private void ValidateIssuer()
{
PublicSamlSecurityTokenHandler samlSecurityTokenHandler = new PublicSamlSecurityTokenHandler();
SamlSecurityToken samlToken = IdentityUtilities.CreateSamlSecurityToken();
ValidateIssuer(IdentityUtilities.DefaultIssuer, null, samlToken, samlSecurityTokenHandler, ExpectedException.ArgumentNullException(substringExpected: "name: validationParameters"));
ValidateIssuer("bob", null, samlToken, samlSecurityTokenHandler, ExpectedException.ArgumentNullException(substringExpected: "name: validationParameters"));
ValidateIssuer("bob", new TokenValidationParameters {
ValidateIssuer = false
}, samlToken, samlSecurityTokenHandler, ExpectedException.NoExceptionExpected);
ValidateIssuer("bob", new TokenValidationParameters {
}, samlToken, samlSecurityTokenHandler, ExpectedException.SecurityTokenInvalidIssuerException(substringExpected: "IDX10204"));
ValidateIssuer(IdentityUtilities.DefaultIssuer, new TokenValidationParameters {
ValidIssuer = IdentityUtilities.DefaultIssuer
}, samlToken, samlSecurityTokenHandler, ExpectedException.NoExceptionExpected);
ValidateIssuer("bob", new TokenValidationParameters {
ValidIssuer = "frank"
}, samlToken, samlSecurityTokenHandler, ExpectedException.SecurityTokenInvalidIssuerException(substringExpected: "IDX10205"));
List <string> validIssuers = new List <string> {
"john", "paul", "george", "ringo"
};
ValidateIssuer("bob", new TokenValidationParameters {
ValidIssuers = validIssuers
}, samlToken, samlSecurityTokenHandler, ExpectedException.SecurityTokenInvalidIssuerException(substringExpected: "IDX10205"));
ValidateIssuer("bob", new TokenValidationParameters {
ValidateIssuer = false
}, samlToken, samlSecurityTokenHandler, ExpectedException.NoExceptionExpected);
validIssuers.Add(IdentityUtilities.DefaultIssuer);
string issuer = ValidateIssuer(IdentityUtilities.DefaultIssuer, new TokenValidationParameters {
ValidIssuers = validIssuers
}, samlToken, samlSecurityTokenHandler, ExpectedException.NoExceptionExpected);
Assert.IsTrue(issuer == IdentityUtilities.DefaultIssuer, "issuer mismatch");
TokenValidationParameters validationParameters = new TokenValidationParameters
{
ValidateAudience = false,
IssuerValidator = IdentityUtilities.IssuerValidatorEcho,
};
ValidateIssuer("bob", validationParameters, samlToken, samlSecurityTokenHandler, ExpectedException.SecurityTokenInvalidIssuerException(substringExpected: "IDX10204"));
validationParameters.ValidateIssuer = false;
validationParameters.IssuerValidator = IdentityUtilities.IssuerValidatorThrows;
ValidateIssuer("bob", validationParameters, samlToken, samlSecurityTokenHandler, ExpectedException.NoExceptionExpected);
}
private void ValidateIssuer()
{
DerivedSamlSecurityTokenHandler samlSecurityTokenHandler = new DerivedSamlSecurityTokenHandler();
ExpectedException expectedException = ExpectedException.NoExceptionExpected;
ValidateIssuer(null, new TokenValidationParameters {
ValidateIssuer = false
}, samlSecurityTokenHandler, expectedException);
expectedException = ExpectedException.ArgumentNullException(substringExpected: "Parameter name: validationParameters");
ValidateIssuer("bob", null, samlSecurityTokenHandler, expectedException);
expectedException = ExpectedException.SecurityTokenInvalidIssuerException(substringExpected: "IDX10204");
ValidateIssuer("bob", new TokenValidationParameters {
}, samlSecurityTokenHandler, expectedException);
expectedException = ExpectedException.NoExceptionExpected;
string issuer = ValidateIssuer("bob", new TokenValidationParameters {
ValidIssuer = "bob"
}, samlSecurityTokenHandler, expectedException);
Assert.IsTrue(issuer == "bob", "issuer mismatch");
expectedException = ExpectedException.SecurityTokenInvalidIssuerException(substringExpected: "IDX10205");
ValidateIssuer("bob", new TokenValidationParameters {
ValidIssuer = "frank"
}, samlSecurityTokenHandler, expectedException);
List <string> validIssuers = new List <string> {
"john", "paul", "george", "ringo"
};
expectedException = ExpectedException.SecurityTokenInvalidIssuerException(substringExpected: "IDX10205");
ValidateIssuer("bob", new TokenValidationParameters {
ValidIssuers = validIssuers
}, samlSecurityTokenHandler, expectedException);
expectedException = ExpectedException.NoExceptionExpected;
ValidateIssuer("bob", new TokenValidationParameters {
ValidateIssuer = false
}, samlSecurityTokenHandler, expectedException);
validIssuers.Add("bob");
expectedException = ExpectedException.NoExceptionExpected;
issuer = ValidateIssuer("bob", new TokenValidationParameters {
ValidIssuers = validIssuers
}, samlSecurityTokenHandler, expectedException);
Assert.IsTrue(issuer == "bob", "issuer mismatch");
expectedException = ExpectedException.SecurityTokenInvalidIssuerException(substringExpected: "IDX10204");
TokenValidationParameters validationParameters = new TokenValidationParameters
{
ValidateAudience = false,
IssuerValidator = IdentityUtilities.IssuerValidatorEcho,
};
ValidateIssuer("bob", validationParameters, samlSecurityTokenHandler, expectedException);
// no delegate secondary should still succeed
expectedException = ExpectedException.NoExceptionExpected;
validationParameters = new TokenValidationParameters
{
ValidateAudience = false,
ValidIssuers = validIssuers,
};
issuer = ValidateIssuer("bob", validationParameters, samlSecurityTokenHandler, expectedException);
Assert.IsTrue(issuer == "bob", "issuer mismatch");
// no delegate, secondary should fail
validIssuers = new List <string> {
"john", "paul", "george", "ringo"
};
expectedException = ExpectedException.SecurityTokenInvalidIssuerException(substringExpected: "IDX10205");
validationParameters = new TokenValidationParameters
{
IssuerSigningKey = new X509SecurityKey(KeyingMaterial.DefaultCert_2048),
ValidateAudience = false,
ValidIssuer = "http://Bob",
};
ValidateIssuer("bob", validationParameters, samlSecurityTokenHandler, expectedException);
validationParameters.ValidateIssuer = false;
validationParameters.IssuerValidator = IdentityUtilities.IssuerValidatorThrows;
ValidateIssuer("bob", validationParameters, samlSecurityTokenHandler, ExpectedException.NoExceptionExpected);
}
