示例#1
0
        public void CreateTokenAndParseEncodedMultipleClaims()
        {
            var handler = new SimpleWebTokenHandler();

            byte[] key = GetKey();
            var token = this.CreateToken(key);
            var tokenString = TokenToString(token);
            var signedToken = handler.ReadToken(new XmlTextReader(new StringReader(tokenString)));

            handler.Configuration = new SecurityTokenHandlerConfiguration();

            var symmetricKey = new InMemorySymmetricSecurityKey(key);
            
            handler.Configuration.AudienceRestriction.AllowedAudienceUris.Add(
                new Uri("http://audience"));

            var resolverTable = new Dictionary<string, IList<SecurityKey>>
            {
                { "http://issuer", new SecurityKey[] { symmetricKey } }
            };

            handler.Configuration.IssuerTokenResolver = new NamedKeyIssuerTokenResolver(resolverTable);

            var ids = handler.ValidateToken(signedToken);
            var id = ids.FirstOrDefault();
            
            Assert.IsNotNull(id);

            var testClaims = GetClaims();

            Assert.IsTrue(id.Claims.Count() == 3);
            Assert.IsTrue(id.HasClaim(testClaims[0].Type, testClaims[0].Value));
            Assert.IsTrue(id.HasClaim(testClaims[1].Type, testClaims[1].Value));
            Assert.IsTrue(id.HasClaim(testClaims[2].Type, testClaims[2].Value));
        }
示例#2
0
        private static void ValidateSwtToken(string tokenString)
        {
            var configuration = new SecurityTokenHandlerConfiguration();
            var validationKey = new InMemorySymmetricSecurityKey(Convert.FromBase64String(signingKey));

            // audience validation
            configuration.AudienceRestriction.AllowedAudienceUris.Add(new Uri(realm));

            // signature & issuer validation
            var resolverTable = new Dictionary<string, IList<SecurityKey>>
            {
                { issuerUri, new SecurityKey[] { validationKey } }
            };

            configuration.IssuerTokenResolver = new NamedKeyIssuerTokenResolver(resolverTable);

            var handler = new SimpleWebTokenHandler();
            handler.Configuration = configuration;

            var token = handler.ReadToken(tokenString);
            var ids = handler.ValidateToken(token);

            "\n\nValidated Claims:".ConsoleYellow();
            foreach (var claim in ids.First().Claims)
            {
                Console.WriteLine("{0}\n {1}\n", claim.Type, claim.Value);
            }
        }
示例#3
0
        public SimpleWebToken GetToken(out string keyValue)
        {
            var key = Guid.NewGuid().ToByteArray().ToList();
            key.AddRange(Guid.NewGuid().ToByteArray());
            keyValue = Convert.ToBase64String(key.ToArray());

            var descripter = new SecurityTokenDescriptor();
            descripter.Lifetime = new Lifetime(DateTime.Now, DateTime.Now.AddMinutes(5));
            descripter.TokenIssuerName = "http://www.thinktecture.com";
            descripter.SigningCredentials = new HmacSigningCredentials(key.ToArray());
            descripter.Subject = new ClaimsIdentity(this.Claims());
            descripter.AppliesToAddress = "https://www.thinktecture.com/";

            var output = new SimpleWebTokenHandler().CreateToken(descripter) as SimpleWebToken;

            return output;
        }
示例#4
0
        private SimpleWebToken ResponseToSimpleWebToken(string response)
        {
            var tokenString =
                Uri.UnescapeDataString(
                       response.Split('&')
                      .Single(value => value.StartsWith("wrap_access_token=", StringComparison.OrdinalIgnoreCase))
                      .Split('=')[1]);

            var handler = new SimpleWebTokenHandler();
            var swt = handler.ReadToken(tokenString) as SimpleWebToken;

            return swt;
        }
示例#5
0
        public SimpleWebToken CreateToken(byte[] key)
        {
            var descripter = new SecurityTokenDescriptor
            {
                TokenIssuerName = "http://issuer",
                AppliesToAddress = "http://audience",

                Lifetime = new Lifetime(DateTime.Now, DateTime.Now.AddMinutes(5)),
                Subject = new ClaimsIdentity(GetClaims()),

                SigningCredentials = new HmacSigningCredentials(key),
            };

            var handler = new SimpleWebTokenHandler();
            return handler.CreateToken(descripter) as SimpleWebToken;
        }
示例#6
0
        public void CreateTokenAndParseEncodedMultipleClaims()
        {
            var handler = new SimpleWebTokenHandler();

            string key;
            var token = this.GetToken(out key);
            var tokenString = TokenToString(token);
            var signedToken = handler.ReadToken(new XmlTextReader(new StringReader(tokenString)));
            
            handler.Configuration = new SecurityTokenHandlerConfiguration();

            var registry = new WebTokenIssuerNameRegistry();
            //I think there is currently a bug in this issuer as this really doesn't make sense to me
            registry.AddTrustedIssuer("http://www.thinktecture.com", "TestIssuerName");

            handler.Configuration.IssuerNameRegistry = registry;
            handler.Configuration.AudienceRestriction.AllowedAudienceUris.Add(new Uri("https://www.thinktecture.com/"));

            var tokenResolver = new WebTokenIssuerTokenResolver();
            tokenResolver.AddSigningKey("http://www.thinktecture.com", key);
            handler.Configuration.IssuerTokenResolver = tokenResolver;

            var claims = handler.ValidateToken(signedToken);

            Assert.IsTrue(claims[0].Claims.Count == 3);
            Assert.IsTrue(claims[0].Claims[0].Value == this.Claims()[0].Value);
            Assert.IsTrue(claims[0].Claims[1].Value == this.Claims()[1].Value);
            Assert.IsTrue(claims[0].Claims[2].Value == this.Claims()[2].Value);
        }