public void CreateClaimsPrincipalCrossVersionTest(CrossTokenVersionTheoryData theoryData)
{
var context = TestUtilities.WriteHeader($"{this}.CreateClaimsPrincipalCrossVersionTest", theoryData);
SecurityToken4x validatedToken4x = null;
SecurityToken validatedToken5x = null;
ClaimsPrincipal claimsPrincipal4x = null;
ClaimsPrincipal claimsPrincipal5x = null;
try
{
claimsPrincipal4x = CrossVersionUtility.ValidateSaml2Token(theoryData.TokenString4x, theoryData.ValidationParameters4x, out validatedToken4x);
}
catch (Exception ex)
{
context.Diffs.Add($"CrossVersionTokenValidationTestsData.ValidateToken threw: '{ex}'.");
}
try
{
claimsPrincipal5x = new Tokens.Saml2.Saml2SecurityTokenHandler().ValidateToken(theoryData.TokenString4x, theoryData.ValidationParameters5x, out validatedToken5x);
}
catch (Exception ex)
{
context.Diffs.Add($"Tokens.Saml.SamlSecurityTokenHandler().ValidateToken threw: '{ex}'.");
}
AreSaml2TokensEqual(validatedToken4x, validatedToken5x, context);
IdentityComparer.AreClaimsPrincipalsEqual(claimsPrincipal4x, claimsPrincipal5x, context);
TestUtilities.AssertFailIfErrors(context);
}
public void CrossVersionSaml2TokenTest(CrossTokenVersionTheoryData theoryData)
{
var context = TestUtilities.WriteHeader($"{this}.CrossVersionSaml2TokenTest", theoryData);
var samlHandler5x = new Tokens.Saml2.Saml2SecurityTokenHandler();
var samlToken4x = CrossVersionUtility.CreateSaml2Token4x(theoryData.TokenDescriptor4x);
var samlToken5x = samlHandler5x.CreateToken(theoryData.TokenDescriptor5x, theoryData.AuthenticationInformationSaml2) as Saml2SecurityToken;
AreSaml2TokensEqual(samlToken4x, samlToken5x, context);
var token4x = CrossVersionUtility.WriteSaml2Token(samlToken4x);
var token5x = samlHandler5x.WriteToken(samlToken5x);
var claimsPrincipalFrom4xUsing5xHandler = samlHandler5x.ValidateToken(token4x, theoryData.ValidationParameters5x, out SecurityToken validatedSamlToken4xUsing5xHandler);
var claimsPrincipalFrom5xUsing5xHandler = samlHandler5x.ValidateToken(token5x, theoryData.ValidationParameters5x, out SecurityToken validatedSamlToken5xUsing5xHandler);
var claimsPrincipalFrom4xUsing4xHandler = CrossVersionUtility.ValidateSaml2Token(token4x, theoryData.ValidationParameters4x, out SecurityToken4x validatedSamlToken4xUsing4xHandler);
var claimsPrincipalFrom5xUsing4xHandler = CrossVersionUtility.ValidateSaml2Token(token5x, theoryData.ValidationParameters4x, out SecurityToken4x validatedSamlToken5xUsing4xHandler);
IdentityComparer.AreClaimsPrincipalsEqual(claimsPrincipalFrom4xUsing4xHandler, claimsPrincipalFrom5xUsing4xHandler, context);
IdentityComparer.AreClaimsPrincipalsEqual(claimsPrincipalFrom4xUsing5xHandler, claimsPrincipalFrom5xUsing4xHandler, context);
IdentityComparer.AreClaimsPrincipalsEqual(claimsPrincipalFrom5xUsing5xHandler, claimsPrincipalFrom5xUsing4xHandler, context);
// the results from ValidateTokenAsync() and ValidateToken() should be the same
var tokenValidationResult = samlHandler5x.ValidateTokenAsync(token4x, theoryData.ValidationParameters5x);
IdentityComparer.AreClaimsIdentitiesEqual(claimsPrincipalFrom5xUsing5xHandler.Identity as ClaimsIdentity, tokenValidationResult.Result.ClaimsIdentity, context);
TestUtilities.AssertFailIfErrors(context);
}
#pragma warning restore CS3016 // Arrays as attribute arguments is not CLS-compliant
public void RoundTripTokens(CreateAndValidateParams createParams)
{
var handler = new JwtSecurityTokenHandler();
handler.InboundClaimTypeMap.Clear();
var encodedJwt1 = handler.CreateEncodedJwt(createParams.SecurityTokenDescriptor);
