public void CreateAndValidateToken_WhenV2PublicToken_ExpectCorrectClaims() { const string expectedClaimType = "name"; const string expectedClaimValue = "scott"; const string issuer = "me"; const string audience = "you"; var signingCredentials = new SigningCredentials( new EdDsaSecurityKey(new Ed25519PrivateKeyParameters( Convert.FromBase64String("TYXei5+8Qd2ZqKIlEuJJ3S50WYuocFTrqK+3/gHVH9B2hpLtAgscF2c9QuWCzV9fQxal3XBqTXivXJPpp79vgw=="), 0)), ExtendedSecurityAlgorithms.EdDsa); var verificationKeys = new EdDsaSecurityKey(new Ed25519PublicKeyParameters(Convert.FromBase64String("doaS7QILHBdnPULlgs1fX0MWpd1wak14r1yT6ae/b4M="), 0)); var handler = new PasetoTokenHandler(); var token = handler.CreateToken(new PasetoSecurityTokenDescriptor(PasetoConstants.Versions.V2, PasetoConstants.Purposes.Public) { Issuer = issuer, Audience = audience, Claims = new Dictionary <string, object> { { expectedClaimType, expectedClaimValue } }, SigningCredentials = signingCredentials }); var result = handler.ValidateToken(token, new TokenValidationParameters { ValidIssuer = issuer, ValidAudience = audience, IssuerSigningKey = verificationKeys }); result.IsValid.Should().BeTrue(); result.ClaimsIdentity.HasClaim(expectedClaimType, expectedClaimValue).Should().BeTrue(); }
public void ValidateToken_V2_S_1() { const string token = "v2.public.eyJkYXRhIjoidGhpcyBpcyBhIHNpZ25lZCBtZXNzYWdlIiwiZXhwIjoiMjAxOS0wMS0wMVQwMDowMDowMCswMDowMCJ9HQr8URrGntTu7Dz9J2IF23d1M7-9lH9xiqdGyJNvzp4angPW5Esc7C5huy_M8I8_DjJK2ZXC2SUYuOFM-Q_5Cw"; const string publicKeyHex = "1eb9dbbbbc047c03fd70604e0071f0987e16b28b757225c11f00415d0e20b1a2"; // payload = {"data":"this is a signed message", "exp":"2019-01-01T00:00:00+00:00"} var handler = new PasetoTokenHandler(); var result = handler.ValidateToken(token, new TokenValidationParameters { ValidateIssuer = false, ValidateAudience = false, ValidateLifetime = false, IssuerSigningKey = new EdDsaSecurityKey(new Ed25519PublicKeyParameters(Base16.Decode(publicKeyHex), 0)) }); result.IsValid.Should().BeTrue(); }
public void ValidateToken_V2_S_2() { const string token = "v2.public.eyJkYXRhIjoidGhpcyBpcyBhIHNpZ25lZCBtZXNzYWdlIiwiZXhwIjoiMjAxOS0wMS0wMVQwMDowMDowMCswMDowMCJ9flsZsx_gYCR0N_Ec2QxJFFpvQAs7h9HtKwbVK2n1MJ3Rz-hwe8KUqjnd8FAnIJZ601tp7lGkguU63oGbomhoBw.eyJraWQiOiJ6VmhNaVBCUDlmUmYyc25FY1Q3Z0ZUaW9lQTlDT2NOeTlEZmdMMVc2MGhhTiJ9"; const string publicKeyHex = "1eb9dbbbbc047c03fd70604e0071f0987e16b28b757225c11f00415d0e20b1a2"; // payload = {"data":"this is a signed message", "exp":"2019-01-01T00:00:00+00:00"} // footer = {"kid":"zVhMiPBP9fRf2snEcT7gFTioeA9COcNy9DfgL1W60haN"} var handler = new PasetoTokenHandler(); var result = handler.ValidateToken(token, new TokenValidationParameters { ValidateIssuer = false, ValidateAudience = false, ValidateLifetime = false, IssuerSigningKey = new EdDsaSecurityKey(new Ed25519PublicKeyParameters(Base16.Decode(publicKeyHex), 0)) }); result.IsValid.Should().BeTrue(); }
