public void X509SecurityKey_Constructor()
{
X509SecurityKey x509SecurityKey;
ExpectedException expectedException = new ExpectedException(typeExpected: typeof(ArgumentNullException), substringExpected: "certificate");
try
{
x509SecurityKey = new X509SecurityKey(null);
expectedException.ProcessNoException();
}
catch(Exception exception)
{
expectedException.ProcessException(exception);
}
X509Certificate2 x509Certificate2 = KeyingMaterial.DefaultCert_2048;
expectedException = ExpectedException.NoExceptionExpected;
try
{
x509SecurityKey = new X509SecurityKey(x509Certificate2);
Assert.ReferenceEquals(x509Certificate2, x509SecurityKey.Certificate);
}
catch (Exception exception)
{
expectedException.ProcessException(exception);
}
}
public void NamedKeySecurityKeyIdentifierClause_Constructor()
{
NamedKeySecurityKeyIdentifierClause namedKeySecurityKeyIdentifierClause;
ExpectedException expectedException = new ExpectedException(typeExpected: typeof(ArgumentNullException), substringExpected: "name");
try
{
namedKeySecurityKeyIdentifierClause = new NamedKeySecurityKeyIdentifierClause(null, null);
expectedException.ProcessNoException();
}
catch(Exception exception)
{
expectedException.ProcessException(exception);
}
expectedException = new ExpectedException(typeExpected: typeof(ArgumentNullException), substringExpected: "id");
try
{
namedKeySecurityKeyIdentifierClause = new NamedKeySecurityKeyIdentifierClause("name", null);
expectedException.ProcessNoException();
}
catch (Exception exception)
{
expectedException.ProcessException(exception);
}
expectedException = ExpectedException.ArgumentNullException(substringExpected: "name");
try
{
namedKeySecurityKeyIdentifierClause = new NamedKeySecurityKeyIdentifierClause(name: " ", id: "id");
expectedException.ProcessNoException();
}
catch (Exception exception)
{
expectedException.ProcessException(exception);
}
expectedException = ExpectedException.ArgumentNullException(substringExpected: "id");
try
{
namedKeySecurityKeyIdentifierClause = new NamedKeySecurityKeyIdentifierClause("name", " ");
expectedException.ProcessNoException();
}
catch (Exception exception)
{
expectedException.ProcessException(exception);
}
}
private void RunAudienceTest(IEnumerable<string> audiences, SecurityToken securityToken, TokenValidationParameters validationParameters, ExpectedException ee)
{
try
{
Validators.ValidateAudience(audiences, securityToken, validationParameters);
ee.ProcessNoException();
}
catch(Exception ex)
{
ee.ProcessException(ex);
}
}
private bool CanReadToken(string securityToken, Saml2SecurityTokenHandler samlSecurityTokenHandler, ExpectedException expectedException)
{
bool canReadToken = false;
try
{
canReadToken = samlSecurityTokenHandler.CanReadToken(securityToken);
expectedException.ProcessNoException();
}
catch (Exception exception)
{
expectedException.ProcessException(exception);
}
return(canReadToken);
}
private string ValidateIssuer(string issuer, TokenValidationParameters validationParameters, DerivedSamlSecurityTokenHandler samlSecurityTokenHandler, ExpectedException expectedException)
{
string returnVal = string.Empty;
try
{
returnVal = samlSecurityTokenHandler.ValidateIssuerPublic(issuer, new DerivedSaml2SecurityToken(), validationParameters);
expectedException.ProcessNoException();
}
catch (Exception exception)
{
expectedException.ProcessException(exception);
}
return(returnVal);
}
public static ClaimsPrincipal ValidateToken(string securityToken, TokenValidationParameters validationParameters, ISecurityTokenValidator tokenValidator, ExpectedException expectedException)
{
ClaimsPrincipal retVal = null;
try
{
SecurityToken validatedToken;
retVal = tokenValidator.ValidateToken(securityToken, validationParameters, out validatedToken);
expectedException.ProcessNoException();
}
catch (Exception ex)
{
expectedException.ProcessException(ex);
}
return(retVal);
}
