public async void DecodeJwtToken_UseWrongSecurityKey()
{
var supporter = CreateJwtAuthManager(s => { });
var micakeUser = new UserWithJwtClaim()
{
Id = Guid.NewGuid(),
Name = "bob"
};
var token = await supporter.CreateToken(micakeUser);
Assert.False(string.IsNullOrWhiteSpace(token.AccessToken));
var result = await supporter.DecodeJwtToken(token.AccessToken);
Assert.NotNull(result.Item1);
Assert.NotNull(result.Item2);
await Assert.ThrowsAsync <SecurityTokenSignatureKeyNotFoundException>(async() =>
{
var worngKeySupporter = CreateJwtAuthManager(s =>
{
s.SecurityKey = Encoding.Default.GetBytes("wrong-key");
s.Audience = "Wrong Audience";
});
var(claims, jwtToken) = await worngKeySupporter.DecodeJwtToken(token.AccessToken);
});
}
public void CreateToken_useMiCakeUser_userHasClaimeAttribute()
{
var options = new MiCakeJwtOptions(); //default value.
var supporter = CreateJwtSupporter(options);
var micakeUser = new UserWithJwtClaim()
{
Id = Guid.NewGuid(),
Name = "bob"
};
var token = supporter.CreateToken(micakeUser);
Assert.False(string.IsNullOrWhiteSpace(token));
var tokenModel = JwtHander.ReadJwtToken(token);
var nameClaim = tokenModel.Claims.FirstOrDefault(s => s.Type.Equals("name"));
Assert.NotNull(nameClaim);
Assert.Equal("bob", nameClaim.Value);
var useridClaim = tokenModel.Claims.FirstOrDefault(s => s.Type.Equals("userid"));
Assert.NotNull(useridClaim);
Assert.Equal(micakeUser.Id.ToString(), useridClaim.Value);
}
public async void RefreshToken_ReUseMode_ShouldSame()
{
var supporter = CreateJwtAuthManager(s => { });
var micakeUser = new UserWithJwtClaim()
{
Id = Guid.NewGuid(),
Name = "bob"
};
var token = await supporter.CreateToken(micakeUser);
var newToken = await supporter.Refresh(token.RefreshToken, token.AccessToken);
Assert.Same(token.RefreshToken, newToken.RefreshToken);
}
public async void RefreshToken_WrongRefreshToken()
{
var supporter = CreateJwtAuthManager(s => { });
var micakeUser = new UserWithJwtClaim()
{
Id = Guid.NewGuid(),
Name = "bob"
};
var token = await supporter.CreateToken(micakeUser);
await Assert.ThrowsAnyAsync <Exception>(async() =>
{
var newToken = await supporter.Refresh("Wrong Token", token.AccessToken);
});
}
public async void RefreshToken_RightRefreshToken()
{
var supporter = CreateJwtAuthManager(s => { });
var micakeUser = new UserWithJwtClaim()
{
Id = Guid.NewGuid(),
Name = "bob"
};
var token = await supporter.CreateToken(micakeUser);
var newToken = await supporter.Refresh(token.RefreshToken, token.AccessToken);
Assert.False(string.IsNullOrWhiteSpace(newToken.AccessToken));
Assert.False(string.IsNullOrWhiteSpace(newToken.RefreshToken));
Assert.NotEqual(token.AccessToken, newToken.AccessToken);
}
public async void DecodeJwtToken_UseRightSecurityKey()
{
var supporter = CreateJwtAuthManager(s => { });
var micakeUser = new UserWithJwtClaim()
{
Id = Guid.NewGuid(),
Name = "bob"
};
var token = await supporter.CreateToken(micakeUser);
Assert.False(string.IsNullOrWhiteSpace(token.AccessToken));
var(claims, jwtToken) = await supporter.DecodeJwtToken(token.AccessToken);
Assert.NotNull(claims);
Assert.NotNull(jwtToken);
}
public async void RefreshToken_RevokeRefreshToken_StillUse_WillThrowException()
{
var supporter = CreateJwtAuthManager(s =>
{
s.RefreshTokenMode = RefreshTokenUsageMode.RecreateBeforeOverdue;
});
var micakeUser = new UserWithJwtClaim()
{
Id = Guid.NewGuid(),
Name = "bob"
};
var token = await supporter.CreateToken(micakeUser);
// remove current refresh token.
await supporter.RevokeRefreshToken(token.RefreshToken);
await Assert.ThrowsAnyAsync <Exception>(async() =>
{
await supporter.Refresh(token.RefreshToken, token.AccessToken);
});
}
