public async Task ValidateClaimsTest()
        {
            var claims            = new List <Claim>();
            var defaultAuthConfig = new AuthenticationConfiguration();

            // No validator should pass.
            await JwtTokenValidation.ValidateClaimsAsync(defaultAuthConfig, claims);

            var mockValidator = new Mock <ClaimsValidator>();
            var authConfigWithClaimsValidator = new AuthenticationConfiguration()
            {
                ClaimsValidator = mockValidator.Object
            };

            // ClaimsValidator configured but no exception should pass.
            mockValidator.Setup(x => x.ValidateClaimsAsync(It.IsAny <List <Claim> >())).Returns(Task.CompletedTask);
            await JwtTokenValidation.ValidateClaimsAsync(authConfigWithClaimsValidator, claims);

            // Configure IClaimsValidator to fail
            mockValidator.Setup(x => x.ValidateClaimsAsync(It.IsAny <List <Claim> >())).Throws(new UnauthorizedAccessException("Invalid claims."));
            var exception = await Assert.ThrowsAsync <UnauthorizedAccessException>(
                async() => await JwtTokenValidation.ValidateClaimsAsync(authConfigWithClaimsValidator, claims));

            Assert.Equal("Invalid claims.", exception.Message);
        }
        public async Task ValidateClaimsTest_DoesNotThrow_WhenNotSkillClaim_WithNullValidator()
        {
            var claims = new List <Claim>();

            claims.Add(new Claim(AuthenticationConstants.VersionClaim, "2.0"));
            claims.Add(new Claim(AuthenticationConstants.AudienceClaim, "BotId"));
            claims.Add(new Claim(AuthenticationConstants.AuthorizedParty, "BotId")); // Skill claims aud!=azp

            // AuthenticationConfiguration with no ClaimsValidator and a none Skill Claim, should NOT throw UnauthorizedAccessException
            // None Skill do not need a ClaimsValidator.
            await JwtTokenValidation.ValidateClaimsAsync(new AuthenticationConfiguration(), claims);
        }
        public async Task ValidateClaimsTest_ThrowsOnSkillClaim_WithNullValidator()
        {
            var claims = new List <Claim>();

            claims.Add(new Claim(AuthenticationConstants.VersionClaim, "2.0"));
            claims.Add(new Claim(AuthenticationConstants.AudienceClaim, "SkillBotId"));
            claims.Add(new Claim(AuthenticationConstants.AuthorizedParty, "BotId")); // Skill claims aud!=azp

            // AuthenticationConfiguration with no ClaimsValidator and a Skill Claim, should throw UnauthorizedAccessException
            // Skill calls MUST be validated with a ClaimsValidator
            await Assert.ThrowsAsync <UnauthorizedAccessException>(async() => await JwtTokenValidation.ValidateClaimsAsync(new AuthenticationConfiguration(), claims));
        }