public async Task GivenDirectoryEntry_WhenRoundTrip_Success() { const string issuer = "*****@*****.**"; IdentityClient client = TestApplication.GetIdentityClient(); var documentId = new DocumentId("test/unit-tests-identity/identity1"); var query = new QueryParameter() { Filter = "test/unit-tests-identity", Recursive = false, }; await client.Delete(documentId); var request = new IdentityEntryRequest { DirectoryId = (string)documentId, Issuer = issuer }; bool success = await client.Create(request); success.Should().BeTrue(); IdentityEntry?entry = await client.Get(documentId); entry.Should().NotBeNull(); await client.Delete(documentId); }
public async Task Create(string directoryId, string issuer, CancellationToken token) { var request = new IdentityEntryRequest { DirectoryId = directoryId, Issuer = issuer, }; bool success = await _identityClient.Create(request, token); if (!success) { _logger.LogError($"Failed to create identity entry for directoryId={directoryId}"); return; } _logger.LogInformation($"Created identity entry for directoryId={directoryId}"); }
private async Task CreateIdentity(DirectoryEntry entry, CancellationToken token) { string?email = entry.GetEmail(); string?identityId = entry.GetSigningCredentials(); if (email == null && identityId == null) { return; } if (!(email != null && identityId != null)) { _logger.LogError($"Directory Id {entry.DirectoryId} must specify both {PropertyName.Email} and {PropertyName.SigningCredentials} properties"); return; } var identityEntryRequest = new IdentityEntryRequest { DirectoryId = identityId, Issuer = email, }; await _identityClient.Create(identityEntryRequest, token); }
public async Task GivenIdentityEntry_WhenSigned_WillVerify() { const string issuer = "*****@*****.**"; IdentityClient client = TestApplication.GetIdentityClient(); SigningClient signClient = TestApplication.GetSigningClient(); var documentId = new DocumentId("identity:test/unit-tests-identity/identity1"); var query = new QueryParameter() { Filter = "test/unit-tests-identity", Recursive = false, }; IReadOnlyList <DatalakePathItem> search = (await client.Search(query).ReadNext()).Records; bool isInsearch = search.Any(x => x.Name == documentId.Path); bool deleted = await client.Delete(documentId); (isInsearch == deleted).Should().BeTrue(); var request = new IdentityEntryRequest { DirectoryId = (string)documentId, Issuer = issuer }; bool success = await client.Create(request); success.Should().BeTrue(); var signRequest = new SignRequest { PrincipleDigests = new[] { new PrincipleDigest { PrincipleId = (string)documentId, Digest = Guid.NewGuid().ToString() } } }; SignRequestResponse signedJwt = await signClient.Sign(signRequest); signedJwt.Should().NotBeNull(); (signedJwt.Errors == null || signedJwt.Errors.Count == 0).Should().BeTrue(); signedJwt.PrincipleDigests.Count.Should().Be(1); var validateRequest = new ValidateRequest { PrincipleDigests = new[] { new PrincipleDigest { PrincipleId = (string)documentId, Digest = signRequest.PrincipleDigests[0].Digest, JwtSignature = signedJwt.PrincipleDigests.First().JwtSignature, } } }; bool jwtValidated = await signClient.Validate(validateRequest); jwtValidated.Should().BeTrue(); await client.Delete(documentId); search = (await client.Search(query).ReadNext()).Records; search.Any(x => x.Name == (string)documentId).Should().BeFalse(); }