Skip to content
This repository was archived by the owner on Dec 13, 2018. It is now read-only.

Patch 2.1 JwtBearer SaveToken #1815

Merged
merged 3 commits into from
Jul 12, 2018
Merged

Patch 2.1 JwtBearer SaveToken #1815

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
c9122a8
Include AuthenticationTicket.Properties in AuthenticationTicket succe…
TimHess May 23, 2018
47caa67
Rewrite JwtBearer token test #640
Tratcher May 16, 2018
aef7ff7
Add JwtBearer test for SaveToken #1768
Tratcher Jul 12, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion src/Microsoft.AspNetCore.Authentication/HandleRequestResult.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ public class HandleRequestResult : AuthenticateResult
{
throw new ArgumentNullException(nameof(ticket));
}
return new HandleRequestResult() { Ticket = ticket };
return new HandleRequestResult() { Ticket = ticket, Properties = ticket.Properties };
}

/// <summary>
Expand Down
75 changes: 68 additions & 7 deletions test/Microsoft.AspNetCore.Authentication.Test/JwtBearerTests.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.

using System;
using System.IdentityModel.Tokens.Jwt;
using System.Linq;
using System.Net;
using System.Net.Http;
Expand Down Expand Up @@ -432,23 +433,78 @@ public async Task VerifySchemeDefaults()
Assert.Null(scheme.DisplayName);
}

[ConditionalFact(Skip = "Need to remove dependency on AAD since the generated tokens will expire")]
[FrameworkSkipCondition(RuntimeFrameworks.Mono)]
// https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/issues/179
[Fact]
public async Task BearerTokenValidation()
{
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(new string('a', 128)));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);

var claims = new[]
{
new Claim(ClaimTypes.NameIdentifier, "Bob")
};

var token = new JwtSecurityToken(
issuer: "issuer.contoso.com",
audience: "audience.contoso.com",
claims: claims,
expires: DateTime.Now.AddMinutes(30),
signingCredentials: creds);

var tokenText = new JwtSecurityTokenHandler().WriteToken(token);

var server = CreateServer(o =>
{
o.Authority = "https://login.windows.net/tushartest.onmicrosoft.com";
o.Audience = "https://TusharTest.onmicrosoft.com/TodoListService-ManualJwt";
o.TokenValidationParameters.ValidateLifetime = false;
o.TokenValidationParameters = new TokenValidationParameters()
{
ValidIssuer = "issuer.contoso.com",
ValidAudience = "audience.contoso.com",
IssuerSigningKey = key,
};
});

var newBearerToken = "Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6ImtyaU1QZG1Cdng2OHNrVDgtbVBBQjNCc2VlQSJ9.eyJhdWQiOiJodHRwczovL1R1c2hhclRlc3Qub25taWNyb3NvZnQuY29tL1RvZG9MaXN0U2VydmljZS1NYW51YWxKd3QiLCJpc3MiOiJodHRwczovL3N0cy53aW5kb3dzLm5ldC9hZmJlY2UwMy1hZWFhLTRmM2YtODVlNy1jZTA4ZGQyMGNlNTAvIiwiaWF0IjoxNDE4MzMwNjE0LCJuYmYiOjE0MTgzMzA2MTQsImV4cCI6MTQxODMzNDUxNCwidmVyIjoiMS4wIiwidGlkIjoiYWZiZWNlMDMtYWVhYS00ZjNmLTg1ZTctY2UwOGRkMjBjZTUwIiwiYW1yIjpbInB3ZCJdLCJvaWQiOiI1Mzk3OTdjMi00MDE5LTQ2NTktOWRiNS03MmM0Yzc3NzhhMzMiLCJ1cG4iOiJWaWN0b3JAVHVzaGFyVGVzdC5vbm1pY3Jvc29mdC5jb20iLCJ1bmlxdWVfbmFtZSI6IlZpY3RvckBUdXNoYXJUZXN0Lm9ubWljcm9zb2Z0LmNvbSIsInN1YiI6IkQyMm9aMW9VTzEzTUFiQXZrdnFyd2REVE80WXZJdjlzMV9GNWlVOVUwYnciLCJmYW1pbHlfbmFtZSI6Ikd1cHRhIiwiZ2l2ZW5fbmFtZSI6IlZpY3RvciIsImFwcGlkIjoiNjEzYjVhZjgtZjJjMy00MWI2LWExZGMtNDE2Yzk3ODAzMGI3IiwiYXBwaWRhY3IiOiIwIiwic2NwIjoidXNlcl9pbXBlcnNvbmF0aW9uIiwiYWNyIjoiMSJ9.N_Kw1EhoVGrHbE6hOcm7ERdZ7paBQiNdObvp2c6T6n5CE8p0fZqmUd-ya_EqwElcD6SiKSiP7gj0gpNUnOJcBl_H2X8GseaeeMxBrZdsnDL8qecc6_ygHruwlPltnLTdka67s1Ow4fDSHaqhVTEk6lzGmNEcbNAyb0CxQxU6o7Fh0yHRiWoLsT8yqYk8nKzsHXfZBNby4aRo3_hXaa4i0SZLYfDGGYPdttG4vT_u54QGGd4Wzbonv2gjDlllOVGOwoJS6kfl1h8mk0qxdiIaT_ChbDWgkWvTB7bTvBE-EgHgV0XmAo0WtJeSxgjsG3KhhEPsONmqrSjhIUV4IVnF2w";
var newBearerToken = "Bearer " + tokenText;
var response = await SendAsync(server, "http://example.com/oauth", newBearerToken);
Assert.Equal(HttpStatusCode.OK, response.Response.StatusCode);
}

[Fact]
public async Task SaveBearerToken()
{
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(new string('a', 128)));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);

var claims = new[]
{
new Claim(ClaimTypes.NameIdentifier, "Bob")
};

var token = new JwtSecurityToken(
issuer: "issuer.contoso.com",
audience: "audience.contoso.com",
claims: claims,
expires: DateTime.Now.AddMinutes(30),
signingCredentials: creds);

var tokenText = new JwtSecurityTokenHandler().WriteToken(token);

var server = CreateServer(o =>
{
o.SaveToken = true;
o.TokenValidationParameters = new TokenValidationParameters()
{
ValidIssuer = "issuer.contoso.com",
ValidAudience = "audience.contoso.com",
IssuerSigningKey = key,
};
});

var newBearerToken = "Bearer " + tokenText;
var response = await SendAsync(server, "http://example.com/token", newBearerToken);
Assert.Equal(HttpStatusCode.OK, response.Response.StatusCode);
Assert.Equal(tokenText, await response.Response.Content.ReadAsStringAsync());
}

[Fact]
public async Task SignInThrows()
{
Expand Down Expand Up @@ -1121,6 +1177,11 @@ private static TestServer CreateServer(Action<JwtBearerOptions> options = null,

await context.Response.WriteAsync(identifier.Value);
}
else if (context.Request.Path == new PathString("/token"))
{
var token = await context.GetTokenAsync("access_token");
await context.Response.WriteAsync(token);
}
else if (context.Request.Path == new PathString("/unauthorized"))
{
// Simulate Authorization failure
Expand Down