, signingService));
}
public async Task JWT_Token_invalid_Audience()
{
var signer = new DefaultTokenSigningService(TestIdentityServerOptions.Create());
var token = TokenFactory.CreateAccessToken("roclient", "valid", 600, "read", "write");
token.Audience = "invalid";
var jwt = await signer.SignTokenAsync(token);
var validator = Factory.CreateTokenValidator(null);
var result = await validator.ValidateAccessTokenAsync(jwt);
result.IsError.Should().BeTrue();
result.Error.Should().Be(Constants.ProtectedResourceErrors.InvalidToken);
}
public async Task Valid_JWT_Token()
{
var signer = new DefaultTokenSigningService(TestIdentityServerOptions.Create());
var jwt = await signer.SignTokenAsync(TokenFactory.CreateAccessToken("roclient", "valid", 600, "read", "write"));
var validator = Factory.CreateTokenValidator(null);
var result = await validator.ValidateAccessTokenAsync(jwt);
result.IsError.Should().BeFalse();
}
