public void ClientAssertionRequestValidatorExpirationTimeTest() { var credential = ClientCredentialWrapper.CreateWithSecret(TestConstants.ClientSecret); credential.Audience = _audience1; credential.ContainsX5C = false; credential.CachedAssertion = TestConstants.DefaultClientAssertion; credential.ValidTo = ConvertToTimeT(DateTime.UtcNow + TimeSpan.FromSeconds(JwtToAadLifetimeInSeconds)); // Validate cached client assertion with expiration time // Cached assertion should be valid Assert.IsTrue(ClientCredentialHelper.ValidateClientAssertion(credential, _audience1, false)); // Setting expiration time to now credential.ValidTo = ConvertToTimeT(DateTime.UtcNow); // cached assertion should have expired Assert.IsFalse(ClientCredentialHelper.ValidateClientAssertion(credential, _audience1, false)); }
public void ClientAssertionRequestValidatorExpirationTimeTest() { var credential = new ClientCredentialWrapper(MsalTestConstants.ClientSecret) { Audience = "Audience1", ContainsX5C = false, Assertion = MsalTestConstants.DefaultClientAssertion, ValidTo = ConvertToTimeT(DateTime.UtcNow + TimeSpan.FromSeconds(JwtToAadLifetimeInSeconds)) }; // Validate cached client assertion with expiration time // Cached assertion should be valid Assert.IsTrue(ClientCredentialHelper.ValidateClientAssertion(credential, new AuthorityEndpoints(null, null, "Audience1"), false)); // Setting expiration time to now credential.ValidTo = ConvertToTimeT(DateTime.UtcNow); // cached assertion should have expired Assert.IsFalse(ClientCredentialHelper.ValidateClientAssertion(credential, new AuthorityEndpoints(null, null, "Audience1"), false)); }
public void ClientAssertionRequestValidatorMismatchParameterTest() { string Audience1 = "Audience1"; string Audience2 = "Audience2"; var credential = new ClientCredentialWrapper(MsalTestConstants.ClientSecret) { Audience = Audience1, ContainsX5C = false, Assertion = MsalTestConstants.DefaultClientAssertion, ValidTo = ConvertToTimeT(DateTime.UtcNow + TimeSpan.FromSeconds(JwtToAadLifetimeInSeconds)) }; // Validate cached client assertion with parameters Assert.IsTrue(ClientCredentialHelper.ValidateClientAssertion(credential, new AuthorityEndpoints(null, null, Audience1), false)); // Different audience credential.Audience = Audience2; // cached assertion should be invalid Assert.IsFalse(ClientCredentialHelper.ValidateClientAssertion(credential, new AuthorityEndpoints(null, null, Audience1), false)); // Different x5c, same audience credential.Audience = Audience1; credential.ContainsX5C = true; // cached assertion should be invalid Assert.IsFalse(ClientCredentialHelper.ValidateClientAssertion(credential, new AuthorityEndpoints(null, null, Audience1), false)); // Different audience and x5c credential.Audience = Audience2; // cached assertion should be invalid Assert.IsFalse(ClientCredentialHelper.ValidateClientAssertion(credential, new AuthorityEndpoints(null, null, Audience1), false)); // No cached Assertion credential.Assertion = ""; // should return false Assert.IsFalse(ClientCredentialHelper.ValidateClientAssertion(credential, new AuthorityEndpoints(null, null, Audience1), false)); }
public void ClientAssertionRequestValidatorMismatchParameterTest() { var credential = ClientCredentialWrapper.CreateWithSecret(TestConstants.ClientSecret); credential.Audience = _audience1; credential.ContainsX5C = false; credential.CachedAssertion = TestConstants.DefaultClientAssertion; credential.ValidTo = ConvertToTimeT(DateTime.UtcNow + TimeSpan.FromSeconds(JwtToAadLifetimeInSeconds)); // Validate cached client assertion with parameters Assert.IsTrue(ClientCredentialHelper.ValidateClientAssertion(credential, _audience1, false)); // Different audience credential.Audience = _audience2; // cached assertion should be invalid Assert.IsFalse(ClientCredentialHelper.ValidateClientAssertion(credential, _audience1, false)); // Different x5c, same audience credential.Audience = _audience1; credential.ContainsX5C = true; // cached assertion should be invalid Assert.IsFalse(ClientCredentialHelper.ValidateClientAssertion(credential, _audience1, false)); // Different audience and x5c credential.Audience = _audience2; // cached assertion should be invalid Assert.IsFalse(ClientCredentialHelper.ValidateClientAssertion(credential, _audience1, false)); // No cached Assertion credential.CachedAssertion = ""; // should return false Assert.IsFalse(ClientCredentialHelper.ValidateClientAssertion(credential, _audience1, false)); }