public void TokenSignAndVerify()
{
var token = new TestToken()
{
Header = new DefaultJwtHeader()
{
Algorithm = SecurityAlgorithms.HmacSha256
},
Payload = new CommonPayload()
{
Actor = "TestUser",
Audience = "TestAudience",
Issuer = "TestIssuer",
Subject = "TestTokens",
IssuedAt = DateTimeUtility.FromUnixTimestamp(DateTimeUtility.ToUnixTimestamp(DateTime.Now)),
Expires = DateTimeUtility.FromUnixTimestamp(DateTimeUtility.ToUnixTimestamp(DateTime.Now.AddDays(1)))
}
};
var testKey = new SymmetricSecurityKey("TestKey".ToHash <MD5>());
var tokenString = token.Sign(testKey);
var isVaild = JwtTokenConvert.Verify <CommonPayload>(
tokenString, testKey, out var verifyToken);
Assert.True(isVaild);
Assert.Equal(JObject.FromObject(token), JObject.FromObject(verifyToken));
}
public void TokenSignAndVerify2()
{
var token = new TestToken()
{
Header = new DefaultJwtHeader()
{
Algorithm = SecurityAlgorithms.HmacSha256
},
Payload = new CommonPayload()
{
Actor = "TestUser",
Audience = "TestAudience",
Issuer = "TestIssuer",
Subject = "TestTokens",
IssuedAt = DateTime.Now,
Expires = DateTime.Now
}
};
var testKey = new SymmetricSecurityKey("TestKey".ToHash <MD5>());
var tokenString = token.Sign(testKey);
Thread.Sleep(5000);
var isVaild = JwtTokenConvert.Verify <TestToken, DefaultJwtHeader, CommonPayload>(tokenString,
new TokenValidationParameters()
{
IssuerSigningKey = testKey,
ValidIssuer = "TestIssuer", // 驗證的發行者
ValidAudience = "TestAudience", // 驗證的TOKEN接受者
ValidateIssuerSigningKey = true,
ValidateIssuer = true, // 檢查TOKEN發行者
ValidateAudience = true, // 檢查該TOKEN是否發給本服務
ValidateLifetime = true, // 檢查TOKEN是否有效
ClockSkew = TimeSpan.Zero
},
out TestToken tokenOut,
out Exception e);
Assert.False(isVaild);
Assert.NotNull(e);
}
