public void AuthenticateValidCredentialsTest() { UserAccountController userController = CreateFakeUserAccountController(); //Authenticate with valid credentials var response = userController.Authenticate( new ReceiveLoginUserModel(_users[0].Email, "password-u1") ); Assert.IsType <OkObjectResult>(response.Result); //Validate return data from endpoint SendLoginUserModel sendLoginUserModel = (SendLoginUserModel)((OkObjectResult)response.Result).Value; Assert.Equal(_users[0].Id, sendLoginUserModel.Id); Assert.Equal(_users[0].Email, sendLoginUserModel.Email); TokenCreatorValidator tokenCreatorValidator = new TokenCreatorValidator(_testApiSecret); TokenValidationParams tokenValidationParams = tokenCreatorValidator.ValidateToken(sendLoginUserModel.Token); Assert.Equal(_users[0].Id, tokenValidationParams.UserId); User authenticatedUser = _usersService.GetById(_users[0].Id); Assert.Equal( Encoding.Default.GetString(authenticatedUser.AuthSalt), Encoding.Default.GetString(tokenValidationParams.SaltBytes) ); }
public AuthToken Deserialize(string serializedToken) { var validationParams = TokenValidationParams.Get(_authSettings); var claims = new JwtSecurityTokenHandler().ValidateToken(serializedToken, validationParams, out SecurityToken _); return(claims.ToAuthToken()); }
private void AttachUserToContext(HttpContext context, IUsersService userService, string tokenStr) { TokenCreatorValidator tokenCreatorValidator = new TokenCreatorValidator(_configuration.Value.Secret); try { TokenValidationParams tokenValidationParams = tokenCreatorValidator.ValidateToken(tokenStr); User tokenUser = userService.GetById(tokenValidationParams.UserId); if (Encoding.Default.GetString(tokenUser.AuthSalt) == Encoding.Default.GetString(tokenValidationParams.SaltBytes)) { context.Items["User"] = tokenUser; } } catch { // do nothing if jwt validation fails // user is not attached to context so request won't have access to secure routes } }
public void CreateAndValidateTokenTest() { TokenCreatorValidator tokenCreatorValidator = new TokenCreatorValidator( RandomString(1024) ); int userId; for (int i = 0; i < 100; i++) { userId = Random.Next(1, Int32.MaxValue); TokenCreationParams tokenCreationParams = tokenCreatorValidator.CreateToken(userId, 30); TokenValidationParams tokenValidationParams = tokenCreatorValidator.ValidateToken(tokenCreationParams.TokenStr); Assert.Equal(userId, tokenValidationParams.UserId); Assert.Equal( Encoding.Default.GetString(tokenCreationParams.SaltBytes), Encoding.Default.GetString(tokenValidationParams.SaltBytes) ); } }