Exemplo n.º 1
0
        public SecurityContext(string token)
        {
            JWTokenManager tokenManager         = new JWTokenManager();
            Dictionary <string, string> payload = tokenManager.DecodePayload(token);

            Initialize(token, payload);
        }
Exemplo n.º 2
0
        public void VerifyHeader_PassingNullToken_ReturnFalse()
        {
            // Arrange
            string         nullToken  = null;
            JWTokenManager jwtManager = new JWTokenManager();
            bool           expected   = false;
            // Act
            bool actual = jwtManager.VerifyHeader(nullToken);

            // Assert
            Assert.Equal(expected, actual);
        }
Exemplo n.º 3
0
        public void VerifyHeader_PassingCorrectHeader_ReturnTrue()
        {
            // Arrange
            string         fakeToken  = "eyJhbGciOiJTSEEyNTYiLCJ0eXAiOiJKV1QifQ";
            JWTokenManager jwtManager = new JWTokenManager();
            bool           expected   = true;
            // Act
            bool actual = jwtManager.VerifyHeader(fakeToken);

            // Assert
            Assert.Equal(expected, actual);
        }
Exemplo n.º 4
0
        public void VerifyHeader_PassingFakeEncodedString_ReturnFalse()
        {
            // Arrange
            string         fakeToken  = "FakeToken";
            bool           expected   = false;
            JWTokenManager jwtManager = new JWTokenManager();
            // Act
            bool actual = jwtManager.VerifyHeader(fakeToken);

            // Assert
            Assert.Equal(expected, actual);
        }
Exemplo n.º 5
0
        public void VerifyHeader_PassingInvalidTokenType_ReturnFalse()
        {
            // Arrange
            string         fakeToken  = "eyJhbGciOiJTSEEyNTYiLCJ0eXAiOiJBTFQifQ";
            JWTokenManager jwtManager = new JWTokenManager();
            bool           expected   = false;
            // Act
            bool actual = jwtManager.VerifyHeader(fakeToken);

            // Assert
            Assert.Equal(expected, actual);
        }
Exemplo n.º 6
0
        public void VerifyHeader_HeaderWithInvalidAlgorithm_ReturnFalse()
        {
            // Arrange
            string         fakeToken  = "eyJhbGciOiJTSEFlZmppbyIsInR5cCI6IkpXVCJ9";
            JWTokenManager jwtManager = new JWTokenManager();
            bool           expected   = false;
            // Act
            bool actual = jwtManager.VerifyHeader(fakeToken);

            // Assert
            Assert.Equal(expected, actual);
        }
Exemplo n.º 7
0
        public void VerifyHeader_PassingMissingAlgEntry_ReturnFalse()
        {
            // Arrange
            string         fakeToken  = "eyJ0eXAiOiJKV1QifQ";
            JWTokenManager jwtManager = new JWTokenManager();
            bool           expected   = false;
            // Act
            bool actual = jwtManager.VerifyHeader(fakeToken);

            // Assert
            Assert.Equal(expected, actual);
        }
Exemplo n.º 8
0
        public JWTokenManagerTests()
        {
            var config = new Dictionary <string, string>
            {
                { "Key", Key }
            };

            var configuration = new ConfigurationBuilder()
                                .AddInMemoryCollection(config)
                                .Build();

            _systemUnderTesting = new JWTokenManager(configuration, _repoMock.Object, _encrypterMock.Object);
        }
Exemplo n.º 9
0
        public void ValidateSignature_PassEmptyString_ReturnFalse()
        {
            // Arrange
            string         validToken = "";
            JWTokenManager jwtManager = new JWTokenManager();
            bool           expected   = false;

            // Act
            bool actual = jwtManager.ValidateSignature(validToken);

            // Assert
            Assert.Equal(expected, actual);
        }
Exemplo n.º 10
0
        public AuthorizationManager(string token)
        {
            JWTokenManager jwtManager = new JWTokenManager();

            if (token == null)
            {
                throw new ArgumentNullException("token");
            }
            else if (!jwtManager.ValidateSignature(token))
            {
                throw new ArgumentException("token", "Not a valid JSON Web Token.");
            }
            this.context = new SecurityContext(token);
        }
Exemplo n.º 11
0
        public void ValidateSignature_PassTokenWithNoSignature_ReturnFalse()
        {
            // Arrange
            string validToken = "eyJhbGciOiJTSEEyNTYiLCJ0eXAiOiJKV1QifQ" +
                                ".eyJ1c2VyIjoidGVzdEBlbWFpbC5jb20iLCJjbGFpbSI6IltQb3N0LCBEZWxldGUsIEVkaXRdIn0";
            JWTokenManager jwtManager = new JWTokenManager();
            bool           expected   = false;

            // Act
            bool actual = jwtManager.ValidateSignature(validToken);

            // Assert
            Assert.Equal(expected, actual);
        }
Exemplo n.º 12
0
        public void ValidateSignature_PassTokenWithValidSignature_ReturnTrue()
        {
            // Arrange
            string validToken = "eyJhbGciOiJTSEEyNTYiLCJ0eXAiOiJKV1QifQ" +
                                ".eyJ1c2VyIjoidGVzdEBlbWFpbC5jb20iLCJjbGFpbSI6IltQb3N0LCBEZWxldGUsIEVkaXRdIn0" +
                                ".a_ZtyrD4iNplCbpCXUxPySaNWySp3enUEI57ib5Vw4U";
            JWTokenManager jwtManager = new JWTokenManager();
            bool           expected   = true;

            // Act
            bool actual = jwtManager.ValidateSignature(validToken);

