public void JwtSecurityTokenHandler_Extensibility() { DerivedJwtSecurityTokenHandler handler = new DerivedJwtSecurityTokenHandler() { DerivedTokenType = typeof(DerivedJwtSecurityToken) }; JwtSecurityToken jwt = new JwtSecurityToken ( issuer: Issuers.GotJwt, audience: Audiences.AuthFactors, claims: ClaimSets.Simple(Issuers.GotJwt, Issuers.GotJwt), signingCredentials: KeyingMaterial.DefaultSymmetricSigningCreds_256_Sha2, expires: DateTime.UtcNow + TimeSpan.FromHours(10), notBefore: DateTime.UtcNow ); string encodedJwt = handler.WriteToken(jwt); TokenValidationParameters tvp = new TokenValidationParameters() { IssuerSigningKey = KeyingMaterial.DefaultSymmetricSecurityKey_256, ValidateAudience = false, ValidIssuer = Issuers.GotJwt, }; ValidateDerived(encodedJwt, handler, tvp, ExpectedException.NoExceptionExpected); }
public void CreateAndValidateTokens_RoundTripTokens() { JwtSecurityTokenHandler handler = new JwtSecurityTokenHandler(); CreateAndValidateParams createAndValidateParams; string issuer = "issuer"; string originalIssuer = "originalIssuer"; createAndValidateParams = new CreateAndValidateParams { Case = "ClaimSets.DuplicateTypes", Claims = ClaimSets.DuplicateTypes(issuer, originalIssuer), CompareTo = IdentityUtilities.CreateJwtSecurityToken(issuer, originalIssuer, ClaimSets.DuplicateTypes(issuer, originalIssuer), null), ExceptionType = null, TokenValidationParameters = new TokenValidationParameters { RequireSignedTokens = false, ValidateAudience = false, ValidateLifetime = false, ValidateIssuer = false, } }; RunRoundTrip(createAndValidateParams, handler); createAndValidateParams = new CreateAndValidateParams { Case = "ClaimSets.Simple_simpleSigned_Asymmetric", Claims = ClaimSets.Simple(issuer, originalIssuer), CompareTo = IdentityUtilities.CreateJwtSecurityToken(issuer, originalIssuer, ClaimSets.Simple(issuer, originalIssuer), KeyingMaterial.DefaultX509SigningCreds_2048_RsaSha2_Sha2), ExceptionType = null, SigningCredentials = KeyingMaterial.DefaultX509SigningCreds_2048_RsaSha2_Sha2, SigningToken = KeyingMaterial.DefaultX509Token_2048, TokenValidationParameters = new TokenValidationParameters { ValidateAudience = false, IssuerSigningKey = new X509SecurityKey(KeyingMaterial.DefaultCert_2048), ValidIssuer = issuer, } }; RunRoundTrip(createAndValidateParams, handler); createAndValidateParams = new CreateAndValidateParams { Case = "ClaimSets.Simple_simpleSigned_Symmetric", Claims = ClaimSets.Simple(issuer, originalIssuer), CompareTo = IdentityUtilities.CreateJwtSecurityToken(issuer, originalIssuer, ClaimSets.Simple(issuer, originalIssuer), KeyingMaterial.DefaultSymmetricSigningCreds_256_Sha2), ExceptionType = null, SigningCredentials = KeyingMaterial.DefaultSymmetricSigningCreds_256_Sha2, SigningToken = KeyingMaterial.DefaultSymmetricSecurityToken_256, TokenValidationParameters = new TokenValidationParameters { ValidateAudience = false, IssuerSigningKey = KeyingMaterial.DefaultSymmetricSecurityKey_256, ValidIssuer = issuer, } }; RunRoundTrip(createAndValidateParams, handler); }
public static JwtSecurityToken Create(string issuer, string originalIssuer, SigningCredentials signingCredentials) { JwtPayload payload = new JwtPayload(issuer, "urn:uri", ClaimSets.Simple(issuer, originalIssuer), new Lifetime(DateTime.UtcNow, DateTime.UtcNow + TimeSpan.FromHours(10))); JwtHeader header = new JwtHeader(signingCredentials); return(new JwtSecurityToken(header, payload, header.Encode() + "." + payload.Encode() + ".")); }
