public void DifferentAlgorithmsProduceDifferentTokens()
{
var serializer = new JwtSerializer(JwtHashAlgorithm.HMACSHA512, 1, SALT);
var payload = new Dictionary <string, string>()
{
{ "test", "test" }
};
var jwt512 = serializer.Serialize(payload);
serializer.Algorithm = JwtHashAlgorithm.HMACSHA256;
var jwt256 = serializer.Serialize(payload);
Assert.NotEqual(jwt512, jwt256);
}
public void DifferentPayloadsProduceDifferentTokens()
{
var serializer = new JwtSerializer(JwtHashAlgorithm.HMACSHA512, 1, SALT);
var payload = new Dictionary <string, string>()
{
{ "test", "test" }
};
var jwt1 = serializer.Serialize(payload);
payload.Add("test2", "test2");
var jwt2 = serializer.Serialize(payload);
Assert.NotEqual(jwt1, jwt2);
}
public void HMACSHA512_2Iterations()
{
var serializer = new JwtSerializer(JwtHashAlgorithm.HMACSHA512, 2, SALT);
var payload = new Dictionary <string, string>()
{
{ "test", "test" }
};
var jwt = serializer.Serialize(payload);
payload = serializer.Deserialize(jwt);
Assert.True(payload.ContainsKey("test"));
Assert.Equal("test", payload["test"]);
}
public void TamperingCausesTamperingException()
{
var serializer = new JwtSerializer(JwtHashAlgorithm.HMACSHA512, 2, SALT);
var payload = new Dictionary <string, string>()
{
{ "test", "test" }
};
var jwt = serializer.Serialize(payload);
jwt = jwt + "test";
var e = Assert.Throws <TamperingException>(() => serializer.Deserialize(jwt));
Assert.Equal("JWT shows signs of tampering.", e.Message);
}
