public void ValidateHS256Token_IncorrectIssuer_ReturnsError() { var settings = GetHS256TestSettings(); settings.Issuer = "local.auth.issuer1"; var tokenString = GenerateHS256Token(); var mockSettings = new Mock <IOptions <SecuritySettings> >(); mockSettings.Setup(m => m.Value).Returns(() => settings); try { var service = new JwtTokenService(new List <ISecurityService> { new Hs256SecurityService(mockSettings.Object) }, mockSettings.Object); var result = service.Validate(tokenString); Assert.Fail(); } catch (Exception ex) { Assert.AreEqual(ex.Message, "Invalid issuer: local.auth0.issuer"); } }
public void GenerateHS256Token_Success() { var mockSettings = new Mock <IOptions <SecuritySettings> >(); mockSettings.Setup(m => m.Value).Returns(() => GetHS256TestSettings()); var service = new JwtTokenService(new List <ISecurityService> { new Hs256SecurityService(mockSettings.Object) }, mockSettings.Object); var result = service.GenerateToken(_email); var token = result; Assert.IsNotNull(token); var principal = service.Validate(token.Token); Assert.IsNotNull(principal); var identity = principal.Identity; Assert.IsTrue(identity.IsAuthenticated); var claims = principal.Claims; Assert.IsTrue(claims.Any(c => c.Type == "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" && c.Value == _email)); Assert.IsTrue(claims.Any(c => c.Type == "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" && c.Value == _email)); Assert.IsTrue(claims.Any(c => c.Type == "aud" && c.Value == _audience)); Assert.IsTrue(claims.Any(c => c.Type == "iss" && c.Value == _issuer)); }
public void ValidateRS256Token_IncorrectAudience_ReturnsError() { var newAudience = "local.auth.audience1"; var settings = GetRS256TestSettings(); settings.Audience = "local.auth.audience1"; var tokenString = GenerateRS256Token(settings); var mockSettings = new Mock <IOptions <SecuritySettings> >(); mockSettings.Setup(m => m.Value).Returns(() => GetRS256TestSettings()); try { var service = new JwtTokenService(new List <ISecurityService> { new Rs256SecurityService(mockSettings.Object) }, mockSettings.Object); var result = service.Validate(tokenString); Assert.Fail(); } catch (Exception ex) { Assert.AreEqual(ex.Message, $"Invalid audience: {newAudience}"); } }
public void ValidateRS256Token_InvalidSignature_ReturnsError() { var settings = GetRS256TestSettings(); settings.SigningKey = "123"; var tokenString = GenerateRS256Token(); var mockSettings = new Mock <IOptions <SecuritySettings> >(); mockSettings.Setup(m => m.Value).Returns(() => settings); try { var service = new JwtTokenService(new List <ISecurityService> { new Rs256SecurityService(mockSettings.Object) }, mockSettings.Object); var result = service.Validate(tokenString); Assert.Fail(); } catch (Exception ex) { Assert.AreEqual(ex.Message, "Invalid signature"); } }
public void ValidateToken_InvalidSecurityType_ReturnsError() { var settings = new SecuritySettings { Audience = _audience, Issuer = _issuer, SigningKey = _signingKey }; var mockSettings = new Mock <IOptions <SecuritySettings> >(); mockSettings.Setup(m => m.Value).Returns(() => settings); var tokenString = GenerateRS256Token(); try { var service = new JwtTokenService(new List <ISecurityService> { new Rs256SecurityService(mockSettings.Object) }, mockSettings.Object); var result = service.Validate(tokenString); Assert.Fail(); } catch (Exception ex) { Assert.AreEqual(ex.Message, "Invalid security type"); } }
public void ValidateHS256Token_NoSecurityService_ReturnsError() { var tokenString = GenerateHS256Token(); var mockSettings = new Mock <IOptions <SecuritySettings> >(); mockSettings.Setup(m => m.Value).Returns(() => GetHS256TestSettings()); try { var service = new JwtTokenService(new List <ISecurityService>(), mockSettings.Object); var result = service.Validate(tokenString); Assert.Fail(); } catch (Exception ex) { Assert.AreEqual(ex.Message, "Service for type 'HS256' not found"); } }
public void ValidateRS256Token_CertificateWithoutPrivateKey_ReturnsError() { var settings = GetRS256TestSettings(); settings.CertificateData = "***"; var mockSettings = new Mock <IOptions <SecuritySettings> >(); mockSettings.Setup(m => m.Value).Returns(() => settings); try { var tokenString = GenerateRS256Token(); var service = new JwtTokenService(new List <ISecurityService> { new Rs256SecurityService(mockSettings.Object) }, mockSettings.Object); var result = service.Validate(tokenString); Assert.Fail(); } catch (Exception ex) { Assert.AreEqual(ex.Message, "Certificate is not X509Certificate2 or does not have private key"); } }