public async Task Thumbprint_missing_cert_should_throw() { ISecretValidator validator = new X509ThumbprintSecretValidator(new Logger <X509ThumbprintSecretValidator>(new LoggerFactory())); var clientId = "mtls_client_invalid"; var client = await _clients.FindEnabledClientByIdAsync(clientId); var secret = new ParsedSecret { Id = clientId, Credential = "secret", Type = IdentityServerConstants.ParsedSecretTypes.X509Certificate }; Func <Task> act = async() => await validator.ValidateAsync(client.ClientSecrets, secret); act.Should().Throw <InvalidOperationException>(); }
public async Task Thumbprint_valid_secret_should_match() { ISecretValidator validator = new X509ThumbprintSecretValidator(new Logger <X509ThumbprintSecretValidator>(new LoggerFactory())); var clientId = "mtls_client_valid"; var client = await _clients.FindEnabledClientByIdAsync(clientId); var secret = new ParsedSecret { Id = clientId, Credential = TestCert.Load(), Type = IdentityServerConstants.ParsedSecretTypes.X509Certificate }; var result = await validator.ValidateAsync(client.ClientSecrets, secret); result.Success.Should().BeTrue(); }
public async Task Thumbprint_invalid_secret_type_should_not_match() { ISecretValidator validator = new X509ThumbprintSecretValidator(new Logger <X509ThumbprintSecretValidator>(new LoggerFactory())); var clientId = "mtls_client_invalid"; var client = await _clients.FindEnabledClientByIdAsync(clientId); var secret = new ParsedSecret { Id = clientId, Credential = "secret", Type = IdentityServerConstants.ParsedSecretTypes.SharedSecret }; var result = await validator.ValidateAsync(client.ClientSecrets, secret); result.Success.Should().BeFalse(); }