public static AccessTokenResult ValidateToken(string token) { try { if (string.IsNullOrEmpty(token)) { return(AccessTokenResult.NoToken()); } var tokenParams = new TokenValidationParameters() { RequireSignedTokens = true, ValidAudience = _jwtAudience, ValidateAudience = true, ValidIssuer = _jwtIssuer, ValidateIssuer = true, ValidateIssuerSigningKey = true, ValidateLifetime = true, IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_jwtIssuerSigningKey)) }; // Validate the token var handler = new JwtSecurityTokenHandler(); var result = handler.ValidateToken(token, tokenParams, out var securityToken); return(AccessTokenResult.Success(result)); } catch (SecurityTokenExpiredException) { return(AccessTokenResult.Expired()); } catch (Exception ex) { return(AccessTokenResult.Error(ex)); } }
public void TestGoodRequest() { var principal = AccessTokenResult.Success(new System.Security.Claims.ClaimsPrincipal()); tokenProvider.Setup(t => t.ValidateToken(It.IsAny <HttpRequest>())).Returns(principal); var userEntity = new UserRoleEntity() { UserId = "TEST", RoleName = "TestRole", }; var tableResult = new TableResult(); tableResult.Result = userEntity; tableResult.HttpStatusCode = StatusCodes.Status201Created; userRoleRepository.Setup(t => t.Add(It.IsAny <UserRoleEntity>())).Returns(Task.FromResult(tableResult)); var request = TestFactory.CreateHttpRequest("{\"userId\": \"TEST\",\"roleName\": \"TestRole\",}"); var response = (CreatedResult)_fixture.Run(request, testLogger); Assert.AreEqual(StatusCodes.Status201Created, response.StatusCode); var returnEntity = (UserRoleEntity)((TableResult)response.Value).Result; Assert.AreEqual(userEntity.UserId, returnEntity.UserId); Assert.AreEqual(userEntity.RoleName, returnEntity.RoleName); }
public void TestGoodRequest() { var principal = AccessTokenResult.Success(new System.Security.Claims.ClaimsPrincipal()); tokenProvider.Setup(t => t.ValidateToken(It.IsAny <HttpRequest>())).Returns(principal); var userRoleEntity = new UserRoleEntity() { UserId = "TEST", RoleName = "TestRole", PartitionKey = "TestRole", RowKey = "TEST" }; var ctor = typeof(TableQuerySegment <UserRoleEntity>) .GetConstructors(BindingFlags.Instance | BindingFlags.NonPublic) .FirstOrDefault(c => c.GetParameters().Count() == 1); var mockQuerySegment = ctor.Invoke(new object[] { new List <UserRoleEntity>() { userRoleEntity } }) as TableQuerySegment <UserRoleEntity>; userRoleRepository.Setup(t => t.Get(It.IsAny <String>())).Returns(Task.FromResult(mockQuerySegment)); var request = TestFactory.CreateHttpRequest("{\"userId\": \"TEST\",\"roleName\": \"TestRole\",}"); var response = (OkObjectResult)_fixture.Run(request, userId, testLogger); Assert.AreEqual(StatusCodes.Status200OK, response.StatusCode); var returnEntityList = (TableQuerySegment <UserRoleEntity>)response.Value; var returnEntity = returnEntityList.FirstOrDefault(); Assert.AreEqual(userRoleEntity.UserId, returnEntity.UserId); Assert.AreEqual(userRoleEntity.RoleName, returnEntity.RoleName); }
public void TestBadRequestWithAuthToken() { var principal = AccessTokenResult.Success(new System.Security.Claims.ClaimsPrincipal()); tokenProvider.Setup(t => t.ValidateToken(It.IsAny <HttpRequest>())).Returns(principal); var request = TestFactory.CreateHttpRequest(""); var response = (BadRequestObjectResult)_fixture.Run(request, testLogger); Assert.AreEqual(response.StatusCode, StatusCodes.Status400BadRequest); }
