// Arrange static void Configure(AppleAuthenticationOptions options) { options.ClientId = "my-client-id"; options.ClientSecretExpiresAfter = TimeSpan.FromMinutes(1); options.KeyId = "my-key-id"; options.TeamId = "my-team-id"; options.PrivateKeyBytes = (_) => TestKeys.GetPrivateKeyBytesAsync(); }
public static async Task GenerateAsync_Generates_Valid_Signed_Jwt() { // Arrange var options = new AppleAuthenticationOptions() { ClientId = "my-client-id", ClientSecretExpiresAfter = TimeSpan.FromMinutes(1), KeyId = "my-key-id", TeamId = "my-team-id", PrivateKeyBytes = (keyId) => TestKeys.GetPrivateKeyBytesAsync(), }; await GenerateTokenAsync(options, async (generator, context) => { var utcNow = DateTimeOffset.UtcNow; // Act string token = await generator.GenerateAsync(context); // Assert token.ShouldNotBeNullOrWhiteSpace(); token.Count((c) => c == '.').ShouldBe(2); // Format: "{header}.{body}.{signature}" // Act var validator = new JwtSecurityTokenHandler(); var securityToken = validator.ReadJwtToken(token); // Assert - See https://developer.apple.com/documentation/signinwithapplerestapi/generate_and_validate_tokens securityToken.ShouldNotBeNull(); securityToken.Header.ShouldNotBeNull(); securityToken.Header.ShouldContainKeyAndValue("alg", "ES256"); securityToken.Header.ShouldContainKeyAndValue("kid", "my-key-id"); securityToken.Payload.ShouldNotBeNull(); securityToken.Payload.ShouldContainKey("exp"); securityToken.Payload.ShouldContainKey("iat"); securityToken.Payload.ShouldContainKeyAndValue("aud", "https://appleid.apple.com"); securityToken.Payload.ShouldContainKeyAndValue("iss", "my-team-id"); securityToken.Payload.ShouldContainKeyAndValue("sub", "my-client-id"); securityToken.Payload.Iat.HasValue.ShouldBeTrue(); securityToken.Payload.Exp.HasValue.ShouldBeTrue(); ((long)securityToken.Payload.Iat !.Value).ShouldBeGreaterThanOrEqualTo(utcNow.ToUnixTimeSeconds()); ((long)securityToken.Payload.Exp !.Value).ShouldBeGreaterThanOrEqualTo(utcNow.AddSeconds(60).ToUnixTimeSeconds()); ((long)securityToken.Payload.Exp.Value).ShouldBeLessThanOrEqualTo(utcNow.AddSeconds(70).ToUnixTimeSeconds()); }); }