public async Task When_Passing_Null_Parameter_To_CheckAccessToken_Then_Exception_Is_Thrown()
{
// ARRANGE
InitializeFakeObjects();
// ACT & ASSERT
await Assert.ThrowsAsync <ArgumentNullException>(() => _grantedTokenValidator.CheckAccessTokenAsync(null));
}
private async Task <GetSubjectResult> GetSubject()
{
var accessToken = GetAccessTokenFromAuthorizationHeader();
if (string.IsNullOrWhiteSpace(accessToken))
{
return(new GetSubjectResult(this.BuildError(ErrorCodes.InvalidToken, string.Empty)));
}
GrantedTokenValidationResult valResult;
if (!((valResult = await _grantedTokenValidator.CheckAccessTokenAsync(accessToken)).IsValid))
{
return(new GetSubjectResult(this.BuildError(valResult.MessageErrorCode, valResult.MessageErrorDescription)));
}
var grantedToken = await _grantedTokenRepository.GetTokenAsync(accessToken);
if (grantedToken == null || grantedToken.IdTokenPayLoad == null)
{
return(new GetSubjectResult(this.BuildError(ErrorCodes.UnhandledExceptionCode, Constants.ErrorMessages.SubjectDoesntExist)));
}
return(new GetSubjectResult(grantedToken.IdTokenPayLoad.GetClaimValue(SimpleIdentityServer.Core.Jwt.Constants.StandardResourceOwnerClaimNames.Subject)));
}
public async Task <UserInfoResult> Execute(string accessToken)
{
if (string.IsNullOrWhiteSpace(accessToken))
{
throw new ArgumentNullException(nameof(accessToken));
}
// Check if the access token is still valid otherwise raise an authorization exception.
GrantedTokenValidationResult valResult;
if (!((valResult = await _grantedTokenValidator.CheckAccessTokenAsync(accessToken)).IsValid))
{
throw new AuthorizationException(valResult.MessageErrorCode, valResult.MessageErrorDescription);
}
var grantedToken = await _tokenStore.GetAccessToken(accessToken);
var client = await _clientRepository.GetClientByIdAsync(grantedToken.ClientId);
if (client == null)
{
throw new IdentityServerException(ErrorCodes.InvalidToken, string.Format(ErrorDescriptions.TheClientIdDoesntExist, grantedToken.ClientId));
}
var signedResponseAlg = client.GetUserInfoSignedResponseAlg();
var userInformationPayload = grantedToken.UserInfoPayLoad;
if (userInformationPayload == null)
{
throw new IdentityServerException(ErrorCodes.InvalidToken, ErrorDescriptions.TheTokenIsNotAValidResourceOwnerToken);
}
if (signedResponseAlg == null ||
signedResponseAlg.Value == JwsAlg.none)
{
var objectResult = new ObjectResult(grantedToken.UserInfoPayLoad)
{
StatusCode = (int)HttpStatusCode.OK
};
objectResult.ContentTypes.Add(new MediaTypeHeaderValue("application/json"));
objectResult.Formatters.Add(new JsonOutputFormatter(new JsonSerializerSettings(), ArrayPool <char> .Shared));
return(new UserInfoResult
{
Content = objectResult
});
}
var jwt = await _jwtGenerator.SignAsync(userInformationPayload,
signedResponseAlg.Value);
var encryptedResponseAlg = client.GetUserInfoEncryptedResponseAlg();
var encryptedResponseEnc = client.GetUserInfoEncryptedResponseEnc();
if (encryptedResponseAlg != null)
{
if (encryptedResponseEnc == null)
{
encryptedResponseEnc = JweEnc.A128CBC_HS256;
}
jwt = await _jwtGenerator.EncryptAsync(jwt,
encryptedResponseAlg.Value,
encryptedResponseEnc.Value);
}
return(new UserInfoResult
{
Content = new ContentResult
{
Content = jwt,
StatusCode = (int)HttpStatusCode.OK,
ContentType = "application/jwt",
}
});
}
