public async Task When_JsonWebKey_Doesnt_Exist_Then_Exception_Is_Thrown()
{
// ARRANGE
InitializeFakeObjects();
const string url = "http://google.be/";
const string kid = "kid";
var getJwsParameter = new GetJwsParameter
{
Url = url,
Jws = "jws"
};
var jwsProtectedHeader = new JwsProtectedHeader
{
Kid = kid,
Alg = Constants.JwsAlgNames.RS256
};
_jwsParserStub.Setup(j => j.GetHeader(It.IsAny <string>()))
.Returns(jwsProtectedHeader);
_jsonWebKeyHelperStub.Setup(h => h.GetJsonWebKey(It.IsAny <string>(), It.IsAny <Uri>()))
.Returns(Task.FromResult <JsonWebKey>(null));
// ACT & ASSERTS
var innerException = await Assert.ThrowsAsync <IdentityServerManagerException>(async() => await _getJwsInformationAction.Execute(getJwsParameter)).ConfigureAwait(false);
Assert.True(innerException.Code == ErrorCodes.InvalidRequestCode);
Assert.True(innerException.Message == string.Format(ErrorDescriptions.TheJsonWebKeyCannotBeFound, kid, url));
}
public async Task When_Extracting_Information_Of_Unsigned_Jws_Then_Information_Are_Returned()
{
// ARRANGE
InitializeFakeObjects();
var getJwsParameter = new GetJwsParameter
{
Jws = "jws"
};
var jwsProtectedHeader = new JwsProtectedHeader
{
Kid = "kid",
Alg = Constants.JwsAlgNames.NONE
};
var jwsPayload = new JwsPayload();
_jwsParserStub.Setup(j => j.GetHeader(It.IsAny <string>()))
.Returns(jwsProtectedHeader);
_jwsParserStub.Setup(j => j.GetPayload(It.IsAny <string>()))
.Returns(jwsPayload);
// ACT
var result = await _getJwsInformationAction.Execute(getJwsParameter);
// ASSERTS
Assert.NotNull(result);
}
public Task <JwsInformationResult> GetJwsInformation(GetJwsParameter getJwsParameter)
{
if (getJwsParameter == null || string.IsNullOrWhiteSpace(getJwsParameter.Jws))
{
throw new ArgumentNullException(nameof(getJwsParameter));
}
return(_getJwsInformationAction.Execute(getJwsParameter));
}
public void When_Passing_Null_Parameter_Then_Exception_Is_Thrown()
{
// ARRANGE
InitializeFakeObjects();
var getJwsParameter = new GetJwsParameter();
// ACTS & ASSERTS
Assert.ThrowsAsync <AggregateException>(() => _getJwsInformationAction.Execute(null)).ConfigureAwait(false);
Assert.ThrowsAsync <AggregateException>(() => _getJwsInformationAction.Execute(getJwsParameter)).ConfigureAwait(false);
}
public void When_Passing_Null_Parameter_To_GetJwsInformation_Then_Exception_Is_Thrown()
{
// ARRANGE
InitializeFakeObjects();
var getJwsParameter = new GetJwsParameter();
// ACTS & ASSERTS
Assert.ThrowsAsync <ArgumentNullException>(() => _jwsActions.GetJwsInformation(null));
Assert.ThrowsAsync <ArgumentNullException>(() => _jwsActions.GetJwsInformation(getJwsParameter));
}
public void When_Executing_GetJwsInformation_Then_Operation_Is_Called()
{
// ARRANGE
InitializeFakeObjects();
var getJwsParameter = new GetJwsParameter
{
Jws = "jws"
};
// ACT
_jwsActions.GetJwsInformation(getJwsParameter).Wait();
// ASSERT
_getJwsInformationActionStub.Verify(g => g.Execute(getJwsParameter));
}
public async Task When_JsonWebKey_Is_Extracted_And_The_Jws_Is_Unsigned_Then_Information_Are_Returned()
{
// ARRANGE
InitializeFakeObjects();
const string url = "http://google.be/";
const string kid = "kid";
