From 21505f7d64234649f387a4e70edf2a58e040fccc Mon Sep 17 00:00:00 2001 From: id4s Date: Thu, 8 May 2025 14:15:02 -0700 Subject: [PATCH] Move suppression of RS006 to csproj. Fix Benchmarks build issue. ValidateSignature delegate returns ValidationResult --- .../ValidateTokenAsyncTests.cs | 9 +- .../GlobalSuppressions.cs | 2 + .../InternalAPI.Shipped.txt | 13 +- .../InternalAPI.Unshipped.txt | 3 + .../JsonWebTokenHandler.ClaimsIdentity.cs | 1 + .../JsonWebTokenHandler.DecryptToken.cs | 5 +- .../JsonWebTokenHandler.ReadToken.cs | 7 +- .../JsonWebTokenHandler.ValidateSignature.cs | 35 ++- ...nWebTokenHandler.ValidateToken.Internal.cs | 106 +++++-- .../JwtTokenUtilities.DecryptTokenResult.cs | 5 +- .../JwtTokenUtilities.cs | 1 + .../PublicAPI.Shipped.txt | 1 + .../net6.0/InternalAPI.Unshipped.txt | 6 + .../net8.0/InternalAPI.Unshipped.txt | 6 + .../net9.0/InternalAPI.Unshipped.txt | 6 + .../GlobalSuppressions.cs | 4 + .../InternalAPI.Unshipped.txt | 23 ++ .../InternalsVisibleTo.cs | 1 + .../PublicAPI.Shipped.txt | 1 + .../PublicAPI.Unshipped.txt | 7 + .../Saml/Exceptions/SamlValidationError.cs | 5 +- ...SamlSecurityTokenHandler.ClaimsIdentity.cs | 1 + .../SamlSecurityTokenHandler.ReadToken.cs | 4 +- ...lSecurityTokenHandler.ValidateSignature.cs | 21 +- ...rityTokenHandler.ValidateToken.Internal.cs | 82 +++++- .../Saml/SamlTokenUtilities.cs | 1 + .../Saml2/Exceptions/Saml2ValidationError.cs | 5 +- ...aml2SecurityTokenHandler.ClaimsIdentity.cs | 1 + .../Saml2SecurityTokenHandler.ReadToken.cs | 5 +- ...2SecurityTokenHandler.ValidateSignature.cs | 20 +- ...rityTokenHandler.ValidateToken.Internal.cs | 78 ++++- .../Delegates.cs | 41 --- .../SecurityTokenArgumentNullException.cs | 2 +- .../Exceptions/SecurityTokenException.cs | 2 + .../Experimental/Delegates.cs | 173 +++++++++++ .../Experimental/IResultBasedValidation.cs | 76 +++++ .../GlobalSuppressions.cs | 7 + .../InternalAPI.Shipped.txt | 34 --- .../InternalAPI.Unshipped.txt | 103 ++++++- .../PublicAPI.Unshipped.txt | 271 ++++++++++++++++++ .../PublicAPI/net472/InternalAPI.Shipped.txt | 17 -- .../TokenHandler.Internal.cs | 9 +- .../TokenHandler.cs | 1 + .../Details/AlgorithmValidationError.cs | 17 +- .../Details/AudienceValidationError.cs | 20 +- .../IssuerSigningKeyValidationError.cs | 4 +- .../Results/Details/IssuerValidationError.cs | 17 +- .../Details/LifetimeValidationError.cs | 20 +- .../Validation/Results/Details/LogDetail.cs | 1 + .../Results/Details/MessageDetail.cs | 4 +- .../Details/SignatureValidationError.cs | 4 +- .../Details/TokenReplayValidationError.cs | 4 +- .../Details/TokenTypeValidationError.cs | 4 +- .../Results/Details/ValidationError.cs | 16 +- .../Results/IssuerValidationSource.cs | 4 +- .../Results/TokenValidationResult.cs | 1 + .../Validation/Results/ValidatedIssuer.cs | 4 +- .../Validation/Results/ValidatedLifetime.cs | 4 +- .../Results/ValidatedSigningKeyLifetime.cs | 4 +- .../Validation/Results/ValidatedToken.cs | 16 +- .../Validation/Results/ValidatedTokenType.cs | 4 +- .../Validation/Results/ValidationResult.cs | 51 ++-- .../Validation/ValidationFailureType.cs | 8 +- .../Validation/ValidationParameters.cs | 8 +- .../Validation/Validators.Algorithm.cs | 22 +- .../Validation/Validators.Audience.cs | 19 +- .../Validation/Validators.Issuer.cs | 26 +- .../Validation/Validators.IssuerSigningKey.cs | 20 +- .../Validation/Validators.Lifetime.cs | 24 +- .../Validation/Validators.TokenReplay.cs | 18 +- .../Validation/Validators.TokenType.cs | 22 +- .../AadIssuerValidator.Internal.cs | 5 +- ...dValidationParametersExtension.Internal.cs | 3 +- .../InternalAPI.Unshipped.txt | 4 + .../Exceptions/XmlValidationException.cs | 2 +- .../InternalAPI.Unshipped.txt | 4 + src/Microsoft.IdentityModel.Xml/Reference.cs | 1 + src/Microsoft.IdentityModel.Xml/Signature.cs | 1 + src/Microsoft.IdentityModel.Xml/SignedInfo.cs | 1 + .../JsonWebTokenHandler.DecryptTokenTests.cs | 9 +- ...WebTokenHandler.Extensibility.Signature.cs | 2 +- .../JsonWebTokenHandler.ReadTokenTests.cs | 7 +- ...nWebTokenHandler.ValidateSignatureTests.cs | 13 +- ...ndler.ValidateTokenAsyncTests.Algorithm.cs | 1 + ...andler.ValidateTokenAsyncTests.Audience.cs | 1 + ...nHandler.ValidateTokenAsyncTests.Common.cs | 3 +- ...dler.ValidateTokenAsyncTests.Decryption.cs | 1 + ...nHandler.ValidateTokenAsyncTests.Issuer.cs | 1 + ...alidateTokenAsyncTests.IssuerSigningKey.cs | 1 + ...andler.ValidateTokenAsyncTests.Lifetime.cs | 1 + ...ndler.ValidateTokenAsyncTests.Signature.cs | 1 + ...ler.ValidateTokenAsyncTests.TokenReplay.cs | 1 + ...ndler.ValidateTokenAsyncTests.TokenType.cs | 1 + ...okenHandler.ValidateTokenAsyncTests_e2e.cs | 41 +-- .../JsonWebTokenHandlerTests.cs | 1 + .../JwtTokenUtilitiesTests.cs | 1 + .../ExpectedException.cs | 1 + .../IdentityComparer.cs | 1 + .../SamlClaimsIdentityComparisonTestBase.cs | 3 +- .../SkipValidationDelegates.cs | 3 +- .../TestUtilities.cs | 1 + .../CustomAlgorithmValidationDelegates.cs | 19 +- .../CustomAudienceValidationDelegates.cs | 19 +- ...stomIssuerSigningKeyValidationDelegates.cs | 19 +- .../CustomIssuerValidationDelegates.cs | 35 +-- .../CustomLifetimeValidationDelegates.cs | 19 +- .../CustomSignatureValidationDelegates.cs | 19 +- .../CustomTokenReplayValidationDelegates.cs | 20 +- .../CustomTokenTypeValidationDelegates.cs | 19 +- .../CustomValidationErrors.cs | 4 + .../Tests/AlgorithmExtensibilityTestCases.cs | 5 +- .../Tests/AlgorithmExtensibilityTheoryData.cs | 2 +- .../Tests/AudienceExtensibilityTestCases.cs | 1 + .../Tests/AudienceExtensibilityTheoryData.cs | 2 +- .../Tests/ExtensibilityTheoryData.cs | 1 + .../Tests/ITestingTokenHandler.cs | 17 +- .../Tests/IssuerExtensibilityTestCases.cs | 1 + .../Tests/IssuerExtensibilityTheoryData.cs | 2 +- .../IssuerSigningKeyExtensibilityTestCases.cs | 1 + ...IssuerSigningKeyExtensibilityTheoryData.cs | 1 + .../Tests/LifetimeExtensibilityTestCases.cs | 1 + .../Tests/LifetimeExtensibilityTheoryData.cs | 2 +- .../Tests/SignatureExtensibilityTestCases.cs | 3 +- .../Tests/SignatureExtensibilityTheoryData.cs | 2 +- .../TokenReplayExtensibilityTestCases.cs | 1 + .../TokenReplayExtensibilityTheoryData.cs | 2 +- .../Tests/TokenTypeExtensibilityTestCases.cs | 1 + .../Tests/TokenTypeExtensibilityTheoryData.cs | 2 +- .../Tests/ValidateTokenAsyncExtensibility.cs | 3 +- ...ityTokenHandler.Extensibility.Signature.cs | 2 +- ...aml2SecurityTokenHandlerTests.ReadToken.cs | 5 +- ...Tests.ValidateTokenAsyncTests.Algorithm.cs | 3 +- ...rTests.ValidateTokenAsyncTests.Audience.cs | 3 +- ...lerTests.ValidateTokenAsyncTests.Issuer.cs | 3 +- ...alidateTokenAsyncTests.IssuerSigningKey.cs | 3 +- ...rTests.ValidateTokenAsyncTests.Lifetime.cs | 3 +- ...Tests.ValidateTokenAsyncTests.Signature.cs | 3 +- ...sts.ValidateTokenAsyncTests.TokenReplay.cs | 3 +- ...ityTokenHandler.Extensibility.Signature.cs | 2 +- ...SamlSecurityTokenHandlerTests.ReadToken.cs | 5 +- ...Tests.ValidateTokenAsyncTests.Algorithm.cs | 3 +- ...rTests.ValidateTokenAsyncTests.Audience.cs | 3 +- ...lerTests.ValidateTokenAsyncTests.Issuer.cs | 3 +- ...alidateTokenAsyncTests.IssuerSigningKey.cs | 3 +- ...rTests.ValidateTokenAsyncTests.Lifetime.cs | 3 +- ...Tests.ValidateTokenAsyncTests.Signature.cs | 3 +- ...sts.ValidateTokenAsyncTests.TokenReplay.cs | 3 +- .../AbstractVirtualsTests.cs | 5 +- .../AlgorithmValidationResultTests.cs | 15 +- .../AudienceValidationResultTests.cs | 113 +++++--- .../Validation/IssuerValidationResultTests.cs | 19 +- .../LifetimeValidationResultTests.cs | 45 ++- .../Validation/ReplayValidationResultTests.cs | 23 +- .../SigningKeyValidationResultTests.cs | 35 ++- .../Validation/StackFrameTests.cs | 97 +++++++ .../TokenTypeValidationResultTests.cs | 28 +- .../Validation/ValidationErrorTests.cs | 1 + .../Validation/ValidationParametersTests.cs | 1 + ...TokenValidationParametersExtensionTests.cs | 5 +- .../MicrosoftIdentityIssuerValidatorTest.cs | 49 ++-- 160 files changed, 1693 insertions(+), 705 deletions(-) create mode 100644 src/Microsoft.IdentityModel.Tokens/Experimental/Delegates.cs create mode 100644 src/Microsoft.IdentityModel.Tokens/Experimental/IResultBasedValidation.cs create mode 100644 test/Microsoft.IdentityModel.Tokens.Tests/Validation/StackFrameTests.cs diff --git a/benchmark/Microsoft.IdentityModel.Benchmarks/ValidateTokenAsyncTests.cs b/benchmark/Microsoft.IdentityModel.Benchmarks/ValidateTokenAsyncTests.cs index 7525a52289..368c88b1d0 100644 --- a/benchmark/Microsoft.IdentityModel.Benchmarks/ValidateTokenAsyncTests.cs +++ b/benchmark/Microsoft.IdentityModel.Benchmarks/ValidateTokenAsyncTests.cs @@ -11,6 +11,7 @@ using BenchmarkDotNet.Configs; using Microsoft.IdentityModel.JsonWebTokens; using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; namespace Microsoft.IdentityModel.Benchmarks { @@ -104,7 +105,7 @@ public async Task JsonWebTokenHandler_ValidateTokenAsyncWithVP() { // Because ValidationResult is an internal type, we cannot return it in the benchmark. // We return a boolean instead until the type is made public. - ValidationResult result = await _jsonWebTokenHandler.ValidateTokenAsync(_jwsExtendedClaims, _validationParameters, _callContext, CancellationToken.None).ConfigureAwait(false); + ValidationResult result = await _jsonWebTokenHandler.ValidateTokenAsync(_jwsExtendedClaims, _validationParameters, _callContext, CancellationToken.None).ConfigureAwait(false); return result.IsValid; } @@ -131,7 +132,7 @@ public async Task JsonWebTokenHandler_ValidateTokenAsyncW [BenchmarkCategory("ValidateTokenAsync_FailTwiceBeforeSuccess"), Benchmark] public async Task JsonWebTokenHandler_ValidateTokenAsyncWithVP_SucceedOnThirdAttempt() { - ValidationResult result = await _jsonWebTokenHandler.ValidateTokenAsync(_jwsExtendedClaims, _invalidValidationParameters, _callContext, CancellationToken.None).ConfigureAwait(false); + ValidationResult result = await _jsonWebTokenHandler.ValidateTokenAsync(_jwsExtendedClaims, _invalidValidationParameters, _callContext, CancellationToken.None).ConfigureAwait(false); result = await _jsonWebTokenHandler.ValidateTokenAsync(_jwsExtendedClaims, _invalidValidationParameters, _callContext, CancellationToken.None).ConfigureAwait(false); result = await _jsonWebTokenHandler.ValidateTokenAsync(_jwsExtendedClaims, _validationParameters, _callContext, CancellationToken.None).ConfigureAwait(false); @@ -165,7 +166,7 @@ public async Task JsonWebTokenHandler_ValidateTokenAsyncW [BenchmarkCategory("ValidateTokenAsync_FailFourTimesBeforeSuccess"), Benchmark] public async Task JsonWebTokenHandler_ValidateTokenAsyncWithVP_SucceedOnFifthAttempt() { - ValidationResult result = await _jsonWebTokenHandler.ValidateTokenAsync(_jwsExtendedClaims, _invalidValidationParameters, _callContext, CancellationToken.None).ConfigureAwait(false); + ValidationResult result = await _jsonWebTokenHandler.ValidateTokenAsync(_jwsExtendedClaims, _invalidValidationParameters, _callContext, CancellationToken.None).ConfigureAwait(false); result = await _jsonWebTokenHandler.ValidateTokenAsync(_jwsExtendedClaims, _invalidValidationParameters, _callContext, CancellationToken.None).ConfigureAwait(false); result = await _jsonWebTokenHandler.ValidateTokenAsync(_jwsExtendedClaims, _invalidValidationParameters, _callContext, CancellationToken.None).ConfigureAwait(false); result = await _jsonWebTokenHandler.ValidateTokenAsync(_jwsExtendedClaims, _invalidValidationParameters, _callContext, CancellationToken.None).ConfigureAwait(false); @@ -186,7 +187,7 @@ public async Task> JsonWebTokenHandler_ValidateTokenAsyncWithTVP_Cre [BenchmarkCategory("ValidateTokenAsyncClaimAccess"), Benchmark] public async Task> JsonWebTokenHandler_ValidateTokenAsyncWithVP_CreateClaims() { - ValidationResult result = await _jsonWebTokenHandler.ValidateTokenAsync(_jwsExtendedClaims, _validationParameters, _callContext, CancellationToken.None).ConfigureAwait(false); + ValidationResult result = await _jsonWebTokenHandler.ValidateTokenAsync(_jwsExtendedClaims, _validationParameters, _callContext, CancellationToken.None).ConfigureAwait(false); var claimsIdentity = result.UnwrapResult().ClaimsIdentity; var claims = claimsIdentity.Claims; return claims.ToList(); diff --git a/src/Microsoft.IdentityModel.JsonWebTokens/GlobalSuppressions.cs b/src/Microsoft.IdentityModel.JsonWebTokens/GlobalSuppressions.cs index aa1485358a..be53e42143 100644 --- a/src/Microsoft.IdentityModel.JsonWebTokens/GlobalSuppressions.cs +++ b/src/Microsoft.IdentityModel.JsonWebTokens/GlobalSuppressions.cs @@ -38,3 +38,5 @@ [assembly: SuppressMessage("Design", "CA1031:Do not catch general exception types", Justification = "Exception is written to a string", Scope = "member", Target = "~M:Microsoft.IdentityModel.JsonWebTokens.JsonWebTokenHandler.ValidateSignature(System.String,Microsoft.IdentityModel.JsonWebTokens.JsonWebToken,Microsoft.IdentityModel.Tokens.TokenValidationParameters,Microsoft.IdentityModel.Tokens.BaseConfiguration)~Microsoft.IdentityModel.JsonWebTokens.JsonWebToken")] [assembly: SuppressMessage("Design", "CA1031:Do not catch general exception types", Justification = "There are additional keys to check, the next one may be successful", Scope = "member", Target = "~M:Microsoft.IdentityModel.JsonWebTokens.JsonWebTokenHandler.ValidateSignature(Microsoft.IdentityModel.JsonWebTokens.JsonWebToken,Microsoft.IdentityModel.Tokens.TokenValidationParameters,Microsoft.IdentityModel.Tokens.BaseConfiguration)~Microsoft.IdentityModel.JsonWebTokens.JsonWebToken")] [assembly: SuppressMessage("Design", "CA1031:Do not catch general exception types", Justification = "Exception is written to a string", Scope = "member", Target = "~M:Microsoft.IdentityModel.JsonWebTokens.JsonWebTokenHandler.GetContentEncryptionKeys(Microsoft.IdentityModel.JsonWebTokens.JsonWebToken,Microsoft.IdentityModel.Tokens.TokenValidationParameters,Microsoft.IdentityModel.Tokens.BaseConfiguration)~System.Collections.Generic.IEnumerable{Microsoft.IdentityModel.Tokens.SecurityKey}")] +[assembly: SuppressMessage("ApiDesign", "RS0041:Public members should not use oblivious types", Justification = "Nullability annotations are partially implemented.", Scope = "namespaceanddescendants", Target = "~N:Microsoft.IdentityModel.JsonWebTokens")] +[assembly: SuppressMessage("ApiDesign", "RS0036:Annotate nullability of public types and members in the declared API", Justification = "Nullability annotations are partially implemented.", Scope = "namespaceanddescendants", Target = "~N:Microsoft.IdentityModel.JsonWebTokens")] diff --git a/src/Microsoft.IdentityModel.JsonWebTokens/InternalAPI.Shipped.txt b/src/Microsoft.IdentityModel.JsonWebTokens/InternalAPI.Shipped.txt index a956d8fc2b..97033d8eba 100644 --- a/src/Microsoft.IdentityModel.JsonWebTokens/InternalAPI.Shipped.txt +++ b/src/Microsoft.IdentityModel.JsonWebTokens/InternalAPI.Shipped.txt @@ -106,15 +106,12 @@ Microsoft.IdentityModel.JsonWebTokens.JsonWebToken.Typ.set -> void Microsoft.IdentityModel.JsonWebTokens.JsonWebToken.ValidFromNullable.get -> System.DateTime? Microsoft.IdentityModel.JsonWebTokens.JsonWebToken.ValidToNullable.get -> System.DateTime? Microsoft.IdentityModel.JsonWebTokens.JsonWebTokenHandler._telemetryClient -> Microsoft.IdentityModel.Telemetry.ITelemetryClient -Microsoft.IdentityModel.JsonWebTokens.JsonWebTokenHandler.DecryptToken(Microsoft.IdentityModel.JsonWebTokens.JsonWebToken jwtToken, Microsoft.IdentityModel.Tokens.ValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.BaseConfiguration