Пример #1
0
        public void CreateAndValidateToken_WhenV2PublicToken_ExpectCorrectClaims()
        {
            const string expectedClaimType  = "name";
            const string expectedClaimValue = "scott";
            const string issuer             = "me";
            const string audience           = "you";

            var signingCredentials = new SigningCredentials(
                new EdDsaSecurityKey(new Ed25519PrivateKeyParameters(
                                         Convert.FromBase64String("TYXei5+8Qd2ZqKIlEuJJ3S50WYuocFTrqK+3/gHVH9B2hpLtAgscF2c9QuWCzV9fQxal3XBqTXivXJPpp79vgw=="), 0)), ExtendedSecurityAlgorithms.EdDsa);
            var verificationKeys =
                new EdDsaSecurityKey(new Ed25519PublicKeyParameters(Convert.FromBase64String("doaS7QILHBdnPULlgs1fX0MWpd1wak14r1yT6ae/b4M="), 0));

            var handler = new PasetoTokenHandler();
            var token   = handler.CreateToken(new PasetoSecurityTokenDescriptor(PasetoConstants.Versions.V2, PasetoConstants.Purposes.Public)
            {
                Issuer   = issuer,
                Audience = audience,
                Claims   = new Dictionary <string, object> {
                    { expectedClaimType, expectedClaimValue }
                },
                SigningCredentials = signingCredentials
            });

            var result = handler.ValidateToken(token, new TokenValidationParameters
            {
                ValidIssuer      = issuer,
                ValidAudience    = audience,
                IssuerSigningKey = verificationKeys
            });

            result.IsValid.Should().BeTrue();
            result.ClaimsIdentity.HasClaim(expectedClaimType, expectedClaimValue).Should().BeTrue();
        }
Пример #2
0
        public IActionResult Paseto(string version)
        {
            var handler = new PasetoTokenHandler();

            SigningCredentials signingCredentials;

            if (version == PasetoConstants.Versions.V1)
            {
                signingCredentials = new SigningCredentials(options.PasetoV1PrivateKey, SecurityAlgorithms.RsaSsaPssSha384);
            }
            else if (version == PasetoConstants.Versions.V2)
            {
                signingCredentials = new SigningCredentials(options.PasetoV2PrivateKey, ExtendedSecurityAlgorithms.EdDsa);
            }
            else
            {
                throw new NotSupportedException("Unsupported version");
            }

            var descriptor = new PasetoSecurityTokenDescriptor(version, PasetoConstants.Purposes.Public)
            {
                Issuer             = "me",
                Audience           = "you",
                SigningCredentials = signingCredentials
            };

            var token   = handler.CreateToken(descriptor);
            var payload = descriptor.ToJwtPayload(JwtDateTimeFormat.Iso);

            return(View("Index", new TokenModel
            {
                Type = "PASETO",
                Token = token,
                Payload = payload
            }));
        }
Пример #3
0
 public void CreateToken_WhenSecurityTokenDescriptorIsNull_ExpectArgumentNullException()
 => Assert.Throws <ArgumentNullException>(() => sut.CreateToken(null));