public async Task Valid_IdentityToken_no_ClientId_supplied() { var creator = Factory.CreateDefaultTokenCreator(); var jwt = await creator.CreateTokenAsync(TokenFactory.CreateIdentityToken("roclient", "valid")); var validator = Factory.CreateTokenValidator(); var result = await validator.ValidateIdentityTokenAsync(jwt); result.IsError.Should().BeFalse(); }
public async Task Valid_IdentityToken_DefaultKeyType() { var creator = Factory.CreateDefaultTokenCreator(); var token = TokenFactory.CreateIdentityToken("roclient", "valid"); var jwt = await creator.CreateTokenAsync(token); var validator = Factory.CreateTokenValidator(); var result = await validator.ValidateIdentityTokenAsync(jwt, "roclient"); result.IsError.Should().BeFalse(); }
public async Task Valid_IdentityToken_DefaultKeyType_no_ClientId_supplied() { var signer = Factory.CreateDefaultTokenSigningService(); var jwt = await signer.SignTokenAsync(TokenFactory.CreateIdentityToken("roclient", "valid")); var validator = Factory.CreateTokenValidator(); var result = await validator.ValidateIdentityTokenAsync(jwt, "roclient"); result.IsError.Should().BeFalse(); }
public async Task Valid_IdentityToken_SymmetricKeyType() { var signer = new DefaultTokenSigningService(TestIdentityServerOptions.Create()); var jwt = await signer.SignTokenAsync(TokenFactory.CreateIdentityToken("roclient_symmetric", "valid")); var validator = Factory.CreateTokenValidator(); var result = await validator.ValidateIdentityTokenAsync(jwt, "roclient_symmetric"); Assert.IsFalse(result.IsError); }
public async Task IdentityToken_InvalidClientId() { var creator = Factory.CreateDefaultTokenCreator(); var jwt = await creator.CreateTokenAsync(TokenFactory.CreateIdentityToken("roclient", "valid")); var validator = Factory.CreateTokenValidator(); var result = await validator.ValidateIdentityTokenAsync(jwt, "invalid"); result.IsError.Should().BeTrue(); result.Error.Should().Be(OidcConstants.ProtectedResourceErrors.InvalidToken); }
public async Task IdentityToken_InvalidClientId() { var signer = new DefaultTokenSigningService(TestIdentityServerOptions.Create()); var jwt = await signer.SignTokenAsync(TokenFactory.CreateIdentityToken("roclient", "valid")); var validator = Factory.CreateTokenValidator(); var result = await validator.ValidateIdentityTokenAsync(jwt, "invalid"); Assert.IsTrue(result.IsError); Assert.AreEqual(Constants.ProtectedResourceErrors.InvalidToken, result.Error); }
public async Task claims_that_collide_with_token_validation_should_be_ignored() { var creator = Factory.CreateDefaultTokenCreator(); var id_token = TokenFactory.CreateIdentityToken("roclient", "sub"); id_token.Claims.Add(new System.Security.Claims.Claim("aud", "some_aud")); // this should not throw var jwt = await creator.CreateTokenAsync(id_token); // check that the custom aud was ignored var payload = jwt.Split('.')[1]; var json = Encoding.UTF8.GetString(Base64Url.Decode(payload)); var values = JsonSerializer.Deserialize <Dictionary <string, JsonElement> >(json); values["aud"].GetString().Should().Be("roclient"); }