public async Task Passes_Token_Validation_With_CNAME() { // Arrange var authenticationApiClient = new AuthenticationApiClient(GetVariable("BRUCKE_AUTHENTICATION_API_URL")); // Act var authenticationResponse = await authenticationApiClient.GetTokenAsync(new ResourceOwnerTokenRequest { ClientId = GetVariable("BRUCKE_CLIENT_ID"), ClientSecret = GetVariable("BRUCKE_CLIENT_SECRET"), Realm = GetVariable("BRUCKE_CONNECTION_NAME"), Scope = "openid", Username = GetVariable("BRUCKE_USERNAME"), Password = GetVariable("BRUCKE_PASSWORD") }); var idTokenValidation = new IdTokenRequirements($"https://{GetVariable("BRUCKE_AUTHENTICATION_API_URL")}/", GetVariable("BRUCKE_CLIENT_ID"), TimeSpan.FromMinutes(1)); await idTokenValidation.AssertTokenMeetsRequirements(authenticationResponse.IdToken); }
public async Task Passes_Token_Validation() { // Arrange var authenticationApiClient = new AuthenticationApiClient(GetVariable("AUTH0_AUTHENTICATION_API_URL")); // Act var authenticationResponse = await authenticationApiClient.GetTokenAsync(new ResourceOwnerTokenRequest { ClientId = GetVariable("AUTH0_CLIENT_ID"), ClientSecret = GetVariable("AUTH0_CLIENT_SECRET"), Realm = _connection.Name, Scope = "openid", Username = _user.Email, Password = Password }); var idTokenValidation = new IdTokenRequirements($"https://{GetVariable("AUTH0_AUTHENTICATION_API_URL")}/", GetVariable("AUTH0_CLIENT_ID"), TimeSpan.FromMinutes(1)); await idTokenValidation.AssertTokenMeetsRequirements(authenticationResponse.IdToken); }
public async Task Fails_Token_Validation_With_Incorrect_Audience() { // Arrange var authenticationApiClient = new AuthenticationApiClient(GetVariable("AUTH0_AUTHENTICATION_API_URL")); // Act var authenticationResponse = await authenticationApiClient.GetTokenAsync(new ResourceOwnerTokenRequest { ClientId = GetVariable("AUTH0_CLIENT_ID"), ClientSecret = GetVariable("AUTH0_CLIENT_SECRET"), Realm = _connection.Name, Scope = "openid", Username = _user.Email, Password = Password }); var idTokenValidation = new IdTokenRequirements($"https://{GetVariable("AUTH0_AUTHENTICATION_API_URL")}/", "invalid_audience", TimeSpan.FromMinutes(1)); // Assert authenticationResponse.IdToken.Should().NotBeNull(); await Assert.ThrowsAsync <IdTokenValidationException>(() => idTokenValidation.AssertTokenMeetsRequirements(authenticationResponse.IdToken)); }
private async Task AssertIdTokenValid(string idToken, string issuer) { var requirements = new IdTokenRequirements(_baseUri.AbsoluteUri, issuer, TimeSpan.FromMinutes(1)); await requirements.AssertTokenMeetsRequirements(idToken); }