void IMutateOutgoingTransportMessages.MutateOutgoing(object[] messages, TransportMessage transportMessage)
{
if (transportMessage.Headers.ContainsKey(SecurityTokenKey))
transportMessage.Headers.Remove(SecurityTokenKey);
var claimsPrincipal = Thread.CurrentPrincipal as IClaimsPrincipal;
if (claimsPrincipal == null) return;
var bootstrapToken = claimsPrincipal.Identities[0].BootstrapToken;
var handler = new Saml2SecurityTokenHandler(new SamlSecurityTokenRequirement());
var stringBuilder = new StringBuilder();
using (var writer = XmlWriter.Create(stringBuilder))
{
handler.WriteToken(writer, bootstrapToken);
}
var serializedToken = stringBuilder.ToString();
transportMessage.Headers.Add(SecurityTokenKey, serializedToken);
}
private static void AddWaSignInVariation(IList <Claim> claims, string variation, TheoryData <WsFederationSigninMessageTheoryData> theoryData)
{
var samlToken = CreateSamlToken(claims);
var samlSecurityTokenHandler = new SamlSecurityTokenHandler();
theoryData.Add(new WsFederationSigninMessageTheoryData
{
QueryString = WsFederationTestUtilities.BuildWaSignInMessage(samlToken, samlSecurityTokenHandler, "saml1" + variation),
SecurityToken = samlToken,
SecurityTokenHandler = samlSecurityTokenHandler,
TestId = "Saml1WriteToken" + variation
});
theoryData.Add(new WsFederationSigninMessageTheoryData
{
QueryString = WsFederationTestUtilities.BuildWaSignInMessage(samlSecurityTokenHandler.WriteToken(samlToken), "saml1" + variation),
SecurityToken = samlToken,
SecurityTokenHandler = samlSecurityTokenHandler,
TestId = "Saml1SetToken" + variation
});
// this results in %0D in the query string
var saml = samlSecurityTokenHandler.WriteToken(samlToken).Replace("
", "\r");
theoryData.Add(new WsFederationSigninMessageTheoryData
{
QueryString = WsFederationTestUtilities.BuildWaSignInMessage(saml, "saml1" + variation),
SecurityToken = samlToken,
SecurityTokenHandler = samlSecurityTokenHandler,
TestId = "Saml1SetTokenReplace" + variation
});
var saml2Token = CreateSaml2Token(claims);
var saml2SecurityTokenHandler = new Saml2SecurityTokenHandler();
theoryData.Add(new WsFederationSigninMessageTheoryData
{
QueryString = WsFederationTestUtilities.BuildWaSignInMessage(saml2Token, saml2SecurityTokenHandler, "saml2" + variation),
SecurityToken = saml2Token,
SecurityTokenHandler = saml2SecurityTokenHandler,
TestId = "Saml2WriteToken" + variation
});
theoryData.Add(new WsFederationSigninMessageTheoryData
{
QueryString = WsFederationTestUtilities.BuildWaSignInMessage(saml2SecurityTokenHandler.WriteToken(saml2Token), "saml2" + variation),
SecurityToken = saml2Token,
SecurityTokenHandler = saml2SecurityTokenHandler,
TestId = "Saml2SetToken" + variation
});
// this results in %0D in the query string
var saml2 = saml2SecurityTokenHandler.WriteToken(saml2Token).Replace("
", "\r");
theoryData.Add(new WsFederationSigninMessageTheoryData
{
QueryString = WsFederationTestUtilities.BuildWaSignInMessage(saml2, "saml2" + variation),
SecurityToken = saml2Token,
SecurityTokenHandler = saml2SecurityTokenHandler,
TestId = "Saml2SetTokenReplace" + variation
});
}
private void RunValidationTests(SecurityTokenDescriptor tokenDescriptor, SecurityToken securityToken, SecurityKey key, int iterations, bool display = true)
{
// Create jwts using wif
// Create Saml2 tokens
// Create Saml tokens
DateTime started;
string validating = "Validating, signed: '{0}', '{1}' Tokens. Time: '{2}'";
SetReturnSecurityTokenResolver str = new Test.SetReturnSecurityTokenResolver(securityToken, key);
SecurityTokenHandlerConfiguration tokenHandlerConfiguration = new SecurityTokenHandlerConfiguration()
{
IssuerTokenResolver = str,
SaveBootstrapContext = true,
CertificateValidator = AlwaysSucceedCertificateValidator.New,
AudienceRestriction = new AudienceRestriction(AudienceUriMode.Never),
IssuerNameRegistry = new SetNameIssuerNameRegistry(Issuers.GotJwt),
};
Saml2SecurityTokenHandler samlTokenHandler = new Saml2SecurityTokenHandler();
Saml2SecurityToken token = samlTokenHandler.CreateToken(tokenDescriptor) as Saml2SecurityToken;
StringBuilder sb = new StringBuilder();
XmlWriter writer = XmlWriter.Create(sb);
samlTokenHandler.WriteToken(writer, token);
writer.Flush();
writer.Close();
string tokenXml = sb.ToString();
samlTokenHandler.Configuration = tokenHandlerConfiguration;
started = DateTime.UtcNow;
for (int i = 0; i < iterations; i++)
{
StringReader sr = new StringReader(tokenXml);
XmlDictionaryReader reader = XmlDictionaryReader.CreateDictionaryReader(XmlReader.Create(sr));
reader.MoveToContent();
SecurityToken saml2Token = samlTokenHandler.ReadToken(reader);
samlTokenHandler.ValidateToken(saml2Token);
