public async Task WhenEncryptionKeyIsNullOrEmpty_DoesNotEncryptHMACSecretInDatabase(string nullOrEmpty)
{
using (var sut = new MongoDbClientStore(
new MongoDatabaseClientProvider(Database),
_collectionName,
nullOrEmpty,
_migrator,
_signatureAlgorithmDataRecordConverter)) {
var hmac = new HMACSignatureAlgorithm("s3cr3t", HashAlgorithmName.SHA384);
var client = new Client(
"c1",
"app one",
hmac,
TimeSpan.FromMinutes(1),
TimeSpan.FromMinutes(2),
RequestTargetEscaping.RFC2396,
new Claim("company", "Dalion"),
new Claim("scope", "HttpMessageSigning"));
await sut.Register(client);
var collection = Database.GetCollection <ClientDataRecordV2>(_collectionName);
var findResult = await collection.FindAsync <ClientDataRecordV2>(new ExpressionFilterDefinition <ClientDataRecordV2>(r => r.Id == client.Id));
var loaded = await findResult.SingleAsync();
loaded.SignatureAlgorithm.Parameter.Should().NotBeNullOrEmpty();
var unencryptedKey = Encoding.UTF8.GetString(hmac.Key);
loaded.SignatureAlgorithm.Parameter.Should().Be(unencryptedKey);
loaded.SignatureAlgorithm.IsParameterEncrypted.Should().BeFalse();
}
}
