public void CannotVerifyWithIncorrectKey()
{
var user = new User()
{
Id = 1,
};
var token = new Token()
{
CreatedAt = new DateTime(2001, 1, 1),
TokenGuid = Guid.NewGuid(),
UserId = user.Id
};
var patrols = new List <CurrentUserPatrolDto>();
patrols.Add(new CurrentUserPatrolDto()
{
Id = 1,
Name = "Test Patrol",
EnableScheduling = true,
Role = Role.Administrator
});
var jwt = _authenticationService.CreateSignedJwtToken(token, user, patrols);
var incorrectAuthenticationService = new AuthenticationService(_loggerMock.Object, _userRepositoryMock.Object, _passwordServiceMock.Object, _tokenRepositoryMock.Object, _systemClockMock.Object, _patrolRepository.Object, new Configuration.AppConfiguration()
{
JwtKey = "incorrectJwtKeyincorrectJwtKeyincorrectJwtKey", RootUrl = "jwtIssuer"
});
Assert.Throws <SecurityTokenInvalidSignatureException>(() =>
{
var validatedJwt = incorrectAuthenticationService.ValidateSignedJwtToken(jwt);
});
}
public void CanVerifySignedJwtToken()
{
var user = new User()
{
Id = 1,
};
var token = new Token()
{
CreatedAt = new DateTime(2001, 1, 1),
TokenGuid = Guid.NewGuid(),
UserId = user.Id
};
var patrols = new List <CurrentUserPatrolDto>();
patrols.Add(new CurrentUserPatrolDto()
{
Id = 1,
Name = "Test Patrol",
EnableScheduling = true,
Role = Role.Administrator
});
var jwt = _authenticationService.CreateSignedJwtToken(token, user, patrols);
var claimsPrincipal = _authenticationService.ValidateSignedJwtToken(jwt);
var claims = claimsPrincipal.ParseAllClaims();
Assert.AreEqual(user.Id, claims.User.Id);
Assert.AreEqual(token.TokenGuid, claims.Token.TokenGuid);
Assert.AreEqual(token.CreatedAt, claims.Token.CreatedAt);
Assert.AreEqual(patrols.Count, claims.Patrols.Count);
Assert.AreEqual(patrols.First().Id, claims.Patrols.First().Id);
Assert.AreEqual(patrols.First().Name, claims.Patrols.First().Name);
Assert.AreEqual(patrols.First().EnableScheduling, claims.Patrols.First().EnableScheduling);
Assert.AreEqual(patrols.First().Role, claims.Patrols.First().Role);
}