var getJwsParameter = new GetJwsParameter
{
Url = url,
Jws = "jws"
};
var jsonWebKeySet = new JsonWebKeySet();
var json = jsonWebKeySet.SerializeWithJavascript();
var jwsProtectedHeader = new JwsProtectedHeader
{
Kid = kid
};
var jsonWebKey = new JsonWebKey
{
Kid = kid
};
var dic = new Dictionary <string, object>
{
{
"kid", kid
}
};
var jwsPayload = new JwsPayload();
_jwsParserStub.Setup(j => j.GetHeader(It.IsAny <string>()))
.Returns(jwsProtectedHeader);
_jsonWebKeyHelperStub.Setup(h => h.GetJsonWebKey(It.IsAny <string>(), It.IsAny <Uri>()))
.Returns(Task.FromResult(jsonWebKey));
_jwsParserStub.Setup(j => j.ValidateSignature(It.IsAny <string>(), It.IsAny <JsonWebKey>()))
.Returns(jwsPayload);
_jsonWebKeyEnricherStub.Setup(j => j.GetJsonWebKeyInformation(It.IsAny <JsonWebKey>()))
.Returns(dic);
_jsonWebKeyEnricherStub.Setup(j => j.GetPublicKeyInformation(It.IsAny <JsonWebKey>()))
.Returns(() => new Dictionary <string, object>());
// ACT
var result = await _getJwsInformationAction.Execute(getJwsParameter);
// ASSERTS
Assert.NotNull(result);
Assert.True(result.JsonWebKey.ContainsKey("kid"));
Assert.True(result.JsonWebKey.First().Value == kid);
}
public async Task When_Passing_Not_Well_Formed_Url_Then_Exception_Is_Thrown()
{
// ARRANGE
InitializeFakeObjects();
const string url = "not_well_formed";
var getJwsParameter = new GetJwsParameter
{
Url = url,
Jws = "jws"
};
// ACTS & ASSERTS
var innerException = await Assert.ThrowsAsync <IdentityServerManagerException>(async() => await _getJwsInformationAction.Execute(getJwsParameter)).ConfigureAwait(false);
Assert.NotNull(innerException);
Assert.True(innerException.Code == ErrorCodes.InvalidRequestCode);
Assert.True(innerException.Message == string.Format(ErrorDescriptions.TheUrlIsNotWellFormed, url));
}
public async Task When_Passing_A_Not_Valid_Jws_Then_Exception_Is_Thrown()
{
// ARRANGE
InitializeFakeObjects();
var getJwsParameter = new GetJwsParameter
{
Url = "http://google.be",
Jws = "jws"
};
_jwsParserStub.Setup(j => j.GetHeader(It.IsAny <string>()))
.Returns(() => null);
// ACT & ASSERTS
var innerException = await Assert.ThrowsAsync <IdentityServerManagerException>(async() => await _getJwsInformationAction.Execute(getJwsParameter)).ConfigureAwait(false);
Assert.NotNull(innerException);
Assert.True(innerException.Code == ErrorCodes.InvalidRequestCode);
Assert.True(innerException.Message == ErrorDescriptions.TheTokenIsNotAValidJws);
}
public async Task When_No_Uri_And_Sign_Alg_Are_Specified_Then_Exception_Is_Thrown()
{
// ARRANGE
InitializeFakeObjects();
var getJwsParameter = new GetJwsParameter
{
Jws = "jws"
};
var jwsProtectedHeader = new JwsProtectedHeader
{
Kid = "kid",
Alg = Constants.JwsAlgNames.RS256
};
_jwsParserStub.Setup(j => j.GetHeader(It.IsAny <string>()))
.Returns(jwsProtectedHeader);
// ACT & ASSERTS
var innerException = await Assert.ThrowsAsync <IdentityServerManagerException>(async() => await _getJwsInformationAction.Execute(getJwsParameter)).ConfigureAwait(false);
Assert.NotNull(innerException);
Assert.True(innerException.Code == ErrorCodes.InvalidRequestCode);
Assert.True(innerException.Message == ErrorDescriptions.TheSignatureCannotBeChecked);
