public void JwtSecurityTokenHandler_Extensibility()
        {
            DerivedJwtSecurityTokenHandler handler = new DerivedJwtSecurityTokenHandler()
            {
                DerivedTokenType = typeof(DerivedJwtSecurityToken)
            };

            JwtSecurityToken jwt =
                new JwtSecurityToken
                (
                    issuer: Issuers.GotJwt,
                    audience: Audiences.AuthFactors,
                    claims: ClaimSets.Simple(Issuers.GotJwt, Issuers.GotJwt),
                    signingCredentials: KeyingMaterial.DefaultSymmetricSigningCreds_256_Sha2,
                    expires: DateTime.UtcNow + TimeSpan.FromHours(10),
                    notBefore: DateTime.UtcNow
                );

            string encodedJwt             = handler.WriteToken(jwt);
            TokenValidationParameters tvp = new TokenValidationParameters()
            {
                IssuerSigningKey = KeyingMaterial.DefaultSymmetricSecurityKey_256,
                ValidateAudience = false,
                ValidIssuer      = Issuers.GotJwt,
            };

            ValidateDerived(encodedJwt, handler, tvp, ExpectedException.NoExceptionExpected);
        }
        public void JwtSecurityTokenHandler_Extensibility()
        {
            DerivedJwtSecurityTokenHandler handler = new DerivedJwtSecurityTokenHandler()
            {
                DerivedTokenType = typeof(DerivedJwtSecurityToken)
            };

            JwtSecurityToken jwt =
                new JwtSecurityToken
                (
                    issuer: Issuers.GotJwt,
                    audience: Audiences.AuthFactors,
                    claims: ClaimSets.Simple(Issuers.GotJwt, Issuers.GotJwt),
                    signingCredentials: KeyingMaterial.DefaultSymmetricSigningCreds_256_Sha2,
                    expires: DateTime.UtcNow + TimeSpan.FromHours(10),
                    notBefore: DateTime.UtcNow
                );

            string encodedJwt = handler.WriteToken(jwt);
            TokenValidationParameters tvp = new TokenValidationParameters()
            {
                IssuerSigningKey = KeyingMaterial.DefaultSymmetricSecurityKey_256,
                ValidateAudience = false,
                ValidIssuer = Issuers.GotJwt,
            };

            ValidateDerived(encodedJwt, handler, tvp, ExpectedException.NoExceptionExpected);
        }
Exemplo n.º 3
0
        public void JwtSecurityTokenHandler_Extensibility()
        {
            DerivedJwtSecurityTokenHandler handler = new DerivedJwtSecurityTokenHandler()
            {
                DerivedTokenType = typeof(DerivedJwtSecurityToken)
            };

            JwtSecurityToken jwt =
                new JwtSecurityToken
                (
                    issuer: Issuers.GotJwt,
                    audience: Audiences.AuthFactors,
                    claims: ClaimSets.Simple(Issuers.GotJwt, Issuers.GotJwt),
                    signingCredentials: KeyingMaterial.SymmetricSigningCreds_256_Sha2,
                    lifetime: new Lifetime(DateTime.UtcNow, DateTime.UtcNow + TimeSpan.FromHours(10))
                );

            string           encodedJwt       = handler.WriteToken(jwt);
            JwtSecurityToken jwtReadAsDerived = handler.ReadToken(DerivedJwtSecurityToken.Prefix + encodedJwt) as JwtSecurityToken;

            DerivedJwtSecurityToken jwtDerivedNotValidated = jwtReadAsDerived as DerivedJwtSecurityToken;

            TokenValidationParameters tvp = new TokenValidationParameters()
            {
                SigningToken    = KeyingMaterial.BinarySecretToken_256,
                AudienceUriMode = Selectors.AudienceUriMode.Never,
                ValidIssuer     = Issuers.GotJwt,
            };

            ValidateDerived(jwtReadAsDerived, null, handler, tvp, ExpectedException.Null);
            ValidateDerived(null, DerivedJwtSecurityToken.Prefix + encodedJwt, handler, tvp, ExpectedException.Null);
            handler.Configuration = new SecurityTokenHandlerConfiguration()
            {
                IssuerTokenResolver  = new SetReturnSecurityTokenResolver(KeyingMaterial.BinarySecretToken_256, KeyingMaterial.SymmetricSecurityKey_256),
                SaveBootstrapContext = true,
                CertificateValidator = AlwaysSucceedCertificateValidator.New,
                IssuerNameRegistry   = new SetNameIssuerNameRegistry(Audiences.AuthFactors),
                AudienceRestriction  = new AudienceRestriction(AudienceUriMode.Always),
            };

            handler.Configuration.AudienceRestriction.AllowedAudienceUris.Add(new Uri(Audiences.AuthFactors));