public async Task <object> GetValueAsync() { try { // Get the token from the header if (request.Headers.ContainsKey(AUTH_HEADER_NAME) && request.Headers[AUTH_HEADER_NAME].ToString().StartsWith(BEARER_PREFIX)) { var accessToken = request.Headers["Authorization"].ToString().Substring(BEARER_PREFIX.Length); // Debugging purposes only, set this to false for production Microsoft.IdentityModel.Logging.IdentityModelEventSource.ShowPII = true; ConfigurationManager <OpenIdConnectConfiguration> configManager = new ConfigurationManager <OpenIdConnectConfiguration>( $"{authConfig.Value.Authority}/.well-known/openid-configuration", new OpenIdConnectConfigurationRetriever()); OpenIdConnectConfiguration config = null; config = await configManager.GetConfigurationAsync(); ISecurityTokenValidator tokenValidator = new JwtSecurityTokenHandler(); // Initialize the token validation parameters TokenValidationParameters validationParameters = new TokenValidationParameters { // App Id URI and AppId of this service application are both valid audiences. ValidAudiences = new[] { authConfig.Value.Audience, authConfig.Value.ClientID }, // Support Azure AD V1 and V2 endpoints. ValidIssuers = authConfig.Value.ValidIssuers, IssuerSigningKeys = config.SigningKeys }; var claimsPrincipal = tokenValidator.ValidateToken(accessToken, validationParameters, out SecurityToken securityToken); return(AccessTokenResult.Success(claimsPrincipal, securityToken)); } else { return(AccessTokenResult.NoToken()); } } catch (SecurityTokenExpiredException) { return(AccessTokenResult.Expired()); } catch (Exception ex) { return(AccessTokenResult.Error(ex)); } }
public void TestGoodRequestButStorageConnectionError() { var principal = AccessTokenResult.Success(new System.Security.Claims.ClaimsPrincipal()); tokenProvider.Setup(t => t.ValidateToken(It.IsAny <HttpRequest>())).Returns(principal); var exception = new NullReferenceException(""); userRepository.Setup(t => t.Add(It.IsAny <UserEntity>(), It.IsAny <String>())).Throws(exception); var request = TestFactory.CreateHttpRequest("{\"id\": \"TEST\",\"name\": \"Test User\",\"family_name\": \"User\",\"given_name\": \"Test\",\"city\": \"\",\"country\": \"\",\"postalCode\": \"\",\"state\": \"\",\"streetAddress\": \"\",\"email\": \"[email protected]\",\"isNew\": false,}"); var response = (BadRequestObjectResult)_fixture.Run(request, testLogger); Assert.AreEqual(StatusCodes.Status400BadRequest, response.StatusCode); }
public void TestDuplicateRecordReturnsConflictStatus() { var principal = AccessTokenResult.Success(new System.Security.Claims.ClaimsPrincipal()); tokenProvider.Setup(t => t.ValidateToken(It.IsAny <HttpRequest>())).Returns(principal); var exception = new StorageException("Conflict"); userRoleRepository.Setup(t => t.Add(It.IsAny <UserRoleEntity>())).Throws(exception); var request = TestFactory.CreateHttpRequest("{\"userId\": \"TEST\",\"roleName\": \"TestRole\",}"); var response = (ConflictObjectResult)_fixture.Run(request, testLogger); Assert.AreEqual(StatusCodes.Status409Conflict, response.StatusCode); }
public void TestGoodRequestButStorageConnectionError() { var principal = AccessTokenResult.Success(new System.Security.Claims.ClaimsPrincipal()); tokenProvider.Setup(t => t.ValidateToken(It.IsAny <HttpRequest>())).Returns(principal); var exception = new NullReferenceException(""); userRoleRepository.Setup(t => t.Get(It.IsAny <String>())).Throws(exception); var request = TestFactory.CreateHttpRequest("{\"userId\": \"TEST\",\"roleName\": \"TestRole\",}"); var response = (BadRequestObjectResult)_fixture.Run(request, userId, testLogger); Assert.AreEqual(StatusCodes.Status400BadRequest, response.StatusCode); }