configuration, Microsoft.IdentityModel.Tokens.CallContext callContext) -> Microsoft.IdentityModel.Tokens.ValidationResult Microsoft.IdentityModel.JsonWebTokens.JsonWebTokenHandler.GetContentEncryptionKeys(Microsoft.IdentityModel.JsonWebTokens.JsonWebToken jwtToken, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.BaseConfiguration configuration) -> System.Collections.Generic.IEnumerable Microsoft.IdentityModel.JsonWebTokens.JsonWebTokenHandler.GetContentEncryptionKeys(Microsoft.IdentityModel.JsonWebTokens.JsonWebToken jwtToken, Microsoft.IdentityModel.Tokens.ValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.BaseConfiguration configuration, Microsoft.IdentityModel.Tokens.CallContext callContext) -> (System.Collections.Generic.IList, Microsoft.IdentityModel.Tokens.ValidationError) Microsoft.IdentityModel.JsonWebTokens.JsonWebTokenHandler.StackFrames Microsoft.IdentityModel.JsonWebTokens.JsonWebTokenHandler.ValidateJWEAsync(Microsoft.IdentityModel.JsonWebTokens.JsonWebToken jwtToken, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.BaseConfiguration configuration) -> System.Threading.Tasks.ValueTask Microsoft.IdentityModel.JsonWebTokens.JsonWebTokenHandler.ValidateJWSAsync(Microsoft.IdentityModel.JsonWebTokens.JsonWebToken jsonWebToken, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.BaseConfiguration configuration) -> System.Threading.Tasks.ValueTask Microsoft.IdentityModel.JsonWebTokens.JsonWebTokenHandler.ValidateTokenAsync(Microsoft.IdentityModel.JsonWebTokens.JsonWebToken jsonWebToken, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters) -> System.Threading.Tasks.ValueTask -Microsoft.IdentityModel.JsonWebTokens.JsonWebTokenHandler.ValidateTokenAsync(Microsoft.IdentityModel.Tokens.SecurityToken token, Microsoft.IdentityModel.Tokens.ValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.CallContext callContext, System.Threading.CancellationToken cancellationToken) -> System.Threading.Tasks.Task> -Microsoft.IdentityModel.JsonWebTokens.JsonWebTokenHandler.ValidateTokenAsync(string token, Microsoft.IdentityModel.Tokens.ValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.CallContext callContext, System.Threading.CancellationToken cancellationToken) -> System.Threading.Tasks.Task> Microsoft.IdentityModel.JsonWebTokens.JsonWebTokenHandler.ValidateTokenPayloadAsync(Microsoft.IdentityModel.JsonWebTokens.JsonWebToken jsonWebToken, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.BaseConfiguration configuration) -> System.Threading.Tasks.ValueTask Microsoft.IdentityModel.JsonWebTokens.JwtHeaderUtf8Bytes Microsoft.IdentityModel.JsonWebTokens.JwtHeaderUtf8Bytes.JwtHeaderUtf8Bytes() -> void @@ -154,9 +151,6 @@ Microsoft.IdentityModel.JsonWebTokens.JwtTokenDecryptionParameters.Zip.get -> st Microsoft.IdentityModel.JsonWebTokens.JwtTokenDecryptionParameters.Zip.set -> void Microsoft.IdentityModel.JsonWebTokens.LogMessages override Microsoft.IdentityModel.JsonWebTokens.JsonWebTokenHandler.CreateClaimsIdentityInternal(Microsoft.IdentityModel.Tokens.SecurityToken securityToken, Microsoft.IdentityModel.Tokens.TokenValidationParameters tokenValidationParameters, string issuer) -> System.Security.Claims.ClaimsIdentity -override Microsoft.IdentityModel.JsonWebTokens.JsonWebTokenHandler.CreateClaimsIdentityInternal(Microsoft.IdentityModel.Tokens.SecurityToken securityToken, Microsoft.IdentityModel.Tokens.ValidationParameters validationParameters, string issuer) -> System.Security.Claims.ClaimsIdentity -override Microsoft.IdentityModel.JsonWebTokens.JsonWebTokenHandler.ValidateTokenAsync(Microsoft.IdentityModel.Tokens.SecurityToken token, Microsoft.IdentityModel.Tokens.ValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.CallContext callContext, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) -> System.Threading.Tasks.Task> -override Microsoft.IdentityModel.JsonWebTokens.JsonWebTokenHandler.ValidateTokenAsync(string token, Microsoft.IdentityModel.Tokens.ValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.CallContext callContext, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) -> System.Threading.Tasks.Task> readonly Microsoft.IdentityModel.JsonWebTokens.JsonClaimSet._jsonClaims -> System.Collections.Generic.Dictionary static Microsoft.IdentityModel.JsonWebTokens.ClaimTypeMapping.InboundClaimFilter.get -> System.Collections.Generic.ISet static Microsoft.IdentityModel.JsonWebTokens.ClaimTypeMapping.InboundClaimTypeMap.get -> System.Collections.Generic.IDictionary @@ -207,7 +201,6 @@ static Microsoft.IdentityModel.JsonWebTokens.JsonWebTokenHandler.StackFrames.Tok static Microsoft.IdentityModel.JsonWebTokens.JsonWebTokenHandler.StackFrames.TypeValidationFailed -> System.Diagnostics.StackFrame static Microsoft.IdentityModel.JsonWebTokens.JsonWebTokenHandler.ValidateSignature(byte[] bytes, int len, string stringWithSignature, int signatureStartIndex, Microsoft.IdentityModel.Tokens.SignatureProvider signatureProvider) -> bool static Microsoft.IdentityModel.JsonWebTokens.JsonWebTokenHandler.ValidateSignature(Microsoft.IdentityModel.JsonWebTokens.JsonWebToken