public void CreateClaimsPrincipalCrossVersionTest(CrossTokenVersionTheoryData theoryData) { var context = TestUtilities.WriteHeader($"{this}.CreateClaimsPrincipalCrossVersionTest", theoryData); SecurityToken4x validatedToken4x = null; SecurityToken validatedToken5x = null; ClaimsPrincipal claimsPrincipal4x = null; ClaimsPrincipal claimsPrincipal5x = null; try { claimsPrincipal4x = CrossVersionUtility.ValidateSaml2Token(theoryData.TokenString4x, theoryData.ValidationParameters4x, out validatedToken4x); } catch (Exception ex) { context.Diffs.Add($"CrossVersionTokenValidationTestsData.ValidateToken threw: '{ex}'."); } try { claimsPrincipal5x = new Tokens.Saml2.Saml2SecurityTokenHandler().ValidateToken(theoryData.TokenString4x, theoryData.ValidationParameters5x, out validatedToken5x); } catch (Exception ex) { context.Diffs.Add($"Tokens.Saml.SamlSecurityTokenHandler().ValidateToken threw: '{ex}'."); } AreSaml2TokensEqual(validatedToken4x, validatedToken5x, context); IdentityComparer.AreClaimsPrincipalsEqual(claimsPrincipal4x, claimsPrincipal5x, context); TestUtilities.AssertFailIfErrors(context); }
public void CrossVersionSaml2TokenTest(CrossTokenVersionTheoryData theoryData) { var context = TestUtilities.WriteHeader($"{this}.CrossVersionSaml2TokenTest", theoryData); var samlHandler5x = new Tokens.Saml2.Saml2SecurityTokenHandler(); var samlToken4x = CrossVersionUtility.CreateSaml2Token4x(theoryData.TokenDescriptor4x); var samlToken5x = samlHandler5x.CreateToken(theoryData.TokenDescriptor5x, theoryData.AuthenticationInformationSaml2) as Saml2SecurityToken; AreSaml2TokensEqual(samlToken4x, samlToken5x, context); var token4x = CrossVersionUtility.WriteSaml2Token(samlToken4x); var token5x = samlHandler5x.WriteToken(samlToken5x); var claimsPrincipalFrom4xUsing5xHandler = samlHandler5x.ValidateToken(token4x, theoryData.ValidationParameters5x, out SecurityToken validatedSamlToken4xUsing5xHandler); var claimsPrincipalFrom5xUsing5xHandler = samlHandler5x.ValidateToken(token5x, theoryData.ValidationParameters5x, out SecurityToken validatedSamlToken5xUsing5xHandler); var claimsPrincipalFrom4xUsing4xHandler = CrossVersionUtility.ValidateSaml2Token(token4x, theoryData.ValidationParameters4x, out SecurityToken4x validatedSamlToken4xUsing4xHandler); var claimsPrincipalFrom5xUsing4xHandler = CrossVersionUtility.ValidateSaml2Token(token5x, theoryData.ValidationParameters4x, out SecurityToken4x validatedSamlToken5xUsing4xHandler); IdentityComparer.AreClaimsPrincipalsEqual(claimsPrincipalFrom4xUsing4xHandler, claimsPrincipalFrom5xUsing4xHandler, context); IdentityComparer.AreClaimsPrincipalsEqual(claimsPrincipalFrom4xUsing5xHandler, claimsPrincipalFrom5xUsing4xHandler, context); IdentityComparer.AreClaimsPrincipalsEqual(claimsPrincipalFrom5xUsing5xHandler, claimsPrincipalFrom5xUsing4xHandler, context); // the results from ValidateTokenAsync() and ValidateToken() should be the same var tokenValidationResult = samlHandler5x.ValidateTokenAsync(token4x, theoryData.ValidationParameters5x); IdentityComparer.AreClaimsIdentitiesEqual(claimsPrincipalFrom5xUsing5xHandler.Identity as ClaimsIdentity, tokenValidationResult.Result.ClaimsIdentity, context); TestUtilities.AssertFailIfErrors(context); }
