private NodeEntitlements CreateEntitlements(EntitlementCreationOptions creationOptions = EntitlementCreationOptions.None) { var result = new NodeEntitlements() .FromInstant(_now) .UntilInstant(_now + TimeSpan.FromDays(7)) .WithAudience(_audience) .WithIssuer(_issuer); if (!creationOptions.HasFlag(EntitlementCreationOptions.OmitIpAddress)) { result = result.AddIpAddress(_approvedAddress); } if (!creationOptions.HasFlag(EntitlementCreationOptions.OmitIdentifier)) { result = result.WithIdentifier(_entitlementIdentifer); } if (!creationOptions.HasFlag(EntitlementCreationOptions.OmitApplication)) { result = result.AddApplication(_contosoFinanceApp); } if (!creationOptions.HasFlag(EntitlementCreationOptions.OmitMachineId)) { result = result.WithVirtualMachineId("virtual-machine-identifier"); } return(result); }
public TokenEnforcementTests() { // Hard coded key for unit testing only; actual operation will use a cert const string plainTextSigningKey = "This is my shared, not so secret, secret that needs to be very long!"; _signingKey = new SymmetricSecurityKey( Encoding.UTF8.GetBytes(plainTextSigningKey)); _signingCredentials = new SigningCredentials( _signingKey, SecurityAlgorithms.HmacSha256Signature); // Hard coded key for unit testing only; actual operation will use a cert const string plainTextEncryptionKey = "This is another, not so secret, secret that needs to be very long!"; _encryptingKey = new SymmetricSecurityKey( Encoding.UTF8.GetBytes(plainTextEncryptionKey)); _encryptingCredentials = new EncryptingCredentials( _encryptingKey, "dir", SecurityAlgorithms.Aes256CbcHmacSha512); _validEntitlements = CreateEntitlements(); _verifier = new TokenVerifier(_signingKey, _encryptingKey); _generator = new TokenGenerator(_nullLogger, _signingCredentials, _encryptingCredentials); }