            ValidateDerived(null, DerivedJwtSecurityToken.Prefix + encodedJwt, handler, null, ExpectedException.Null);
            ValidateDerived(handler.ReadToken(DerivedJwtSecurityToken.Prefix + encodedJwt) as JwtSecurityToken, null, handler, null, ExpectedException.Null);

            handler.DerivedTokenType = typeof(JwtSecurityToken);

            JwtSecurityToken jwtRead = handler.ReadToken(encodedJwt) as JwtSecurityToken;

            ValidateDerived(jwtRead, null, handler, tvp, ExpectedException.Null);
            ValidateDerived(null, encodedJwt, handler, tvp, ExpectedException.Null);
            ValidateDerived(null, encodedJwt, handler, null, ExpectedException.Null);
            ValidateDerived(jwtRead as JwtSecurityToken, null, handler, null, ExpectedException.Null);
        }
Exemplo n.º 4
0
        private void ValidateDerived(JwtSecurityToken jwt, string encodedJwt, DerivedJwtSecurityTokenHandler derivedHandler, TokenValidationParameters tvp, ExpectedException ee)
        {
            try
            {
                if (tvp != null)
                {
                    if (jwt != null)
                    {
                        derivedHandler.ValidateToken(jwt, tvp);
                    }
                    else
                    {
                        derivedHandler.ValidateToken(encodedJwt, tvp);
                    }
                }
                else
                {
                    if (jwt != null)
                    {
                        derivedHandler.ValidateToken(jwt);
                    }
                    else
                    {
                        derivedHandler.ValidateToken(encodedJwt);
                    }
                }

                DerivedJwtSecurityToken jwtDerived = jwt as DerivedJwtSecurityToken;
                if (jwtDerived == null && jwt != null)
                {
                    Assert.IsFalse(derivedHandler.DerivedTokenType == typeof(DerivedJwtSecurityToken), "Expected DerivedJwtSecurityToken type, got: " + jwt.GetType());
                }
                else if (jwtDerived != null)
                {
                    Assert.IsFalse(!jwtDerived.ValidateAudienceCalled, "!jwtDerived.ValidateAudienceCalled");

                    Assert.IsFalse(!jwtDerived.ValidateIssuerCalled, "!jwtDerived.ValidateAudienceCalled");

                    Assert.IsFalse(!jwtDerived.ValidateLifetimeCalled, "!jwtDerived.ValidateLifetimeCalled");

                    Assert.IsFalse(!jwtDerived.ValidateSignatureCalled, "!jwtDerived.ValidateSignatureCalled");

                    Assert.IsFalse(!jwtDerived.ValidateSigningTokenCalled, "!jwtDerived.ValidateSigningTokenCalled");
                }

                ExpectedException.ProcessNoException(ee);
            }
            catch (Exception ex)
            {
                ExpectedException.ProcessException(ee, ex);
            }
        }
 private void ValidateDerived(string jwt, DerivedJwtSecurityTokenHandler handler, TokenValidationParameters validationParameters, ExpectedException expectedException)
 {
     try
     {
         SecurityToken validatedToken;
         handler.ValidateToken(jwt, validationParameters, out validatedToken);
         Assert.IsNotNull(handler.Jwt as DerivedJwtSecurityToken);
         Assert.IsTrue(handler.ReadTokenCalled);
         Assert.IsFalse(handler.ValidateAudienceCalled);
         Assert.IsTrue(handler.ValidateIssuerCalled);
         Assert.IsTrue(handler.ValidateIssuerSigningKeyCalled);
         Assert.IsTrue(handler.ValidateLifetimeCalled);
         Assert.IsTrue(handler.ValidateSignatureCalled);
         expectedException.ProcessNoException();
     }
     catch (Exception ex)
     {
         expectedException.ProcessException(ex);
     }
 }
 private void ValidateDerived(string jwt, DerivedJwtSecurityTokenHandler handler, TokenValidationParameters validationParameters, ExpectedException expectedException)
 {
     try
     {
         SecurityToken validatedToken;
         handler.ValidateToken(jwt, validationParameters, out validatedToken);
         Assert.IsNotNull(handler.Jwt as DerivedJwtSecurityToken);
         Assert.IsTrue(handler.ReadTokenCalled);
         Assert.IsFalse(handler.ValidateAudienceCalled);
         Assert.IsTrue(handler.ValidateIssuerCalled);
         Assert.IsTrue(handler.ValidateIssuerSigningKeyCalled);
         Assert.IsTrue(handler.ValidateLifetimeCalled);
         Assert.IsTrue(handler.ValidateSignatureCalled);
         expectedException.ProcessNoException();
     }
     catch (Exception ex)
     {
         expectedException.ProcessException(ex);
     }
 }