public void GenerateECSignedJWT() { var mockPrivateKeyConfiguration = TestCryptoKeys.GetMockECPrivateKeyConfiguration(); var configuration = new OktaClientConfiguration(); configuration.OktaDomain = "https://myOktaDomain.oktapreview.com"; configuration.AuthorizationMode = AuthorizationMode.PrivateKey; configuration.ClientId = "foo"; configuration.PrivateKey = mockPrivateKeyConfiguration; configuration.Scopes = new List <string> { "foo" }; var signedJwt = new DefaultJwtGenerator(configuration).GenerateSignedJWT(); // Verify signature with public key var claimsPrincipal = new JwtSecurityTokenHandler().ValidateToken( signedJwt, new TokenValidationParameters { ValidAudience = $"{configuration.OktaDomain}oauth2/v1/token", ValidIssuer = configuration.ClientId, IssuerSigningKey = TestCryptoKeys.GetMockECPublicKey(), }, out _); claimsPrincipal.Should().NotBeNull(); }
public async Task CanLoginAsAdminUsingFakeCredentials() { var response = await DoLoginUsingAdminCredentials(); response.EnsureSuccessStatusCode(); var accessToken = new JwtSecurityTokenHandler().ReadJwtToken(await GetAccessToken(response)); accessToken.Should().NotBeNull(); accessToken.Claims.Should().ContainSingle(c => c.Type == ClaimTypes.Role && c.Value == "Admin"); }
public async Task CanLoginRegularUserUsingFakeCredentials() { var rawResponse = await DoLoginUsingUserCredentials(); rawResponse.EnsureSuccessStatusCode(); var accessToken = new JwtSecurityTokenHandler().ReadJwtToken(await GetAccessToken(rawResponse)); accessToken.Should().NotBeNull(); accessToken.Claims.Should().NotContain(c => c.Type == ClaimTypes.Role && c.Value.Contains("Admin")); accessToken.ValidTo.Should().BeAfter(DateTime.UtcNow); }
public async Task DoesReturnJwt_GivenUserLogsInWithCorrectPassword() { var result = await Client.SendAuthenticationPostRequestAsync(SeedData.JohnSmithEmail, SeedData.EveryonesPassword); result.StatusCode.Should().Be(StatusCodes.Status200OK); var authenticateResult = await result.Content.ReadAsAsync <AuthenticateResult>(); authenticateResult.Jwt.Should().NotBeNull(); var jwt = new JwtSecurityTokenHandler().ReadJwtToken(authenticateResult.Jwt); jwt.Should().NotBeNull(); }