#pragma warning restore CS3016 // Arrays as attribute arguments is not CLS-compliant public void RoundTripTokens(CreateAndValidateParams createParams) { var handler = new JwtSecurityTokenHandler(); handler.InboundClaimTypeMap.Clear(); var encodedJwt1 = handler.CreateEncodedJwt(createParams.SecurityTokenDescriptor); var encodedJwt2 = handler.CreateEncodedJwt( createParams.SecurityTokenDescriptor.Issuer, createParams.SecurityTokenDescriptor.Audience, createParams.SecurityTokenDescriptor.Subject, createParams.SecurityTokenDescriptor.NotBefore, createParams.SecurityTokenDescriptor.Expires, createParams.SecurityTokenDescriptor.IssuedAt, createParams.SecurityTokenDescriptor.SigningCredentials); var jwtToken1 = new JwtSecurityToken(encodedJwt1); var jwtToken2 = new JwtSecurityToken(encodedJwt2); var jwtToken3 = handler.CreateJwtSecurityToken(createParams.SecurityTokenDescriptor); var jwtToken4 = handler.CreateJwtSecurityToken( createParams.SecurityTokenDescriptor.Issuer, createParams.SecurityTokenDescriptor.Audience, createParams.SecurityTokenDescriptor.Subject, createParams.SecurityTokenDescriptor.NotBefore, createParams.SecurityTokenDescriptor.Expires, createParams.SecurityTokenDescriptor.IssuedAt, createParams.SecurityTokenDescriptor.SigningCredentials); var jwtToken5 = handler.CreateToken(createParams.SecurityTokenDescriptor) as JwtSecurityToken; var encodedJwt3 = handler.WriteToken(jwtToken3); var encodedJwt4 = handler.WriteToken(jwtToken4); var encodedJwt5 = handler.WriteToken(jwtToken5); SecurityToken validatedJwtToken1 = null; var claimsPrincipal1 = handler.ValidateToken(encodedJwt1, createParams.TokenValidationParameters, out validatedJwtToken1); SecurityToken validatedJwtToken2 = null; var claimsPrincipal2 = handler.ValidateToken(encodedJwt2, createParams.TokenValidationParameters, out validatedJwtToken2); SecurityToken validatedJwtToken3 = null; var claimsPrincipal3 = handler.ValidateToken(encodedJwt3, createParams.TokenValidationParameters, out validatedJwtToken3); SecurityToken validatedJwtToken4 = null; var claimsPrincipal4 = handler.ValidateToken(encodedJwt4, createParams.TokenValidationParameters, out validatedJwtToken4); SecurityToken validatedJwtToken5 = null; var claimsPrincipal5 = handler.ValidateToken(encodedJwt5, createParams.TokenValidationParameters, out validatedJwtToken5); var context = new CompareContext(); var localContext = new CompareContext(); if (!IdentityComparer.AreJwtSecurityTokensEqual(jwtToken1, jwtToken2, localContext)) { context.Diffs.Add("jwtToken1 != jwtToken2"); context.Diffs.AddRange(localContext.Diffs); } localContext.Diffs.Clear(); if (!IdentityComparer.AreJwtSecurityTokensEqual(jwtToken3, jwtToken4, localContext)) { context.Diffs.Add("jwtToken3 != jwtToken4"); context.Diffs.AddRange(localContext.Diffs); } localContext.Diffs.Clear(); if (!IdentityComparer.AreJwtSecurityTokensEqual(jwtToken3, jwtToken5, localContext)) { context.Diffs.Add("jwtToken3 != jwtToken5"); context.Diffs.AddRange(localContext.Diffs); } localContext.Diffs.Clear(); if (!IdentityComparer.AreEqual(validatedJwtToken1, validatedJwtToken2, localContext)) { context.Diffs.Add("validatedJwtToken1 != validatedJwtToken2"); context.Diffs.AddRange(localContext.Diffs); } localContext.Diffs.Clear(); if (!IdentityComparer.AreEqual(validatedJwtToken1, validatedJwtToken3, localContext)) { context.Diffs.Add("validatedJwtToken1 != validatedJwtToken3"); context.Diffs.AddRange(localContext.Diffs); } localContext.Diffs.Clear(); if (!IdentityComparer.AreEqual(validatedJwtToken1, validatedJwtToken4, localContext)) { context.Diffs.Add("validatedJwtToken1 != validatedJwtToken4"); context.Diffs.AddRange(localContext.Diffs); } localContext.Diffs.Clear(); if (!IdentityComparer.AreEqual(validatedJwtToken1, validatedJwtToken5, localContext)) { context.Diffs.Add("validatedJwtToken1 != validatedJwtToken5"); context.Diffs.AddRange(localContext.Diffs); } localContext.Diffs.Clear(); if (!IdentityComparer.AreClaimsPrincipalsEqual(claimsPrincipal1, claimsPrincipal2, localContext)) { context.Diffs.Add("claimsPrincipal1 != claimsPrincipal2"); context.Diffs.AddRange(localContext.Diffs); } localContext.Diffs.Clear(); if (!IdentityComparer.AreClaimsPrincipalsEqual(claimsPrincipal1, claimsPrincipal3, localContext)) { context.Diffs.Add("claimsPrincipal1 != claimsPrincipal3"); context.Diffs.AddRange(localContext.Diffs); } localContext.Diffs.Clear(); if (!IdentityComparer.AreClaimsPrincipalsEqual(claimsPrincipal1, claimsPrincipal4, localContext)) { context.Diffs.Add("claimsPrincipal1 != claimsPrincipal4"); context.Diffs.AddRange(localContext.Diffs); } localContext.Diffs.Clear(); if (!IdentityComparer.AreClaimsPrincipalsEqual(claimsPrincipal1, claimsPrincipal5, localContext)) { context.Diffs.Add("claimsPrincipal1 != claimsPrincipal5"); context.Diffs.AddRange(localContext.Diffs); } TestUtilities.AssertFailIfErrors(string.Format(CultureInfo.InvariantCulture, "RoundTripTokens: Case '{0}'", createParams.Case), context.Diffs); }
public void RoundTripTokens(JwtTheoryData theoryData) { var handler = new JwtSecurityTokenHandler(); handler.InboundClaimTypeMap.Clear(); var encodedJwt1 = handler.CreateEncodedJwt(theoryData.TokenDescriptor); var encodedJwt2 = handler.CreateEncodedJwt( theoryData.TokenDescriptor.Issuer, theoryData.TokenDescriptor.Audience, theoryData.TokenDescriptor.Subject, theoryData.TokenDescriptor.NotBefore, theoryData.TokenDescriptor.Expires, theoryData.TokenDescriptor.IssuedAt, theoryData.TokenDescriptor.SigningCredentials); var jwtToken1 = new JwtSecurityToken(encodedJwt1); var jwtToken2 = new JwtSecurityToken(encodedJwt2); var jwtToken3 = handler.CreateJwtSecurityToken(theoryData.TokenDescriptor); var jwtToken4 = handler.CreateJwtSecurityToken( theoryData.TokenDescriptor.Issuer, theoryData.TokenDescriptor.Audience, theoryData.TokenDescriptor.Subject, theoryData.TokenDescriptor.NotBefore, theoryData.TokenDescriptor.Expires, theoryData.TokenDescriptor.IssuedAt, theoryData.TokenDescriptor.SigningCredentials); var jwtToken5 = handler.CreateToken(theoryData.TokenDescriptor) as JwtSecurityToken; var jwtToken6 = handler.CreateJwtSecurityToken( theoryData.TokenDescriptor.Issuer, theoryData.TokenDescriptor.Audience, theoryData.TokenDescriptor.Subject, theoryData.TokenDescriptor.NotBefore, theoryData.TokenDescriptor.Expires, theoryData.TokenDescriptor.IssuedAt, theoryData.TokenDescriptor.SigningCredentials, theoryData.TokenDescriptor.EncryptingCredentials); var encodedJwt3 = handler.WriteToken(jwtToken3); var encodedJwt4 = handler.WriteToken(jwtToken4); var encodedJwt5 = handler.WriteToken(jwtToken5); var encodedJwt6 = handler.WriteToken(jwtToken6); SecurityToken validatedJwtToken1 = null; var claimsPrincipal1 = handler.ValidateToken(encodedJwt1, theoryData.ValidationParameters, out validatedJwtToken1); SecurityToken validatedJwtToken2 = null; var claimsPrincipal2 = handler.ValidateToken(encodedJwt2, theoryData.ValidationParameters, out validatedJwtToken2); SecurityToken validatedJwtToken3 = null; var claimsPrincipal3 = handler.ValidateToken(encodedJwt3, theoryData.ValidationParameters, out validatedJwtToken3); SecurityToken validatedJwtToken4 = null; var claimsPrincipal4 = handler.ValidateToken(encodedJwt4, theoryData.ValidationParameters, out validatedJwtToken4); SecurityToken validatedJwtToken5 = null; var claimsPrincipal5 = handler.ValidateToken(encodedJwt5, theoryData.ValidationParameters, out validatedJwtToken5); SecurityToken validatedJwtToken6 = null; var claimsPrincipal6 = handler.ValidateToken(encodedJwt6, theoryData.ValidationParameters, out validatedJwtToken6); var context = new CompareContext(); var localContext = new CompareContext { PropertiesToIgnoreWhenComparing = new Dictionary <Type, List <string> > { { typeof(JwtHeader), new List <string> { "Item" } }, { typeof(JwtPayload), new List <string> { "Item" } } } }; if (!IdentityComparer.AreJwtSecurityTokensEqual(jwtToken1, jwtToken2, localContext)) { context.Diffs.Add("jwtToken1 != jwtToken2"); context.Diffs.AddRange(localContext.Diffs); } localContext.Diffs.Clear(); if (!IdentityComparer.AreJwtSecurityTokensEqual(jwtToken3, jwtToken4, localContext)) { context.Diffs.Add("jwtToken3 != jwtToken4"); context.Diffs.AddRange(localContext.Diffs); } localContext.Diffs.Clear(); if (!IdentityComparer.AreJwtSecurityTokensEqual(jwtToken3, jwtToken5, localContext)) { context.Diffs.Add("jwtToken3 != jwtToken5"); context.Diffs.AddRange(localContext.Diffs); } localContext.Diffs.Clear(); if (!IdentityComparer.AreEqual(validatedJwtToken1, validatedJwtToken2, localContext)) { context.Diffs.Add("validatedJwtToken1 != validatedJwtToken2"); context.Diffs.AddRange(localContext.Diffs); } localContext.Diffs.Clear(); if (!IdentityComparer.AreEqual(validatedJwtToken1, validatedJwtToken3, localContext)) { context.Diffs.Add("validatedJwtToken1 != validatedJwtToken3"); context.Diffs.AddRange(localContext.Diffs); } localContext.Diffs.Clear(); if (!IdentityComparer.AreEqual(validatedJwtToken1, validatedJwtToken4, localContext)) { context.Diffs.Add("validatedJwtToken1 != validatedJwtToken4"); context.Diffs.AddRange(localContext.Diffs); } localContext.Diffs.Clear(); if (!IdentityComparer.AreEqual(validatedJwtToken1, validatedJwtToken5, localContext)) { context.Diffs.Add("validatedJwtToken1 != validatedJwtToken5"); context.Diffs.AddRange(localContext.Diffs); } localContext.Diffs.Clear(); if (!IdentityComparer.AreEqual(validatedJwtToken1, validatedJwtToken6, localContext)) { context.Diffs.Add("validatedJwtToken1 != validatedJwtToken6"); context.Diffs.AddRange(localContext.Diffs); } localContext.Diffs.Clear(); if (!IdentityComparer.AreClaimsPrincipalsEqual(claimsPrincipal1, claimsPrincipal2, localContext)) { context.Diffs.Add("claimsPrincipal1 != claimsPrincipal2"); context.Diffs.AddRange(localContext.Diffs); } localContext.Diffs.Clear(); if (!IdentityComparer.AreClaimsPrincipalsEqual(claimsPrincipal1, claimsPrincipal3, localContext)) { context.Diffs.Add("claimsPrincipal1 != claimsPrincipal3"); context.Diffs.AddRange(localContext.Diffs); } localContext.Diffs.Clear(); if (!IdentityComparer.AreClaimsPrincipalsEqual(claimsPrincipal1, claimsPrincipal4, localContext)) { context.Diffs.Add("claimsPrincipal1 != claimsPrincipal4"); context.Diffs.AddRange(localContext.Diffs); } localContext.Diffs.Clear(); if (!IdentityComparer.AreClaimsPrincipalsEqual(claimsPrincipal1, claimsPrincipal5, localContext)) { context.Diffs.Add("claimsPrincipal1 != claimsPrincipal5"); context.Diffs.AddRange(localContext.Diffs); } localContext.Diffs.Clear(); if (!IdentityComparer.AreClaimsPrincipalsEqual(claimsPrincipal1, claimsPrincipal6, localContext)) { context.Diffs.Add("claimsPrincipal1 != claimsPrincipal6"); context.Diffs.AddRange(localContext.Diffs); } TestUtilities.AssertFailIfErrors(string.Format(CultureInfo.InvariantCulture, "RoundTripTokens: Case '{0}'", theoryData.TestId), context.Diffs); }