Esempio n. 1
0
        public async Task WhenTokenIsForDifferentAudienceThenTokenIsNotValid()
        {
            var handler = new JwtSecurityTokenHandler();

            using var rsa = new RSACryptoServiceProvider(2048);
            var jwk           = rsa.CreateSignatureJwk("1", true);
            var keyset        = new JsonWebKeySet().AddKey(rsa.CreateSignatureJwk("1", false));
            var jwksStoreMock = new Mock <IJwksStore>();

            jwksStoreMock.Setup(x => x.GetSigningKey(jwk.Alg, It.IsAny <CancellationToken>()))
            .ReturnsAsync(new SigningCredentials(jwk, jwk.Alg));
            jwksStoreMock.Setup(x => x.GetPublicKeys(It.IsAny <CancellationToken>())).ReturnsAsync(keyset);
            var token = handler.CreateEncodedJwt(
                "http://localhost",
                "test",
                new ClaimsIdentity(new[] { new Claim("sub", "tester"), }),
                DateTime.UtcNow,
                DateTime.UtcNow.AddYears(1),
                DateTime.UtcNow,
                new SigningCredentials(jwk, jwk.Alg));
            var grantedToken = new GrantedToken
            {
                ClientId       = "fake",
                AccessToken    = token,
                ExpiresIn      = 10000,
                CreateDateTime = DateTimeOffset.UtcNow
            };
            var result = await grantedToken.CheckGrantedToken(jwksStoreMock.Object).ConfigureAwait(false);

            Assert.False(result.IsValid);
        }
Esempio n. 2
0
 private SharedContext()
 {
     using var rsa      = new RSACryptoServiceProvider(2048);
     SignatureKey       = rsa.CreateSignatureJwk("1", true);
     ModelSignatureKey  = rsa.CreateSignatureJwk("2", true);
     EncryptionKey      = rsa.CreateEncryptionJwk("3", true);
     ModelEncryptionKey = rsa.CreateEncryptionJwk("4", true);
 }