}
public async Task When_The_Signature_Is_Not_Valid_Then_Exception_Is_Thrown()
{
// ARRANGE
InitializeFakeObjects();
const string url = "http://google.be/";
const string kid = "kid";
var getJwsParameter = new GetJwsParameter
{
Url = url,
Jws = "jws"
};
var jsonWebKeySet = new JsonWebKeySet();
var json = jsonWebKeySet.SerializeWithJavascript();
var jwsProtectedHeader = new JwsProtectedHeader
{
Kid = kid
};
var jsonWebKey = new JsonWebKey
{
Kid = kid
};
_jwsParserStub.Setup(j => j.GetHeader(It.IsAny <string>()))
.Returns(jwsProtectedHeader);
_jsonWebKeyHelperStub.Setup(h => h.GetJsonWebKey(It.IsAny <string>(), It.IsAny <Uri>()))
.Returns(Task.FromResult(jsonWebKey));
_jwsParserStub.Setup(j => j.ValidateSignature(It.IsAny <string>(), It.IsAny <JsonWebKey>()))
.Returns(() => null);
// ACT & ASSERTS
var innerException = await Assert.ThrowsAsync <IdentityServerManagerException>(async() => await _getJwsInformationAction.Execute(getJwsParameter)).ConfigureAwait(false);
Assert.NotNull(innerException);
Assert.True(innerException.Code == ErrorCodes.InvalidRequestCode);
Assert.True(innerException.Message == ErrorDescriptions.TheSignatureIsNotCorrect);
}
public async Task <JwsInformationResult> Execute(GetJwsParameter getJwsParameter)
{
if (getJwsParameter == null || string.IsNullOrWhiteSpace(getJwsParameter.Jws))
{
throw new ArgumentNullException(nameof(getJwsParameter));
}
Uri uri = null;
if (!string.IsNullOrWhiteSpace(getJwsParameter.Url))
{
if (!Uri.TryCreate(getJwsParameter.Url, UriKind.Absolute, out uri))
{
throw new IdentityServerManagerException(
ErrorCodes.InvalidRequestCode,
string.Format(ErrorDescriptions.TheUrlIsNotWellFormed, getJwsParameter.Url));
}
}
var jws = getJwsParameter.Jws;
var jwsHeader = _jwsParser.GetHeader(jws);
if (jwsHeader == null)
{
throw new IdentityServerManagerException(
ErrorCodes.InvalidRequestCode,
ErrorDescriptions.TheTokenIsNotAValidJws);
}
if (!string.Equals(jwsHeader.Alg, Constants.JwsAlgNames.NONE, StringComparison.CurrentCultureIgnoreCase) &&
uri == null)
{
throw new IdentityServerManagerException(
ErrorCodes.InvalidRequestCode,
ErrorDescriptions.TheSignatureCannotBeChecked);
}
var result = new JwsInformationResult
{
Header = jwsHeader
};
JwsPayload payload = null;
if (!string.Equals(jwsHeader.Alg, Constants.JwsAlgNames.NONE, StringComparison.CurrentCultureIgnoreCase))
{
var jsonWebKey = await _jsonWebKeyHelper.GetJsonWebKey(jwsHeader.Kid, uri).ConfigureAwait(false);
if (jsonWebKey == null)
{
throw new IdentityServerManagerException(
ErrorCodes.InvalidRequestCode,
string.Format(ErrorDescriptions.TheJsonWebKeyCannotBeFound, jwsHeader.Kid, uri.AbsoluteUri));
}
payload = _jwsParser.ValidateSignature(jws, jsonWebKey);
if (payload == null)
{
throw new IdentityServerManagerException(
ErrorCodes.InvalidRequestCode,
ErrorDescriptions.TheSignatureIsNotCorrect);
}
var jsonWebKeyDic = _jsonWebKeyEnricher.GetJsonWebKeyInformation(jsonWebKey);
jsonWebKeyDic.AddRange(_jsonWebKeyEnricher.GetPublicKeyInformation(jsonWebKey));
result.JsonWebKey = jsonWebKeyDic;
}
else
{
payload = _jwsParser.GetPayload(jws);
}
result.Payload = payload;
return(result);
}
