public void TestGenerateUriUseSameKidWithSameKey(string connectionString)
{
var serviceClient = new WebPubSubServiceClient(" Endpoint=http://localhost;Port=8080;AccessKey=ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789ABCDEFGH;Version=1.0;", "hub");
var uri1 = serviceClient.GenerateClientAccessUri();
var uri2 = serviceClient.GenerateClientAccessUri();
Assert.AreEqual("localhost:8080", uri1.Authority);
Assert.AreEqual("/client/hubs/hub", uri1.AbsolutePath);
var token1 = HttpUtility.ParseQueryString(uri1.Query).Get("access_token");
Assert.NotNull(token1);
var token2 = HttpUtility.ParseQueryString(uri2.Query).Get("access_token");
Assert.NotNull(token2);
var jwt1 = JwtTokenHandler.ReadJwtToken(token1);
var jwt2 = JwtTokenHandler.ReadJwtToken(token2);
Assert.AreEqual(jwt1.Header.Kid, jwt2.Header.Kid);
}
public void TestGenerateUriUseSameKidWithSameKey(string connectionString, string hub, string expectedUrl)
{
var serviceClient = new WebPubSubServiceClient(string.Format(connectionString, FakeAccessKey), hub);
var uri1 = serviceClient.GenerateClientAccessUri();
var uri2 = serviceClient.GenerateClientAccessUri();
var urlBuilder = new UriBuilder(uri1);
urlBuilder.Query = string.Empty;
Assert.AreEqual(expectedUrl, urlBuilder.Uri.ToString());
var token1 = HttpUtility.ParseQueryString(uri1.Query).Get("access_token");
Assert.NotNull(token1);
var token2 = HttpUtility.ParseQueryString(uri2.Query).Get("access_token");
Assert.NotNull(token2);
var jwt1 = JwtTokenHandler.ReadJwtToken(token1);
var jwt2 = JwtTokenHandler.ReadJwtToken(token2);
Assert.AreEqual(jwt1.Header.Kid, jwt2.Header.Kid);
}
public void TestGenerateUriContainsExpectedPayloadsDto(string userId, string[] roles)
{
var serviceClient = new WebPubSubServiceClient(string.Format("Endpoint=http://localhost;Port=8080;AccessKey={0};Version=1.0;", FakeAccessKey), "hub");
var expiresAt = DateTimeOffset.UtcNow + TimeSpan.FromMinutes(5);
var uri = serviceClient.GenerateClientAccessUri(expiresAt, userId, roles);
var token = HttpUtility.ParseQueryString(uri.Query).Get("access_token");
Assert.NotNull(token);
var jwt = JwtTokenHandler.ReadJwtToken(token);
var audience = jwt.Claims.FirstOrDefault(s => s.Type == "aud");
Assert.NotNull(audience);
Assert.AreEqual("http://localhost:8080/client/hubs/hub", audience.Value);
var iat = jwt.Claims.FirstOrDefault(s => s.Type == "iat")?.Value;
Assert.NotNull(iat);
Assert.IsTrue(long.TryParse(iat, out var issuedAt));
var exp = jwt.Claims.FirstOrDefault(s => s.Type == "exp")?.Value;
Assert.NotNull(exp);
Assert.IsTrue(long.TryParse(exp, out var expireAt));
// default expire after should be ~5 minutes (~300 seconds)
var expireAfter = expireAt - issuedAt;
Assert.IsTrue(expireAfter > 295 && expireAfter < 305);
var sub = jwt.Claims.Where(s => s.Type == "sub").Select(s => s.Value).ToArray();
if (userId != null)
{
Assert.AreEqual(1, sub.Length);
Assert.AreEqual(userId, sub[0]);
}
else
{
Assert.IsEmpty(sub);
}
var roleClaims = jwt.Claims.Where(s => s.Type == "role").Select(s => s.Value).ToArray();
if (roles?.Length > 0)
{
Assert.AreEqual(roles, roleClaims);
}
else
{
Assert.IsEmpty(roleClaims);
}
}
internal WebPubSubConnection GetClientConnection(string userId = null, string[] roles = null)
{
var url = _client.GenerateClientAccessUri(userId: userId, roles: roles);
#region TODO: Remove after SDK fix. Work-around to support http.
if (!_serviceConfig.Endpoint.Scheme.StartsWith("https", StringComparison.OrdinalIgnoreCase))
{
var replaced = url.AbsoluteUri.Replace("wss", "ws");
url = new Uri(replaced);
}
#endregion
return(new WebPubSubConnection(url));
}