public async Task ShouldNot_ConfirmUserIsAuthorized_InvalidToken()
{
var client = _factory.CreateClient();
IJwtManager jwtManager = new InMemoryJwtManager(_configuration);
JwtSecurityToken token = await jwtManager.GenerateJwtAsync("*****@*****.**", new List <Claim>());
token.Payload["exp"] = DateTimeOffset.Now.ToUnixTimeSeconds();
JwtSecurityTokenHandler handler = new JwtSecurityTokenHandler();
string testToken = handler.WriteToken(token);
client.DefaultRequestHeaders.Add("Authorization", "Bearer " + testToken);
// get antiforgery token
var aftResponse = await client.GetAsync("api/account/getCSRFToken");
var tokenData = JsonConvert.DeserializeAnonymousType(aftResponse.Content.ReadAsStringAsync().Result, new { Token = "", TokenName = "" });
client.DefaultRequestHeaders.Add(tokenData.TokenName, tokenData.Token);
var response = await client.GetAsync("/api/account/isAuth");
string content = await response.Content.ReadAsStringAsync();
Assert.Equal("false", content);
}
public async void Should_CreateJwtToken()
{
IJwtManager jwtManager = new InMemoryJwtManager(_configuration);
JwtSecurityToken token = await jwtManager.GenerateJwtAsync("*****@*****.**", new List <Claim>());
if (token != null)
{
Assert.Equal("*****@*****.**", token.Subject);
}
else
{
Assert.True(false);
}
}