private ClaimsPrincipal ValidateToken(string securityToken, TokenValidationParameters validationParameters, ISecurityTokenValidator tokenValidator, ExpectedException expectedException)
{
ClaimsPrincipal princiapl = null;
try
{
SecurityToken validatedToken;
princiapl = tokenValidator.ValidateToken(securityToken, validationParameters, out validatedToken);
expectedException.ProcessNoException();
}
catch (Exception exception)
{
expectedException.ProcessException(exception);
}
return(princiapl);
}
private void GetSigningTokens(string webKeySetString, List <SecurityToken> expectedTokens, ExpectedException expectedException)
{
JsonWebKeySet webKeySet = new JsonWebKeySet(webKeySetString);
try
{
IList <SecurityToken> tokens = webKeySet.GetSigningTokens();
expectedException.ProcessNoException();
if (expectedTokens != null)
{
Assert.IsTrue(IdentityComparer.AreEqual <IEnumerable <SecurityToken> >(tokens, expectedTokens));
}
}
catch (Exception ex)
{
expectedException.ProcessException(ex);
}
}
public void OpenIdConnectMessage_Constructors()
{
OpenIdConnectMessage openIdConnectMessage = new OpenIdConnectMessage();
Assert.AreEqual(openIdConnectMessage.IssuerAddress, string.Empty);
openIdConnectMessage = new OpenIdConnectMessage("http://www.got.jwt.com");
Assert.AreEqual(openIdConnectMessage.IssuerAddress, "http://www.got.jwt.com");
ExpectedException expectedException = ExpectedException.ArgumentNullException("issuerAddress");
try
{
openIdConnectMessage = new OpenIdConnectMessage((string)null);
expectedException.ProcessNoException();
}
catch (Exception exception)
{
expectedException.ProcessException(exception);
}
}
private OpenIdConnectConfiguration RunOpenIdConnectConfigurationTest(object obj, OpenIdConnectConfiguration compareTo, ExpectedException expectedException, bool asString = true)
{
bool exceptionHit = false;
OpenIdConnectConfiguration openIdConnectConfiguration = null;
try
{
if (obj is string)
{
openIdConnectConfiguration = new OpenIdConnectConfiguration(obj as string);
}
else if (obj is IDictionary <string, object> )
{
openIdConnectConfiguration = new OpenIdConnectConfiguration(obj as IDictionary <string, object>);
}
else
{
if (asString)
{
openIdConnectConfiguration = new OpenIdConnectConfiguration(obj as string);
}
else
{
openIdConnectConfiguration = new OpenIdConnectConfiguration(obj as IDictionary <string, object>);
}
}
expectedException.ProcessNoException();
}
catch (Exception ex)
{
exceptionHit = true;
expectedException.ProcessException(ex);
}
if (!exceptionHit && compareTo != null)
{
Assert.IsTrue(IdentityComparer.AreEqual(openIdConnectConfiguration, compareTo), "jsonWebKey created from: " + (obj == null ? "NULL" : obj.ToString() + " did not match expected."));
}
return(openIdConnectConfiguration);
}
public void WsFederationAuthenticationMessage_Constructors()
{
WsFederationMessage wsFederationMessage = new WsFederationMessage();
Assert.AreEqual(wsFederationMessage.IssuerAddress, string.Empty);
wsFederationMessage = new WsFederationMessage("http://www.got.jwt.com");
Assert.AreEqual(wsFederationMessage.IssuerAddress, "http://www.got.jwt.com");
ExpectedException expectedException = ExpectedException.ArgumentNullException("issuerAddress");
try
{
wsFederationMessage = new WsFederationMessage((string)null);
expectedException.ProcessNoException();
}
catch (Exception exception)
{
expectedException.ProcessException(exception);
}
}
private async Task <OpenIdConnectConfiguration> GetConfigurationAsync(string uri, ExpectedException expectedException, OpenIdConnectConfiguration expectedConfiguration = null)
{
OpenIdConnectConfiguration openIdConnectConfiguration = null;
try
{
openIdConnectConfiguration = await OpenIdConnectConfigurationRetriever.GetAsync(uri, CancellationToken.None);
expectedException.ProcessNoException();
}
catch (Exception exception)
{
expectedException.ProcessException(exception);
}
if (expectedConfiguration != null)
{
Assert.IsTrue(IdentityComparer.AreEqual(openIdConnectConfiguration, expectedConfiguration));
