コード例 #1
0
 public void ShouldGenerate(string algorithm, KeyType keyType)
 {
     _keyService.GenerateSigningCredentials(new JwksOptions()
     {
         KeyPrefix = "ShouldGenerateManyRsa_", Jws = JwsAlgorithm.Create(algorithm, keyType)
     });
 }
コード例 #2
0
        public void ShouldKeepPublicKeyAfterUpdateAExpiredJwk(string algorithm, KeyType keyType)
        {
            var alg = JwsAlgorithm.Create(algorithm, keyType);
            var key = _keyService.GenerateSigningCredentials(new JwksOptions()
            {
                KeyPrefix = "ShouldGenerateManyRsa_", Jws = alg
            });
            var privateKey = new SecurityKeyWithPrivate();

            privateKey.SetJwsParameters(key.Key, alg);
            _jsonWebKeyStore.Save(privateKey);
            /*Remove private*/
            _jsonWebKeyStore.Revoke(privateKey);

            var jsonWebKey = _keyService.GetLastKeysCredentials(JsonWebKeyType.Jws, 5).First(w => w.Kid == privateKey.KeyId);

            jsonWebKey.Kty.Should().NotBeNullOrEmpty();
            jsonWebKey.HasPrivateKey.Should().BeFalse();
            switch (jsonWebKey.Kty)
            {
            case JsonWebAlgorithmsKeyTypes.EllipticCurve:
                jsonWebKey.X.Should().NotBeNullOrEmpty();
                jsonWebKey.Y.Should().NotBeNullOrEmpty();
                break;

            case JsonWebAlgorithmsKeyTypes.RSA:
                jsonWebKey.N.Should().NotBeNullOrEmpty();
                jsonWebKey.E.Should().NotBeNullOrEmpty();
                break;

            case JsonWebAlgorithmsKeyTypes.Octet:
                jsonWebKey.K.Should().NotBeNullOrEmpty();
                break;
            }
        }
コード例 #3
0
        public void ShouldSaveCryptoAndRecover(string algorithm, KeyType keyType)
        {
            var options = new JwksOptions()
            {
                Jws = JwsAlgorithm.Create(algorithm, keyType)
            };
            var newKey = _keyService.GetCurrentSigningCredentials(options);

            _keyService.GetLastKeysCredentials(JsonWebKeyType.Jws, 5).Count.Should().BePositive();

            var currentKey = _keyService.GetCurrentSigningCredentials(options);

            newKey.Kid.Should().Be(currentKey.Kid);
        }
コード例 #4
0
        public void ShouldRemovePrivateAndUpdate(string algorithm, KeyType keyType)
        {
            var alg = JwsAlgorithm.Create(algorithm, keyType);
            var key = _keyService.GenerateSigningCredentials(new JwksOptions()
            {
                KeyPrefix = "ShouldGenerateManyRsa_", Jws = alg
            });
            var privateKey = new SecurityKeyWithPrivate();

            privateKey.SetJwsParameters(key.Key, alg);
            _jsonWebKeyStore.Save(privateKey);

            /*Remove private*/
            privateKey.Revoke();
            _jsonWebKeyStore.Revoke(privateKey);
        }
コード例 #5
0
        public void ShouldSaveDeterministicJwkRecoverAndSigning(string algorithm, KeyType keyType)
        {
            this.WarmupData.Clear();
            var options = new JwksOptions()
            {
                Jws = JwsAlgorithm.Create(algorithm, keyType)
            };

            var handler = new JsonWebTokenHandler();
            var now     = DateTime.Now;

            // Generate right now and in memory
            var newKey = _keyService.GetCurrentSigningCredentials(options);

            // recovered from database
            var currentKey = _keyService.GetCurrentSigningCredentials(options);

            newKey.Kid.Should().Be(currentKey.Kid);
            var claims     = new ClaimsIdentity(GenerateClaim().Generate(5));
            var descriptor = new SecurityTokenDescriptor
            {
                Issuer             = "me",
                Audience           = "you",
                IssuedAt           = now,
                NotBefore          = now,
                Expires            = now.AddMinutes(5),
                Subject            = claims,
                SigningCredentials = newKey
            };
            var descriptorFromDb = new SecurityTokenDescriptor
            {
                Issuer             = "me",
                Audience           = "you",
                IssuedAt           = now,
                NotBefore          = now,
                Expires            = now.AddMinutes(5),
                Subject            = claims,
                SigningCredentials = currentKey
            };

            var jwt1 = handler.CreateToken(descriptor);
            var jwt2 = handler.CreateToken(descriptorFromDb);

            jwt1.Should().Be(jwt2);
        }
コード例 #6
0
        public void ShouldNotBeSameJwtWhenProbabilisticToken(string algorithm, KeyType keyType)
        {
            var signingCredentials = _service.GenerateSigningCredentials(JwsAlgorithm.Create(algorithm, keyType));
            var handler            = new JsonWebTokenHandler();
            var now        = DateTime.Now;
            var descriptor = new SecurityTokenDescriptor
            {
                Issuer             = "me",
                Audience           = "you",
                IssuedAt           = now,
                NotBefore          = now,
                Expires            = now.AddMinutes(5),
                Subject            = new ClaimsIdentity(GenerateClaim().Generate(5)),
                SigningCredentials = signingCredentials
            };

            var jwt1 = handler.CreateToken(descriptor);
            var jwt2 = handler.CreateToken(descriptor);

            jwt1.Should().NotBe(jwt2);
        }
コード例 #7
0
        public void ShouldGenerateJwk(string algorithm, KeyType keyType)
        {
            var key = _service.Generate(JwsAlgorithm.Create(algorithm, keyType));

            key.KeyId.Should().NotBeNull();
        }