public void Create_JWT() { using (new BasicAppHost().Init()) { var jwtProvider = new JwtAuthProvider { AuthKeyBase64 = Config.JwtAuthKeyBase64, ExpireTokensInDays = 3650 }; var header = JwtAuthProvider.CreateJwtHeader(jwtProvider.HashAlgorithm); var body = JwtAuthProvider.CreateJwtPayload(new AuthUserSession { UserAuthId = "1", DisplayName = "test", UserName = "******", IsAuthenticated = true, }, issuer: jwtProvider.Issuer, expireIn: jwtProvider.ExpireTokensIn, audience: jwtProvider.Audience, roles: new[] { "TheRole" }, permissions: new[] { "ThePermission" }); var jwtToken = JwtAuthProvider.CreateJwt(header, body, jwtProvider.GetHashAlgorithm()); jwtToken.Print(); } }
public void Does_validate_multiple_audiences() { var jwtProvider = (JwtAuthProvider)AuthenticateService.GetAuthProvider(JwtAuthProviderReader.Name); string CreateJwtWithAudiences(params string[] audiences) { var header = JwtAuthProvider.CreateJwtHeader(jwtProvider.HashAlgorithm); var body = JwtAuthProvider.CreateJwtPayload(new AuthUserSession { UserAuthId = "1", DisplayName = "Test", Email = "*****@*****.**", IsAuthenticated = true, }, issuer: jwtProvider.Issuer, expireIn: jwtProvider.ExpireTokensIn, audiences: audiences); var jwtToken = JwtAuthProvider.CreateJwt(header, body, jwtProvider.GetHashAlgorithm()); return(jwtToken); } jwtProvider.Audiences = new List <string> { "foo", "bar" }; var jwtNoAudience = CreateJwtWithAudiences(); Assert.That(jwtProvider.IsJwtValid(jwtNoAudience)); var jwtWrongAudience = CreateJwtWithAudiences("qux"); Assert.That(!jwtProvider.IsJwtValid(jwtWrongAudience)); var jwtPartialAudienceMatch = CreateJwtWithAudiences("bar", "qux"); Assert.That(jwtProvider.IsJwtValid(jwtPartialAudienceMatch)); jwtProvider.Audience = "foo"; Assert.That(!jwtProvider.IsJwtValid(jwtPartialAudienceMatch)); jwtProvider.Audience = null; Assert.That(jwtProvider.IsJwtValid(jwtPartialAudienceMatch)); }
protected string CreateJwt(RSAParameters privateKey, string algorithm, string audience = null) { var header = JwtAuthProvider.CreateJwtHeader(algorithm); var payload = JwtAuthProvider.CreateJwtPayload(new AuthUserSession { UserAuthId = "1", DisplayName = "Test", Email = "*****@*****.**", // JwtAuthProvider.CreateJwt would fail without ProfileUrl when // there is no initialized AppHost ProfileUrl = "http://myprofile" }, "https://server.example.com", audiences: new [] { audience }, expireIn: TimeSpan.FromDays(7)); var rsaSignFunc = JwtAuthProviderReader.RsaSignAlgorithms[algorithm]; return(JwtAuthProvider.CreateJwt(header, payload, data => rsaSignFunc(privateKey, data))); }
public void Can_manually_create_an_authenticated_UserSession_in_Token() { var jwtProvider = CreateJwtAuthProvider(); var header = JwtAuthProvider.CreateJwtHeader(jwtProvider.HashAlgorithm); var body = JwtAuthProvider.CreateJwtPayload(new AuthUserSession { UserAuthId = "1", DisplayName = "Test", Email = "*****@*****.**", IsAuthenticated = true, }, issuer: jwtProvider.Issuer, expireIn: jwtProvider.ExpireTokensIn, audiences: jwtProvider.Audiences, roles: new[] { "TheRole" }, permissions: new[] { "ThePermission" }); var jwtToken = JwtAuthProvider.CreateJwt(header, body, jwtProvider.GetHashAlgorithm()); var client = GetClient(); try { client.Send(new HelloJwt { Name = "no jwt" }); Assert.Fail("should throw"); } catch (WebServiceException ex) { Assert.That(ex.StatusCode, Is.EqualTo((int)HttpStatusCode.Unauthorized)); } client.SetTokenCookie(jwtToken); var response = client.Send(new HelloJwt { Name = "from Custom JWT" }); Assert.That(response.Result, Is.EqualTo("Hello, from Custom JWT")); }
private string CreateJwtToken() { var jwtProvider = CreateJwtAuthProvider(); var header = JwtAuthProvider.CreateJwtHeader(jwtProvider.HashAlgorithm); var body = JwtAuthProvider.CreateJwtPayload(new AuthUserSession { UserAuthId = "1", DisplayName = "Test", Email = "*****@*****.**", IsAuthenticated = true, }, issuer: jwtProvider.Issuer, expireIn: jwtProvider.ExpireTokensIn, audiences: jwtProvider.Audiences, roles: new[] { "TheRole" }, permissions: new[] { "ThePermission" }); var jwtToken = JwtAuthProvider.CreateJwt(header, body, jwtProvider.GetHashAlgorithm()); return(jwtToken); }