}
return(openIdConnectConfiguration);
}
/// <summary>
///
/// </summary>
/// <param name="obj"></param>
/// <param name="compareTo"></param>
/// <param name="expectedException"></param>
/// <param name="asString"> this is useful when passing null for parameter 'is' and 'as' don't contain type info.</param>
/// <returns></returns>
private JsonWebKeySet RunJsonWebKeySetTest(object obj, JsonWebKeySet compareTo, ExpectedException expectedException, bool asString = true)
{
JsonWebKeySet jsonWebKeys = null;
try
{
if (obj is string)
{
jsonWebKeys = new JsonWebKeySet(obj as string);
}
else if (obj is IDictionary <string, object> )
{
jsonWebKeys = new JsonWebKeySet(obj as IDictionary <string, object>);
}
else
{
if (asString)
{
jsonWebKeys = new JsonWebKeySet(obj as string);
}
else
{
jsonWebKeys = new JsonWebKeySet(obj as IDictionary <string, object>);
}
}
expectedException.ProcessNoException();
}
catch (Exception ex)
{
expectedException.ProcessException(ex);
}
if (compareTo != null)
{
Assert.IsTrue(IdentityComparer.AreEqual <JsonWebKeySet>(jsonWebKeys, compareTo, CompareContext.Default), "jsonWebKeys created from: " + (obj == null ? "NULL" : obj.ToString() + " did not match expected."));
}
return(jsonWebKeys);
}
private async Task <OpenIdConnectConfiguration> GetConfigurationFromMixedAsync(string primaryDocument, ExpectedException expectedException, OpenIdConnectConfiguration expectedConfiguration = null)
{
OpenIdConnectConfiguration openIdConnectConfiguration = null;
try
{
openIdConnectConfiguration = await OpenIdConnectConfigurationRetriever.GetAsync("primary",
new TestDocumentRetriever(primaryDocument, new GenericDocumentRetriever()), CancellationToken.None);
expectedException.ProcessNoException();
}
catch (Exception exception)
{
expectedException.ProcessException(exception);
}
if (expectedConfiguration != null)
{
Assert.IsTrue(IdentityComparer.AreEqual(openIdConnectConfiguration, expectedConfiguration));
}
return(openIdConnectConfiguration);
}
/// <summary>
/// Sets a property, then checks it, checking for an expected exception.
/// </summary>
/// <param name="obj">object that has a 'setter'.</param>
/// <param name="property">the name of the property.</param>
/// <param name="propertyValue">value to set on the property.</param>
/// <param name="expectedException">checks that exception is correct.</param>
public static void SetGet(object obj, string property, object propertyValue, ExpectedException expectedException)
{
Assert.IsNotNull(obj, "'obj' can not be null");
Assert.IsFalse(string.IsNullOrWhiteSpace(property), "'property' can not be null or whitespace");
Type type = obj.GetType();
PropertyInfo propertyInfo = type.GetProperty(property);
Assert.IsNotNull(propertyInfo, "'get is not found for property: '" + property + "', type: '" + type.ToString() + "'");
Assert.IsTrue(propertyInfo.CanWrite, "can not write to property: '" + property + "', type: '" + type.ToString() + "'");
try
{
propertyInfo.SetValue(obj, propertyValue);
object retval = propertyInfo.GetValue(obj);
Assert.AreEqual(propertyValue, retval);
expectedException.ProcessNoException();
}
catch (Exception exception)
{
// pass inner exception
expectedException.ProcessException(exception.InnerException);
}
}
private ClaimsPrincipal RunReadTokenVariation(string securityToken, TokenValidationParameters validationParameters, JwtSecurityTokenHandler tokenHandler, ExpectedException expectedException)
{
ClaimsPrincipal retVal = null;
try
{
SecurityToken validatedToken;
retVal = tokenHandler.ValidateToken(securityToken, validationParameters, out validatedToken);
expectedException.ProcessNoException();
}
catch (Exception ex)
{
expectedException.ProcessException(ex);
}
return retVal;
}
private bool CanReadToken(string securityToken, SamlSecurityTokenHandler samlSecurityTokenHandler, ExpectedException expectedException)
{
bool canReadToken = false;
