Udostępnij za pośrednictwem


TestTokenCreator Class

Definition

A class responsible for creating test tokens for use in unit testing implementations depending on Microsoft.IdentityModel token validation.

public class TestTokenCreator
type TestTokenCreator = class
Public Class TestTokenCreator
Inheritance
TestTokenCreator

Examples

The following provides an example for how this class could be leveraged using a common testing framework, Xunit. The core concepts will be applicable to unit testing using any framework however.

The example imagines a class, ClassWithMicrosoftIdentityModelDependency, which exposes ValidateToken, a method calling the Microsoft.IdentityModel library and GetTokenValidationParameters which retrieves the TokenValidationParameters the code under test actually uses. Note that it's important to use the real TokenValidationParameters since that will allow the unit tests to actually confirm if there's a gap in the validation (e.g. certain important validation is disabled, ValidateAudience, ValidateIssuer, etc.)

In the following code example, generateTokenToTest should be one of the methods from this class.

internal void AssertValidationException(Func{string} generateTokenToTest, Type innerExceptionType, string innerExceptionMessagePart)
{
    try
    {
        ClassWithMicrosoftIdentityModelDependency.ValidateToken(
            generateTokenToTest,
            ClassWithMicrosoftIdentityModelDependency.GetTokenValidationParameters());

        if (innerExceptionType != null || innerExceptionType != null)
            throw new TestException(
                string.Format(
                    "Expected an exception of type '{0}' containing '{1}' in the message.",
                    innerExceptionType,
                    innerExceptionMessagePart));
    }
    catch (Exception e)
    {
        Assert.Equal(typeof(SampleTestTokenValidationException), e.GetType());
        Assert.Equal(innerExceptionType, e.InnerException.GetType());

        if (!string.IsNullOrEmpty(innerExceptionMessagePart))
        {
            Assert.Contains(innerExceptionMessagePart, e.InnerException.Message);
        }
    }
}

[Fact]
public void TokenWithoutSignature()
{
    var testTokenCreator = new TestTokenCreator();
    AssertValidationException(
        testTokenCreator.CreateTokenWithNoSignature,
        typeof(ArgumentException),
        "IDX14111");
}

Remarks

Microsoft.IdentityModel.SampleTests.SampleTokenValidationClassTests contains examples for how this class can be leveraged to validate a trivial token validation class that depends on Microsoft.IdentityModel's token validation methods.

Constructors

TestTokenCreator()

Properties

Audience

Gets or sets the Audience to be stamped on the tokens created.

Issuer

Gets or sets the issuer to be stamped on the tokens created.

SigningCredentials

Gets or sets the SigningCredentials used to sign the tokens created.

Methods

CreateClaimsSetWithInstanceOverrides()

Creates a default set of claims based on the instance values.

CreateDefaultValidToken()

Creates a default valid test token based based on the class's Issuer, Audience and SigningCredentials values.

CreateExpiredToken()

Creates a test JWS token which is past its expiration.

CreateJsonPayload(IDictionary<String,Object>)

Creates a JSON payload based on the passed IDictionary<TKey,TValue>of claims.

CreateNotYetValidToken()

Creates a test JWS token which is not yet valid.

CreateToken(Dictionary<String,Object>)

Creates a token based on the passed Dictionary<TKey,TValue>.

CreateToken(SecurityTokenDescriptor)

Creates a token based on the passed SecurityTokenDescriptor.

CreateTokenDescriptorWithInstanceOverrides()

Creates a default SecurityTokenDescriptor based on the instance values.

CreateTokenWithBadAudience()

Creates a test JWS token with an audience which doens't match the configured instance value.

CreateTokenWithBadIssuer()

Creates a test JWS token with an issuer which doens't match the configured instance value.

CreateTokenWithBadSignatureKey()

Creates a test JWS token signed with a key that doens't match the configured instance value.

CreateTokenWithFutureIssuedAt()

Creates a test JWS token which is issued in the future.

CreateTokenWithInvalidSignature()

Creates a test token with a signature that doesn't match the payload.

CreateTokenWithMissingAudience()

Creates a test JWS token with a missing audience (aud) claim.

CreateTokenWithMissingExpires()

Creates a test JWS token with a missing Expiration Time (exp) claim.

CreateTokenWithMissingIssuedAt()

Creates a test JWS token with a missing IssuedAt (iat) claim.

CreateTokenWithMissingIssuer()

Creates a test JWS token with a missing issuer (iss) claim.

CreateTokenWithMissingKey()

Creates a test JWS token without a signing key (i.e. alg=none, no signature).

CreateTokenWithMissingNotBefore()

Creates a test JWS token with a missing NotBefore (nbf) claim.

CreateTokenWithNoSignature()

Creates a test JWS token without any signature.

Applies to