public static TheoryData <OpenIdConnectTheoryData> OpenIdConnectTheoryData()
 {
     return(new TheoryData <OpenIdConnectTheoryData>()
     {
         new OpenIdConnectTheoryData
         {
             OpenIdConnectMetadataFileName = OpenIdConfigData.OpenIdConnectMetadataFileEnd2End,
             SigningCredentials = new SigningCredentials(
                 KeyingMaterial.RsaSecurityKey_2048,
                 SecurityAlgorithms.RsaSha256
                 ),
             TestId = "validRS256"
         },
         new OpenIdConnectTheoryData
         {
             OpenIdConnectMetadataFileName = OpenIdConfigData.OpenIdConnectMetadataFileEnd2EndEC,
             SigningCredentials = new SigningCredentials(
                 KeyingMaterial.JsonWebKeyP256,
                 SecurityAlgorithms.EcdsaSha256
                 ),
             TestId = "validES256"
         },
         new OpenIdConnectTheoryData
         {
             OpenIdConnectMetadataFileName = OpenIdConfigData.OpenIdConnectMetadataFileEnd2EndEC,
             SigningCredentials = new SigningCredentials(
                 KeyingMaterial.JsonWebKeyP384,
                 SecurityAlgorithms.EcdsaSha384
                 ),
             TestId = "validES384"
         },
         new OpenIdConnectTheoryData
         {
             OpenIdConnectMetadataFileName = OpenIdConfigData.OpenIdConnectMetadataFileEnd2EndEC,
             SigningCredentials = new SigningCredentials(
                 KeyingMaterial.JsonWebKeyP521,
                 SecurityAlgorithms.EcdsaSha512
                 ),
             TestId = "validES521"
         },
         new OpenIdConnectTheoryData
         {
             OpenIdConnectMetadataFileName = OpenIdConfigData.OpenIdConnectMetadataFileEnd2EndEC,
             SigningCredentials = new SigningCredentials(
                 KeyingMaterial.Ecdsa384Key,
                 SecurityAlgorithms.EcdsaSha384
                 ),
             ExpectedException = ExpectedException.SecurityTokenSignatureKeyNotFoundException(),
             TestId = "Ecdsa384KeyNotPartOfJWKS"
         }
     });
 }
예제 #2
0
        public static TheoryData <string, string, TokenValidationParameters, JwtPayload, ExpectedException> CreationJWEParams()
        {
            var        theoryData      = new TheoryData <string, string, TokenValidationParameters, JwtPayload, ExpectedException>();
            JwtPayload expectedPayload = new JwtPayload(ClaimSets.DefaultClaimsAsCreatedInPayload());

            theoryData.Add(
                "Test1",
                EncodedJwts.JweTest1,
                Default.SymmetricEncyptSignInfiniteLifetimeTokenValidationParameters,
                expectedPayload,
                ExpectedException.NoExceptionExpected
                );

            theoryData.Add(
                "Test2",
                EncodedJwts.JweTest2,
                Default.SymmetricEncyptSignInfiniteLifetimeTokenValidationParameters,
                expectedPayload,
                ExpectedException.NoExceptionExpected
                );

            // signing key not found
            theoryData.Add(
                "Test3",
                EncodedJwts.JweTest3,
                new TokenValidationParameters
            {
                IssuerSigningKey   = NotDefault.SymmetricSigningKey256,
                TokenDecryptionKey = Default.SymmetricEncryptionKey256,
                ValidateLifetime   = false
            },
                expectedPayload,
                ExpectedException.SecurityTokenSignatureKeyNotFoundException("IDX10501:")
                );

