Exemplo n.º 1
0
        public void Verify_WhenPayloadDoesNotContainJson_ExpectSecurityTokenException()
        {
            var payloadValue      = "<xml>test</xml>";
            var payloadValueBytes = System.Text.Encoding.UTF8.GetBytes(payloadValue);

            var signature = new byte[256];

            new Random().NextBytes(signature);

            var payload = new byte[payloadValueBytes.Length + signature.Length];

            Buffer.BlockCopy(payloadValueBytes, 0, payload, 0, payloadValueBytes.Length);
            Buffer.BlockCopy(signature, 0, payload, payloadValueBytes.Length, signature.Length);

            var token = new PasetoToken($"{ValidVersion}.{ValidPublicPurpose}.{Base64UrlEncoder.Encode(payload)}");

            Assert.Throws <ArgumentException>(() => sut.Verify(token, validVerificationKeys));
        }
Exemplo n.º 2
0
        public void Verify_WhenSignatureInvalid_ExpectSecurityTokenInvalidSignatureException()
        {
            var payloadValue      = "{ 'test': 'test' }";
            var payloadValueBytes = System.Text.Encoding.UTF8.GetBytes(payloadValue);

            var signature = new byte[64];

            new Random().NextBytes(signature);

            var payload = new byte[payloadValueBytes.Length + signature.Length];

            Buffer.BlockCopy(payloadValueBytes, 0, payload, 0, payloadValueBytes.Length);
            Buffer.BlockCopy(signature, 0, payload, payloadValueBytes.Length, signature.Length);

            var token = new PasetoToken($"{ValidVersion}.{ValidPublicPurpose}.{Base64UrlEncoder.Encode(payload)}");

            Assert.Throws <SecurityTokenInvalidSignatureException>(() => sut.Verify(token, validVerificationKeys));
        }
Exemplo n.º 3
0
        public void ctor_WhenValidPasetoTokenWithFooter_ExpectCorrectProperties()
        {
            const string expectedVersion = "v2";
            const string expectedPurpose = "public";
            const string expectedPayload = "fa919c9d3d1248f29213521a40fc2b57";
            const string expectedFooter  = "{test}";
            var          token           = $"{expectedVersion}.{expectedPurpose}.{expectedPayload}.{Base64UrlEncoder.Encode(expectedFooter)}";

            var pasetoToken = new PasetoToken(token);

            pasetoToken.RawToken.Should().Be(token);
            pasetoToken.Version.Should().Be(expectedVersion);
            pasetoToken.Purpose.Should().Be(expectedPurpose);
            pasetoToken.EncodedPayload.Should().Be(expectedPayload);
            pasetoToken.EncodedFooter.Should().Be(Base64UrlEncoder.Encode(expectedFooter));
            pasetoToken.Footer.Should().Be(expectedFooter);

            pasetoToken.Payload.Should().BeNull();
        }
 public override PasetoSecurityToken Verify(PasetoToken token, IEnumerable <SecurityKey> signingKeys) => throw new System.NotImplementedException();
 public override PasetoSecurityToken Decrypt(PasetoToken token, IEnumerable <SecurityKey> decryptionKeys) => throw new System.NotImplementedException();
Exemplo n.º 6
0
        public void Verify_WhenIncorrectPurpose_ExpectArgumentException()
        {
            var token = new PasetoToken($"{ValidVersion}.local.{ValidPublicPayload}");

            Assert.Throws <ArgumentException>(() => sut.Verify(token, validVerificationKeys));
        }
Exemplo n.º 7
0
        public void Verify_WhenPayloadIsNotBase64UrlEncodedValue_ExpectFormatException()
        {
            var token = new PasetoToken($"{ValidVersion}.{ValidPublicPurpose}.ey!!");

            Assert.Throws <FormatException>(() => sut.Verify(token, validVerificationKeys));
        }