public async Task When_Passing_Jws_With_Algorithm_Other_Than_None_To_Unsign_And_Retrieve_Json_Web_Key_From_Uri_Then_Jwis_Is_Unsigned_And_Payload_Is_Returned() { // ARRANGE InitializeFakeObjects(); const string jws = "jws"; const string clientId = "client_id"; const string kid = "1"; var jsonWebKeySet = new JsonWebKeySet(); var json = jsonWebKeySet.SerializeWithDataContract(); var jsonWebKey = new JsonWebKey { Kid = kid, SerializedKey = "serialized_key" }; var payLoad = new JwsPayload(); var jwsProtectedHeader = new JwsProtectedHeader { Alg = Jwt.Constants.JwsAlgNames.PS256, Kid = kid }; var client = new Core.Common.Models.Client { ClientId = clientId, JwksUri = "http://localhost" }; var httpResponseMessage = new HttpResponseMessage(HttpStatusCode.Accepted) { Content = new StringContent(json) }; var jsonWebKeys = new List <JsonWebKey> { jsonWebKey }; var handler = new FakeHttpMessageHandler(httpResponseMessage); var httpClientFake = new HttpClient(handler); _jwsParserMock.Setup(j => j.GetHeader(It.IsAny <string>())) .Returns(jwsProtectedHeader); _clientRepositoryStub.Setup(c => c.GetClientByIdAsync(It.IsAny <string>())) .Returns(Task.FromResult(client)); _jwsParserMock.Setup(j => j.ValidateSignature(It.IsAny <string>(), It.IsAny <JsonWebKey>())) .Returns(payLoad); _httpClientFactoryMock.Setup(h => h.GetHttpClient()) .Returns(httpClientFake); _jsonWebKeyConverterMock.Setup(j => j.ExtractSerializedKeys(It.IsAny <JsonWebKeySet>())) .Returns(jsonWebKeys); // ACT var result = await _jwtParser.UnSignAsync(jws, clientId); // ASSERT Assert.NotNull(result); _jwsParserMock.Verify(j => j.ValidateSignature(jws, jsonWebKey)); }
public async Task When_No_Json_Web_Key_Can_Be_Extracted_From_Uri_And_Algorithm_Is_PS256_And_Unsign_Then_Null_Is_Returned() { // ARRANGE InitializeFakeObjects(); const string clientId = "client_id"; var jsonWebKeySet = new JsonWebKeySet(); var json = jsonWebKeySet.SerializeWithDataContract(); var jwsProtectedHeader = new JwsProtectedHeader { Alg = Jwt.Constants.JwsAlgNames.PS256 }; var httpResponseMessage = new HttpResponseMessage(HttpStatusCode.Accepted) { Content = new StringContent(json) }; var client = new Core.Common.Models.Client { JwksUri = "http://localhost", ClientId = clientId }; var jsonWebKeys = new List <JsonWebKey>(); _jwsParserMock.Setup(j => j.GetHeader(It.IsAny <string>())) .Returns(jwsProtectedHeader); _clientRepositoryStub.Setup(c => c.GetClientByIdAsync(It.IsAny <string>())) .Returns(Task.FromResult(client)); var handler = new FakeHttpMessageHandler(httpResponseMessage); var httpClientFake = new HttpClient(handler); _httpClientFactoryMock.Setup(h => h.GetHttpClient()) .Returns(httpClientFake); _jsonWebKeyConverterMock.Setup(j => j.ExtractSerializedKeys(It.IsAny <JsonWebKeySet>())) .Returns(jsonWebKeys); // ACT var result = await _jwtParser.UnSignAsync("jws", clientId); // ASSERT Assert.Null(result); }