var encodedJwt2 = handler.CreateEncodedJwt(
createParams.SecurityTokenDescriptor.Issuer,
createParams.SecurityTokenDescriptor.Audience,
createParams.SecurityTokenDescriptor.Subject,
createParams.SecurityTokenDescriptor.NotBefore,
createParams.SecurityTokenDescriptor.Expires,
createParams.SecurityTokenDescriptor.IssuedAt,
createParams.SecurityTokenDescriptor.SigningCredentials);
var jwtToken1 = new JwtSecurityToken(encodedJwt1);
var jwtToken2 = new JwtSecurityToken(encodedJwt2);
var jwtToken3 = handler.CreateJwtSecurityToken(createParams.SecurityTokenDescriptor);
var jwtToken4 = handler.CreateJwtSecurityToken(
createParams.SecurityTokenDescriptor.Issuer,
createParams.SecurityTokenDescriptor.Audience,
createParams.SecurityTokenDescriptor.Subject,
createParams.SecurityTokenDescriptor.NotBefore,
createParams.SecurityTokenDescriptor.Expires,
createParams.SecurityTokenDescriptor.IssuedAt,
createParams.SecurityTokenDescriptor.SigningCredentials);
var jwtToken5 = handler.CreateToken(createParams.SecurityTokenDescriptor) as JwtSecurityToken;
var encodedJwt3 = handler.WriteToken(jwtToken3);
var encodedJwt4 = handler.WriteToken(jwtToken4);
var encodedJwt5 = handler.WriteToken(jwtToken5);
SecurityToken validatedJwtToken1 = null;
var claimsPrincipal1 = handler.ValidateToken(encodedJwt1, createParams.TokenValidationParameters, out validatedJwtToken1);
SecurityToken validatedJwtToken2 = null;
var claimsPrincipal2 = handler.ValidateToken(encodedJwt2, createParams.TokenValidationParameters, out validatedJwtToken2);
SecurityToken validatedJwtToken3 = null;
var claimsPrincipal3 = handler.ValidateToken(encodedJwt3, createParams.TokenValidationParameters, out validatedJwtToken3);
SecurityToken validatedJwtToken4 = null;
var claimsPrincipal4 = handler.ValidateToken(encodedJwt4, createParams.TokenValidationParameters, out validatedJwtToken4);
SecurityToken validatedJwtToken5 = null;
var claimsPrincipal5 = handler.ValidateToken(encodedJwt5, createParams.TokenValidationParameters, out validatedJwtToken5);
var context = new CompareContext();
var localContext = new CompareContext();
if (!IdentityComparer.AreJwtSecurityTokensEqual(jwtToken1, jwtToken2, localContext))
{
context.Diffs.Add("jwtToken1 != jwtToken2");
context.Diffs.AddRange(localContext.Diffs);
}
localContext.Diffs.Clear();
if (!IdentityComparer.AreJwtSecurityTokensEqual(jwtToken3, jwtToken4, localContext))
{
context.Diffs.Add("jwtToken3 != jwtToken4");
context.Diffs.AddRange(localContext.Diffs);
}
localContext.Diffs.Clear();
if (!IdentityComparer.AreJwtSecurityTokensEqual(jwtToken3, jwtToken5, localContext))
{
context.Diffs.Add("jwtToken3 != jwtToken5");
context.Diffs.AddRange(localContext.Diffs);
}
localContext.Diffs.Clear();
if (!IdentityComparer.AreEqual(validatedJwtToken1, validatedJwtToken2, localContext))
{
context.Diffs.Add("validatedJwtToken1 != validatedJwtToken2");
context.Diffs.AddRange(localContext.Diffs);
}
localContext.Diffs.Clear();
if (!IdentityComparer.AreEqual(validatedJwtToken1, validatedJwtToken3, localContext))
{
context.Diffs.Add("validatedJwtToken1 != validatedJwtToken3");
context.Diffs.AddRange(localContext.Diffs);
}
localContext.Diffs.Clear();
if (!IdentityComparer.AreEqual(validatedJwtToken1, validatedJwtToken4, localContext))
{
context.Diffs.Add("validatedJwtToken1 != validatedJwtToken4");
context.Diffs.AddRange(localContext.Diffs);
}
localContext.Diffs.Clear();
if (!IdentityComparer.AreEqual(validatedJwtToken1, validatedJwtToken5, localContext))
{
