public void CreateAndValidateToken_WhenV2PublicToken_ExpectCorrectClaims() { const string expectedClaimType = "name"; const string expectedClaimValue = "scott"; const string issuer = "me"; const string audience = "you"; var signingCredentials = new SigningCredentials( new EdDsaSecurityKey(new Ed25519PrivateKeyParameters( Convert.FromBase64String("TYXei5+8Qd2ZqKIlEuJJ3S50WYuocFTrqK+3/gHVH9B2hpLtAgscF2c9QuWCzV9fQxal3XBqTXivXJPpp79vgw=="), 0)), ExtendedSecurityAlgorithms.EdDsa); var verificationKeys = new EdDsaSecurityKey(new Ed25519PublicKeyParameters(Convert.FromBase64String("doaS7QILHBdnPULlgs1fX0MWpd1wak14r1yT6ae/b4M="), 0)); var handler = new PasetoTokenHandler(); var token = handler.CreateToken(new PasetoSecurityTokenDescriptor(PasetoConstants.Versions.V2, PasetoConstants.Purposes.Public) { Issuer = issuer, Audience = audience, Claims = new Dictionary <string, object> { { expectedClaimType, expectedClaimValue } }, SigningCredentials = signingCredentials }); var result = handler.ValidateToken(token, new TokenValidationParameters { ValidIssuer = issuer, ValidAudience = audience, IssuerSigningKey = verificationKeys }); result.IsValid.Should().BeTrue(); result.ClaimsIdentity.HasClaim(expectedClaimType, expectedClaimValue).Should().BeTrue(); }
public IActionResult Paseto(string version) { var handler = new PasetoTokenHandler(); SigningCredentials signingCredentials; if (version == PasetoConstants.Versions.V1) { signingCredentials = new SigningCredentials(options.PasetoV1PrivateKey, SecurityAlgorithms.RsaSsaPssSha384); } else if (version == PasetoConstants.Versions.V2) { signingCredentials = new SigningCredentials(options.PasetoV2PrivateKey, ExtendedSecurityAlgorithms.EdDsa); } else { throw new NotSupportedException("Unsupported version"); } var descriptor = new PasetoSecurityTokenDescriptor(version, PasetoConstants.Purposes.Public) { Issuer = "me", Audience = "you", SigningCredentials = signingCredentials }; var token = handler.CreateToken(descriptor); var payload = descriptor.ToJwtPayload(JwtDateTimeFormat.Iso); return(View("Index", new TokenModel { Type = "PASETO", Token = token, Payload = payload })); }
public void CreateToken_WhenSecurityTokenDescriptorIsNull_ExpectArgumentNullException() => Assert.Throws <ArgumentNullException>(() => sut.CreateToken(null));