public async Task RequestJwksAsync_404_Throws() {
IJwksProvider publicKeyProvider = new JwksProvider(
new HttpClient(),
new Uri( m_host + BAD_PATH )
);
JsonWebKeySet jwks = await publicKeyProvider
.RequestJwksAsync()
.SafeAsync();
}
public async Task RequestJwksAsync_CantReachServer_Throws() {
IJwksProvider publicKeyProvider = new JwksProvider(
new HttpClient(),
new Uri( "http://foo.bar.fakesite.isurehopethisisneveravalidTLD" )
);
JsonWebKeySet jwks = await publicKeyProvider
.RequestJwksAsync()
.SafeAsync();
}
public async Task RequestJwksAsync_CantReachServer_Throws()
{
IJwksProvider publicKeyProvider = new JwksProvider(
new HttpClient(),
new Uri("http://foo.bar.fakesite.isurehopethisisneveravalidTLD")
);
JsonWebKeySet jwks = await publicKeyProvider
.RequestJwksAsync()
.SafeAsync();
}
public async Task RequestJwksAsync_404_Throws()
{
IJwksProvider publicKeyProvider = new JwksProvider(
new HttpClient(),
new Uri(m_host + BAD_PATH)
);
JsonWebKeySet jwks = await publicKeyProvider
.RequestJwksAsync()
.SafeAsync();
}
public void Namespace_ReturnsJwksAbsoluteUri()
{
Uri jwksEndpoint = new Uri("https://dev.auth.brightspace.com/core/.well-known/jwks");
IJwksProvider jwksProvider = new JwksProvider(
httpClient: null,
jwksEndpoint: jwksEndpoint,
jwkEndpoint: null
);
Assert.AreEqual(jwksEndpoint.AbsoluteUri, jwksProvider.Namespace);
}
public void RequestJwksAsync_CantReachServer_Throws()
{
IJwksProvider publicKeyProvider = new JwksProvider(
new HttpClient(),
new Uri("http://foo.bar.fakesite.isurehopethisisneveravalidTLD")
);
Assert.ThrowsAsync <PublicKeyLookupFailureException>(async() => {
JsonWebKeySet jwks = await publicKeyProvider
.RequestJwksAsync()
.SafeAsync();
});
}
public void RequestJwksAsync_404_Throws()
{
IJwksProvider publicKeyProvider = new JwksProvider(
new HttpClient(),
new Uri(m_host + BAD_PATH)
);
Assert.ThrowsAsync <PublicKeyLookupFailureException>(async() => {
JsonWebKeySet jwks = await publicKeyProvider
.RequestJwksAsync()
.SafeAsync();
});
}
public async Task SuccessCase() {
IJwksProvider publicKeyProvider = new JwksProvider(
new HttpClient(),
new Uri( m_host + GOOD_PATH )
);
JsonWebKeySet jwks = await publicKeyProvider
.RequestJwksAsync()
.SafeAsync();
JsonWebKey jwk;
Assert.IsNotNull( jwks );
Assert.IsTrue( jwks.TryGetKey( GOOD_JWK_ID, out jwk ) );
}
public void RequestJwksAsync_HTML_Throws()
{
IJwksProvider publicKeyProvider = new JwksProvider(
new HttpClient(),
new Uri(m_host + HTML_PATH)
);
var e = Assert.Throws <PublicKeyLookupFailureException>(() =>
publicKeyProvider
.RequestJwksAsync()
.SafeWait()
);
StringAssert.Contains("<body>", e.Message);
}
public async Task SuccessCase()
{
IJwksProvider publicKeyProvider = new JwksProvider(
new HttpClient(),
new Uri(m_host + GOOD_PATH)
);
JsonWebKeySet jwks = await publicKeyProvider
.RequestJwksAsync()
.SafeAsync();
JsonWebKey jwk;
Assert.IsNotNull(jwks);
Assert.IsTrue(jwks.TryGetKey(GOOD_JWK_ID, out jwk));
}
/// <summary>
/// Creates an <see cref="IAccessTokenValidator"/> instance backed by a remote token signer.