context.Diffs.Add("validatedJwtToken1 != validatedJwtToken5");
context.Diffs.AddRange(localContext.Diffs);
}
localContext.Diffs.Clear();
if (!IdentityComparer.AreClaimsPrincipalsEqual(claimsPrincipal1, claimsPrincipal2, localContext))
{
context.Diffs.Add("claimsPrincipal1 != claimsPrincipal2");
context.Diffs.AddRange(localContext.Diffs);
}
localContext.Diffs.Clear();
if (!IdentityComparer.AreClaimsPrincipalsEqual(claimsPrincipal1, claimsPrincipal3, localContext))
{
context.Diffs.Add("claimsPrincipal1 != claimsPrincipal3");
context.Diffs.AddRange(localContext.Diffs);
}
localContext.Diffs.Clear();
if (!IdentityComparer.AreClaimsPrincipalsEqual(claimsPrincipal1, claimsPrincipal4, localContext))
{
context.Diffs.Add("claimsPrincipal1 != claimsPrincipal4");
context.Diffs.AddRange(localContext.Diffs);
}
localContext.Diffs.Clear();
if (!IdentityComparer.AreClaimsPrincipalsEqual(claimsPrincipal1, claimsPrincipal5, localContext))
{
context.Diffs.Add("claimsPrincipal1 != claimsPrincipal5");
context.Diffs.AddRange(localContext.Diffs);
}
TestUtilities.AssertFailIfErrors(string.Format(CultureInfo.InvariantCulture, "RoundTripTokens: Case '{0}'", createParams.Case), context.Diffs);
}
public void RoundTripTokens(JwtTheoryData theoryData)
{
var handler = new JwtSecurityTokenHandler();
handler.InboundClaimTypeMap.Clear();
var encodedJwt1 = handler.CreateEncodedJwt(theoryData.TokenDescriptor);
var encodedJwt2 = handler.CreateEncodedJwt(
theoryData.TokenDescriptor.Issuer,
theoryData.TokenDescriptor.Audience,
theoryData.TokenDescriptor.Subject,
theoryData.TokenDescriptor.NotBefore,
theoryData.TokenDescriptor.Expires,
theoryData.TokenDescriptor.IssuedAt,
theoryData.TokenDescriptor.SigningCredentials);
var jwtToken1 = new JwtSecurityToken(encodedJwt1);
var jwtToken2 = new JwtSecurityToken(encodedJwt2);
var jwtToken3 = handler.CreateJwtSecurityToken(theoryData.TokenDescriptor);
var jwtToken4 = handler.CreateJwtSecurityToken(
theoryData.TokenDescriptor.Issuer,
theoryData.TokenDescriptor.Audience,
theoryData.TokenDescriptor.Subject,
theoryData.TokenDescriptor.NotBefore,
theoryData.TokenDescriptor.Expires,
theoryData.TokenDescriptor.IssuedAt,
theoryData.TokenDescriptor.SigningCredentials);
var jwtToken5 = handler.CreateToken(theoryData.TokenDescriptor) as JwtSecurityToken;
var jwtToken6 = handler.CreateJwtSecurityToken(
theoryData.TokenDescriptor.Issuer,
theoryData.TokenDescriptor.Audience,
theoryData.TokenDescriptor.Subject,
theoryData.TokenDescriptor.NotBefore,
theoryData.TokenDescriptor.Expires,
theoryData.TokenDescriptor.IssuedAt,
theoryData.TokenDescriptor.SigningCredentials,
theoryData.TokenDescriptor.EncryptingCredentials);
var encodedJwt3 = handler.WriteToken(jwtToken3);
var encodedJwt4 = handler.WriteToken(jwtToken4);
var encodedJwt5 = handler.WriteToken(jwtToken5);
var encodedJwt6 = handler.WriteToken(jwtToken6);
SecurityToken validatedJwtToken1 = null;
var claimsPrincipal1 = handler.ValidateToken(encodedJwt1, theoryData.ValidationParameters, out validatedJwtToken1);
SecurityToken validatedJwtToken2 = null;
var claimsPrincipal2 = handler.ValidateToken(encodedJwt2, theoryData.ValidationParameters, out validatedJwtToken2);
SecurityToken validatedJwtToken3 = null;
var claimsPrincipal3 = handler.ValidateToken(encodedJwt3, theoryData.ValidationParameters, out validatedJwtToken3);
SecurityToken validatedJwtToken4 = null;
var claimsPrincipal4 = handler.ValidateToken(encodedJwt4, theoryData.ValidationParameters, out validatedJwtToken4);
SecurityToken validatedJwtToken5 = null;