            // encryption key not found
            theoryData.Add(
                "Test4",
                EncodedJwts.JweTest4,
                new TokenValidationParameters
            {
                IssuerSigningKey   = Default.SymmetricSigningKey256,
                TokenDecryptionKey = NotDefault.SymmetricEncryptionKey,
                ValidateLifetime   = false
            },
                expectedPayload,
                ExpectedException.SecurityTokenDecryptionFailedException("IDX10609:")
                );

            return(theoryData);
        }
예제 #3
0
        public static TheoryData <string, SecurityTokenDescriptor, TokenValidationParameters, ExpectedException> RoundTripJWEParams()
        {
            var theoryData = new TheoryData <string, SecurityTokenDescriptor, TokenValidationParameters, ExpectedException>();

            theoryData.Add(
                "Test1",
                Default.SymmetricEncryptSignSecurityTokenDescriptor(),
                Default.SymmetricEncyptSignTokenValidationParameters,
                ExpectedException.NoExceptionExpected
                );

            theoryData.Add(
                "Test2",
                Default.SecurityTokenDescriptor(Default.SymmetricEncryptingCredentials, Default.SymmetricSigningCredentials, ClaimSets.DefaultClaims),
                Default.TokenValidationParameters(Default.SymmetricEncryptionKey256, Default.SymmetricSigningKey256),
                ExpectedException.NoExceptionExpected
                );

            // signing key not found
            theoryData.Add(
                "Test3",
                Default.SymmetricEncryptSignSecurityTokenDescriptor(),
                new TokenValidationParameters
            {
                IssuerSigningKey   = NotDefault.SymmetricSigningKey256,
                TokenDecryptionKey = Default.SymmetricEncryptionKey256,
            },
                ExpectedException.SecurityTokenSignatureKeyNotFoundException("IDX10501:")
                );

            // encryption key not found
            theoryData.Add(
                "Test4",
                Default.SymmetricEncryptSignSecurityTokenDescriptor(),
                new TokenValidationParameters
            {
                IssuerSigningKey   = Default.SymmetricSigningKey256,
                TokenDecryptionKey = NotDefault.SymmetricEncryptionKey,
            },
                ExpectedException.SecurityTokenDecryptionFailedException("IDX10609:")
                );

            return(theoryData);
        }
예제 #4
0
        public static TheoryData <string, SecurityTokenDescriptor, TokenValidationParameters, ExpectedException> RoundTripJWEParams()
        {
            var theoryData = new TheoryData <string, SecurityTokenDescriptor, TokenValidationParameters, ExpectedException>();

            theoryData.Add(
                "Test1",
                Default.SymmetricEncryptSignSecurityTokenDescriptor(),
                Default.SymmetricEncryptSignTokenValidationParameters,
                ExpectedException.NoExceptionExpected
                );

            theoryData.Add(
                "Test2",
                Default.SecurityTokenDescriptor(Default.SymmetricEncryptingCredentials, Default.SymmetricSigningCredentials, ClaimSets.DefaultClaims),
                Default.TokenValidationParameters(Default.SymmetricEncryptionKey256, Default.SymmetricSigningKey256),
                ExpectedException.NoExceptionExpected
                );

            var encryptingCredentials = new EncryptingCredentials(KeyingMaterial.RsaSecurityKey_2048, SecurityAlgorithms.RsaPKCS1, SecurityAlgorithms.Aes128CbcHmacSha256);

            theoryData.Add(
                "Test3",
                Default.SecurityTokenDescriptor(encryptingCredentials, Default.SymmetricSigningCredentials, ClaimSets.DefaultClaims),
                Default.TokenValidationParameters(KeyingMaterial.RsaSecurityKey_2048, Default.SymmetricSigningKey256),
                ExpectedException.NoExceptionExpected
                );

            encryptingCredentials = new EncryptingCredentials(KeyingMaterial.RsaSecurityKey_2048, SecurityAlgorithms.RsaPKCS1, SecurityAlgorithms.Aes192CbcHmacSha384);
            theoryData.Add(
                "RsaPKCS1-Aes192CbcHmacSha384",
                Default.SecurityTokenDescriptor(encryptingCredentials, Default.SymmetricSigningCredentials, ClaimSets.DefaultClaims),
                Default.TokenValidationParameters(KeyingMaterial.RsaSecurityKey_2048, Default.SymmetricSigningKey256),
                ExpectedException.NoExceptionExpected
                );

