public async Task JsonWebTokenWithX509PublicCertClaimTest() { var certificate = new X509Certificate2("valid_cert.pfx", TestConstants.DefaultPassword); var clientAssertion = new ClientAssertionCertificate(TestConstants.DefaultClientId, certificate); var context = new AuthenticationContext(TestConstants.TenantSpecificAuthority, new TokenCache()); var validCertClaim = "\"x5c\":\"" + Convert.ToBase64String(certificate.GetRawCertData()); HttpMessageHandlerFactory.AddMockHandler(new MockHttpMessageHandler(TestConstants.GetTokenEndpoint(TestConstants.TenantSpecificAuthority)) { Method = HttpMethod.Post, ResponseMessage = new HttpResponseMessage(HttpStatusCode.OK) { Content = new StringContent("{\"token_type\":\"Bearer\",\"expires_in\":\"3599\",\"access_token\":\"some-access-token\"}") }, AdditionalRequestValidation = request => { var requestContent = request.Content.ReadAsStringAsync().GetAwaiter().GetResult(); var formsData = EncodingHelper.ParseKeyValueList(requestContent, '&', true, null); // Check presence of client_assertion in request string encodedJwt; Assert.IsTrue(formsData.TryGetValue("client_assertion", out encodedJwt), "Missing client_assertion from request"); // Check presence of x5c cert claim. It should not exist. var jwtHeader = EncodingHelper.UrlDecode(encodedJwt.Split('.')[0]); Assert.IsTrue(!jwtHeader.Contains("\"x5c\":")); } }); AuthenticationResult result = await context.AcquireTokenAsync(TestConstants.DefaultResource, clientAssertion); Assert.IsNotNull(result.AccessToken); }
public void AdalClaimsChallengeExceptionThrownWithAcquireTokenClientCredentialWhenClaimsChallengeRequiredTestAsync() { var context = new AuthenticationContext(TestConstants.DefaultAuthorityCommonTenant, new TokenCache()); var credential = new ClientCredential(TestConstants.DefaultClientId, TestConstants.DefaultClientSecret); HttpMessageHandlerFactory.AddMockHandler(new MockHttpMessageHandler(TestConstants.GetTokenEndpoint(TestConstants.DefaultAuthorityCommonTenant)) { Method = HttpMethod.Post, ResponseMessage = new HttpResponseMessage(HttpStatusCode.BadRequest) { Content = new StringContent(responseContent) } }); var result = AssertException.TaskThrows <AdalClaimChallengeException>(() => context.AcquireTokenAsync(TestConstants.DefaultResource, credential)); Assert.AreEqual(claims.Replace("\\", ""), result.Claims); }
public void InnerExceptionIncludedWithAdalClaimsChallengeExceptionTestAsync() { var context = new AuthenticationContext(TestConstants.DefaultAuthorityCommonTenant, new TokenCache()); var credential = new ClientCredential(TestConstants.DefaultClientId, TestConstants.DefaultClientSecret); HttpMessageHandlerFactory.AddMockHandler(new MockHttpMessageHandler(TestConstants.GetTokenEndpoint(TestConstants.DefaultAuthorityCommonTenant)) { Method = HttpMethod.Post, ResponseMessage = new HttpResponseMessage(HttpStatusCode.BadRequest) { Content = new StringContent(responseContent) } }); var result = AssertException.TaskThrows <AdalClaimChallengeException>(() => context.AcquireTokenAsync(TestConstants.DefaultResource, credential)); // Check inner exception Assert.AreEqual("Response status code does not indicate success: 400 (BadRequest).", result.InnerException.Message); Assert.AreEqual(responseContent + ": Unknown error", result.InnerException.InnerException.Message); }