var claimsPrincipal5 = handler.ValidateToken(encodedJwt5, theoryData.ValidationParameters, out validatedJwtToken5);
SecurityToken validatedJwtToken6 = null;
var claimsPrincipal6 = handler.ValidateToken(encodedJwt6, theoryData.ValidationParameters, out validatedJwtToken6);
var context = new CompareContext();
var localContext = new CompareContext
{
PropertiesToIgnoreWhenComparing = new Dictionary <Type, List <string> >
{
{ typeof(JwtHeader), new List <string> {
"Item"
} },
{ typeof(JwtPayload), new List <string> {
"Item"
} }
}
};
if (!IdentityComparer.AreJwtSecurityTokensEqual(jwtToken1, jwtToken2, localContext))
{
context.Diffs.Add("jwtToken1 != jwtToken2");
context.Diffs.AddRange(localContext.Diffs);
}
localContext.Diffs.Clear();
if (!IdentityComparer.AreJwtSecurityTokensEqual(jwtToken3, jwtToken4, localContext))
{
context.Diffs.Add("jwtToken3 != jwtToken4");
context.Diffs.AddRange(localContext.Diffs);
}
localContext.Diffs.Clear();
if (!IdentityComparer.AreJwtSecurityTokensEqual(jwtToken3, jwtToken5, localContext))
{
context.Diffs.Add("jwtToken3 != jwtToken5");
context.Diffs.AddRange(localContext.Diffs);
}
localContext.Diffs.Clear();
if (!IdentityComparer.AreEqual(validatedJwtToken1, validatedJwtToken2, localContext))
{
context.Diffs.Add("validatedJwtToken1 != validatedJwtToken2");
context.Diffs.AddRange(localContext.Diffs);
}
localContext.Diffs.Clear();
if (!IdentityComparer.AreEqual(validatedJwtToken1, validatedJwtToken3, localContext))
{
context.Diffs.Add("validatedJwtToken1 != validatedJwtToken3");
context.Diffs.AddRange(localContext.Diffs);
}
localContext.Diffs.Clear();
if (!IdentityComparer.AreEqual(validatedJwtToken1, validatedJwtToken4, localContext))
{
context.Diffs.Add("validatedJwtToken1 != validatedJwtToken4");
context.Diffs.AddRange(localContext.Diffs);
}
localContext.Diffs.Clear();
if (!IdentityComparer.AreEqual(validatedJwtToken1, validatedJwtToken5, localContext))
{
context.Diffs.Add("validatedJwtToken1 != validatedJwtToken5");
context.Diffs.AddRange(localContext.Diffs);
}
localContext.Diffs.Clear();
if (!IdentityComparer.AreEqual(validatedJwtToken1, validatedJwtToken6, localContext))
{
context.Diffs.Add("validatedJwtToken1 != validatedJwtToken6");
context.Diffs.AddRange(localContext.Diffs);
}
localContext.Diffs.Clear();
if (!IdentityComparer.AreClaimsPrincipalsEqual(claimsPrincipal1, claimsPrincipal2, localContext))
{
context.Diffs.Add("claimsPrincipal1 != claimsPrincipal2");
context.Diffs.AddRange(localContext.Diffs);
}
localContext.Diffs.Clear();
if (!IdentityComparer.AreClaimsPrincipalsEqual(claimsPrincipal1, claimsPrincipal3, localContext))
{
context.Diffs.Add("claimsPrincipal1 != claimsPrincipal3");
context.Diffs.AddRange(localContext.Diffs);
}
localContext.Diffs.Clear();
if (!IdentityComparer.AreClaimsPrincipalsEqual(claimsPrincipal1, claimsPrincipal4, localContext))
{
context.Diffs.Add("claimsPrincipal1 != claimsPrincipal4");
context.Diffs.AddRange(localContext.Diffs);
}
localContext.Diffs.Clear();
if (!IdentityComparer.AreClaimsPrincipalsEqual(claimsPrincipal1, claimsPrincipal5, localContext))
{
context.Diffs.Add("claimsPrincipal1 != claimsPrincipal5");
context.Diffs.AddRange(localContext.Diffs);
}
localContext.Diffs.Clear();
if (!IdentityComparer.AreClaimsPrincipalsEqual(claimsPrincipal1, claimsPrincipal6, localContext))
{
context.Diffs.Add("claimsPrincipal1 != claimsPrincipal6");
context.Diffs.AddRange(localContext.Diffs);
}
TestUtilities.AssertFailIfErrors(string.Format(CultureInfo.InvariantCulture, "RoundTripTokens: Case '{0}'", theoryData.TestId), context.Diffs);
}
