private static void ValidateSwtToken(string tokenString) { var configuration = new SecurityTokenHandlerConfiguration(); var validationKey = new InMemorySymmetricSecurityKey(Convert.FromBase64String(signingKey)); // audience validation configuration.AudienceRestriction.AllowedAudienceUris.Add(new Uri(realm)); // signature & issuer validation var resolverTable = new Dictionary<string, IList<SecurityKey>> { { issuerUri, new SecurityKey[] { validationKey } } }; configuration.IssuerTokenResolver = new NamedKeyIssuerTokenResolver(resolverTable); var handler = new SimpleWebTokenHandler(); handler.Configuration = configuration; var token = handler.ReadToken(tokenString); var ids = handler.ValidateToken(token); "\n\nValidated Claims:".ConsoleYellow(); foreach (var claim in ids.First().Claims) { Console.WriteLine("{0}\n {1}\n", claim.Type, claim.Value); } }
public void CreateTokenAndParseEncodedMultipleClaims() { var handler = new SimpleWebTokenHandler(); byte[] key = GetKey(); var token = this.CreateToken(key); var tokenString = TokenToString(token); var signedToken = handler.ReadToken(new XmlTextReader(new StringReader(tokenString))); handler.Configuration = new SecurityTokenHandlerConfiguration(); var symmetricKey = new InMemorySymmetricSecurityKey(key); handler.Configuration.AudienceRestriction.AllowedAudienceUris.Add( new Uri("http://audience")); var resolverTable = new Dictionary<string, IList<SecurityKey>> { { "http://issuer", new SecurityKey[] { symmetricKey } } }; handler.Configuration.IssuerTokenResolver = new NamedKeyIssuerTokenResolver(resolverTable); var ids = handler.ValidateToken(signedToken); var id = ids.FirstOrDefault(); Assert.IsNotNull(id); var testClaims = GetClaims(); Assert.IsTrue(id.Claims.Count() == 3); Assert.IsTrue(id.HasClaim(testClaims[0].Type, testClaims[0].Value)); Assert.IsTrue(id.HasClaim(testClaims[1].Type, testClaims[1].Value)); Assert.IsTrue(id.HasClaim(testClaims[2].Type, testClaims[2].Value)); }
private SimpleWebToken ResponseToSimpleWebToken(string response) { var tokenString = Uri.UnescapeDataString( response.Split('&') .Single(value => value.StartsWith("wrap_access_token=", StringComparison.OrdinalIgnoreCase)) .Split('=')[1]); var handler = new SimpleWebTokenHandler(); var swt = handler.ReadToken(tokenString) as SimpleWebToken; return swt; }
public void CreateTokenAndParseEncodedMultipleClaims() { var handler = new SimpleWebTokenHandler(); string key; var token = this.GetToken(out key); var tokenString = TokenToString(token); var signedToken = handler.ReadToken(new XmlTextReader(new StringReader(tokenString))); handler.Configuration = new SecurityTokenHandlerConfiguration(); var registry = new WebTokenIssuerNameRegistry(); //I think there is currently a bug in this issuer as this really doesn't make sense to me registry.AddTrustedIssuer("http://www.thinktecture.com", "TestIssuerName"); handler.Configuration.IssuerNameRegistry = registry; handler.Configuration.AudienceRestriction.AllowedAudienceUris.Add(new Uri("https://www.thinktecture.com/")); var tokenResolver = new WebTokenIssuerTokenResolver(); tokenResolver.AddSigningKey("http://www.thinktecture.com", key); handler.Configuration.IssuerTokenResolver = tokenResolver; var claims = handler.ValidateToken(signedToken); Assert.IsTrue(claims[0].Claims.Count == 3); Assert.IsTrue(claims[0].Claims[0].Value == this.Claims()[0].Value); Assert.IsTrue(claims[0].Claims[1].Value == this.Claims()[1].Value); Assert.IsTrue(claims[0].Claims[2].Value == this.Claims()[2].Value); }