jsonWebToken, Microsoft.IdentityModel.Tokens.SecurityKey key, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters) -> bool -static Microsoft.IdentityModel.JsonWebTokens.JsonWebTokenHandler.ValidateSignature(Microsoft.IdentityModel.JsonWebTokens.JsonWebToken jwtToken, Microsoft.IdentityModel.Tokens.ValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.BaseConfiguration configuration, Microsoft.IdentityModel.Tokens.CallContext callContext) -> Microsoft.IdentityModel.Tokens.ValidationResult static Microsoft.IdentityModel.JsonWebTokens.JsonWebTokenHandler.WriteJweHeader(Microsoft.IdentityModel.Tokens.EncryptingCredentials encryptingCredentials, string compressionAlgorithm, string tokenType, System.Collections.Generic.IDictionary jweHeaderClaims) -> byte[] static Microsoft.IdentityModel.JsonWebTokens.JsonWebTokenHandler.WriteJweHeader(Microsoft.IdentityModel.Tokens.EncryptingCredentials encryptingCredentials, string compressionAlgorithm, string tokenType, System.Collections.Generic.IDictionary jweHeaderClaims, bool includeKeyIdInHeader) -> byte[] static Microsoft.IdentityModel.JsonWebTokens.JsonWebTokenHandler.WriteJweHeader(Microsoft.IdentityModel.Tokens.SecurityTokenDescriptor tokenDescriptor) -> byte[] @@ -263,8 +256,6 @@ static Microsoft.IdentityModel.JsonWebTokens.JwtTokenUtilities.ConcatSigningKeys static Microsoft.IdentityModel.JsonWebTokens.JwtTokenUtilities.CountJwtTokenPart(string token, int maxCount) -> int static Microsoft.IdentityModel.JsonWebTokens.JwtTokenUtilities.CreateEncodedSignature(byte[] input, int offset, int count, Microsoft.IdentityModel.Tokens.SigningCredentials signingCredentials) -> byte[] static Microsoft.IdentityModel.JsonWebTokens.JwtTokenUtilities.DecompressToken(byte[] tokenBytes, string algorithm, int maximumDeflateSize) -> string -static Microsoft.IdentityModel.JsonWebTokens.JwtTokenUtilities.DecryptJwtToken(Microsoft.IdentityModel.JsonWebTokens.JsonWebToken jsonWebToken, Microsoft.IdentityModel.Tokens.ValidationParameters validationParameters, Microsoft.IdentityModel.JsonWebTokens.JwtTokenDecryptionParameters decryptionParameters, Microsoft.IdentityModel.Tokens.CallContext callContext) -> Microsoft.IdentityModel.Tokens.ValidationResult -static Microsoft.IdentityModel.JsonWebTokens.JwtTokenUtilities.DecryptJwtToken(Microsoft.IdentityModel.Tokens.SecurityToken securityToken, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters, Microsoft.IdentityModel.JsonWebTokens.JwtTokenDecryptionParameters decryptionParameters) -> string static Microsoft.IdentityModel.JsonWebTokens.JwtTokenUtilities.DefaultHeaderParameters -> System.Collections.Generic.List static Microsoft.IdentityModel.JsonWebTokens.JwtTokenUtilities.GetSecurityKey(Microsoft.IdentityModel.Tokens.EncryptingCredentials encryptingCredentials, Microsoft.IdentityModel.Tokens.CryptoProviderFactory cryptoProviderFactory, System.Collections.Generic.IDictionary additionalHeaderClaims, out byte[] wrappedKey) -> Microsoft.IdentityModel.Tokens.SecurityKey static Microsoft.IdentityModel.JsonWebTokens.JwtTokenUtilities.GetStringClaimValueType(string str) -> string @@ -274,6 +265,4 @@ static Microsoft.IdentityModel.JsonWebTokens.JwtTokenUtilities.ResolveTokenSigni static Microsoft.IdentityModel.JsonWebTokens.JwtTokenUtilities.SafeLogJwtToken(object obj) -> string virtual Microsoft.IdentityModel.JsonWebTokens.JsonWebToken.ReadHeaderValue(ref System.Text.Json.Utf8JsonReader reader, System.Collections.Generic.IDictionary claims) -> void virtual Microsoft.IdentityModel.JsonWebTokens.JsonWebToken.ReadPayloadValue(ref System.Text.Json.Utf8JsonReader reader, System.Collections.Generic.IDictionary claims) -> void -virtual Microsoft.IdentityModel.JsonWebTokens.JsonWebTokenHandler.CreateClaimsIdentity(Microsoft.IdentityModel.JsonWebTokens.JsonWebToken jwtToken, Microsoft.IdentityModel.Tokens.ValidationParameters validationParameters) -> System.Security.Claims.ClaimsIdentity -virtual Microsoft.IdentityModel.JsonWebTokens.JsonWebTokenHandler.CreateClaimsIdentity(Microsoft.IdentityModel.JsonWebTokens.JsonWebToken jwtToken, Microsoft.IdentityModel.Tokens.ValidationParameters validationParameters, string issuer) -> System.Security.Claims.ClaimsIdentity -virtual Microsoft.IdentityModel.JsonWebTokens.JsonWebTokenHandler.ResolveTokenDecryptionKey(string token, Microsoft.IdentityModel.JsonWebTokens.JsonWebToken jwtToken, Microsoft.IdentityModel.Tokens.ValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.CallContext callContext) -> Microsoft.IdentityModel.Tokens.SecurityKey +static Microsoft.IdentityModel.JsonWebTokens.JwtTokenUtilities.DecryptJwtToken(Microsoft.IdentityModel.Tokens.SecurityToken securityToken, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters, Microsoft.IdentityModel.JsonWebTokens.JwtTokenDecryptionParameters decryptionParameters) -> string diff --git a/src/Microsoft.IdentityModel.JsonWebTokens/InternalAPI.Unshipped.txt b/src/Microsoft.IdentityModel.JsonWebTokens/InternalAPI.Unshipped.txt index e69de29bb2..3459f65205 100644 --- a/src/Microsoft.IdentityModel.JsonWebTokens/InternalAPI.Unshipped.txt +++ b/src/Microsoft.IdentityModel.JsonWebTokens/InternalAPI.Unshipped.txt @@ -0,0 +1,3 @@ +virtual Microsoft.IdentityModel.JsonWebTokens.JsonWebToken.ReadHeaderValue(ref System.Text.Json.Utf8JsonReader reader, System.Collections.Generic.IDictionary claims) -> void +DecryptJwtToken(Microsoft.IdentityModel.JsonWebTokens.JsonWebToken jsonWebToken, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters validationParameters, Microsoft.IdentityModel.JsonWebTokens.JwtTokenDecryptionParameters decryptionParameters, Microsoft.IdentityModel.Tokens.CallContext callContext) -> Microsoft.IdentityModel.Tokens.Experimental.ValidationResult +Microsoft.IdentityModel.JsonWebTokens.JsonWebTokenHandler.GetContentEncryptionKeys(Microsoft.IdentityModel.JsonWebTokens.JsonWebToken jwtToken, Microsoft.IdentityModel.Tokens.ValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.BaseConfiguration configuration, Microsoft.IdentityModel.Tokens.CallContext callContext) -> (System.Collections.Generic.IList, Microsoft.IdentityModel.Tokens.ValidationError) diff --git a/src/Microsoft.IdentityModel.JsonWebTokens/JsonWebTokenHandler.ClaimsIdentity.cs b/src/Microsoft.IdentityModel.JsonWebTokens/JsonWebTokenHandler.ClaimsIdentity.cs index 5f16089887..9ac368bdda 100644 --- a/src/Microsoft.IdentityModel.JsonWebTokens/JsonWebTokenHandler.ClaimsIdentity.cs +++ b/src/Microsoft.IdentityModel.JsonWebTokens/JsonWebTokenHandler.ClaimsIdentity.cs @@ -5,6 +5,7 @@ using System.Security.Claims; using Microsoft.IdentityModel.Tokens; using Microsoft.IdentityModel.Logging; +using Microsoft.IdentityModel.Tokens.Experimental; #nullable enable namespace Microsoft.IdentityModel.JsonWebTokens diff --git a/src/Microsoft.IdentityModel.JsonWebTokens/JsonWebTokenHandler.DecryptToken.cs b/src/Microsoft.IdentityModel.JsonWebTokens/JsonWebTokenHandler.DecryptToken.cs index e01abeb08c..428305419b 100644 --- a/src/Microsoft.IdentityModel.JsonWebTokens/JsonWebTokenHandler.DecryptToken.cs +++ b/src/Microsoft.IdentityModel.JsonWebTokens/JsonWebTokenHandler.DecryptToken.cs @@ -9,6 +9,7 @@ using System.Threading.Tasks; using Microsoft.IdentityModel.Logging; using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; using TokenLogMessages = Microsoft.IdentityModel.Tokens.LogMessages; #nullable enable @@ -25,7 +26,7 @@ public partial class JsonWebTokenHandler : TokenHandler /// A that contains call information. /// A that can be used to request cancellation of the asynchronous operation. /// The decoded / cleartext contents of the JWE. - internal async Task> DecryptTokenWithConfigurationAsync( + internal async Task> DecryptTokenWithConfigurationAsync( JsonWebToken jwtToken, ValidationParameters validationParameters, CallContext? callContext, @@ -67,7 +68,7 @@ internal async Task> DecryptTokenWithConfigurationAsync /// The to be used for validating the token. /// A that contains call information. /// The decoded / cleartext contents of the JWE. - internal ValidationResult DecryptToken( + internal ValidationResult DecryptToken( JsonWebToken jwtToken, ValidationParameters validationParameters, BaseConfiguration? configuration, diff --git a/src/Microsoft.IdentityModel.JsonWebTokens/JsonWebTokenHandler.ReadToken.cs b/src/Microsoft.IdentityModel.JsonWebTokens/JsonWebTokenHandler.ReadToken.cs index 8ea160e10a..3b642773c7 100644 --- a/src/Microsoft.IdentityModel.JsonWebTokens/JsonWebTokenHandler.ReadToken.cs +++ b/src/Microsoft.IdentityModel.JsonWebTokens/JsonWebTokenHandler.ReadToken.cs @@ -3,6 +3,7 @@ using System; using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; #nullable enable namespace Microsoft.IdentityModel.JsonWebTokens @@ -11,15 +12,15 @@ namespace Microsoft.IdentityModel.JsonWebTokens public partial class JsonWebTokenHandler : TokenHandler { /// - /// Converts a string into an instance of , returned inside of a . + /// Converts a string into an instance of , returned inside of a . /// /// A JSON Web Token (JWT) in JWS or JWE Compact Serialization format. /// - /// A with the if valid, or an error. + /// A with the if valid, or an error. /// returned if is null or empty. /// returned if the validationParameters.TokenReader delegate is not able to parse/read the token as a valid . /// returned if is not a valid JWT, . - internal static ValidationResult ReadToken( + internal static ValidationResult ReadToken( string token, #pragma warning disable CA1801 // TODO: remove pragma disable once callContext is used for logging CallContext? callContext) diff --git a/src/Microsoft.IdentityModel.JsonWebTokens/JsonWebTokenHandler.ValidateSignature.cs b/src/Microsoft.IdentityModel.JsonWebTokens/JsonWebTokenHandler.ValidateSignature.cs index cfcf05125c..21526e08b4 100644 --- a/src/Microsoft.IdentityModel.JsonWebTokens/JsonWebTokenHandler.ValidateSignature.cs +++ b/src/Microsoft.IdentityModel.JsonWebTokens/JsonWebTokenHandler.ValidateSignature.cs @@ -7,6 +7,7 @@ using System.Text; using Microsoft.IdentityModel.Logging; using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; using TokenLogMessages = Microsoft.IdentityModel.Tokens.LogMessages; #nullable enable @@ -26,7 +27,7 @@ public partial class JsonWebTokenHandler : TokenHandler /// Returned by the default implementation if the token is not signed, or if the validation fails. /// Returned if the algorithm is not supported by the key. /// Returned if the key cannot be resolved. - internal static ValidationResult ValidateSignature( + internal static ValidationResult ValidateSignature( JsonWebToken jwtToken, ValidationParameters validationParameters, BaseConfiguration? configuration, @@ -47,14 +48,12 @@ internal static ValidationResult ValidateSignature( { try { - ValidationResult signatureValidationResult = validationParameters.SignatureValidator( - jwtToken, - validationParameters, - configuration, - callContext); - - if (!signatureValidationResult.IsValid) - return signatureValidationResult.UnwrapError().AddCurrentStackFrame(); + ValidationResult signatureValidationResult = + validationParameters.SignatureValidator( + jwtToken, + validationParameters, + configuration, + callContext); return signatureValidationResult; } @@ -135,7 +134,7 @@ internal static ValidationResult ValidateSignature( } } - private static ValidationResult ValidateSignatureUsingAllKeys( + private static ValidationResult ValidateSignatureUsingAllKeys( JsonWebToken jwtToken, ValidationParameters validationParameters, BaseConfiguration? configuration, @@ -145,22 +144,22 @@ private static ValidationResult ValidateSignatureUsingAllKeys( // 1. User specified delegate: IssuerSigningKeyResolver returned null // 2. ResolveIssuerSigningKey returned null // Try all the keys. This is the degenerate case, not concerned about perf. - (ValidationResult? configResult, bool configKidMatched, KeyMatchFailedResult? configFailedResult) = ValidateUsingKeys( + (ValidationResult? configResult, bool configKidMatched, KeyMatchFailedResult? configFailedResult) = ValidateUsingKeys( jwtToken, validationParameters, configuration?.SigningKeys, callContext); - if (configResult is ValidationResult unwrappedConfigResult) + if (configResult is ValidationResult unwrappedConfigResult) return unwrappedConfigResult; - (ValidationResult? vpResult, bool vpKidMatched, KeyMatchFailedResult? vpFailedResult) = ValidateUsingKeys( + (ValidationResult? vpResult, bool vpKidMatched, KeyMatchFailedResult? vpFailedResult) = ValidateUsingKeys( jwtToken, validationParameters, validationParameters.IssuerSigningKeys, callContext); - if (vpResult is ValidationResult unwrappedVpResult) + if (vpResult is ValidationResult unwrappedVpResult) return unwrappedVpResult; if (vpFailedResult is null && configFailedResult is null) // No keys were attempted @@ -190,7 +189,7 @@ private static ValidationResult ValidateSignatureUsingAllKeys( kidMatched); } - private static (ValidationResult? validResult, bool KidMatched, KeyMatchFailedResult? failedResult) ValidateUsingKeys( + private static (ValidationResult? validResult, bool KidMatched, KeyMatchFailedResult? failedResult) ValidateUsingKeys( JsonWebToken jwtToken, ValidationParameters validationParameters, ICollection? keys, @@ -210,7 +209,7 @@ private static (ValidationResult? validResult, bool KidMatched, Key for (int i = 0; i < keysList.Count; i++) { SecurityKey key = keysList[i]; - ValidationResult result = ValidateSignatureWithKey(jwtToken, key, validationParameters, callContext); + ValidationResult result = ValidateSignatureWithKey(jwtToken, key, validationParameters, callContext); if (result.IsValid) { jwtToken.SigningKey = key; @@ -234,7 +233,7 @@ private static (ValidationResult? validResult, bool KidMatched, Key return (null, kidMatched, null); } - private static ValidationResult ValidateSignatureWithKey( + private static ValidationResult ValidateSignatureWithKey( JsonWebToken jsonWebToken, SecurityKey key, ValidationParameters validationParameters, @@ -255,7 +254,7 @@ private static ValidationResult ValidateSignatureWithKey( try { - ValidationResult algorithmValidationResult = validationParameters.AlgorithmValidator( + ValidationResult algorithmValidationResult = validationParameters.AlgorithmValidator( jsonWebToken.Alg, key, jsonWebToken, diff --git a/src/Microsoft.IdentityModel.JsonWebTokens/JsonWebTokenHandler.ValidateToken.Internal.cs b/src/Microsoft.IdentityModel.JsonWebTokens/JsonWebTokenHandler.ValidateToken.Internal.cs index 72d488beb1..f6e4be2870 100644 --- a/src/Microsoft.IdentityModel.JsonWebTokens/JsonWebTokenHandler.ValidateToken.Internal.cs +++ b/src/Microsoft.IdentityModel.JsonWebTokens/JsonWebTokenHandler.ValidateToken.Internal.cs @@ -6,14 +6,15 @@ using System.Linq; using System.Threading; using System.Threading.Tasks; -using Microsoft.IdentityModel.Tokens; using Microsoft.IdentityModel.Logging; +using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; using TokenLogMessages = Microsoft.IdentityModel.Tokens.LogMessages; #nullable enable namespace Microsoft.IdentityModel.JsonWebTokens { - public partial class JsonWebTokenHandler : TokenHandler + public partial class JsonWebTokenHandler : TokenHandler, IResultBasedValidation { /// /// Validates a token. @@ -23,12 +24,12 @@ public partial class JsonWebTokenHandler : TokenHandler /// The to be used for validating the token. /// A that contains call information. /// A