public void UseDeflatedSaml11BearerAuthentication_CalledWithInvalidToken_ThrowsUnauthorizedException() { var sts = Infrastructure.TestSts.TestSts.Create(); var audience = new Uri(Audience); var principal = new ClaimsPrincipal(new[] { new ClaimsIdentity(new[] { new Claim(ClaimTypes.Name, User) }) }); var issuerNameRegistry = new SimpleValidateByThumbprintOnlyIssuerNameRegistry( new string('F', sts.IssuerNameRegistry.AcceptedThumbprint.Length), "http://nonexistingissuer"); SetIssuerNameRegistryAndAudience(issuerNameRegistry, audience); using (var server = TestServer.Create(app => { app.UseDeflatedSamlBearerAuthentication(WifTokenValidatorFactory.CreateWindowsIdentityFoundationTokenValidator()); app.Run(SimulatedAuthorizingControllerAction); })) { var httpClient = server.HttpClient; AddAuthorizationHeader(httpClient, "<xml>Jægerbogen på arabisk: كتاب صياد</xml>"); var exception = Assert.Throws <AggregateException>( () => { var response = httpClient.GetAsync("/").Result; } ); Console.WriteLine(exception.Message); exception.InnerException.Should().BeOfType <UnauthorizedAccessException>(); Console.WriteLine(exception.InnerException.Message); } }
private static void SetIssuerNameRegistryAndAudience( SimpleValidateByThumbprintOnlyIssuerNameRegistry issuerNameRegistry, Uri audience) { FederatedAuthentication.FederationConfiguration.IdentityConfiguration.IssuerNameRegistry = issuerNameRegistry; FederatedAuthentication.FederationConfiguration.IdentityConfiguration.AudienceRestriction.AllowedAudienceUris.Clear(); FederatedAuthentication.FederationConfiguration.IdentityConfiguration.AudienceRestriction.AllowedAudienceUris.Add( audience); }