public Task AuthenticateAsync(HttpAuthenticationContext context, CancellationToken cancellationToken)
{
AuthenticationHeaderValue authorization = context.Request.Headers.Authorization;
if (authorization != null && string.Equals(authorization.Scheme, "Bearer", StringComparison.OrdinalIgnoreCase))
{
string defaultKey = Util.GetDefaultKeyValue();
if (defaultKey != null)
{
var validationParameters = new TokenValidationParameters()
{
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(defaultKey)),
ValidateAudience = true,
ValidateIssuer = true,
ValidAudience = string.Format(AdminJwtValidAudienceFormat, Instance.GetSetting(AzureWebsiteName)),
ValidIssuer = string.Format(AdminJwtValidIssuerFormat, Instance.GetSetting(AzureWebsiteName))
};
if (JwtGenerator.IsTokenValid(authorization.Parameter, validationParameters))
{
context.Request.SetAuthorizationLevel(AuthorizationLevel.Admin);
}
}
}
return(Task.CompletedTask);
}
public void IssuedToken_WithDefaultValidation_SucceedsValidation()
{
using (var variables = new TestScopedEnvironmentVariable(Constants.AzureWebsiteLocalEncryptionKey, TestKeyValue))
{
var token = JwtGenerator.GenerateToken("testissuer", "testaudience");
bool result = JwtGenerator.IsTokenValid(token);
Assert.True(result);
}
}
public void IssuedToken_WithInvalidValues_FailsValidation()
{
using (var variables = new TestScopedEnvironmentVariable(Constants.AzureWebsiteLocalEncryptionKey, TestKeyValue))
{
var token = JwtGenerator.GenerateToken("testissuer", "testaudience");
var testParameters = new TokenValidationParameters()
{
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(TestKeyValue)),
ValidateIssuer = true,
ValidateAudience = true
};
bool result = JwtGenerator.IsTokenValid(token, testParameters);
Assert.False(result);
}
}