public async Task ValidateClaimsTest() { var claims = new List <Claim>(); var defaultAuthConfig = new AuthenticationConfiguration(); // No validator should pass. await JwtTokenValidation.ValidateClaimsAsync(defaultAuthConfig, claims); var mockValidator = new Mock <ClaimsValidator>(); var authConfigWithClaimsValidator = new AuthenticationConfiguration() { ClaimsValidator = mockValidator.Object }; // ClaimsValidator configured but no exception should pass. mockValidator.Setup(x => x.ValidateClaimsAsync(It.IsAny <List <Claim> >())).Returns(Task.CompletedTask); await JwtTokenValidation.ValidateClaimsAsync(authConfigWithClaimsValidator, claims); // Configure IClaimsValidator to fail mockValidator.Setup(x => x.ValidateClaimsAsync(It.IsAny <List <Claim> >())).Throws(new UnauthorizedAccessException("Invalid claims.")); var exception = await Assert.ThrowsAsync <UnauthorizedAccessException>( async() => await JwtTokenValidation.ValidateClaimsAsync(authConfigWithClaimsValidator, claims)); Assert.Equal("Invalid claims.", exception.Message); }
public async Task ValidateClaimsTest_DoesNotThrow_WhenNotSkillClaim_WithNullValidator() { var claims = new List <Claim>(); claims.Add(new Claim(AuthenticationConstants.VersionClaim, "2.0")); claims.Add(new Claim(AuthenticationConstants.AudienceClaim, "BotId")); claims.Add(new Claim(AuthenticationConstants.AuthorizedParty, "BotId")); // Skill claims aud!=azp // AuthenticationConfiguration with no ClaimsValidator and a none Skill Claim, should NOT throw UnauthorizedAccessException // None Skill do not need a ClaimsValidator. await JwtTokenValidation.ValidateClaimsAsync(new AuthenticationConfiguration(), claims); }
public async Task ValidateClaimsTest_ThrowsOnSkillClaim_WithNullValidator() { var claims = new List <Claim>(); claims.Add(new Claim(AuthenticationConstants.VersionClaim, "2.0")); claims.Add(new Claim(AuthenticationConstants.AudienceClaim, "SkillBotId")); claims.Add(new Claim(AuthenticationConstants.AuthorizedParty, "BotId")); // Skill claims aud!=azp // AuthenticationConfiguration with no ClaimsValidator and a Skill Claim, should throw UnauthorizedAccessException // Skill calls MUST be validated with a ClaimsValidator await Assert.ThrowsAsync <UnauthorizedAccessException>(async() => await JwtTokenValidation.ValidateClaimsAsync(new AuthenticationConfiguration(), claims)); }