Exemplo n.º 1
0
 /// <inheritdoc/>
 public override void Write(Utf8JsonWriter writer, StoredAttestationPolicy value, JsonSerializerOptions options)
 {
     writer.WriteStartObject();
     writer.WritePropertyName("AttestationPolicy");
     writer.WriteStringValue(Base64Url.EncodeString(value.AttestationPolicy));
     writer.WriteEndObject();
 }
Exemplo n.º 2
0
        public async Task SettingAttestationPolicy()
        {
            var endpoint = TestEnvironment.AadAttestationUrl;

            #region Snippet:GetPolicy
            var client = new AttestationAdministrationClient(new Uri(endpoint), new DefaultAzureCredential());

            var policyResult = await client.GetPolicyAsync(AttestationType.SgxEnclave);

            var result = policyResult.Value.AttestationPolicy;
            #endregion

            #region Snippet:SetPolicy
            string attestationPolicy = "version=1.0; authorizationrules{=> permit();}; issuancerules{};";

            var policyTokenSigner = TestEnvironment.PolicyCertificate0;

            AttestationToken policySetToken = new SecuredAttestationToken(
                new StoredAttestationPolicy {
                AttestationPolicy = Base64Url.EncodeString(attestationPolicy),
            },
                TestEnvironment.PolicySigningKey0,
                policyTokenSigner);

            var setResult = client.SetPolicy(AttestationType.SgxEnclave, policySetToken);
            #endregion
            var resetResult = client.ResetPolicy(AttestationType.SgxEnclave);

            // When the attestation instance is in Isolated mode, the ResetPolicy API requires using a signing key/certificate to authorize the user.
            var resetResult2 = client.ResetPolicy(
                AttestationType.SgxEnclave,
                new SecuredAttestationToken(TestEnvironment.PolicySigningKey0, policyTokenSigner));
            return;
        }
Exemplo n.º 3
0
        public string ExportToHeaderString()
        {
            var jsonValue = JsonConvert.SerializeObject(this, new JsonSerializerSettings {
                ContractResolver = new CamelCasePropertyNamesContractResolver()
            });

            return(Base64Url.EncodeString(jsonValue));
        }
        private string GetMockJwt(TimeSpan expireIn)
        {
            long   expireOn         = (DateTimeOffset.UtcNow + expireIn).ToUnixTimeSeconds();
            string decodedHeader    = "{header}";
            string decodedBody      = $"{{ \"exp\": {expireOn} }}";
            string decodedSignature = "{signature}";

            return($"{Base64Url.EncodeString(decodedHeader)}.{Base64Url.EncodeString(decodedBody)}.{Base64Url.EncodeString(decodedSignature)}");
        }
Exemplo n.º 5
0
        public void ValidateEncodeDecodeStringZeroLength()
        {
            var data = string.Empty;

            var encoded = Base64Url.EncodeString(data);

            Assert.AreEqual(string.Empty, encoded);

            var decoded = Base64Url.DecodeString(encoded);

            Assert.AreEqual(data, decoded);
        }
        public ContainerRegistryRecordedTestSanitizer()
        {
            DateTimeOffset expiresOn   = DateTimeOffset.UtcNow + TimeSpan.FromDays(365 * 30); // Never expire in software years
            string         encodedBody = Base64Url.EncodeString($"{{\"exp\":{expiresOn.ToUnixTimeSeconds()}}}");

            var jwtSanitizedValue = $"{SanitizeValue}.{encodedBody}.{SanitizeValue}";

            AddJsonPathSanitizer("$..refresh_token", _ => JToken.FromObject(jwtSanitizedValue));

            FormEncodedBodySanitizers.Add("access_token");
            FormEncodedBodySanitizers.Add("refresh_token");
        }
        public ContainerRegistryRecordedTestBase(bool isAsync, RecordedTestMode?mode = default) : base(isAsync, mode)
        {
            DateTimeOffset expiresOn         = DateTimeOffset.UtcNow + TimeSpan.FromDays(365 * 30); // Never expire in software years
            string         encodedBody       = Base64Url.EncodeString($"{{\"exp\":{expiresOn.ToUnixTimeSeconds()}}}");
            var            jwtSanitizedValue = $"{SanitizeValue}.{encodedBody}.{SanitizeValue}";

            BodyKeySanitizers.Add(new BodyKeySanitizer(jwtSanitizedValue)
            {
                JsonPath = "$..refresh_token"
            });
            BodyRegexSanitizers.Add(new BodyRegexSanitizer(@"access_token=(?<group>.*?)(?=&|$)", SanitizeValue)
            {
                GroupForReplace = "group"
            });
            BodyRegexSanitizers.Add(new BodyRegexSanitizer(@"refresh_token=(?<group>.*?)(?=&|$)", SanitizeValue)
            {
                GroupForReplace = "group"
            });
        }
Exemplo n.º 8
0
        public void ValidateEncodeDecodeStringRandom()
        {
            var seed = new Random().Next();

            var rand = new Random(seed);

            for (int i = 1; i <= 512; i++)
            {
                for (int j = 0; j < 32; j++)
                {
                    var data = GenerateRandomString(rand, i);

                    var encoded = Base64Url.EncodeString(data);

                    var decoded = Base64Url.DecodeString(encoded);

                    Assert.AreEqual(data, decoded, "String round trip failed. Seed {0}", seed);
                }
            }
        }
        private static string CreateUnsealedJwt(object body)
        {
            string returnValue = "eyJhbGciOiJub25lIn0.";

            string encodedDocument;

            if (body != null)
            {
                string bodyString = JsonSerializer.Serialize(body);

                // Either base64 or json encode the policy depending on the setting of the encodePolicyBody parameter.
                encodedDocument = Base64Url.EncodeString(bodyString);
            }
            else
            {
                encodedDocument = string.Empty;
            }

            returnValue += encodedDocument;
            returnValue += ".";

            return(returnValue);
        }
Exemplo n.º 10
0
        public string ExportToHeaderString()
        {
            var jsonValue = JsonConvert.SerializeObject(this);

            return(Base64Url.EncodeString(jsonValue));
        }