public void UseDeflatedSaml11BearerAuthentication_CalledWithInvalidToken_ThrowsUnauthorizedException()
{
var sts = Infrastructure.TestSts.TestSts.Create();
var audience = new Uri(Audience);
var principal = new ClaimsPrincipal(new[] { new ClaimsIdentity(new[] { new Claim(ClaimTypes.Name, User) }) });
var issuerNameRegistry = new SimpleValidateByThumbprintOnlyIssuerNameRegistry(
new string('F', sts.IssuerNameRegistry.AcceptedThumbprint.Length),
"http://nonexistingissuer");
SetIssuerNameRegistryAndAudience(issuerNameRegistry, audience);
using (var server = TestServer.Create(app =>
{
app.UseDeflatedSamlBearerAuthentication(WifTokenValidatorFactory.CreateWindowsIdentityFoundationTokenValidator());
app.Run(SimulatedAuthorizingControllerAction);
}))
{
var httpClient = server.HttpClient;
AddAuthorizationHeader(httpClient, "<xml>Jægerbogen på arabisk: كتاب صياد</xml>");
var exception = Assert.Throws <AggregateException>(
() =>
{
var response = httpClient.GetAsync("/").Result;
}
);
Console.WriteLine(exception.Message);
exception.InnerException.Should().BeOfType <UnauthorizedAccessException>();
Console.WriteLine(exception.InnerException.Message);
}
}
public void UseDeflatedSaml11BearerAuthentication_CalledWithValidToken_CanGenerateResponse()
{
var sts = Infrastructure.TestSts.TestSts.Create();
var audience = new Uri(Audience);
var principal = new ClaimsPrincipal(new[] { new ClaimsIdentity(new[] { new Claim(ClaimTypes.Name, User) }) });
var issuerNameRegistry = sts.IssuerNameRegistry;
SetIssuerNameRegistryAndAudience(issuerNameRegistry, audience);
using (var server = TestServer.Create(app =>
{
app.UseDeflatedSamlBearerAuthentication(WifTokenValidatorFactory.CreateWindowsIdentityFoundationTokenValidator());
app.Run(SimulatedAuthorizingControllerAction);
}))
{
var httpClient = server.HttpClient;
var tokenXml = sts.IssueTokenAsXml(principal, audience.AbsoluteUri);
AddAuthorizationHeader(httpClient, tokenXml);
var response = httpClient.GetAsync("/").Result;
var result = response.Content.ReadAsStringAsync().Result;
result.Should().Be(SimulatedAuthorizingControllerActionOutput);
}
}