private void RunAudienceVariation(List <Claim> audienceClaims, List <string> expectedAudiences, CompareContext context)
        {
            var handler         = new JwtSecurityTokenHandler();
            var tokenDescriptor = IdentityUtilities.DefaultAsymmetricSecurityTokenDescriptor(audienceClaims);

            tokenDescriptor.Audience = null;
            var jwt = handler.CreateEncodedJwt(tokenDescriptor);

            SecurityToken token           = null;
            var           claimsPrincipal = handler.ValidateToken(jwt, IdentityUtilities.DefaultAsymmetricTokenValidationParameters, out token);
            var           jwtToken        = token as JwtSecurityToken;
            var           audiences       = jwtToken.Audiences;

            IdentityComparer.AreEqual(audiences, expectedAudiences as IEnumerable <string>, context);

            ClaimsIdentity identity = claimsPrincipal.Identity as ClaimsIdentity;

            IdentityComparer.AreEqual(identity.FindAll(JwtRegisteredClaimNames.Aud), audienceClaims, context);
        }
Пример #2
0
        public void InboundFilterTest()
        {
            var handler = new JwtSecurityTokenHandler();

            handler.OutboundClaimTypeMap.Clear();
            var claims = ClaimSets.DefaultClaims;

            string encodedJwt = handler.CreateEncodedJwt(IdentityUtilities.DefaultAsymmetricSecurityTokenDescriptor(claims));

            handler.InboundClaimTypeMap.Clear();
            handler.InboundClaimFilter.Add("aud");
            handler.InboundClaimFilter.Add("exp");
            handler.InboundClaimFilter.Add("iat");
            handler.InboundClaimFilter.Add("iss");
            handler.InboundClaimFilter.Add("nbf");

            SecurityToken   validatedToken;
            ClaimsPrincipal claimsPrincipal = handler.ValidateToken(encodedJwt, IdentityUtilities.DefaultAsymmetricTokenValidationParameters, out validatedToken);
            var             context         = new CompareContext();

            IdentityComparer.AreEqual(claimsPrincipal.Claims, claims, context);
            TestUtilities.AssertFailIfErrors(context.Diffs);
        }
Пример #3
0
        public static TheoryData <CreateAndValidateParams> CreationParams()
        {
            var createParams       = new TheoryData <CreateAndValidateParams>();
            var expires            = DateTime.UtcNow + TimeSpan.FromDays(1);
            var handler            = new JwtSecurityTokenHandler();
            var nbf                = DateTime.UtcNow;
            var signingCredentials = new SigningCredentials(KeyingMaterial.X509SecurityKeySelfSigned2048_SHA256, SecurityAlgorithms.RsaSha256Signature);
            var verifyingKey       = KeyingMaterial.X509SecurityKeySelfSigned2048_SHA256_Public;

            createParams.Add(new CreateAndValidateParams
            {
                Case = "ClaimSets.NoClaims",
                SecurityTokenDescriptor   = IdentityUtilities.DefaultAsymmetricSecurityTokenDescriptor(null),
                TokenValidationParameters = IdentityUtilities.DefaultAsymmetricTokenValidationParameters,
            });

            createParams.Add(new CreateAndValidateParams
            {
                Case = "EmptyToken",
                SecurityTokenDescriptor   = new SecurityTokenDescriptor(),
                TokenValidationParameters = new TokenValidationParameters
                {
                    RequireSignedTokens = false,
                    ValidateAudience    = false,
                    ValidateLifetime    = false,
                    ValidateIssuer      = false,
                }
            });

            createParams.Add(new CreateAndValidateParams
            {
                Case                      = "ClaimSets.DuplicateTypes",
                ExceptionType             = null,
                SecurityTokenDescriptor   = IdentityUtilities.DefaultAsymmetricSecurityTokenDescriptor(ClaimSets.DuplicateTypes()),
                TokenValidationParameters = IdentityUtilities.DefaultAsymmetricTokenValidationParameters,
            });

            createParams.Add(new CreateAndValidateParams
            {
                Case                      = "ClaimSets.Simple_Asymmetric",
                ExceptionType             = null,
                SecurityTokenDescriptor   = IdentityUtilities.DefaultAsymmetricSecurityTokenDescriptor(ClaimSets.DefaultClaims),
                TokenValidationParameters = IdentityUtilities.DefaultAsymmetricTokenValidationParameters
            });

            createParams.Add(new CreateAndValidateParams
            {
                Case                      = "ClaimSets.Simple_Symmetric",
                ExceptionType             = null,
                SecurityTokenDescriptor   = IdentityUtilities.DefaultSymmetricSecurityTokenDescriptor(ClaimSets.DefaultClaims),
                TokenValidationParameters = IdentityUtilities.DefaultSymmetricTokenValidationParameters
            });

            createParams.Add(new CreateAndValidateParams
            {
                Case                      = "ClaimSets.RoleClaims",
                ExceptionType             = null,
                SecurityTokenDescriptor   = IdentityUtilities.DefaultSymmetricSecurityTokenDescriptor(ClaimSets.GetDefaultRoleClaims(handler)),
                TokenValidationParameters = IdentityUtilities.DefaultSymmetricTokenValidationParameters
            });

            return(createParams);
        }