public void ValidateToken_V1_S_2() { const string token = "v1.public.eyJkYXRhIjoidGhpcyBpcyBhIHNpZ25lZCBtZXNzYWdlIiw" + "iZXhwIjoiMjAxOS0wMS0wMVQwMDowMDowMCswMDowMCJ9sBTIb0J_4mis" + "AuYc4-6P5iR1rQighzktpXhJ8gtrrp2MqSSDkbb8q5WZh3FhUYuW_rg2X" + "8aflDlTWKAqJkM3otjYwtmfwfOhRyykxRL2AfmIika_A-_MaLp9F0iw4S" + "1JetQQDV8GUHjosd87TZ20lT2JQLhxKjBNJSwWue8ucGhTgJcpOhXcthq" + "az7a2yudGyd0layzeWziBhdQpoBR6ryTdtIQX54hP59k3XCIxuYbB9qJM" + "pixiPAEKBcjHT74sA-uukug9VgKO7heWHwJL4Rl9ad21xyNwaxAnwAJ7C" + "0fN5oGv8Rl0dF11b3tRmsmbDoIokIM0Dba29x_T3YzOyg.eyJraWQiOiJ" + "kWWtJU3lseFFlZWNFY0hFTGZ6Rjg4VVpyd2JMb2xOaUNkcHpVSEd3OVVx" + "biJ9"; const string pem = "-----BEGIN PUBLIC KEY-----\n" + "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyaTgTt53ph3p\n" + "5GHgwoGWwz5hRfWXSQA08NCOwe0FEgALWos9GCjNFCd723nCHxBtN1qd\n" + "74MSh/uN88JPIbwxKheDp4kxo4YMN5trPaF0e9G6Bj1N02HnanxFLW+g\n" + "mLbgYO/SZYfWF/M8yLBcu5Y1Ot0ZxDDDXS9wIQTtBE0ne3YbxgZJAZTU\n" + "5XqyQ1DxdzYyC5lF6yBaR5UQtCYTnXAApVRuUI2Sd6L1E2vl9bSBumZ5\n" + "IpNxkRnAwIMjeTJB/0AIELh0mE5vwdihOCbdV6alUyhKC1+1w/FW6HWc\n" + "p/JG1kKC8DPIidZ78Bbqv9YFzkAbNni5eSBOsXVBKG78Zsc8owIDAQAB\n" + "-----END PUBLIC KEY-----"; // {"data":"this is a signed message", "exp":"2019-01-01T00:00:00+00:00"} // footer = {"kid":"dYkISylxQeecEcHELfzF88UZrwbLolNiCdpzUHGw9Uqn"} var reader = new PemReader(new StringReader(pem)); var pemObject = (RsaKeyParameters)reader.ReadObject(); var rsaKey = RSA.Create(DotNetUtilities.ToRSAParameters(pemObject)); var handler = new PasetoTokenHandler(); var result = handler.ValidateToken(token, new TokenValidationParameters { ValidateIssuer = false, ValidateAudience = false, ValidateLifetime = false, IssuerSigningKey = new RsaSecurityKey(rsaKey) }); result.IsValid.Should().BeTrue(); }
public void ValidateToken_V1_S_1() { const string token = "v1.public.eyJkYXRhIjoidGhpcyBpcyBhIHNpZ25lZCBtZXNzYWdlIiw" + "iZXhwIjoiMjAxOS0wMS0wMVQwMDowMDowMCswMDowMCJ9cIZKahKeGM5k" + "iAS_4D70Qbz9FIThZpxetJ6n6E6kXP_119SvQcnfCSfY_gG3D0Q2v7FEt" + "m2Cmj04lE6YdgiZ0RwA41WuOjXq7zSnmmHK9xOSH6_2yVgt207h1_LphJ" + "zVztmZzq05xxhZsV3nFPm2cCu8oPceWy-DBKjALuMZt_Xj6hWFFie96Sf" + "Q6i85lOsTX8Kc6SQaG-3CgThrJJ6W9DC-YfQ3lZ4TJUoY3QNYdtEgAvp1" + "QuWWK6xmIb8BwvkBPej5t88QUb7NcvZ15VyNw3qemQGn2ITSdpdDgwMtp" + "flZOeYdtuxQr1DSGO2aQyZl7s0WYn1IjdQFx6VjSQ4yfw"; const string pem = "-----BEGIN PUBLIC KEY-----\n" + "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyaTgTt53ph3p\n" + "5GHgwoGWwz5hRfWXSQA08NCOwe0FEgALWos9GCjNFCd723nCHxBtN1qd\n" + "74MSh/uN88JPIbwxKheDp4kxo4YMN5trPaF0e9G6Bj1N02HnanxFLW+g\n" + "mLbgYO/SZYfWF/M8yLBcu5Y1Ot0ZxDDDXS9wIQTtBE0ne3YbxgZJAZTU\n" + "5XqyQ1DxdzYyC5lF6yBaR5UQtCYTnXAApVRuUI2Sd6L1E2vl9bSBumZ5\n" + "IpNxkRnAwIMjeTJB/0AIELh0mE5vwdihOCbdV6alUyhKC1+1w/FW6HWc\n" + "p/JG1kKC8DPIidZ78Bbqv9YFzkAbNni5eSBOsXVBKG78Zsc8owIDAQAB\n" + "-----END PUBLIC KEY-----"; // payload = "{ data: \"this is a signed message\", exp: \"2019-01-01T00:00:00+00:00\" }"; var reader = new PemReader(new StringReader(pem)); var pemObject = (RsaKeyParameters)reader.ReadObject(); var rsaKey = RSA.Create(DotNetUtilities.ToRSAParameters(pemObject)); var handler = new PasetoTokenHandler(); var result = handler.ValidateToken(token, new TokenValidationParameters { ValidateIssuer = false, ValidateAudience = false, ValidateLifetime = false, IssuerSigningKey = new RsaSecurityKey(rsaKey) }); result.IsValid.Should().BeTrue(); }
public void ValidateToken_WhenTokenIsNullOrWhitespace_ExpectFailureWithArgumentNullException(string token) { var result = sut.ValidateToken(token, new TokenValidationParameters()); result.IsValid.Should().BeFalse(); result.Exception.Should().BeOfType <ArgumentNullException>(); }