public void Serialize_FieldToken_WithUsername_TokenRoundTripSuccessful() { // Arrange var testSerializer = new DefaultAntiforgeryTokenSerializer(_dataProtector.Object); //"01" // Version //+ "705EEDCC7D42F1D6B3B98A593625BB4C" // SecurityToken //+ "00" // IsSessionToken //+ "00" // IsClaimsBased //+ "08" // Username length header //+ "4AC3A972C3B46D65" // Username ("Jérôme") as UTF8 //+ "05" // AdditionalData length header //+ "E282AC3437"; // AdditionalData ("€47") as UTF8 var token = new AntiforgeryToken() { SecurityToken = _securityToken, IsSessionToken = false, Username = "******", AdditionalData = "€47" }; // Act var actualSerializedData = testSerializer.Serialize(token); var deserializedToken = testSerializer.Deserialize(actualSerializedData); // Assert AssertTokensEqual(token, deserializedToken); _dataProtector.Verify(); }
public void Serialize_FieldToken_WithClaimUid_TokenRoundTripSuccessful() { // Arrange var testSerializer = new DefaultAntiforgeryTokenSerializer(_dataProtector.Object); //"01" // Version //+ "705EEDCC7D42F1D6B3B98A593625BB4C" // SecurityToken //+ "00" // IsSessionToken //+ "01" // IsClaimsBased //+ "6F1648E97249AA58754036A67E248CF044F07ECFB0ED387556CE029A4F9A40E0" // ClaimUid //+ "05" // AdditionalData length header //+ "E282AC3437"; // AdditionalData ("€47") as UTF8 var token = new AntiforgeryToken() { SecurityToken = _securityToken, IsSessionToken = false, ClaimUid = _claimUid, AdditionalData = "€47" }; // Act var actualSerializedData = testSerializer.Serialize(token); var deserializedToken = testSerializer.Deserialize(actualSerializedData); // Assert AssertTokensEqual(token, deserializedToken); _dataProtector.Verify(); }
public void Deserialize_BadToken_Throws(string serializedToken) { // Arrange var testSerializer = new DefaultAntiforgeryTokenSerializer(_dataProtector.Object); // Act & assert var ex = Assert.Throws<InvalidOperationException>(() => testSerializer.Deserialize(serializedToken)); Assert.Equal(@"The antiforgery token could not be decrypted.", ex.Message); }
public void Deserialize_BadToken_Throws(string serializedToken) { // Arrange var testSerializer = new DefaultAntiforgeryTokenSerializer(_dataProtector.Object); // Act & assert var ex = Assert.Throws <InvalidOperationException>(() => testSerializer.Deserialize(serializedToken)); Assert.Equal(@"The antiforgery token could not be decrypted.", ex.Message); }
public void Serialize_SessionToken_TokenRoundTripSuccessful() { // Arrange var testSerializer = new DefaultAntiforgeryTokenSerializer(_dataProtector.Object); //"01" // Version //+ "705EEDCC7D42F1D6B3B98A593625BB4C" // SecurityToken //+ "01"; // IsSessionToken var token = new AntiforgeryToken() { SecurityToken = _securityToken, IsSessionToken = true }; // Act string actualSerializedData = testSerializer.Serialize(token); var deserializedToken = testSerializer.Deserialize(actualSerializedData); // Assert AssertTokensEqual(token, deserializedToken); _dataProtector.Verify(); }