            encryptingCredentials = new EncryptingCredentials(KeyingMaterial.RsaSecurityKey_2048, SecurityAlgorithms.RsaPKCS1, SecurityAlgorithms.Aes256CbcHmacSha512);
            theoryData.Add(
                "RsaPKCS1-Aes256CbcHmacSha512",
                Default.SecurityTokenDescriptor(encryptingCredentials, Default.SymmetricSigningCredentials, ClaimSets.DefaultClaims),
                Default.TokenValidationParameters(KeyingMaterial.RsaSecurityKey_2048, Default.SymmetricSigningKey256),
                ExpectedException.NoExceptionExpected
                );

            encryptingCredentials = new EncryptingCredentials(KeyingMaterial.RsaSecurityKey_2048, SecurityAlgorithms.RsaOAEP, SecurityAlgorithms.Aes128CbcHmacSha256);
            theoryData.Add(
                "RsaOAEP-Aes128CbcHmacSha256",
                Default.SecurityTokenDescriptor(encryptingCredentials, Default.SymmetricSigningCredentials, ClaimSets.DefaultClaims),
                Default.TokenValidationParameters(KeyingMaterial.RsaSecurityKey_2048, Default.SymmetricSigningKey256),
                ExpectedException.NoExceptionExpected
                );

            encryptingCredentials = new EncryptingCredentials(KeyingMaterial.RsaSecurityKey_2048, SecurityAlgorithms.RsaOAEP, SecurityAlgorithms.Aes192CbcHmacSha384);
            theoryData.Add(
                "RsaOAEP-Aes192CbcHmacSha384",
                Default.SecurityTokenDescriptor(encryptingCredentials, Default.SymmetricSigningCredentials, ClaimSets.DefaultClaims),
                Default.TokenValidationParameters(KeyingMaterial.RsaSecurityKey_2048, Default.SymmetricSigningKey256),
                ExpectedException.NoExceptionExpected
                );

            encryptingCredentials = new EncryptingCredentials(KeyingMaterial.RsaSecurityKey_2048, SecurityAlgorithms.RsaOAEP, SecurityAlgorithms.Aes256CbcHmacSha512);
            theoryData.Add(
                "RsaOAEP-Aes256CbcHmacSha512",
                Default.SecurityTokenDescriptor(encryptingCredentials, Default.SymmetricSigningCredentials, ClaimSets.DefaultClaims),
                Default.TokenValidationParameters(KeyingMaterial.RsaSecurityKey_2048, Default.SymmetricSigningKey256),
                ExpectedException.NoExceptionExpected
                );

            encryptingCredentials = new EncryptingCredentials(KeyingMaterial.RsaSecurityKey_2048, SecurityAlgorithms.RsaOaepKeyWrap, SecurityAlgorithms.Aes128CbcHmacSha256);
            theoryData.Add(
                "RsaOaepKeyWrap-Aes128CbcHmacSha256",
                Default.SecurityTokenDescriptor(encryptingCredentials, Default.SymmetricSigningCredentials, ClaimSets.DefaultClaims),
                Default.TokenValidationParameters(KeyingMaterial.RsaSecurityKey_2048, Default.SymmetricSigningKey256),
                ExpectedException.NoExceptionExpected
                );

            encryptingCredentials = new EncryptingCredentials(KeyingMaterial.RsaSecurityKey_2048, SecurityAlgorithms.RsaOaepKeyWrap, SecurityAlgorithms.Aes192CbcHmacSha384);
            theoryData.Add(
                "RsaOaepKeyWrap-Aes192CbcHmacSha384",
                Default.SecurityTokenDescriptor(encryptingCredentials, Default.SymmetricSigningCredentials, ClaimSets.DefaultClaims),
                Default.TokenValidationParameters(KeyingMaterial.RsaSecurityKey_2048, Default.SymmetricSigningKey256),
                ExpectedException.NoExceptionExpected
                );

