public void TryParseLoginToken_NoTokenValidation_ReturnsExpectedClaims() { // Arrange Mock <MobileAppTokenHandler> tokenHandlerMock = new Mock <MobileAppTokenHandler>(this.config); MobileAppAuthenticationHandlerMock authHandlerMock = new MobileAppAuthenticationHandlerMock(this.loggerMock.Object, tokenHandlerMock.Object); MobileAppAuthenticationOptions skipOptions = new MobileAppAuthenticationOptions(); skipOptions.SigningKey = "SOME_SIGNING_KEY"; skipOptions.SkipTokenSignatureValidation = true; JwtSecurityToken skipToken = GetTestToken("SOME_OTHER_KEY"); // Act ClaimsPrincipal skipClaimsPrincipal; bool skipResult = authHandlerMock.TryParseLoginToken(skipToken.RawData, skipOptions, out skipClaimsPrincipal); // Assert tokenHandlerMock.Verify(h => h.TryValidateLoginToken(It.IsAny <string>(), It.IsAny <string>(), out skipClaimsPrincipal), Times.Never); Assert.True(skipResult); MobileAppUser user = this.tokenHandler.CreateServiceUser((ClaimsIdentity)skipClaimsPrincipal.Identity, skipToken.RawData); Assert.Equal("Facebook:1234", user.Id); Assert.True(user.Identity.IsAuthenticated); Claim[] claims = user.Claims.ToArray(); Assert.Equal(8, claims.Length); Assert.Equal("Frank", claims.Single(p => p.Type == ClaimTypes.GivenName).Value); Assert.Equal("Miller", claims.Single(p => p.Type == ClaimTypes.Surname).Value); Assert.Equal("Admin", claims.Single(p => p.Type == ClaimTypes.Role).Value); Assert.Equal("Facebook:1234", claims.Single(p => p.Type == "uid").Value); Assert.Equal("MyClaimValue", claims.Single(p => p.Type == "my_custom_claim").Value); }
public MobileAppAuthenticationHandlerTests() { this.config = new HttpConfiguration(); this.tokenHandler = new MobileAppTokenHandler(this.config); this.loggerMock = new Mock <ILogger>(); this.handlerMock = new MobileAppAuthenticationHandlerMock(this.loggerMock.Object, this.tokenHandler); }
public MobileAppAuthenticationHandlerTests() { this.config = new HttpConfiguration(); this.tokenHandler = new MobileAppTokenHandler(this.config); this.loggerMock = new Mock<ILogger>(); this.handlerMock = new MobileAppAuthenticationHandlerMock(this.loggerMock.Object, this.tokenHandler); }
public void Authenticate_CorrectlyAuthenticates(string otherSigningKey, bool expectAuthenticated) { // Arrange HttpConfiguration config = new HttpConfiguration(); AppServiceAuthenticationOptions optionsDefault = CreateTestOptions(config); optionsDefault.SigningKey = SigningKeyAlpha; AppServiceAuthenticationOptions optionsOtherSigningKey = CreateTestOptions(config); optionsOtherSigningKey.SigningKey = otherSigningKey; var mock = new MobileAppAuthenticationHandlerMock(this.loggerMock.Object); var request = CreateAuthRequest(new Uri(TestWebsiteUrl), GetTestToken()); // Act AuthenticationTicket authTicket = mock.Authenticate(request, optionsOtherSigningKey); // Assert if (expectAuthenticated) { // ensure the AuthenticationTicket is set correctly Assert.NotNull(authTicket); Assert.NotNull(authTicket.Identity); Assert.True(authTicket.Identity.IsAuthenticated); } else { Assert.NotNull(authTicket); Assert.NotNull(authTicket.Identity); Assert.False(authTicket.Identity.IsAuthenticated); } }
public void Authenticate_Fails_WithInvalidIssuer() { // Arrange AppServiceAuthenticationOptions options = CreateTestOptions(new HttpConfiguration()); var mock = new MobileAppAuthenticationHandlerMock(this.loggerMock.Object); var request = CreateAuthRequest(new Uri(TestWebsiteUrl), GetTestToken(issuer: "https://invalidIssuer/")); // Act AuthenticationTicket authticket = mock.Authenticate(request, options); // Assert Assert.NotNull(authticket); Assert.NotNull(authticket.Identity); Assert.False(authticket.Identity.IsAuthenticated, "Expected Authenticate to fail with invalid issuer"); }
public void Authenticate_FailsToAuthenticate_ValidIdentity_WithoutSigningKey() { // Arrange AppServiceAuthenticationOptions options = CreateTestOptions(new HttpConfiguration()); var mock = new MobileAppAuthenticationHandlerMock(this.loggerMock.Object); var request = CreateAuthRequest(new Uri(TestWebsiteUrl), GetTestToken()); options.SigningKey = null; // Act AuthenticationTicket authticket = mock.Authenticate(request, options); // Assert Assert.NotNull(authticket); Assert.NotNull(authticket.Identity); Assert.False(authticket.Identity.IsAuthenticated, "Expected Authenticate to fail without signing key specified in MobileAppAuthenticationOptions"); }