try
{
canReadToken = samlSecurityTokenHandler.CanReadToken(securityToken);
expectedException.ProcessNoException();
}
catch (Exception exception)
{
expectedException.ProcessException(exception);
}
return canReadToken;
}
public void NamedKeySecurityKeyIdentifierClause_Publics()
{
// new NameKeyParametersVariation
//{
// TestCase = "MatchesName",
// TestAction =
// () => (new NamedKeySecurityKeyIdentifierClause("bob", null)).Matches(null)
//},
NamedKeySecurityKeyIdentifierClause namedKeySecurityKeyIdentifierClause = new NamedKeySecurityKeyIdentifierClause("name", "keyidentifier");
Assert.IsTrue("name" == namedKeySecurityKeyIdentifierClause.Name);
Assert.IsTrue("keyidentifier" == namedKeySecurityKeyIdentifierClause.Id);
// *** Matches (null)
ExpectedException expectedException = new ExpectedException(typeExpected: typeof(ArgumentNullException), substringExpected: "keyIdentifierClause");
try
{
namedKeySecurityKeyIdentifierClause.Matches(null);
expectedException.ProcessNoException();
}
catch (Exception exception)
{
expectedException.ProcessException(exception);
}
}
public void OpenIdConnectProtocolValidator_GetSets()
{
OpenIdConnectProtocolValidator validationParameters = new OpenIdConnectProtocolValidator();
Type type = typeof(OpenIdConnectProtocolValidator);
PropertyInfo[] properties = type.GetProperties();
if (properties.Length != 9)
{
Assert.Fail("Number of properties has changed from 9 to: " + properties.Length + ", adjust tests");
}
GetSetContext context =
new GetSetContext
{
PropertyNamesAndSetGetValue = new List <KeyValuePair <string, List <object> > >
{
new KeyValuePair <string, List <object> >("NonceLifetime", new List <object> {
TimeSpan.FromMinutes(60), TimeSpan.FromMinutes(10), TimeSpan.FromMinutes(100)
}),
new KeyValuePair <string, List <object> >("RequireAcr", new List <object> {
false, true, false
}),
new KeyValuePair <string, List <object> >("RequireAmr", new List <object> {
false, true, false
}),
new KeyValuePair <string, List <object> >("RequireAuthTime", new List <object> {
false, true, false
}),
new KeyValuePair <string, List <object> >("RequireAzp", new List <object> {
false, true, false
}),
new KeyValuePair <string, List <object> >("RequireNonce", new List <object> {
true, false, true
}),
new KeyValuePair <string, List <object> >("RequireSub", new List <object> {
false, true, false
}),
new KeyValuePair <string, List <object> >("RequireTimeStampInNonce", new List <object> {
true, false, true
}),
},
Object = validationParameters,
};
TestUtilities.GetSet(context);
TestUtilities.AssertFailIfErrors(MethodInfo.GetCurrentMethod().Name, context.Errors);
ExpectedException ee = ExpectedException.ArgumentNullException();
Assert.IsNotNull(validationParameters.HashAlgorithmMap);
Assert.AreEqual(validationParameters.HashAlgorithmMap.Count, 9);
ee = ExpectedException.ArgumentOutOfRangeException();
try
{
validationParameters.NonceLifetime = TimeSpan.Zero;
ee.ProcessNoException();
}
catch (Exception ex)
{
ee.ProcessException(ex);
}
}
private async Task<OpenIdConnectConfiguration> GetConfigurationFromMixedAsync(string primaryDocument, ExpectedException expectedException, OpenIdConnectConfiguration expectedConfiguration = null)
{
OpenIdConnectConfiguration openIdConnectConfiguration = null;
try
{
openIdConnectConfiguration = await OpenIdConnectConfigurationRetriever.GetAsync(
new TestDocumentRetriever(primaryDocument, new GenericDocumentRetriever()), "primary", CancellationToken.None);
expectedException.ProcessNoException();
}
catch (Exception exception)
{
expectedException.ProcessException(exception);
}
if (expectedConfiguration != null)
{
Assert.IsTrue(IdentityComparer.AreEqual(openIdConnectConfiguration, expectedConfiguration));
}
return openIdConnectConfiguration;
}
private void ValidateDerived(string jwt, DerivedJwtSecurityTokenHandler handler, TokenValidationParameters validationParameters, ExpectedException expectedException)
