private static IOptionsSnapshot <IdentityServiceOptions> CreateOptions()
{
var identityServiceOptions = new IdentityServiceOptions();
var optionsSetup = new IdentityServiceOptionsDefaultSetup();
optionsSetup.Configure(identityServiceOptions);
SigningCredentials signingCredentials = new SigningCredentials(CryptoUtilities.CreateTestKey(), "RS256");
identityServiceOptions.SigningKeys.Add(signingCredentials);
identityServiceOptions.Issuer = "http://server.example.com";
identityServiceOptions.IdTokenOptions.UserClaims.AddSingle(
IdentityServiceClaimTypes.Subject,
ClaimTypes.NameIdentifier);
identityServiceOptions.RefreshTokenOptions.UserClaims.AddSingle(
IdentityServiceClaimTypes.Subject,
ClaimTypes.NameIdentifier);
var mock = new Mock <IOptionsSnapshot <IdentityServiceOptions> >();
mock.Setup(m => m.Value).Returns(identityServiceOptions);
mock.Setup(m => m.Get(It.IsAny <string>())).Returns(identityServiceOptions);
return(mock.Object);
}
private IOptions <IdentityServiceOptions> GetOptions()
{
var IdentityServiceOptions = new IdentityServiceOptions()
{
Issuer = "http://www.example.com/issuer"
};
IdentityServiceOptions.SigningKeys.Add(new SigningCredentials(CryptoUtilities.CreateTestKey(), "RS256"));
var optionsSetup = new IdentityServiceOptionsDefaultSetup();
optionsSetup.Configure(IdentityServiceOptions);
var mock = new Mock <IOptions <IdentityServiceOptions> >();
mock.Setup(m => m.Value).Returns(IdentityServiceOptions);
return(mock.Object);
}
private IOptions <IdentityServiceOptions> GetOptions()
{
var identityServiceOptions = new IdentityServiceOptions()
{
Issuer = "http://www.example.com/issuer"
};
var optionsSetup = new IdentityServiceOptionsDefaultSetup();
optionsSetup.Configure(identityServiceOptions);
identityServiceOptions.SigningKeys.Add(new SigningCredentials(CryptoUtilities.CreateTestKey(), "RS256"));
identityServiceOptions.IdTokenOptions.UserClaims.AddSingle("sub", ClaimTypes.NameIdentifier);
var mock = new Mock <IOptions <IdentityServiceOptions> >();
mock.Setup(m => m.Value).Returns(identityServiceOptions);
return(mock.Object);
}
private void RunTest(string testFlavor)
{
using (StartLog(out var loggerFactory, testFlavor))
{
var logger = loggerFactory.CreateLogger(testFlavor);
for (var i = 0; i < 100; i++)
{
var key = CryptoUtilities.CreateTestKey();
try
{
CryptographyHelpers.GetRSAParameters(new SigningCredentials(key, "RS256"));
}
catch (CryptographicException e)
{
LogKeyData(logger, i, key, e);
throw;
}
}
}
}
public async Task GetCredentialsAsync_ReadsCredentialsFromOptions()
{
// Arrange
var reference = new DateTimeOffset(2000, 01, 01, 00, 00, 00, TimeSpan.Zero);
var identityServiceOptions = new IdentityServiceOptions();
identityServiceOptions.SigningKeys.Add(new SigningCredentials(CryptoUtilities.CreateTestKey("RSAKey"), "RS256"));
identityServiceOptions.SigningKeys.Add(new SigningCredentials(new X509SecurityKey(GetCertificate(reference)), "RS256"));
var mock = new Mock <IOptionsSnapshot <IdentityServiceOptions> >();
mock.Setup(m => m.Value).Returns(identityServiceOptions);
mock.Setup(m => m.Get(It.IsAny <string>())).Returns(identityServiceOptions);
var source = new DefaultSigningCredentialsSource(mock.Object, new TestTimeStampManager(reference));
// Act
var credentials = (await source.GetCredentials()).ToList();
// Assert
Assert.Equal(2, credentials.Count);
var rsaDescriptor = Assert.Single(credentials, c => c.Id == "RSAKey");
Assert.Equal("RSA", rsaDescriptor.Algorithm);
Assert.Equal(reference, rsaDescriptor.NotBefore);
Assert.Equal(reference.AddDays(1), rsaDescriptor.Expires);
Assert.Equal(identityServiceOptions.SigningKeys[0], rsaDescriptor.Credentials);
Assert.True(rsaDescriptor.Metadata.ContainsKey("n"));
Assert.True(rsaDescriptor.Metadata.ContainsKey("e"));
var certificateDescriptor = Assert.Single(credentials, c => c.Id != "RSAKey");
Assert.Equal("RSA", certificateDescriptor.Algorithm);
Assert.Equal(reference, certificateDescriptor.NotBefore);
Assert.Equal(reference.AddHours(1), certificateDescriptor.Expires);
Assert.Equal(identityServiceOptions.SigningKeys[1], certificateDescriptor.Credentials);
Assert.True(certificateDescriptor.Metadata.ContainsKey("n"));
Assert.True(certificateDescriptor.Metadata.ContainsKey("e"));
}
private SigningCredentials CreateRsaCredentials(string id = "Test") => new SigningCredentials(CryptoUtilities.CreateTestKey(id), "RSA");
