public async Task ValidateAsync_InvalidToken()
{
var authenticationSettings = new AuthenticationSettings
{
Microsoft = new MicrosoftAuthenticationSettings
{
ClientId = ClientId,
},
};
var options = Options.Create(authenticationSettings);
var configuration = new OpenIdConnectConfiguration();
configuration.JsonWebKeySet = new JsonWebKeySet();
configuration.JsonWebKeySet.Keys.Add(jsonWebKey);
using (var http = new HttpClientTestingFactory())
{
var handler = new MicrosoftAssertionGrantHandler(options, http.HttpClient);
var resultTask = handler.ValidateAsync("SomeBadAssertion");
http.Expect(ConfigurationEndpoint).Respond(OpenIdConnectConfiguration.Write(configuration));
var result = await resultTask;
Assert.NotNull(result);
Assert.False(result.IsSuccessful);
http.EnsureNoOutstandingRequests();
}
}
public void EmptyCollectionSerialization()
{
var context = new CompareContext {
Title = "EmptyCollectionSerialization"
};
// Initialize an OpenIdConnectConfiguration object with all collections empty.
var oidcWithEmptyCollections = new OpenIdConnectConfiguration();
var oidcWithEmptyCollectionsJson = OpenIdConnectConfiguration.Write(oidcWithEmptyCollections);
IdentityComparer.AreEqual(oidcWithEmptyCollectionsJson, "{\"JsonWebKeySet\":null,\"SigningKeys\":[]}", context);
TestUtilities.AssertFailIfErrors(context);
}
public void DeserializeOpenIdConnectConfigurationWithSigningKeys()
{
TestUtilities.WriteHeader($"{this}.DeserializeOpenIdConnectConfigurationWithSigningKeys");
var context = new CompareContext();
var config = OpenIdConnectConfiguration.Create(
OpenIdConnectConfiguration.Write(new OpenIdConnectConfiguration(OpenIdConfigData.JsonWithSigningKeys)));
// "SigningKeys" should be found in AdditionalData.
if (!config.AdditionalData.ContainsKey("SigningKeys"))
{
context.AddDiff(@"!config.AdditionalData.ContainsKey(""SigningKeys"")");
}
TestUtilities.AssertFailIfErrors(context);
}
public void NonemptyCollectionSerialization()
{
var context = new CompareContext {
Title = "NonemptyCollectionSerialization"
};
// Initialize an OpenIdConnectConfiguration object that has at least one element in each Collection.
var oidcWithAllCollections = OpenIdConnectConfiguration.Create(OpenIdConfigData.JsonAllValues);
var oidcWithAllCollectionsJson = OpenIdConnectConfiguration.Write(oidcWithAllCollections);
// List of all collections that should be included in the serialized configuration.
var collectionNames = new List <string>
{
"acr_values_supported",
"claims_supported",
"claims_locales_supported",
"claim_types_supported",
"display_values_supported",
"grant_types_supported",
"id_token_encryption_alg_values_supported",
"id_token_encryption_enc_values_supported",
"id_token_signing_alg_values_supported",
"introspection_endpoint_auth_methods_supported",
"introspection_endpoint_auth_signing_alg_values_supported",
"request_object_encryption_alg_values_supported",
"request_object_encryption_enc_values_supported",
"request_object_signing_alg_values_supported",
"response_modes_supported",
"response_types_supported",
"scopes_supported",
"subject_types_supported",
"token_endpoint_auth_methods_supported",
"token_endpoint_auth_signing_alg_values_supported",
"ui_locales_supported",
"userinfo_encryption_alg_values_supported",
"userinfo_encryption_enc_values_supported",
"userinfo_signing_alg_values_supported"
};
foreach (var collection in collectionNames)
{
if (!oidcWithAllCollectionsJson.Contains(collection))
{
context.Diffs.Add(collection + " should be serialized.");
}
}
TestUtilities.AssertFailIfErrors(context);
}
public void RoundTripFromJson()
{
var context = new CompareContext {
Title = "RoundTripFromJson"
};
var oidcConfig1 = OpenIdConnectConfiguration.Create(OpenIdConfigData.JsonAllValues);
var oidcConfig2 = new OpenIdConnectConfiguration(OpenIdConfigData.JsonAllValues);
var oidcJson1 = OpenIdConnectConfiguration.Write(oidcConfig1);
var oidcJson2 = OpenIdConnectConfiguration.Write(oidcConfig2);
var oidcConfig3 = OpenIdConnectConfiguration.Create(oidcJson1);
var oidcConfig4 = new OpenIdConnectConfiguration(oidcJson2);
IdentityComparer.AreEqual(oidcConfig1, oidcConfig2, context);
IdentityComparer.AreEqual(oidcConfig1, oidcConfig3, context);
IdentityComparer.AreEqual(oidcConfig1, oidcConfig4, context);
IdentityComparer.AreEqual(oidcJson1, oidcJson2, context);
TestUtilities.AssertFailIfErrors(context);
}
public async Task ValidateAsync_Success()
{
var authenticationSettings = new AuthenticationSettings
{
Microsoft = new MicrosoftAuthenticationSettings
{
ClientId = ClientId,
},
};
var options = Options.Create(authenticationSettings);
var configuration = new OpenIdConnectConfiguration();
configuration.JsonWebKeySet = new JsonWebKeySet();
configuration.JsonWebKeySet.Keys.Add(jsonWebKey);
using (var http = new HttpClientTestingFactory())
{
var tokenHandler = new JwtSecurityTokenHandler();
var token = new JwtSecurityToken(
audience: ClientId,
claims: new[] { new Claim("sub", ExternalUserId), new Claim("email", ExternalUserEmail) },
notBefore: DateTime.UtcNow,
expires: DateTime.UtcNow + TimeSpan.FromHours(1),
signingCredentials: new SigningCredentials(jsonWebKey, jsonWebKey.Alg));
var handler = new MicrosoftAssertionGrantHandler(options, http.HttpClient);
var resultTask = handler.ValidateAsync(tokenHandler.WriteToken(token));
http.Expect(ConfigurationEndpoint).Respond(OpenIdConnectConfiguration.Write(configuration));
var result = await resultTask;
Assert.NotNull(result);
Assert.True(result.IsSuccessful);
Assert.Equal(ExternalUserId, result.ExternalUserId);
Assert.Equal(ExternalUserEmail, result.ExternalUserEmail);
http.EnsureNoOutstandingRequests();
}
}