private AccessTokenResult ValidateToken(HttpRequest request) { try { var audience = FunctionConfigs.Audience; var issuer = FunctionConfigs.Issuer; var mySecurityKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(FunctionConfigs.IssuerToken)); // Get the token from the header if (request != null && request.Headers.ContainsKey(AUTH_HEADER_NAME) && request.Headers[AUTH_HEADER_NAME].ToString().StartsWith(BEARER_PREFIX)) { var token = request.Headers[AUTH_HEADER_NAME].ToString().Substring(BEARER_PREFIX.Length); // Create the parameters var tokenParams = new TokenValidationParameters() { RequireSignedTokens = true, ValidAudience = audience, ValidateAudience = true, ValidIssuer = issuer, ValidateIssuer = true, ValidateIssuerSigningKey = true, ValidateLifetime = true, IssuerSigningKey = mySecurityKey }; // Validate the token var handler = new JwtSecurityTokenHandler(); var result = handler.ValidateToken(token, tokenParams, out var securityToken); return(AccessTokenResult.Success(result)); } else { return(AccessTokenResult.NoToken()); } } catch (SecurityTokenExpiredException) { return(AccessTokenResult.Expired()); } catch (Exception ex) { return(AccessTokenResult.Error(ex)); } }
public void TestGoodRequest() { var principal = AccessTokenResult.Success(new System.Security.Claims.ClaimsPrincipal()); tokenProvider.Setup(t => t.ValidateToken(It.IsAny <HttpRequest>())).Returns(principal); var userEntity = new UserEntity() { Id = "TEST", Name = "Test User", FamilyName = "User", GivenName = "Test", City = "", Country = "", PostalCode = "", State = "", StreetAddress = "", Email = "*****@*****.**", }; var tableResult = new TableResult(); tableResult.Result = userEntity; tableResult.HttpStatusCode = StatusCodes.Status201Created; userRepository.Setup(t => t.Add(It.IsAny <UserEntity>(), It.IsAny <String>())).Returns(Task.FromResult(tableResult)); var request = TestFactory.CreateHttpRequest("{\"id\": \"TEST\",\"name\": \"Test User\",\"family_name\": \"User\",\"given_name\": \"Test\",\"city\": \"\",\"country\": \"\",\"postalCode\": \"\",\"state\": \"\",\"streetAddress\": \"\",\"email\": \"[email protected]\",\"isNew\": false,}"); var response = (CreatedResult)_fixture.Run(request, testLogger); Assert.AreEqual(StatusCodes.Status201Created, response.StatusCode); var returnEntity = (UserEntity)((TableResult)response.Value).Result; Assert.AreEqual(userEntity.Id, returnEntity.Id); Assert.AreEqual(userEntity.Name, returnEntity.Name); Assert.AreEqual(userEntity.FamilyName, returnEntity.FamilyName); Assert.AreEqual(userEntity.GivenName, returnEntity.GivenName); Assert.AreEqual(userEntity.City, returnEntity.City); Assert.AreEqual(userEntity.Country, returnEntity.Country); Assert.AreEqual(userEntity.PostalCode, returnEntity.PostalCode); Assert.AreEqual(userEntity.State, returnEntity.State); Assert.AreEqual(userEntity.StreetAddress, returnEntity.StreetAddress); Assert.AreEqual(userEntity.Email, returnEntity.Email); }
public async Task <object> GetValueAsync() { try { var accessTokenProvider = _request.HttpContext.RequestServices.GetRequiredService <IAccessTokenProvider>(); var result = await accessTokenProvider.ValidateToken(_request); return(AccessTokenResult.Success(result.Principal)); } catch (SecurityTokenExpiredException) { return(AccessTokenResult.Expired()); } catch (Exception ex) { return(AccessTokenResult.Error(ex)); } }
public AccessTokenResult ToAccessTokenResult() { return(AccessTokenResult.Success(new User(UserId, "test", "test", "1980", "qskdljMOIJOifqsdf", "*****@*****.**"))); }