public async Task ValidateAsync_InvalidToken()
{
var authenticationSettings = new AuthenticationSettings
{
Microsoft = new MicrosoftAuthenticationSettings
{
ClientId = ClientId,
},
};
var options = Options.Create(authenticationSettings);
var configuration = new OpenIdConnectConfiguration();
configuration.JsonWebKeySet = new JsonWebKeySet();
configuration.JsonWebKeySet.Keys.Add(jsonWebKey);
using (var http = new HttpClientTestingFactory())
{
var handler = new MicrosoftAssertionGrantHandler(options, http.HttpClient);
var resultTask = handler.ValidateAsync("SomeBadAssertion");
http.Expect(ConfigurationEndpoint).Respond(OpenIdConnectConfiguration.Write(configuration));
var result = await resultTask;
Assert.NotNull(result);
Assert.False(result.IsSuccessful);
http.EnsureNoOutstandingRequests();
}
}
public async Task ValidateAsync_Success()
{
var authenticationSettings = new AuthenticationSettings
{
Microsoft = new MicrosoftAuthenticationSettings
{
ClientId = ClientId,
},
};
var options = Options.Create(authenticationSettings);
var configuration = new OpenIdConnectConfiguration();
configuration.JsonWebKeySet = new JsonWebKeySet();
configuration.JsonWebKeySet.Keys.Add(jsonWebKey);
using (var http = new HttpClientTestingFactory())
{
var tokenHandler = new JwtSecurityTokenHandler();
var token = new JwtSecurityToken(
audience: ClientId,
claims: new[] { new Claim("sub", ExternalUserId), new Claim("email", ExternalUserEmail) },
notBefore: DateTime.UtcNow,
expires: DateTime.UtcNow + TimeSpan.FromHours(1),
signingCredentials: new SigningCredentials(jsonWebKey, jsonWebKey.Alg));
var handler = new MicrosoftAssertionGrantHandler(options, http.HttpClient);
var resultTask = handler.ValidateAsync(tokenHandler.WriteToken(token));
http.Expect(ConfigurationEndpoint).Respond(OpenIdConnectConfiguration.Write(configuration));
var result = await resultTask;
Assert.NotNull(result);
Assert.True(result.IsSuccessful);
Assert.Equal(ExternalUserId, result.ExternalUserId);
Assert.Equal(ExternalUserEmail, result.ExternalUserEmail);
http.EnsureNoOutstandingRequests();
}
}
