コード例 #1
        public void ManualWriteHmacSha256ValidSigningCredentials()
            var jwt = new JsonWebToken
                Header = new JwtHeader
                    SignatureAlgorithm = JwtConstants.SignatureAlgorithms.HMACSHA256,
                    SigningCredentials = new HmacSigningCredentials(SymmetricKeyGenerator.Create(32))

                Audience       = new Uri("http://foo.com"),
                Issuer         = "dominick",
                ExpirationTime = 500000,

                Claims = new Dictionary <string, string>
                    { ClaimTypes.Name, "dominick" },
                    { ClaimTypes.Email, "*****@*****.**" }

            var handler = new JsonWebTokenHandler();
            var token   = handler.WriteToken(jwt);


            // token should not be empty

            // token with signature needs to be 3 parts
            var parts = token.Split('.');

            Assert.IsTrue(parts.Length == 3, "JWT should have excactly 3 parts");

            // signature must be 256 bits
            var sig = Base64Url.Decode(parts[2]);

            Assert.IsTrue(sig.Length == 32, "Signature is not 32 bits");
コード例 #2
        public void ManualWriteUnsupportedSignatureAlgorithm()
            var jwt = new JsonWebToken
                Header = new JwtHeader
                    SignatureAlgorithm = "unsupported",
                    SigningCredentials = new HmacSigningCredentials(SymmetricKeyGenerator.Create(48))

                Audience       = new Uri("http://foo.com"),
                Issuer         = "dominick",
                ExpirationTime = 500000,

                Claims = new Dictionary <string, string>
                    { ClaimTypes.Name, "dominick" },
                    { ClaimTypes.Email, "*****@*****.**" }

            var handler = new JsonWebTokenHandler();
            var token   = handler.WriteToken(jwt);
コード例 #3
        public void ManualWriteRoundtripDuplicateClaimTypes()
            var signinKey = SymmetricKeyGenerator.Create(32);

            var jwt = new JsonWebToken
                Header = new JwtHeader
                    SignatureAlgorithm = JwtConstants.SignatureAlgorithms.HMACSHA256,
                    SigningCredentials = new HmacSigningCredentials(signinKey)

                Audience       = new Uri("http://foo.com"),
                Issuer         = "dominick",
                ExpirationTime = 50000000000,

            jwt.AddClaim(ClaimTypes.Name, "dominick");
            jwt.AddClaim(ClaimTypes.Email, "*****@*****.**");
            jwt.AddClaim(ClaimTypes.Role, "bar");
            jwt.AddClaim(ClaimTypes.Role, "foo");

            var handler = new JsonWebTokenHandler();
            var token   = handler.WriteToken(jwt);


            // token should not be empty

            // token with signature needs to be 3 parts
            var parts = token.Split('.');

            Assert.IsTrue(parts.Length == 3, "JWT should have excactly 3 parts");

            // signature must be 256 bits
            var sig = Base64Url.Decode(parts[2]);

            Assert.IsTrue(sig.Length == 32, "Signature is not 32 bits");

            var jwtToken = handler.ReadToken(token);

            var config   = new SecurityTokenHandlerConfiguration();
            var registry = new WebTokenIssuerNameRegistry();

            registry.AddTrustedIssuer("dominick", "dominick");
            config.IssuerNameRegistry = registry;

            var issuerResolver = new WebTokenIssuerTokenResolver();

            issuerResolver.AddSigningKey("dominick", Convert.ToBase64String(signinKey));
            config.IssuerTokenResolver = issuerResolver;

            config.AudienceRestriction.AllowedAudienceUris.Add(new Uri("http://foo.com"));

            handler.Configuration = config;
            var identity = handler.ValidateToken(jwtToken).First();

            Assert.IsTrue(identity.Claims.Count() == 4);
            Assert.IsTrue(identity.Claims.First().Issuer == "dominick");
コード例 #4
        public void HandlerCreateRoundtripDuplicateClaimTypes()
            var signinKey = SymmetricKeyGenerator.Create(32);

            var identity = new ClaimsIdentity(new List <Claim>
                new Claim(ClaimTypes.Name, "dominick"),
                new Claim(ClaimTypes.Name, "dominick2"),
                new Claim(ClaimTypes.Email, "*****@*****.**"),
                new Claim(ClaimTypes.Role, "bar"),
                new Claim(ClaimTypes.Role, "foo")
            }, "Custom");

            var descriptor = new SecurityTokenDescriptor
                Subject            = identity,
                SigningCredentials = new HmacSigningCredentials(signinKey),
                TokenIssuerName    = "dominick",
                Lifetime           = new Lifetime(DateTime.UtcNow, DateTime.UtcNow.AddHours(8)),
                AppliesToAddress   = "http://foo.com"

            var handler = new JsonWebTokenHandler();
            var token   = handler.CreateToken(descriptor);

            var tokenString = handler.WriteToken(token);


            // token should not be empty

            // token with signature needs to be 3 parts
            var parts = tokenString.Split('.');

            Assert.IsTrue(parts.Length == 3, "JWT should have excactly 3 parts");

            // signature must be 256 bits
            var sig = Base64Url.Decode(parts[2]);

            Assert.IsTrue(sig.Length == 32, "Signature is not 32 bits");

            var jwtToken = handler.ReadToken(tokenString);

            var config   = new SecurityTokenHandlerConfiguration();
            var registry = new WebTokenIssuerNameRegistry();

            registry.AddTrustedIssuer("dominick", "dominick");
            config.IssuerNameRegistry = registry;

            var issuerResolver = new WebTokenIssuerTokenResolver();

            issuerResolver.AddSigningKey("dominick", Convert.ToBase64String(signinKey));
            config.IssuerTokenResolver = issuerResolver;

            config.AudienceRestriction.AllowedAudienceUris.Add(new Uri("http://foo.com"));

            handler.Configuration = config;
            var identity2 = handler.ValidateToken(jwtToken).First();

            Assert.IsTrue(identity.Claims.Count() == 5);
            //Assert.IsTrue(identity.Claims.First().Issuer == "dominick");