Exemplo n.º 1
0
        public void ReadAndValidateSymmetric_ValidTokenAndInvalidAudience_ShouldThrowSecurityTokenInvalidAudienceException()
        {
            // GIVEN a valid JWT reader, JWT and and invalid audience
            var jwt                  = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzb21lLWNsYWltLWludCI6MTIzNDU2LCJzb21lLWNsYWltLWJvb2wiOmZhbHNlLCJzb21lLWNsYWltLWFycmF5IjpbIml0ZW0xIiwiaXRlbTIiXSwiZXhwIjoyNTM0MDIzMDA4MDAsImlzcyI6InNvbWUtaXNzdWVyIiwiYXVkIjoic29tZS1hdWRpZW5jZSJ9.jGjRCItE2n42ZUu7h4GzH-oT8n1Y5wjzs73NYQUcmJk";
            var sut                  = new JWTReader();
            var issuer               = "some-issuer";
            var audience             = "some-other-audience";
            var sharedKey            = "b7vUtYUvmR46ifoddrccuWCHeRMfm2qw";
            var validationParameters = new ValidationParameters {
                ValidIssuer = issuer, ValidAudience = audience, ValidateLifetime = false
            };

            // WHEN reading and validating it
            Action act = () => sut.ReadAndValidateSymmetric(jwt, validationParameters, sharedKey);

            // THEN it should throw SecurityTokenInvalidAudienceException
            act.Should().Throw <SecurityTokenInvalidAudienceException>();
        }
Exemplo n.º 2
0
        public void ReadAndValidateSymmetric_ExpiredToken_ShouldThrowSecurityTokenExpiredException()
        {
            // GIVEN a valid JWT reader and an expired JWT
            var sut                  = new JWTReader();
            var issuer               = "some-issuer";
            var audience             = "some-audience";
            var sharedKey            = "b7vUtYUvmR46ifoddrccuWCHeRMfm2qw";
            var jwt                  = new JWTWriter().WriteSymmetric(issuer, audience, DateTime.UtcNow.AddDays(-10), sharedKey, null);
            var validationParameters = new ValidationParameters {
                ValidateLifetime = true
            };

            // WHEN reading and validating it
            Action act = () => sut.ReadAndValidateSymmetric(jwt, validationParameters, sharedKey);

            // THEN it should throw SecurityTokenExpiredException
            act.Should().Throw <SecurityTokenExpiredException>();
        }
Exemplo n.º 3
0
        public void ReadAndValidateSymmetric_ValidTokenAndValidKey_ShouldReturnAMapWithClaims()
        {
            // GIVEN a valid JWT reader and JWT
            var jwt                  = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzb21lLWNsYWltLWludCI6MTIzNDU2LCJzb21lLWNsYWltLWJvb2wiOmZhbHNlLCJzb21lLWNsYWltLWFycmF5IjpbIml0ZW0xIiwiaXRlbTIiXSwiZXhwIjoyNTM0MDIzMDA4MDAsImlzcyI6InNvbWUtaXNzdWVyIiwiYXVkIjoic29tZS1hdWRpZW5jZSJ9.jGjRCItE2n42ZUu7h4GzH-oT8n1Y5wjzs73NYQUcmJk";
            var sut                  = new JWTReader();
            var issuer               = "some-issuer";
            var audience             = "some-audience";
            var sharedKey            = "b7vUtYUvmR46ifoddrccuWCHeRMfm2qw";
            var validationParameters = new ValidationParameters {
                ValidIssuer = issuer, ValidAudience = audience, ValidateLifetime = false
            };

            // WHEN reading and validating it
            var claimMap = sut.ReadAndValidateSymmetric(jwt, validationParameters, sharedKey);

            // THEN it should contain the expected claims
            claimMap.Should().NotBeNull().And.NotBeEmpty();
            claimMap.Should().ContainKey("iss").WhichValue.Should().Be(issuer);
            claimMap.Should().ContainKey("aud").WhichValue.Should().Be(audience);
            claimMap.Should().ContainKey("some-claim-int").WhichValue.Should().Be(123456);
            claimMap.Should().ContainKey("some-claim-bool").WhichValue.Should().Be(false);
            claimMap.Should().ContainKey("some-claim-array").WhichValue.Should().BeAssignableTo <IEnumerable>()
            .Subject.Should().Contain(new string[] { "item1", "item2" });
        }