public void Authenticate_LeavesUserNull_IfException() { // Arrange var mockTokenHandler = new Mock <MobileAppTokenHandler>(this.config); mockTokenHandler.CallBase = true; mockTokenHandler .Setup(t => t.CreateServiceUser(It.IsAny <ClaimsIdentity>(), It.IsAny <string>())) .Throws(new InvalidOperationException()) .Verifiable(); var mock = new MobileAppAuthenticationHandlerMock(this.loggerMock.Object, mockTokenHandler.Object); var request = CreateAuthRequest("signing_key"); request.User = new ClaimsPrincipal(); // Act mock.Authenticate(request, CreateOptions(false, "signing_key")); // Assert mockTokenHandler.VerifyAll(); Assert.Null(request.User); }
public void Authenticate_CorrectlyAuthenticates(MobileAppAuthenticationOptions options, bool expectAuthenticated) { // Arrange var mock = new MobileAppAuthenticationHandlerMock(this.loggerMock.Object, this.tokenHandler); var request = CreateAuthRequest("signing_key"); request.User = new ClaimsPrincipal(); // Act mock.Authenticate(request, options); // Assert if (expectAuthenticated) { Assert.NotNull(request.User.Identity); Assert.True(request.User.Identity.IsAuthenticated); Assert.IsType(typeof(MobileAppUser), request.User); } else { Assert.Null(request.User); } }
public void Authenticate_Fails_WithInvalidAudience() { // Arrange MobileAppAuthenticationOptions options = CreateTestOptions(); var mock = new MobileAppAuthenticationHandlerMock(this.loggerMock.Object, this.tokenHandler); var request = CreateAuthRequest(new Uri(TestWebsiteUrl), GetTestToken(audience: "https://invalidAudience/")); // Act AuthenticationTicket authticket = mock.Authenticate(request, options); // Assert Assert.NotNull(authticket); Assert.NotNull(authticket.Identity); Assert.False(authticket.Identity.IsAuthenticated, "Expected Authenticate to fail with invalid audience"); }
public void Authenticate_LeavesUserNull_IfException() { // Arrange var mockTokenHandler = new Mock<MobileAppTokenHandler>(this.config); mockTokenHandler.CallBase = true; mockTokenHandler .Setup(t => t.CreateServiceUser(It.IsAny<ClaimsIdentity>(), It.IsAny<string>())) .Throws(new InvalidOperationException()) .Verifiable(); var mock = new MobileAppAuthenticationHandlerMock(this.loggerMock.Object, mockTokenHandler.Object); var request = CreateAuthRequest("signing_key"); request.User = new ClaimsPrincipal(); // Act mock.Authenticate(request, CreateOptions(false, "signing_key")); // Assert mockTokenHandler.VerifyAll(); Assert.Null(request.User); }
public void TryParseLoginToken_NoTokenValidation_ReturnsExpectedClaims() { // Arrange Mock<MobileAppTokenHandler> tokenHandlerMock = new Mock<MobileAppTokenHandler>(this.config); MobileAppAuthenticationHandlerMock authHandlerMock = new MobileAppAuthenticationHandlerMock(this.loggerMock.Object, tokenHandlerMock.Object); MobileAppAuthenticationOptions skipOptions = new MobileAppAuthenticationOptions(); skipOptions.SigningKey = "SOME_SIGNING_KEY"; skipOptions.SkipTokenSignatureValidation = true; JwtSecurityToken skipToken = GetTestToken("SOME_OTHER_KEY"); // Act ClaimsPrincipal skipClaimsPrincipal; bool skipResult = authHandlerMock.TryParseLoginToken(skipToken.RawData, skipOptions, out skipClaimsPrincipal); // Assert tokenHandlerMock.Verify(h => h.TryValidateLoginToken(It.IsAny<string>(), It.IsAny<string>(), out skipClaimsPrincipal), Times.Never); Assert.True(skipResult); MobileAppUser user = this.tokenHandler.CreateServiceUser((ClaimsIdentity)skipClaimsPrincipal.Identity, skipToken.RawData); Assert.Equal("Facebook:1234", user.Id); Assert.True(user.Identity.IsAuthenticated); Claim[] claims = user.Claims.ToArray(); Assert.Equal(8, claims.Length); Assert.Equal("Frank", claims.Single(p => p.Type == ClaimTypes.GivenName).Value); Assert.Equal("Miller", claims.Single(p => p.Type == ClaimTypes.Surname).Value); Assert.Equal("Admin", claims.Single(p => p.Type == ClaimTypes.Role).Value); Assert.Equal("Facebook:1234", claims.Single(p => p.Type == "uid").Value); Assert.Equal("MyClaimValue", claims.Single(p => p.Type == "my_custom_claim").Value); }