private void ValidateIssuer() { PublicSamlSecurityTokenHandler samlSecurityTokenHandler = new PublicSamlSecurityTokenHandler(); SamlSecurityToken samlToken = IdentityUtilities.CreateSamlSecurityToken(); ValidateIssuer(IdentityUtilities.DefaultIssuer, null, samlToken, samlSecurityTokenHandler, ExpectedException.ArgumentNullException(substringExpected: "name: validationParameters")); ValidateIssuer("bob", null, samlToken, samlSecurityTokenHandler, ExpectedException.ArgumentNullException(substringExpected: "name: validationParameters")); ValidateIssuer("bob", new TokenValidationParameters { ValidateIssuer = false }, samlToken, samlSecurityTokenHandler, ExpectedException.NoExceptionExpected); ValidateIssuer("bob", new TokenValidationParameters { }, samlToken, samlSecurityTokenHandler, ExpectedException.SecurityTokenInvalidIssuerException(substringExpected: "IDX10204")); ValidateIssuer(IdentityUtilities.DefaultIssuer, new TokenValidationParameters { ValidIssuer = IdentityUtilities.DefaultIssuer }, samlToken, samlSecurityTokenHandler, ExpectedException.NoExceptionExpected); ValidateIssuer("bob", new TokenValidationParameters { ValidIssuer = "frank" }, samlToken, samlSecurityTokenHandler, ExpectedException.SecurityTokenInvalidIssuerException(substringExpected: "IDX10205")); List <string> validIssuers = new List <string> { "john", "paul", "george", "ringo" }; ValidateIssuer("bob", new TokenValidationParameters { ValidIssuers = validIssuers }, samlToken, samlSecurityTokenHandler, ExpectedException.SecurityTokenInvalidIssuerException(substringExpected: "IDX10205")); ValidateIssuer("bob", new TokenValidationParameters { ValidateIssuer = false }, samlToken, samlSecurityTokenHandler, ExpectedException.NoExceptionExpected); validIssuers.Add(IdentityUtilities.DefaultIssuer); string issuer = ValidateIssuer(IdentityUtilities.DefaultIssuer, new TokenValidationParameters { ValidIssuers = validIssuers }, samlToken, samlSecurityTokenHandler, ExpectedException.NoExceptionExpected); Assert.IsTrue(issuer == IdentityUtilities.DefaultIssuer, "issuer mismatch"); TokenValidationParameters validationParameters = new TokenValidationParameters { ValidateAudience = false, IssuerValidator = IdentityUtilities.IssuerValidatorEcho, }; ValidateIssuer("bob", validationParameters, samlToken, samlSecurityTokenHandler, ExpectedException.SecurityTokenInvalidIssuerException(substringExpected: "IDX10204")); validationParameters.ValidateIssuer = false; validationParameters.IssuerValidator = IdentityUtilities.IssuerValidatorThrows; ValidateIssuer("bob", validationParameters, samlToken, samlSecurityTokenHandler, ExpectedException.NoExceptionExpected); }
private void ValidateIssuer() { DerivedSamlSecurityTokenHandler samlSecurityTokenHandler = new DerivedSamlSecurityTokenHandler(); ExpectedException expectedException = ExpectedException.NoExceptionExpected; ValidateIssuer(null, new TokenValidationParameters { ValidateIssuer = false }, samlSecurityTokenHandler, expectedException); expectedException = ExpectedException.ArgumentNullException(substringExpected: "Parameter name: validationParameters"); ValidateIssuer("bob", null, samlSecurityTokenHandler, expectedException); expectedException = ExpectedException.SecurityTokenInvalidIssuerException(substringExpected: "IDX10204"); ValidateIssuer("bob", new TokenValidationParameters { }, samlSecurityTokenHandler, expectedException); expectedException = ExpectedException.NoExceptionExpected; string issuer = ValidateIssuer("bob", new TokenValidationParameters { ValidIssuer = "bob" }, samlSecurityTokenHandler, expectedException); Assert.IsTrue(issuer == "bob", "issuer mismatch"); expectedException = ExpectedException.SecurityTokenInvalidIssuerException(substringExpected: "IDX10205"); ValidateIssuer("bob", new TokenValidationParameters { ValidIssuer = "frank" }, samlSecurityTokenHandler, expectedException); List <string> validIssuers = new List <string> { "john", "paul", "george", "ringo" }; expectedException = ExpectedException.SecurityTokenInvalidIssuerException(substringExpected: "IDX10205"); ValidateIssuer("bob", new TokenValidationParameters { ValidIssuers = validIssuers }, samlSecurityTokenHandler, expectedException); expectedException = ExpectedException.NoExceptionExpected; ValidateIssuer("bob", new TokenValidationParameters { ValidateIssuer = false }, samlSecurityTokenHandler, expectedException); validIssuers.Add("bob"); expectedException = ExpectedException.NoExceptionExpected; issuer = ValidateIssuer("bob", new TokenValidationParameters { ValidIssuers = validIssuers }, samlSecurityTokenHandler, expectedException); Assert.IsTrue(issuer == "bob", "issuer mismatch"); expectedException = ExpectedException.SecurityTokenInvalidIssuerException(substringExpected: "IDX10204"); TokenValidationParameters validationParameters = new TokenValidationParameters { ValidateAudience = false, IssuerValidator = IdentityUtilities.IssuerValidatorEcho, }; ValidateIssuer("bob", validationParameters, samlSecurityTokenHandler, expectedException); // no delegate secondary should still succeed expectedException = ExpectedException.NoExceptionExpected; validationParameters = new TokenValidationParameters { ValidateAudience = false, ValidIssuers = validIssuers, }; issuer = ValidateIssuer("bob", validationParameters, samlSecurityTokenHandler, expectedException); Assert.IsTrue(issuer == "bob", "issuer mismatch"); // no delegate, secondary should fail validIssuers = new List <string> { "john", "paul", "george", "ringo" }; expectedException = ExpectedException.SecurityTokenInvalidIssuerException(substringExpected: "IDX10205"); validationParameters = new TokenValidationParameters { IssuerSigningKey = new X509SecurityKey(KeyingMaterial.DefaultCert_2048), ValidateAudience = false, ValidIssuer = "http://Bob", }; ValidateIssuer("bob", validationParameters, samlSecurityTokenHandler, expectedException); validationParameters.ValidateIssuer = false; validationParameters.IssuerValidator = IdentityUtilities.IssuerValidatorThrows; ValidateIssuer("bob", validationParameters, samlSecurityTokenHandler, ExpectedException.NoExceptionExpected); }