public void ShouldIncludeAuthenticationStatement(string authenticationInstant, string authenticationMethod) { var handler = new SolidSaml2SecurityTokenHandler(); var identity = CreateIdentity(); identity.AddClaim(new Claim(ClaimTypes.AuthenticationInstant, authenticationInstant)); identity.AddClaim(new Claim(ClaimTypes.AuthenticationMethod, authenticationMethod)); var descriptor = CreateDesriptor(); descriptor.Subject = identity; var token = handler.CreateToken(descriptor) as Saml2SecurityToken; OutputToken(handler, token); var statement = token?.Assertion.Statements.OfType <Saml2AuthenticationStatement>().FirstOrDefault(); Assert.NotNull(statement); Assert.Equal(DateTime.Parse(authenticationInstant), statement.AuthenticationInstant); Assert.Equal(new Uri(authenticationMethod), statement.AuthenticationContext.ClassReference); Assert.Equal(token.Assertion.Id.Value, statement.SessionIndex); }
public void ShouldNotIncludeAuthenticationStatement(string authenticationInstant, string authenticationMethod) { var handler = new SolidSaml2SecurityTokenHandler(); var identity = CreateIdentity(); if (authenticationInstant != null) { identity.AddClaim(new Claim(ClaimTypes.AuthenticationInstant, authenticationInstant)); } if (authenticationMethod != null) { identity.AddClaim(new Claim(ClaimTypes.AuthenticationMethod, authenticationMethod)); } var descriptor = CreateDesriptor(); descriptor.Subject = identity; var token = handler.CreateToken(descriptor) as Saml2SecurityToken; OutputToken(handler, token); var statement = token?.Assertion.Statements.OfType <Saml2AuthenticationStatement>().FirstOrDefault(); Assert.Null(statement); }
public void ShouldAddToBearerConfirmationData() { var recipient = new Uri("https://recipient"); var handler = new SolidSaml2SecurityTokenHandler(); var identity = CreateIdentity(); var descriptor = CreateDesriptor(); descriptor.Subject = identity; var token = handler.CreateToken(descriptor) as Saml2SecurityToken; token.SetNotBefore(); token.SetNotOnOrAfter(); token.SetRecipient(recipient); OutputToken(handler, token); var confirmation = token?.Assertion.Subject.SubjectConfirmations.FirstOrDefault(c => c.Method == Saml2Constants.ConfirmationMethods.Bearer); Assert.NotNull(confirmation?.SubjectConfirmationData); Assert.Equal(recipient, confirmation.SubjectConfirmationData.Recipient); Assert.Equal(descriptor.NotBefore, confirmation.SubjectConfirmationData.NotBefore); Assert.Equal(descriptor.Expires, confirmation.SubjectConfirmationData.NotOnOrAfter); }