            // Assert
            Assert.Equal(expected, actual);
        }
Exemplo n.º 13
0
        public void CreateToken_ValidTokenCreated_ReturnTrue()
        {
            // Arrange
            string expectedToken = "eyJhbGciOiJTSEEyNTYiLCJ0eXAiOiJKV1QifQ" +
                                   ".eyJ1c2VyIjoidGVzdCIsImNsYWltIjoiW2JlYWNoLCBibHVlLCB0ZXN0XSJ9" +
                                   ".pIJZEFcp5o9T9pzPqYZHXvQyt61RuZmNMdxbkmue3VY";
            Dictionary <string, string> testPayload = new Dictionary <string, string>()
            {
                { "user", "test" },
                { "claim", "[beach, blue, test]" }
            };
            JWTokenManager jwtManager = new JWTokenManager();

            // Act
            string actualToken = jwtManager.CreateToken(testPayload);

            // Assert
            Assert.Equal(expectedToken, actualToken);
        }
Exemplo n.º 14
0
        public void DecodePayload_PassValidToken_ReturnCorrectPayload()
        {
            // Arrange
            JWTokenManager jwtManager = new JWTokenManager();
            string         validToken = "eyJhbGciOiJTSEEyNTYiLCJ0eXAiOiJKV1QifQ" +
                                        ".eyJ1c2VyIjoidGVzdEBlbWFpbC5jb20iLCJjbGFpbSI6IltQb3N0LCBEZWxldGUsIEVkaXRdIn0" +
                                        ".a_ZtyrD4iNplCbpCXUxPySaNWySp3enUEI57ib5Vw4U";
            Dictionary <string, string> expectedPayload = new Dictionary <string, string>()
            {
                { "user", "*****@*****.**" },
                { "claim", "[Post, Delete, Edit]" }
            };

            // Act
            Dictionary <string, string> actualPayload = jwtManager.DecodePayload(validToken);

            // Assert
            // Order of dictionary entries doesn't matter.
            Assert.Equal <Dictionary <string, string> >(expectedPayload, actualPayload);
        }
Exemplo n.º 15
0
        public void CreateToken_NullPayloadPassed_ThrowArgumentNullException()
        {
            // Arrange
            bool expected = true;
            Dictionary <string, string> testPayload = null;
            JWTokenManager jwtManager = new JWTokenManager();
            bool           actual     = false;

            // Act
            try
            {
                string token = jwtManager.CreateToken(testPayload);
            }
            catch (ArgumentNullException)
            {
                actual = true;
            }

            // Assert
            Assert.Equal(expected, actual);
        }
Exemplo n.º 16
0
 public JWTokenManagerTests()
 {
     _systemUnderTesting = new JWTokenManager(Key, _repoMock.Object, _encrypterMock.Object);
 }
Exemplo n.º 17
0
        static void Main(string[] args)
        {
            CreateUsers();
            JWTokenManager tm = new JWTokenManager();
            Dictionary <string, string> testPayload = new Dictionary <string, string>()
            {
                { "user", "*****@*****.**" },
                { "claim", "[Post, Delete, Edit]" }
            };

            string token = tm.CreateToken(testPayload);

            Console.Out.WriteLine(token);
            Dictionary <string, string> decodedPayload = tm.DecodePayload(token);
            // Doesn't work for dictionary
            bool equalPayloads = testPayload.Equals(decodedPayload);

            Console.Out.WriteLine(equalPayloads);


            //Dictionary<string, string> test = new Dictionary<string, string>()
            //{
            //    { "fed", "food" },
            //    { "blue", "23" },
            //    { "cred", "43" }
            //};

            //test["c"] = "New 3";

            //CreateUsers();

            //var um = new UserManager();

            //User user = um.FindByUserName("*****@*****.**");
            //SessionManager sm = new SessionManager();
            //JWTokenManager tm = new JWTokenManager();
            //String token = sm.CreateSession(user.Id);
            //sm.InvalidateSession(token);
            //token = sm.CreateSession(user.Id);
            //Console.Out.WriteLine(token);
            //Console.Out.WriteLine("Attempting to validate token");
            //Dictionary<string, string> payload = null;
            //if (sm.ValidateSession(token))
            //{
            //    Console.Out.WriteLine("Getting payload");
            //    payload = tm.DecodePayload(token);
            //    Console.Out.WriteLine(payload.ToString());
            //}

            //if (sm.ValidateSession("FakeToken"))
            //{
            //    Console.Out.WriteLine("Error: FakeToken isn't a real token.");

            //}
            //else
            //{
            //    Console.Out.WriteLine("Correct: FakeToken wasn't valid.");
            //}

            //System.Threading.Thread.Sleep(50000);

            //if (!sm.ValidateSession(token))
            //{
            //    Console.Out.WriteLine("Token is now invalid. Good.");
            //}
            //else
            //{
            //    Console.Out.WriteLine("Error: Token should be invalid.");
            //}
            //string newToken = sm.RefreshSession(token, payload);
            //if (sm.ValidateSession(newToken))
            //{
            //    Console.Out.WriteLine("Good! The refresh worked!");
            //}
            //else
            //{
            //    Console.Out.WriteLine("Something is wrong with refresh.");
            //}

            //sm.InvalidateSession(newToken);
            //if (sm.ValidateSession(newToken))
            //{
            //    Console.Out.WriteLine("Something is wrong. Token should have been deleted.");
            //}
            //else
            //{
            //    Console.Out.WriteLine("The token is invalid as it should be. It was deleted after all.");
            //}

            Console.In.Read();
            Console.Out.WriteLine("Ending program.");
        }