public void round_trip_query_should_validate() { Signature signature = new HS256Signature(_symmetricKey); var payload = new EncodingParameters("token"); payload.QueryParameters.Add(new KeyValuePair <string, string>("x", "1")); payload.QueryParameters.Add(new KeyValuePair <string, string>("y", "2")); var token = signature.Sign(payload); var cnfJson = new Cnf( new JsonWebKey { Kty = "oct", Alg = "HS256", K = Base64Url.Encode(_symmetricKey) }).ToJson(); var jwk = CnfParser.Parse(cnfJson); var key = jwk.ToPublicKey(); signature = key.ToSignature(); var result = signature.Verify(token); result.Should().NotBeNull(); payload.Encode().IsSame(result).Should().BeTrue(); }
public void symmetric_signed_result_should_be_able_to_verifed() { var subject = new HS256Signature(_symmetricKey); var encoding = new EncodingParameters("foo"); var token = subject.Sign(encoding); var decoded = subject.Verify(token); decoded.AccessToken.Should().Be("foo"); }
public void alg_mismatch_should_fail_validation() { var hs256 = new HS256Signature(_symmetricKey); var hs384 = new HS384Signature(_symmetricKey); var hs512 = new HS512Signature(_symmetricKey); var rs256 = new RS256Signature(_asymmetricKey); var rs384 = new RS384Signature(_asymmetricKey); var rs512 = new RS512Signature(_asymmetricKey); var encoding = new EncodingParameters("foo"); hs256.Verify(hs384.Sign(encoding)).Should().BeNull(); hs384.Verify(hs512.Sign(encoding)).Should().BeNull(); hs512.Verify(hs256.Sign(encoding)).Should().BeNull(); rs256.Verify(rs512.Sign(encoding)).Should().BeNull(); rs384.Verify(rs256.Sign(encoding)).Should().BeNull(); rs512.Verify(rs384.Sign(encoding)).Should().BeNull(); rs512.Verify(hs512.Sign(encoding)).Should().BeNull(); hs512.Verify(rs512.Sign(encoding)).Should().BeNull(); }