/// </summary>
/// <param name="httpClient"><see cref="HttpClient"/> instance with which requests will be made. The lifecycle of the <see cref="HttpClient"/> is not managed. It will not be disposed by the validator.</param>
/// <param name="authEndpoint">The base URI of the remote service</param>
/// <returns>A new <see cref="IAccessTokenValidator"/></returns>
public static IAccessTokenValidator CreateRemoteValidator(
HttpClient httpClient,
Uri authEndpoint
) {
var jwksProvider = new JwksProvider(
httpClient,
authEndpoint
);
var publicKeyProvider = new RemotePublicKeyProvider(
jwksProvider,
new InMemoryPublicKeyCache()
);
var result = new AccessTokenValidator( publicKeyProvider );
return result;
}
public void RequestJwksAsync_404_Throws()
{
using (SetupJwkServer(out string host))
using (HttpClient httpClient = new HttpClient()) {
IJwksProvider publicKeyProvider = new JwksProvider(
httpClient,
jwksEndpoint: new Uri(host + BAD_PATH),
jwkEndpoint: null
);
Assert.ThrowsAsync <PublicKeyLookupFailureException>(async() => {
JsonWebKeySet jwks = await publicKeyProvider
.RequestJwksAsync()
.SafeAsync();
});
}
}
public void RequestJwksAsync_CantReachServer_Throws()
{
using (SetupJwkServer(out string host))
using (HttpClient httpClient = new HttpClient()) {
IJwksProvider publicKeyProvider = new JwksProvider(
httpClient,
jwksEndpoint: new Uri("http://foo.bar.fakesite.isurehopethisisneveravalidTLD"),
jwkEndpoint: null
);
Assert.ThrowsAsync <PublicKeyLookupFailureException>(async() => {
JsonWebKeySet jwks = await publicKeyProvider
.RequestJwksAsync()
.SafeAsync();
});
}
}
public void RequestJwksAsync_HTML_Throws()
{
using (SetupJwkServer(out string host))
using (HttpClient httpClient = new HttpClient()) {
IJwksProvider publicKeyProvider = new JwksProvider(
httpClient,
jwksEndpoint: new Uri(host + HTML_PATH),
jwkEndpoint: null
);
var e = Assert.Throws <PublicKeyLookupFailureException>(() =>
publicKeyProvider
.RequestJwksAsync()
.SafeWait()
);
StringAssert.Contains("<body>", e.Message);
}
}
public async Task RequestJwksAsync_SuccessCase()
{
using (SetupJwkServer(out string host))
using (HttpClient httpClient = new HttpClient()) {
IJwksProvider publicKeyProvider = new JwksProvider(
httpClient,
jwksEndpoint: new Uri(host + GOOD_PATH + JWKS_PATH),
jwkEndpoint: null
);
JsonWebKeySet jwks = await publicKeyProvider
.RequestJwksAsync()
.SafeAsync();
Assert.IsNotNull(jwks);
Assert.IsTrue(jwks.TryGetKey(GOOD_JWK_ID, out JsonWebKey jwk));
Assert.IsTrue(jwks.TryGetKey(GOOD_JWK_ID_STRING, out JsonWebKey jwkString));
}
}
public async Task RequestJwkAsync_StringKeyId_InvalidKeyId_Fallback_DoesNotReturnKey()
{
using (SetupJwkServer(out string host, hasJwk: true, jwkStatusCode: HttpStatusCode.OK))
using (HttpClient httpClient = new HttpClient()) {
IJwksProvider jwksProvider = new JwksProvider(
httpClient,
jwksEndpoint: new Uri(host + GOOD_PATH + JWKS_PATH),
jwkEndpoint: new Uri(host + GOOD_PATH + JWK_PATH)
);
JsonWebKeySet jwks = await jwksProvider
.RequestJwkAsync("NJVBRjY5MDlCMUIwNzU4RTA2QzZFMDQ4QzQ2MDAyQjVDNjk1RTM2Qg")
.SafeAsync();
Assert.IsNotNull(jwks);
//jwksServer.AssertWasCalled( x => x.Get( GOOD_JWK_PATH ) );
//jwksServer.AssertWasNotCalled( x => x.Get( GOOD_PATH + JWKS_PATH ) );
Assert.IsFalse(jwks.TryGetKey("NJVBRjY5MDlCMUIwNzU4RTA2QzZFMDQ4QzQ2MDAyQjVDNjk1RTM2Qg", out JsonWebKey jwk));
}
}
public async Task RequestJwkAsync_StringKeyId_500_Fallback_Success()
{
using (SetupJwkServer(out string host, hasJwk: false, jwkStatusCode: HttpStatusCode.InternalServerError))
using (HttpClient httpClient = new HttpClient()) {
IJwksProvider jwksProvider = new JwksProvider(
httpClient,
jwksEndpoint: new Uri(host + GOOD_PATH + JWKS_PATH),
jwkEndpoint: new Uri(host + GOOD_PATH + JWK_PATH)
);
JsonWebKeySet jwks = await jwksProvider
.RequestJwkAsync(GOOD_JWK_ID_STRING)
.SafeAsync();
Assert.IsNotNull(jwks);
//jwksServer.AssertWasCalled( x => x.Get( GOOD_JWK_PATH ) );
//jwksServer.AssertWasCalled( x => x.Get( GOOD_PATH + JWKS_PATH ) );
Assert.IsTrue(jwks.TryGetKey(GOOD_JWK_ID_STRING, out JsonWebKey jwk));
Assert.AreEqual(GOOD_JWK_ID_STRING, jwk.Id);
}
}