From d916ced744d9d71425ea8106f4d08c237eee5b69 Mon Sep 17 00:00:00 2001 From: id4s Date: Mon, 15 Jul 2024 17:40:51 -0700 Subject: [PATCH] touched up tests --- .../ClaimsIdentityFactoryTests.cs | 83 +++++++++---------- 1 file changed, 38 insertions(+), 45 deletions(-) diff --git a/test/Microsoft.IdentityModel.Tokens.Tests/ClaimsIdentityFactoryTests.cs b/test/Microsoft.IdentityModel.Tokens.Tests/ClaimsIdentityFactoryTests.cs index 8235f73c55..8a3c24bdf9 100644 --- a/test/Microsoft.IdentityModel.Tokens.Tests/ClaimsIdentityFactoryTests.cs +++ b/test/Microsoft.IdentityModel.Tokens.Tests/ClaimsIdentityFactoryTests.cs @@ -45,48 +45,39 @@ public void Create_FromTokenValidationParameters_ReturnsCorrectClaimsIdentity(bo AppContext.SetSwitch(AppContextSwitches.UseClaimsIdentityTypeSwitch, false); } - [Fact] - public void Create_FromDerivedTokenValidationParameters_HonorsSetSecurityToken() - { - var jsonWebToken = new JsonWebToken(Default.Jwt(Default.SecurityTokenDescriptor())); - var tokenValidationParameters = new DerivedTokenValidationParameters(returnCaseSensitiveClaimsIdentityWithToken: true); - tokenValidationParameters.AuthenticationType = "custom-authentication-type"; - tokenValidationParameters.NameClaimType = "custom-name"; - tokenValidationParameters.RoleClaimType = "custom-role"; - - var actualClaimsIdentity = tokenValidationParameters.CreateClaimsIdentity(jsonWebToken, Default.Issuer); - - // The SecurityToken set in derived TokenValidationParameters is honored. - Assert.IsType(actualClaimsIdentity); - - var securityToken = ((CaseSensitiveClaimsIdentity)actualClaimsIdentity).SecurityToken; - Assert.NotNull(securityToken); - Assert.IsType(securityToken); - Assert.NotEqual(jsonWebToken, securityToken); - - Assert.Equal(tokenValidationParameters.AuthenticationType, actualClaimsIdentity.AuthenticationType); - Assert.Equal(tokenValidationParameters.NameClaimType, actualClaimsIdentity.NameClaimType); - Assert.Equal(tokenValidationParameters.RoleClaimType, actualClaimsIdentity.RoleClaimType); - } - [Theory] - [InlineData(true)] - [InlineData(false)] - public void Create_FromDerivedTokenValidationParameters_ReturnsCorrectClaimsIdentity(bool tvpReturnsCaseSensitiveClaimsIdentityWithoutToken) + [InlineData(true, true)] + [InlineData(true, false)] + [InlineData(false, false)] + public void Create_FromDerivedTokenValidationParameters_ReturnsCorrectClaimsIdentity(bool tvpReturnsCaseSensitiveClaimsIdentity, bool tvpReturnsCaseSensitiveClaimsIdentityWithToken) { var jsonWebToken = new JsonWebToken(Default.Jwt(Default.SecurityTokenDescriptor())); - var tokenValidationParameters = new DerivedTokenValidationParameters(returnCaseSensitiveClaimsIdentityWithoutToken: tvpReturnsCaseSensitiveClaimsIdentityWithoutToken); + var tokenValidationParameters = new DerivedTokenValidationParameters(tvpReturnsCaseSensitiveClaimsIdentity, tvpReturnsCaseSensitiveClaimsIdentityWithToken); tokenValidationParameters.AuthenticationType = "custom-authentication-type"; tokenValidationParameters.NameClaimType = "custom-name"; tokenValidationParameters.RoleClaimType = "custom-role"; var actualClaimsIdentity = tokenValidationParameters.CreateClaimsIdentity(jsonWebToken, Default.Issuer); - Assert.IsType(actualClaimsIdentity); - - var securityToken = ((CaseSensitiveClaimsIdentity)actualClaimsIdentity).SecurityToken; - Assert.NotNull(securityToken); - Assert.Equal(jsonWebToken, securityToken); + if (tvpReturnsCaseSensitiveClaimsIdentity) + { + Assert.IsType(actualClaimsIdentity); + if (tvpReturnsCaseSensitiveClaimsIdentityWithToken) + { + var securityToken = ((CaseSensitiveClaimsIdentity)actualClaimsIdentity).SecurityToken; + Assert.NotNull(securityToken); + Assert.IsType(securityToken); + Assert.NotEqual(jsonWebToken, securityToken); + } + else + { + Assert.Null(((CaseSensitiveClaimsIdentity)actualClaimsIdentity).SecurityToken); + } + } + else + { + Assert.IsType(actualClaimsIdentity); + } Assert.Equal(tokenValidationParameters.AuthenticationType, actualClaimsIdentity.AuthenticationType); Assert.Equal(tokenValidationParameters.NameClaimType, actualClaimsIdentity.NameClaimType); @@ -97,28 +88,30 @@ public void Create_FromDerivedTokenValidationParameters_ReturnsCorrectClaimsIden private class DerivedTokenValidationParameters : TokenValidationParameters { + private bool _returnCaseSensitiveClaimsIdentity; private bool _returnCaseSensitiveClaimsIdentityWithToken; - private bool _returnCaseSensitiveClaimsIdentityWithoutToken; - public DerivedTokenValidationParameters(bool returnCaseSensitiveClaimsIdentityWithToken = false, bool returnCaseSensitiveClaimsIdentityWithoutToken = false) + public DerivedTokenValidationParameters(bool returnCaseSensitiveClaimsIdentity = false, bool returnCaseSensitiveClaimsIdentityWithToken = false) { + _returnCaseSensitiveClaimsIdentity = returnCaseSensitiveClaimsIdentity; _returnCaseSensitiveClaimsIdentityWithToken = returnCaseSensitiveClaimsIdentityWithToken; - _returnCaseSensitiveClaimsIdentityWithoutToken = returnCaseSensitiveClaimsIdentityWithoutToken; } public override ClaimsIdentity CreateClaimsIdentity(SecurityToken securityToken, string issuer) { - if (_returnCaseSensitiveClaimsIdentityWithToken) + if (_returnCaseSensitiveClaimsIdentity) { - return new CaseSensitiveClaimsIdentity(AuthenticationType, NameClaimType, RoleClaimType) + if (_returnCaseSensitiveClaimsIdentityWithToken) { - SecurityToken = new TvpJsonWebToken(Default.Jwt(Default.SecurityTokenDescriptor())), - }; - } - - if (_returnCaseSensitiveClaimsIdentityWithoutToken) - { - return new CaseSensitiveClaimsIdentity(AuthenticationType, NameClaimType, RoleClaimType); + return new CaseSensitiveClaimsIdentity(AuthenticationType, NameClaimType, RoleClaimType) + { + SecurityToken = new TvpJsonWebToken(Default.Jwt(Default.SecurityTokenDescriptor())), + }; + } + else + { + return new CaseSensitiveClaimsIdentity(AuthenticationType, NameClaimType, RoleClaimType); + } } return new ClaimsIdentity(AuthenticationType, NameClaimType, RoleClaimType);