{
try
{
SecurityToken validatedToken;
handler.ValidateToken(jwt, validationParameters, out validatedToken);
Assert.IsNotNull(handler.Jwt as DerivedJwtSecurityToken);
Assert.IsTrue(handler.ReadTokenCalled);
Assert.IsTrue(handler.ValidateAudienceCalled);
Assert.IsTrue(handler.ValidateIssuerCalled);
Assert.IsTrue(handler.ValidateIssuerSigningKeyCalled);
Assert.IsTrue(handler.ValidateLifetimeCalled);
Assert.IsTrue(handler.ValidateSignatureCalled);
expectedException.ProcessNoException();
}
catch (Exception ex)
{
expectedException.ProcessException(ex);
}
}
private void GetSigningTokens(string webKeySetString, List<SecurityToken> expectedTokens, ExpectedException expectedException)
{
JsonWebKeySet webKeySet = new JsonWebKeySet(webKeySetString);
try
{
IList<SecurityToken> tokens = webKeySet.GetSigningTokens();
expectedException.ProcessNoException();
if (expectedTokens != null)
{
Assert.IsTrue(IdentityComparer.AreEqual<IEnumerable<SecurityToken>>(tokens, expectedTokens));
}
}
catch (Exception ex)
{
expectedException.ProcessException(ex);
}
}
public void AuthenticationProtocolMessage_Publics()
{
string value1 = "value1";
string value2 = "value2";
string param1 = "param1";
string param2 = "param2";
AuthenticationProtocolMessage authenticationProtocolMessage = new DerivedAuthenticationProtocolMessage();
ExpectedException expectedException = ExpectedException.ArgumentNullException(substringExpected: "parameter");
try
{
authenticationProtocolMessage.GetParameter(null);
expectedException.ProcessNoException();
}
catch (Exception exception)
{
expectedException.ProcessException(exception);
}
expectedException = ExpectedException.ArgumentNullException(substringExpected: "parameter");
try
{
authenticationProtocolMessage.RemoveParameter(null);
expectedException.ProcessNoException();
}
catch (Exception exception)
{
expectedException.ProcessException(exception);
}
expectedException = ExpectedException.ArgumentNullException(substringExpected: "parameter");
try
{
authenticationProtocolMessage.SetParameter(null, null);
expectedException.ProcessNoException();
}
catch (Exception exception)
{
expectedException.ProcessException(exception);
}
authenticationProtocolMessage.SetParameter(param1, value1);
authenticationProtocolMessage.RemoveParameter(param2);
Assert.AreEqual(authenticationProtocolMessage.GetParameter(param1), value1);
authenticationProtocolMessage.RemoveParameter(param1);
Assert.IsNull(authenticationProtocolMessage.GetParameter(param1));
authenticationProtocolMessage.SetParameter(param1, value1);
authenticationProtocolMessage.SetParameter(param1, value2);
authenticationProtocolMessage.SetParameter(param2, value2);
authenticationProtocolMessage.SetParameter(param2, value1);
Assert.AreEqual(authenticationProtocolMessage.GetParameter(param1), value2);
Assert.AreEqual(authenticationProtocolMessage.GetParameter(param2), value1);
authenticationProtocolMessage = new DerivedAuthenticationProtocolMessage(@"http://www.gotjwt.com");
authenticationProtocolMessage.SetParameter("bob", " ");
string queryString = authenticationProtocolMessage.BuildRedirectUrl();
Assert.IsNotNull(queryString);
Assert.IsTrue(queryString.Contains("bob"));
authenticationProtocolMessage.IssuerAddress = string.Empty;
queryString = authenticationProtocolMessage.BuildRedirectUrl();
Assert.IsNotNull(queryString);
}
private string ValidateIssuer(string issuer, TokenValidationParameters validationParameters, SamlSecurityToken samlToken, PublicSamlSecurityTokenHandler samlSecurityTokenHandler, ExpectedException expectedException)
{
string returnVal = string.Empty;
try
{
returnVal = samlSecurityTokenHandler.ValidateIssuerPublic(issuer, samlToken, validationParameters);
expectedException.ProcessNoException();
}
catch (Exception exception)
{
expectedException.ProcessException(exception);
}
return returnVal;
}
/// <summary>
/// Sets a property, then checks it, checking for an expected exception.