            encryptingCredentials = new EncryptingCredentials(KeyingMaterial.RsaSecurityKey_2048, SecurityAlgorithms.RsaOaepKeyWrap, SecurityAlgorithms.Aes256CbcHmacSha512);
            theoryData.Add(
                "RsaOaepKeyWrap-Aes256CbcHmacSha512",
                Default.SecurityTokenDescriptor(encryptingCredentials, Default.SymmetricSigningCredentials, ClaimSets.DefaultClaims),
                Default.TokenValidationParameters(KeyingMaterial.RsaSecurityKey_2048, Default.SymmetricSigningKey256),
                ExpectedException.NoExceptionExpected
                );

            // signing key not found
            theoryData.Add(
                "SigningKey-Not-Found",
                Default.SymmetricEncryptSignSecurityTokenDescriptor(),
                new TokenValidationParameters
            {
                IssuerSigningKey   = NotDefault.SymmetricSigningKey256,
                TokenDecryptionKey = Default.SymmetricEncryptionKey256,
            },
                ExpectedException.SecurityTokenSignatureKeyNotFoundException("IDX10501:")
                );

            // encryption key not found
            theoryData.Add(
                "EncryptionKey-Not-Found",
                Default.SymmetricEncryptSignSecurityTokenDescriptor(),
                new TokenValidationParameters
            {
                IssuerSigningKey   = Default.SymmetricSigningKey256,
                TokenDecryptionKey = NotDefault.SymmetricEncryptionKey,
            },
                ExpectedException.SecurityTokenDecryptionFailedException("IDX10603:")
                );

            // symmetric key wrap
            encryptingCredentials = new EncryptingCredentials(KeyingMaterial.SymmetricSecurityKey2_128, SecurityAlgorithms.Aes128KW, SecurityAlgorithms.Aes128CbcHmacSha256);
            theoryData.Add(
                "SymmetricSecurityKey2_128-Aes128KW-Aes128CbcHmacSha256",
                Default.SecurityTokenDescriptor(encryptingCredentials, Default.SymmetricSigningCredentials, ClaimSets.DefaultClaims),
                Default.TokenValidationParameters(KeyingMaterial.SymmetricSecurityKey2_128, Default.SymmetricSigningKey256),
                ExpectedException.NoExceptionExpected
                );

            encryptingCredentials = new EncryptingCredentials(Default.SymmetricEncryptionKey256, SecurityAlgorithms.Aes256KW, SecurityAlgorithms.Aes128CbcHmacSha256);
            theoryData.Add(
                "SymmetricEncryptionKey256-Aes256KW-Aes128CbcHmacSha256",
                Default.SecurityTokenDescriptor(encryptingCredentials, Default.SymmetricSigningCredentials, ClaimSets.DefaultClaims),
                Default.TokenValidationParameters(Default.SymmetricEncryptionKey256, Default.SymmetricSigningKey256),
                ExpectedException.NoExceptionExpected
                );

            encryptingCredentials = new EncryptingCredentials(KeyingMaterial.RsaSecurityKey_2048, SecurityAlgorithms.RsaOaepKeyWrap, SecurityAlgorithms.Aes192CbcHmacSha384);
            theoryData.Add(
                "RsaOaepKeyWrap-Aes192CbcHmacSha384",
                Default.SecurityTokenDescriptor(encryptingCredentials, Default.SymmetricSigningCredentials, ClaimSets.DefaultClaims),
                Default.TokenValidationParameters(KeyingMaterial.RsaSecurityKey_2048, Default.SymmetricSigningKey256),
                ExpectedException.NoExceptionExpected
                );

            return(theoryData);
        }