public void OAuth2CryptographicCodeGenerator_CreatePkceCodeVerifier_IsUniqueBase64UrlStringWithoutPaddingAndLengthBetween43And128() { var generator = new OAuth2CryptographicCodeGenerator(); // Create a bunch of verifiers var verifiers = new string[32]; for (int i = 0; i < verifiers.Length; i++) { string v = generator.CreatePkceCodeVerifier(); // Assert the verifier is a base64url string without padding char[] vs = v.ToCharArray(); Assert.All(vs, x => Assert.Contains(x, ValidBase64UrlCharsNoPad)); // Assert the verifier is a string of length [43, 128] (inclusive) Assert.InRange(v.Length, 43, 128); verifiers[i] = v; } // There should be no duplicates string[] uniqueVerifiers = verifiers.Distinct().ToArray(); Assert.Equal(uniqueVerifiers, verifiers); }
public void OAuth2CryptographicCodeGenerator_CreatePkceCodeChallenge_Plain_ReturnsVerifierUnchanged() { var generator = new OAuth2CryptographicCodeGenerator(); var verifier = generator.CreatePkceCodeVerifier(); var challenge = generator.CreatePkceCodeChallenge(OAuth2PkceChallengeMethod.Plain, verifier); Assert.Equal(verifier, challenge); }
public void OAuth2CryptographicCodeGenerator_CreatePkceCodeChallenge_Sha256_ReturnsBase64UrlEncodedSha256HashOfAsciiVerifier() { var generator = new OAuth2CryptographicCodeGenerator(); var verifier = generator.CreatePkceCodeVerifier(); byte[] verifierAsciiBytes = Encoding.ASCII.GetBytes(verifier); byte[] hashedBytes; using (var sha256 = SHA256.Create()) { hashedBytes = sha256.ComputeHash(verifierAsciiBytes); } var expectedChallenge = Base64UrlConvert.Encode(hashedBytes, false); var actualChallenge = generator.CreatePkceCodeChallenge(OAuth2PkceChallengeMethod.Sha256, verifier); Assert.Equal(expectedChallenge, actualChallenge); }