/// </summary>
/// <param name="obj">object that has a 'setter'.</param>
/// <param name="property">the name of the property.</param>
/// <param name="propertyValue">value to set on the property.</param>
/// <param name="expectedException">checks that exception is correct.</param>
public static void SetGet(object obj, string property, object propertyValue, ExpectedException expectedException)
{
Assert.IsNotNull(obj, "'obj' can not be null");
Assert.IsFalse(string.IsNullOrWhiteSpace(property), "'property' can not be null or whitespace");
Type type = obj.GetType();
PropertyInfo propertyInfo = type.GetProperty(property);
Assert.IsNotNull(propertyInfo, "'get is not found for property: '" + property + "', type: '" + type.ToString() + "'");
Assert.IsTrue(propertyInfo.CanWrite, "can not write to property: '" + property + "', type: '" + type.ToString() + "'");
try
{
propertyInfo.SetValue(obj, propertyValue);
object retval = propertyInfo.GetValue(obj);
Assert.AreEqual(propertyValue, retval);
expectedException.ProcessNoException();
}
catch (Exception exception)
{
// pass inner exception
expectedException.ProcessException(exception.InnerException);
}
}
private void ValidateToken(string securityToken, TokenValidationParameters validationParameters, SecurityTokenHandlerCollection tokenHandlers, ExpectedException expectedException)
{
try
{
SecurityToken validatedToken;
tokenHandlers.ValidateToken(securityToken, validationParameters, out validatedToken);
expectedException.ProcessNoException();
}
catch (Exception exception)
{
expectedException.ProcessException(exception);
}
}
private void SignatureProvider_SignVariation(SignatureProvider provider, byte[] bytes, byte[] signature, ExpectedException expectedException)
{
try
{
provider.Sign(bytes);
expectedException.ProcessNoException();
}
catch (Exception ex)
{
expectedException.ProcessException(ex);
}
}
private void SymmetricSignatureProvider_ConstructorVariation(string testcase, SymmetricSecurityKey key, string algorithm, ExpectedException expectedException)
{
Console.WriteLine(string.Format("Testcase: '{0}'", testcase));
SymmetricSignatureProvider provider = null;
try
{
if (testcase.StartsWith("Signing"))
{
provider = new SymmetricSignatureProvider(key, algorithm);
}
else
{
provider = new SymmetricSignatureProvider(key, algorithm);
}
expectedException.ProcessNoException();
}
catch (Exception ex)
{
expectedException.ProcessException(ex);
}
}
private void FactoryCreateFor(string testcase, SecurityKey key, string algorithm, SignatureProviderFactory factory, ExpectedException expectedException)
{
Console.WriteLine(string.Format("Testcase: '{0}'", testcase));
try
{
if (testcase.StartsWith("Siging"))
{
factory.CreateForSigning(key, algorithm);
}
else
{
factory.CreateForVerifying(key, algorithm);
}
expectedException.ProcessNoException();
}
catch (Exception ex)
{
expectedException.ProcessException(ex);
}
}
private void RunAlgorithmMappingTest(string jwt, TokenValidationParameters validationParameters, JwtSecurityTokenHandler handler, ExpectedException expectedException)
{
try
{
SecurityToken validatedToken;
handler.ValidateToken(jwt, validationParameters, out validatedToken);
expectedException.ProcessNoException();
}
catch (Exception ex)
{
expectedException.ProcessException(ex);
}
}
private void CreateClaims(SamlSecurityToken samlToken, string issuer, TokenValidationParameters validationParameters, PublicSamlSecurityTokenHandler samlSecurityTokenHandler, ExpectedException expectedException)
{
try
{
samlSecurityTokenHandler.CreateClaimsPublic(samlToken, issuer, validationParameters );
expectedException.ProcessNoException();
}
catch (Exception exception)
{
expectedException.ProcessException(exception);
}
}
private void ValidateNonce(JwtSecurityToken jwt, PublicOpenIdConnectProtocolValidator protocolValidator, OpenIdConnectProtocolValidationContext validationContext, ExpectedException ee)
{
try
{
protocolValidator.PublicValidateNonce(jwt, validationContext);
ee.ProcessNoException();
}
catch(Exception ex)
{
ee.ProcessException(ex);
}
}
public static ClaimsPrincipal ValidateToken(string securityToken, TokenValidationParameters validationParameters, ISecurityTokenValidator tokenValidator, ExpectedException expectedException)
{
ClaimsPrincipal retVal = null;
try
{
SecurityToken validatedToken;
retVal = tokenValidator.ValidateToken(securityToken, validationParameters, out validatedToken);
expectedException.ProcessNoException();
}
catch (Exception ex)
{
expectedException.ProcessException(ex);
}
return retVal;
}
private void ValidateNonce(JwtSecurityToken jwt, string nonce, ExpectedException ee)
{
try
{
OpenIdConnectProtocolValidator.ValidateNonce(jwt, nonce);
ee.ProcessNoException();
}
catch(Exception ex)
{
ee.ProcessException(ex);
}
}
/// <summary>
///
/// </summary>
/// <param name="obj"></param>
/// <param name="compareTo"></param>
/// <param name="expectedException"></param>
