public void GetTokenValidationParameters_ReturnsExpected()
{
var parameters = CloudFoundryHelper.GetTokenValidationParameters(null, "https://foo.bar.com/keyurl", null, false);
Assert.False(parameters.ValidateAudience, "Audience validation should not be enabled by default");
Assert.True(parameters.ValidateIssuer, "Issuer validation should be enabled by default");
Assert.NotNull(parameters.IssuerValidator);
Assert.True(parameters.ValidateLifetime, "Token lifetime validation should be enabled by default");
Assert.NotNull(parameters.IssuerSigningKeyResolver);
}
public void GetTokenValidationParameters_ReturnsExpected()
{
var parameters = CloudFoundryHelper.GetTokenValidationParameters(null, "https://foo.bar.com/keyurl", null, false);
Assert.True(parameters.ValidateAudience);
Assert.True(parameters.ValidateIssuer);
Assert.NotNull(parameters.IssuerValidator);
// Assert.Equal(cftv.ValidateIssuer, parameters.IssuerValidator);
Assert.True(parameters.ValidateLifetime);
Assert.NotNull(parameters.IssuerSigningKeyResolver);
}
/// <summary>
/// Apply service binding info to an <see cref="CloudFoundryOptions"/> instance
/// </summary>
/// <param name="si">Service binding information</param>
/// <param name="options">CloudFoundryOptions options to be updated</param>
internal static void Configure(SsoServiceInfo si, CloudFoundryOptions options)
{
if (options == null)
{
throw new ArgumentNullException(nameof(options));
}
if (si == null)
{
return;
}
options.AuthorizationUrl = si.AuthDomain;
options.ClientId = si.ClientId;
options.ClientSecret = si.ClientSecret;
var backchannelHttpHandler = CloudFoundryHelper.GetBackChannelHandler(options.ValidateCertificates);
options.TokenValidationParameters = CloudFoundryHelper.GetTokenValidationParameters(options.TokenValidationParameters, options.AuthorizationUrl + CloudFoundryDefaults.JwtTokenUri, backchannelHttpHandler, options.ValidateCertificates, options);
}