public void JwtSecurityTokenHandler_Extensibility() { DerivedJwtSecurityTokenHandler handler = new DerivedJwtSecurityTokenHandler() { DerivedTokenType = typeof(DerivedJwtSecurityToken) }; JwtSecurityToken jwt = new JwtSecurityToken ( issuer: Issuers.GotJwt, audience: Audiences.AuthFactors, claims: ClaimSets.Simple(Issuers.GotJwt, Issuers.GotJwt), signingCredentials: KeyingMaterial.SymmetricSigningCreds_256_Sha2, lifetime: new Lifetime(DateTime.UtcNow, DateTime.UtcNow + TimeSpan.FromHours(10)) ); string encodedJwt = handler.WriteToken(jwt); JwtSecurityToken jwtReadAsDerived = handler.ReadToken(DerivedJwtSecurityToken.Prefix + encodedJwt) as JwtSecurityToken; DerivedJwtSecurityToken jwtDerivedNotValidated = jwtReadAsDerived as DerivedJwtSecurityToken; TokenValidationParameters tvp = new TokenValidationParameters() { SigningToken = KeyingMaterial.BinarySecretToken_256, AudienceUriMode = Selectors.AudienceUriMode.Never, ValidIssuer = Issuers.GotJwt, }; ValidateDerived(jwtReadAsDerived, null, handler, tvp, ExpectedException.Null); ValidateDerived(null, DerivedJwtSecurityToken.Prefix + encodedJwt, handler, tvp, ExpectedException.Null); handler.Configuration = new SecurityTokenHandlerConfiguration() { IssuerTokenResolver = new SetReturnSecurityTokenResolver(KeyingMaterial.BinarySecretToken_256, KeyingMaterial.SymmetricSecurityKey_256), SaveBootstrapContext = true, CertificateValidator = AlwaysSucceedCertificateValidator.New, IssuerNameRegistry = new SetNameIssuerNameRegistry(Audiences.AuthFactors), AudienceRestriction = new AudienceRestriction(AudienceUriMode.Always), }; handler.Configuration.AudienceRestriction.AllowedAudienceUris.Add(new Uri(Audiences.AuthFactors)); ValidateDerived(null, DerivedJwtSecurityToken.Prefix + encodedJwt, handler, null, ExpectedException.Null); ValidateDerived(handler.ReadToken(DerivedJwtSecurityToken.Prefix + encodedJwt) as JwtSecurityToken, null, handler, null, ExpectedException.Null); handler.DerivedTokenType = typeof(JwtSecurityToken); JwtSecurityToken jwtRead = handler.ReadToken(encodedJwt) as JwtSecurityToken; ValidateDerived(jwtRead, null, handler, tvp, ExpectedException.Null); ValidateDerived(null, encodedJwt, handler, tvp, ExpectedException.Null); ValidateDerived(null, encodedJwt, handler, null, ExpectedException.Null); ValidateDerived(jwtRead as JwtSecurityToken, null, handler, null, ExpectedException.Null); }
private List <JwtSecurityTokenTestVariation> GetJWTTypedConstructorsCases() { string issuer = "GetJWTTypedConstructorsCases"; List <JwtSecurityTokenTestVariation> constructionParams = new List <JwtSecurityTokenTestVariation>() { // ensure format is not format is not checked new JwtSecurityTokenTestVariation { Name = "SimpleJwt", Claims = ClaimSets.Simple(issuer, issuer), ExpectedJwtSecurityToken = JwtTestTokens.Simple(issuer, issuer), }, }; return(constructionParams); }
public static ClaimsIdentity Simple(string issuer, string originalIssuer) { return(new ClaimsIdentity(ClaimSets.Simple(issuer, originalIssuer))); }
public static JwtSecurityToken Simple(string issuer, string originalIssuer) { return(new JwtSecurityToken(issuer, "http://www.contoso.com", ClaimSets.Simple(issuer, originalIssuer))); }