/// <param name="asString"> this is useful when passing null for parameter 'is' and 'as' don't contain type info.</param>
/// <returns></returns>
private JsonWebKeySet RunJsonWebKeySetTest(object obj, JsonWebKeySet compareTo, ExpectedException expectedException, bool asString = true)
{
JsonWebKeySet jsonWebKeys = null;
try
{
if (obj is string)
{
jsonWebKeys = new JsonWebKeySet(obj as string);
}
else if (obj is IDictionary<string, object>)
{
jsonWebKeys = new JsonWebKeySet(obj as IDictionary<string, object>);
}
else
{
if (asString)
{
jsonWebKeys = new JsonWebKeySet(obj as string);
}
else
{
jsonWebKeys = new JsonWebKeySet(obj as IDictionary<string, object>);
}
}
expectedException.ProcessNoException();
}
catch (Exception ex)
{
expectedException.ProcessException(ex);
}
if (compareTo != null)
{
Assert.IsTrue(IdentityComparer.AreEqual<JsonWebKeySet>(jsonWebKeys, compareTo, CompareContext.Default), "jsonWebKeys created from: " + (obj == null ? "NULL" : obj.ToString() + " did not match expected."));
}
return jsonWebKeys;
}
private void RunWriteXmlWriterVariation(XmlWriter writer, SecurityToken token, SecurityTokenHandler tokenHandler, ExpectedException ee)
{
try
{
tokenHandler.WriteToken(writer, token);
ee.ProcessNoException();
}
catch(Exception ex)
{
ee.ProcessException(ex);
}
}
private async Task<OpenIdConnectConfiguration> GetConfigurationAsync(string uri, ExpectedException expectedException, OpenIdConnectConfiguration expectedConfiguration = null)
{
OpenIdConnectConfiguration openIdConnectConfiguration = null;
try
{
openIdConnectConfiguration = await OpenIdConnectConfigurationRetriever.GetAsync(uri, CancellationToken.None);
expectedException.ProcessNoException();
}
catch (Exception exception)
{
expectedException.ProcessException(exception);
}
if (expectedConfiguration != null)
{
Assert.IsTrue(IdentityComparer.AreEqual(openIdConnectConfiguration, expectedConfiguration));
}
return openIdConnectConfiguration;
}
private bool RunCanReadXmlVariation(XmlReader reader, JwtSecurityTokenHandler tokenHandler,ExpectedException expectedException)
{
bool retVal = false;
try
{
retVal = tokenHandler.CanReadToken(reader);
expectedException.ProcessNoException();
}
catch(Exception ex)
{
expectedException.ProcessException(ex);
}
return retVal;
}
private ClaimsPrincipal ValidateToken(string securityToken, TokenValidationParameters validationParameters, ISecurityTokenValidator tokenValidator, ExpectedException expectedException)
{
ClaimsPrincipal princiapl = null;
try
{
SecurityToken validatedToken;
princiapl = tokenValidator.ValidateToken(securityToken, validationParameters, out validatedToken);
expectedException.ProcessNoException();
}
catch (Exception exception)
{
expectedException.ProcessException(exception);
}
return princiapl;
}
private bool RunCanReadStringVariation(string securityToken, JwtSecurityTokenHandler tokenHandler, ExpectedException expectedException)
{
bool retVal = false;
try
{
retVal = tokenHandler.CanReadToken(securityToken);
expectedException.ProcessNoException();
}
catch (Exception ex)
{
expectedException.ProcessException(ex);
}
return retVal;
}
private JwtSecurityToken RunReadXmlVariation(XmlReader reader, JwtSecurityTokenHandler tokenHandler, ExpectedException expectedException)
{
JwtSecurityToken retVal = null;
try
{
retVal = tokenHandler.ReadToken(reader) as JwtSecurityToken;;
expectedException.ProcessNoException();
}
catch(Exception ex)
{
expectedException.ProcessException(ex);
}
return retVal;
}
private JwtSecurityToken RunReadStringVariation(string securityToken, JwtSecurityTokenHandler tokenHandler, ExpectedException expectedException)
{
JwtSecurityToken retVal = null;
try
{
retVal = tokenHandler.ReadToken(securityToken) as JwtSecurityToken;
expectedException.ProcessNoException();
}
catch (Exception ex)
{
expectedException.ProcessException(ex);
}
return retVal;
}
private ClaimsPrincipal RunActorVariation(string secutityToken, string actor, TokenValidationParameters validationParameters, TokenValidationParameters actorValidationParameters, JwtSecurityTokenHandler tokendHandler, ExpectedException expectedException)
{
ClaimsPrincipal claimsPrincipal = null;
try
{
SecurityToken validatedToken;
claimsPrincipal = tokendHandler.ValidateToken(secutityToken, validationParameters, out validatedToken);
ClaimsIdentity claimsIdentityValidated = claimsPrincipal.Identity as ClaimsIdentity;
ClaimsPrincipal actorClaimsPrincipal = tokendHandler.ValidateToken(actor, actorValidationParameters, out validatedToken);
Assert.IsNotNull(claimsIdentityValidated.Actor);
Assert.IsTrue(IdentityComparer.AreEqual<ClaimsIdentity>(claimsIdentityValidated.Actor, (actorClaimsPrincipal.Identity as ClaimsIdentity)));
expectedException.ProcessNoException();
}
catch (Exception ex)
{
expectedException.ProcessException(ex);
}
return claimsPrincipal;
}
public void JwtSecurityTokenRequirement_Constructor()
{
// This class is a bit thin, most of the tests are in JwtConfigTests, just added a couple of missed cases that are easy to code directly.