}
if (display)
{
Console.WriteLine(string.Format(validating, "Saml2SecurityTokenHandler", iterations, DateTime.UtcNow - started));
}
JwtSecurityTokenHandler jwtTokenHandler = new JwtSecurityTokenHandler();
JwtSecurityToken jwt = jwtTokenHandler.CreateToken(tokenDescriptor) as JwtSecurityToken;
jwtTokenHandler.Configuration = tokenHandlerConfiguration;
started = DateTime.UtcNow;
for (int i = 0; i < iterations; i++)
{
jwtTokenHandler.ValidateToken(jwt.RawData);
}
if (display)
{
Console.WriteLine(string.Format(validating, "JwtSecurityTokenHandle - ValidateToken( jwt.RawData )", iterations, DateTime.UtcNow - started));
}
jwt = jwtTokenHandler.CreateToken(tokenDescriptor) as JwtSecurityToken;
sb = new StringBuilder();
writer = XmlWriter.Create(sb);
jwtTokenHandler.WriteToken(writer, jwt);
writer.Flush();
writer.Close();
tokenXml = sb.ToString();
started = DateTime.UtcNow;
for (int i = 0; i < iterations; i++)
{
StringReader sr = new StringReader(tokenXml);
XmlDictionaryReader reader = XmlDictionaryReader.CreateDictionaryReader(XmlReader.Create(sr));
reader.MoveToContent();
SecurityToken jwtToken = jwtTokenHandler.ReadToken(reader);
jwtTokenHandler.ValidateToken(jwtToken);
}
if (display)
{
Console.WriteLine(string.Format(validating, "JwtSecurityTokenHandle - ReadToken( reader ), ValidateToken( jwtToken )", iterations, DateTime.UtcNow - started));
}
started = DateTime.UtcNow;
for (int i = 0; i < iterations; i++)
{
StringReader sr = new StringReader(tokenXml);
XmlDictionaryReader reader = XmlDictionaryReader.CreateDictionaryReader(XmlReader.Create(sr));
reader.MoveToContent();
JwtSecurityToken jwtToken = jwtTokenHandler.ReadToken(reader) as JwtSecurityToken;
jwtTokenHandler.ValidateToken(jwtToken.RawData);
}
if (display)
{
Console.WriteLine(string.Format(validating, "JwtSecurityTokenHandle - ReadToken( reader ), ValidateToken( jwtToken.RawData )", iterations, DateTime.UtcNow - started));
}
}
static string CreateSaml2TokenString()
{
var tokenHandler = new Saml2SecurityTokenHandler();
return(tokenHandler.WriteToken(CreateSaml2Token()));
}
public static void Run(string[] args)
{
IdentityModelEventSource.ShowPII = true;
var testRuns = TestConfig.SetupTestRuns(
new List <TestExecutor>
{
TokenTestExecutors.JsonWebTokenHandler_ValidateToken_InParallel,
TokenTestExecutors.JwtSecurityTokenHandler_ValidateToken_InParallel,
TokenTestExecutors.Saml2SecurityTokenHandler_ValidateToken_InParallel,
TokenTestExecutors.SamlSecurityTokenHandler_ValidateToken_InParallel,
TokenTestExecutors.JsonWebTokenHandler_CreateToken_InParallel,
TokenTestExecutors.JwtSecurityTokenHandler_CreateToken_InParallel,
TokenTestExecutors.Saml2SecurityTokenHandler_CreateToken_InParallel,
TokenTestExecutors.SamlSecurityTokenHandler_CreateToken_InParallel,
});
var securityTokenDescriptor = TestData.SecurityTokenDescriptor(TestData.RsaSigningCredentials_2048Sha256);
var tokenValidationParameters = TestData.TokenValidationParameters(securityTokenDescriptor.SigningCredentials.Key);
var jwtTokenHandler = new JwtSecurityTokenHandler();
var jwt = jwtTokenHandler.CreateEncodedJwt(securityTokenDescriptor);
var samlTokenHandler = new SamlSecurityTokenHandler();
var samlToken = samlTokenHandler.CreateToken(securityTokenDescriptor);
var saml = samlTokenHandler.WriteToken(samlToken);
var saml2TokenHandler = new Saml2SecurityTokenHandler();
var saml2Token = saml2TokenHandler.CreateToken(securityTokenDescriptor);
var saml2 = saml2TokenHandler.WriteToken(saml2Token);
var testConfig = TestConfig.ParseArgs(args);
var tokenTestData = new TokenTestRunData
{
JwtSecurityTokenHandler = new JwtSecurityTokenHandler(),
JsonWebTokenHandler = new JsonWebTokenHandler(),
JwtToken = jwt,
NumIterations = testConfig.NumIterations,
Saml2Token = saml2,
SamlToken = saml,
SamlSecurityTokenHandler = samlTokenHandler,
Saml2SecurityTokenHandler = saml2TokenHandler,
TokenValidationParameters = tokenValidationParameters,
SecurityTokenDescriptor = securityTokenDescriptor
};
// run each test to set any static data
foreach (var testRun in testRuns)
{
testRun.TestExecutor(tokenTestData);
}
var assemblyVersion = typeof(JwtSecurityTokenHandler).Assembly.GetName().Version.ToString();
#if DEBUG
var prefix = "DEBUG";
#else
var prefix = "RELEASE";
#endif
testConfig.Version = $"{prefix}-{assemblyVersion}";
var logName = $"SecurityTokens-{testConfig.Version}_{DateTime.Now.ToString("yyyy.MM.dd.hh.mm.ss")}.txt";
var directory = testConfig.LogDirectory;
var logFile = Path.Combine(directory, logName);
Directory.CreateDirectory(directory);
TestRunner.Run(testConfig, testRuns, tokenTestData);
File.WriteAllText(logFile, testConfig.Logger.Logs);
}