public async Task RevokedToken(TestConfig config)
{
var cookie = await config.CreateSessionCookieAsync();
var handler = new MockMessageHandler()
{
Response = $@"{{
""users"": [
{{
""localId"": ""testuser"",
""validSince"": {JwtTestUtils.Clock.UnixTimestamp()}
}}
]
}}",
};
var auth = config.CreateAuth(handler);
var decoded = await auth.VerifySessionCookieAsync(cookie);
Assert.Equal("testuser", decoded.Uid);
Assert.Equal(0, handler.Calls);
var exception = await Assert.ThrowsAsync <FirebaseAuthException>(
async() => await auth.VerifySessionCookieAsync(cookie, true));
var expectedMessage = "Firebase session cookie has been revoked.";
this.CheckException(exception, expectedMessage, AuthErrorCode.RevokedSessionCookie);
Assert.Equal(1, handler.Calls);
JwtTestUtils.AssertRevocationCheckRequest(null, handler.Requests[0].Url);
}
public async Task IdToken(TestConfig config)
{
var tokenBuilder = JwtTestUtils.IdTokenBuilder();
var idToken = await tokenBuilder.CreateTokenAsync();
var auth = config.CreateAuth();
var exception = await Assert.ThrowsAsync <FirebaseAuthException>(
async() => await auth.VerifySessionCookieAsync(idToken));
var expectedMessage = "Firebase session cookie has incorrect issuer (iss) claim.";
this.CheckException(exception, expectedMessage);
}
public async Task SessionCookie(TestConfig config)
{
var tokenBuilder = JwtTestUtils.SessionCookieBuilder(config.TenantId);
var sessionCookie = await tokenBuilder.CreateTokenAsync();
var auth = config.CreateAuth();
var exception = await Assert.ThrowsAsync <FirebaseAuthException>(
async() => await auth.VerifyIdTokenAsync(sessionCookie));
var expectedMessage = "Firebase ID token has incorrect issuer (iss) claim.";
this.CheckException(exception, expectedMessage);
}
public async Task ValidUnrevokedToken(TestConfig config)
{
var cookie = await config.CreateSessionCookieAsync();
var handler = new MockMessageHandler()
{
Response = @"{
""users"": [
{
""localId"": ""testuser""
}
]
}",
};
var auth = config.CreateAuth(handler);
var decoded = await auth.VerifySessionCookieAsync(cookie, true);
Assert.Equal("testuser", decoded.Uid);
Assert.Equal(1, handler.Calls);
JwtTestUtils.AssertRevocationCheckRequest(null, handler.Requests[0].Url);
}
public async Task CheckRevokedError(TestConfig config)
{
var cookie = await config.CreateSessionCookieAsync();
var handler = new MockMessageHandler()
{
StatusCode = HttpStatusCode.InternalServerError,
Response = @"{
""error"": {""message"": ""USER_NOT_FOUND""}
}",
};
var auth = config.CreateAuth(handler);
var exception = await Assert.ThrowsAsync <FirebaseAuthException>(
async() => await auth.VerifySessionCookieAsync(cookie, true));
Assert.Equal(ErrorCode.NotFound, exception.ErrorCode);
Assert.StartsWith("No user record found for the given identifier", exception.Message);
Assert.Equal(AuthErrorCode.UserNotFound, exception.AuthErrorCode);
Assert.Null(exception.InnerException);
Assert.NotNull(exception.HttpResponse);
Assert.Equal(1, handler.Calls);
JwtTestUtils.AssertRevocationCheckRequest(null, handler.Requests[0].Url);
}
private TestConfig()
{
this.authBuilder = JwtTestUtils.AuthBuilderForTokenVerification();
this.tokenBuilder = JwtTestUtils.SessionCookieBuilder();
}
public void AssertRevocationCheckRequest(Uri uri)
{
JwtTestUtils.AssertRevocationCheckRequest(this.TenantId, this.EmulatorHost, uri);
}
private TestConfig(string tenantId = null)
{
this.tokenBuilder = JwtTestUtils.IdTokenBuilder(tenantId);
this.authBuilder = JwtTestUtils.AuthBuilderForTokenVerification(tenantId);
}