public void ReadAndValidateSymmetric_ValidTokenAndInvalidAudience_ShouldThrowSecurityTokenInvalidAudienceException() { // GIVEN a valid JWT reader, JWT and and invalid audience var jwt = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzb21lLWNsYWltLWludCI6MTIzNDU2LCJzb21lLWNsYWltLWJvb2wiOmZhbHNlLCJzb21lLWNsYWltLWFycmF5IjpbIml0ZW0xIiwiaXRlbTIiXSwiZXhwIjoyNTM0MDIzMDA4MDAsImlzcyI6InNvbWUtaXNzdWVyIiwiYXVkIjoic29tZS1hdWRpZW5jZSJ9.jGjRCItE2n42ZUu7h4GzH-oT8n1Y5wjzs73NYQUcmJk"; var sut = new JWTReader(); var issuer = "some-issuer"; var audience = "some-other-audience"; var sharedKey = "b7vUtYUvmR46ifoddrccuWCHeRMfm2qw"; var validationParameters = new ValidationParameters { ValidIssuer = issuer, ValidAudience = audience, ValidateLifetime = false }; // WHEN reading and validating it Action act = () => sut.ReadAndValidateSymmetric(jwt, validationParameters, sharedKey); // THEN it should throw SecurityTokenInvalidAudienceException act.Should().Throw <SecurityTokenInvalidAudienceException>(); }
public void ReadAndValidateSymmetric_ExpiredToken_ShouldThrowSecurityTokenExpiredException() { // GIVEN a valid JWT reader and an expired JWT var sut = new JWTReader(); var issuer = "some-issuer"; var audience = "some-audience"; var sharedKey = "b7vUtYUvmR46ifoddrccuWCHeRMfm2qw"; var jwt = new JWTWriter().WriteSymmetric(issuer, audience, DateTime.UtcNow.AddDays(-10), sharedKey, null); var validationParameters = new ValidationParameters { ValidateLifetime = true }; // WHEN reading and validating it Action act = () => sut.ReadAndValidateSymmetric(jwt, validationParameters, sharedKey); // THEN it should throw SecurityTokenExpiredException act.Should().Throw <SecurityTokenExpiredException>(); }
public void ReadAndValidateSymmetric_ValidTokenAndValidKey_ShouldReturnAMapWithClaims() { // GIVEN a valid JWT reader and JWT var jwt = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzb21lLWNsYWltLWludCI6MTIzNDU2LCJzb21lLWNsYWltLWJvb2wiOmZhbHNlLCJzb21lLWNsYWltLWFycmF5IjpbIml0ZW0xIiwiaXRlbTIiXSwiZXhwIjoyNTM0MDIzMDA4MDAsImlzcyI6InNvbWUtaXNzdWVyIiwiYXVkIjoic29tZS1hdWRpZW5jZSJ9.jGjRCItE2n42ZUu7h4GzH-oT8n1Y5wjzs73NYQUcmJk"; var sut = new JWTReader(); var issuer = "some-issuer"; var audience = "some-audience"; var sharedKey = "b7vUtYUvmR46ifoddrccuWCHeRMfm2qw"; var validationParameters = new ValidationParameters { ValidIssuer = issuer, ValidAudience = audience, ValidateLifetime = false }; // WHEN reading and validating it var claimMap = sut.ReadAndValidateSymmetric(jwt, validationParameters, sharedKey); // THEN it should contain the expected claims claimMap.Should().NotBeNull().And.NotBeEmpty(); claimMap.Should().ContainKey("iss").WhichValue.Should().Be(issuer); claimMap.Should().ContainKey("aud").WhichValue.Should().Be(audience); claimMap.Should().ContainKey("some-claim-int").WhichValue.Should().Be(123456); claimMap.Should().ContainKey("some-claim-bool").WhichValue.Should().Be(false); claimMap.Should().ContainKey("some-claim-array").WhichValue.Should().BeAssignableTo <IEnumerable>() .Subject.Should().Contain(new string[] { "item1", "item2" }); }