public async Task When_Passing_Null_Parameter_To_CheckAccessToken_Then_Exception_Is_Thrown() { // ARRANGE InitializeFakeObjects(); // ACT & ASSERT await Assert.ThrowsAsync <ArgumentNullException>(() => _grantedTokenValidator.CheckAccessTokenAsync(null)); }
private async Task <GetSubjectResult> GetSubject() { var accessToken = GetAccessTokenFromAuthorizationHeader(); if (string.IsNullOrWhiteSpace(accessToken)) { return(new GetSubjectResult(this.BuildError(ErrorCodes.InvalidToken, string.Empty))); } GrantedTokenValidationResult valResult; if (!((valResult = await _grantedTokenValidator.CheckAccessTokenAsync(accessToken)).IsValid)) { return(new GetSubjectResult(this.BuildError(valResult.MessageErrorCode, valResult.MessageErrorDescription))); } var grantedToken = await _grantedTokenRepository.GetTokenAsync(accessToken); if (grantedToken == null || grantedToken.IdTokenPayLoad == null) { return(new GetSubjectResult(this.BuildError(ErrorCodes.UnhandledExceptionCode, Constants.ErrorMessages.SubjectDoesntExist))); } return(new GetSubjectResult(grantedToken.IdTokenPayLoad.GetClaimValue(SimpleIdentityServer.Core.Jwt.Constants.StandardResourceOwnerClaimNames.Subject))); }
public async Task <UserInfoResult> Execute(string accessToken) { if (string.IsNullOrWhiteSpace(accessToken)) { throw new ArgumentNullException(nameof(accessToken)); } // Check if the access token is still valid otherwise raise an authorization exception. GrantedTokenValidationResult valResult; if (!((valResult = await _grantedTokenValidator.CheckAccessTokenAsync(accessToken)).IsValid)) { throw new AuthorizationException(valResult.MessageErrorCode, valResult.MessageErrorDescription); } var grantedToken = await _tokenStore.GetAccessToken(accessToken); var client = await _clientRepository.GetClientByIdAsync(grantedToken.ClientId); if (client == null) { throw new IdentityServerException(ErrorCodes.InvalidToken, string.Format(ErrorDescriptions.TheClientIdDoesntExist, grantedToken.ClientId)); } var signedResponseAlg = client.GetUserInfoSignedResponseAlg(); var userInformationPayload = grantedToken.UserInfoPayLoad; if (userInformationPayload == null) { throw new IdentityServerException(ErrorCodes.InvalidToken, ErrorDescriptions.TheTokenIsNotAValidResourceOwnerToken); } if (signedResponseAlg == null || signedResponseAlg.Value == JwsAlg.none) { var objectResult = new ObjectResult(grantedToken.UserInfoPayLoad) { StatusCode = (int)HttpStatusCode.OK }; objectResult.ContentTypes.Add(new MediaTypeHeaderValue("application/json")); objectResult.Formatters.Add(new JsonOutputFormatter(new JsonSerializerSettings(), ArrayPool <char> .Shared)); return(new UserInfoResult { Content = objectResult }); } var jwt = await _jwtGenerator.SignAsync(userInformationPayload, signedResponseAlg.Value); var encryptedResponseAlg = client.GetUserInfoEncryptedResponseAlg(); var encryptedResponseEnc = client.GetUserInfoEncryptedResponseEnc(); if (encryptedResponseAlg != null) { if (encryptedResponseEnc == null) { encryptedResponseEnc = JweEnc.A128CBC_HS256; } jwt = await _jwtGenerator.EncryptAsync(jwt, encryptedResponseAlg.Value, encryptedResponseEnc.Value); } return(new UserInfoResult { Content = new ContentResult { Content = jwt, StatusCode = (int)HttpStatusCode.OK, ContentType = "application/jwt", } }); }