// *** null param
JwtSecurityTokenRequirement JwtSecurityTokenRequirement;
ExpectedException expectedException = new ExpectedException(typeExpected: typeof(ArgumentNullException), substringExpected: "element");
try
{
JwtSecurityTokenRequirement = new JwtSecurityTokenRequirement(null);
expectedException.ProcessNoException();
}
catch(Exception exception)
{
expectedException.ProcessException(exception);
}
// *** wrong namespace
XmlDocument xmlDocument = new XmlDocument();
expectedException = ExpectedException.ConfigurationErrorsException(substringExpected: "Jwt10601");
XmlElement xmlElement = new CustomXmlElement("prefix", "localName", "http://www.gotJwt.com", xmlDocument);
try
{
JwtSecurityTokenRequirement = new JwtSecurityTokenRequirement(xmlElement);
expectedException.ProcessNoException();
}
catch (Exception exception)
{
expectedException.ProcessException(exception);
}
// *** unknown X509RevocationMode
expectedException = ExpectedException.ConfigurationErrorsException(substringExpected: "Jwt10606");
xmlElement = new CustomXmlElement("prefix", "jwtSecurityTokenRequirement", "http://www.gotJwt.com", xmlDocument);
xmlElement.Attributes.Append(new CustomXmlAttribute("prefix", "issuerCertificateRevocationMode", "http://www.gotJwt.com", xmlDocument)
{
Value = "UnKnown:issuerCertificateRevocationMode",
});
try
{
JwtSecurityTokenRequirement = new JwtSecurityTokenRequirement(xmlElement);
expectedException.ProcessNoException();
}
catch (Exception exception)
{
expectedException.ProcessException(exception);
}
// *** unknown ValidationMode
expectedException = ExpectedException.ConfigurationErrorsException(substringExpected: "Jwt10606");
xmlElement = new CustomXmlElement("prefix", "jwtSecurityTokenRequirement", "http://www.gotJwt.com", xmlDocument);
xmlElement.Attributes.Append(new CustomXmlAttribute("prefix", "issuerCertificateValidationMode", "http://www.gotJwt.com", xmlDocument)
{
Value = "UnKnown:issuerCertificateValidationMode",
});
try
{
JwtSecurityTokenRequirement = new JwtSecurityTokenRequirement(xmlElement);
expectedException.ProcessNoException();
}
catch (Exception exception)
{
expectedException.ProcessException(exception);
}
// *** unknown TrustedStoreLocation
expectedException = ExpectedException.ConfigurationErrorsException(substringExpected: "Jwt10606");
xmlElement = new CustomXmlElement("prefix", "jwtSecurityTokenRequirement", "http://www.gotJwt.com", xmlDocument);
xmlElement.Attributes.Append(new CustomXmlAttribute("prefix", "issuerCertificateTrustedStoreLocation", "http://www.gotJwt.com", xmlDocument)
{
Value = "UnKnown:issuerCertificateTrustedStoreLocation",
});
try
{
JwtSecurityTokenRequirement = new JwtSecurityTokenRequirement(xmlElement);
expectedException.ProcessNoException();
}
catch (Exception exception)
{
expectedException.ProcessException(exception);
}
// *** unbale to create type
expectedException = ExpectedException.ConfigurationErrorsException(substringExpected: "Jwt10613", inner: typeof(TypeLoadException));
xmlElement = new CustomXmlElement("prefix", "jwtSecurityTokenRequirement", "http://www.gotJwt.com", xmlDocument);
xmlElement.Attributes.Append(new CustomXmlAttribute("prefix", "issuerCertificateValidator", "http://www.gotJwt.com", xmlDocument)
{
Value = "UnKnown:issuerCertificateValidatorType",
});
xmlElement.Attributes.Append(new CustomXmlAttribute("prefix", "issuerCertificateValidationMode", "http://www.gotJwt.com", xmlDocument)
{
Value = "Custom",
});
try
{
JwtSecurityTokenRequirement = new JwtSecurityTokenRequirement(xmlElement);
expectedException.ProcessNoException();
}
catch (Exception exception)
{
expectedException.ProcessException(exception);
}
}