that can be used to request cancellation of the asynchronous operation. - /// A with either a if the token was validated or an with the failure information and exception otherwise. - internal override async Task> ValidateTokenAsync( + /// A with either a if the token was validated or an with the failure information and exception otherwise. + internal override async Task> ValidateTokenAsync( string token, ValidationParameters validationParameters, CallContext callContext, - CancellationToken cancellationToken = default) + CancellationToken cancellationToken) { if (string.IsNullOrEmpty(token)) { @@ -56,10 +57,10 @@ internal override async Task> ValidateTokenAsyn ValidationError.GetCurrentStackFrame()); } - ValidationResult readResult = ReadToken(token, callContext); + ValidationResult readResult = ReadToken(token, callContext); if (readResult.IsValid) { - ValidationResult validationResult = await ValidateTokenAsync( + ValidationResult validationResult = await ValidateTokenAsync( readResult.UnwrapResult(), validationParameters, callContext, @@ -76,11 +77,11 @@ internal override async Task> ValidateTokenAsyn } /// - internal override async Task> ValidateTokenAsync( + internal override async Task> ValidateTokenAsync( SecurityToken token, ValidationParameters validationParameters, CallContext callContext, - CancellationToken cancellationToken = default) + CancellationToken cancellationToken) { if (token is null) { @@ -108,7 +109,7 @@ internal override async Task> ValidateTokenAsyn BaseConfiguration? currentConfiguration = await GetCurrentConfigurationAsync(validationParameters, cancellationToken).ConfigureAwait(false); - ValidationResult result = jsonWebToken.IsEncrypted ? + ValidationResult result = jsonWebToken.IsEncrypted ? await ValidateJWEAsync(jsonWebToken, validationParameters, currentConfiguration, callContext, cancellationToken).ConfigureAwait(false) : await ValidateJWSAsync(jsonWebToken, validationParameters, currentConfiguration, callContext, cancellationToken).ConfigureAwait(false); @@ -185,28 +186,28 @@ await ValidateJWEAsync(jsonWebToken, validationParameters, lkgConfiguration, cal return result.UnwrapError().AddCurrentStackFrame(); } - private async ValueTask> ValidateJWEAsync( + private async ValueTask> ValidateJWEAsync( JsonWebToken jwtToken, ValidationParameters validationParameters, BaseConfiguration? configuration, CallContext callContext, CancellationToken cancellationToken) { - ValidationResult decryptionResult = DecryptToken( + ValidationResult decryptionResult = DecryptToken( jwtToken, validationParameters, configuration, callContext); if (!decryptionResult.IsValid) { return decryptionResult.UnwrapError().AddCurrentStackFrame(); } - ValidationResult readResult = ReadToken(decryptionResult.UnwrapResult(), callContext); + ValidationResult readResult = ReadToken(decryptionResult.UnwrapResult(), callContext); if (!readResult.IsValid) { return readResult.UnwrapError().AddCurrentStackFrame(); } JsonWebToken decryptedToken = (readResult.UnwrapResult() as JsonWebToken)!; - ValidationResult validationResult = + ValidationResult validationResult = await ValidateJWSAsync(decryptedToken!, validationParameters, configuration, callContext, cancellationToken) .ConfigureAwait(false); @@ -223,7 +224,7 @@ await ValidateJWSAsync(decryptedToken!, validationParameters, configuration, cal return validationResult; } - private async ValueTask> ValidateJWSAsync( + private async ValueTask> ValidateJWSAsync( JsonWebToken jsonWebToken, ValidationParameters validationParameters, BaseConfiguration? configuration, @@ -233,7 +234,7 @@ private async ValueTask> ValidateJWSAsync( DateTime? expires = jsonWebToken.HasPayloadClaim(JwtRegisteredClaimNames.Exp) ? jsonWebToken.ValidTo : null; DateTime? notBefore = jsonWebToken.HasPayloadClaim(JwtRegisteredClaimNames.Nbf) ? jsonWebToken.ValidFrom : null; - ValidationResult lifetimeValidationResult; + ValidationResult lifetimeValidationResult; try { @@ -260,7 +261,7 @@ private async ValueTask> ValidateJWSAsync( if (jsonWebToken.Audiences is not IList tokenAudiences) tokenAudiences = jsonWebToken.Audiences.ToList(); - ValidationResult audienceValidationResult; + ValidationResult audienceValidationResult; try { audienceValidationResult = validationParameters.AudienceValidator( @@ -283,7 +284,7 @@ private async ValueTask> ValidateJWSAsync( ex); } - ValidationResult issuerValidationResult; + ValidationResult issuerValidationResult; try { issuerValidationResult = await validationParameters.IssuerValidatorAsync( @@ -291,9 +292,7 @@ private async ValueTask> ValidateJWSAsync( .ConfigureAwait(false); if (!issuerValidationResult.IsValid) - { return issuerValidationResult.UnwrapError().AddCurrentStackFrame(); - } } #pragma warning disable CA1031 // Do not catch general exception types catch (Exception ex) @@ -308,7 +307,7 @@ private async ValueTask> ValidateJWSAsync( ex); } - ValidationResult replayValidationResult; + ValidationResult replayValidationResult; try { @@ -331,11 +330,11 @@ private async ValueTask> ValidateJWSAsync( ex); } - ValidationResult? actorValidationResult = null; + ValidationResult? actorValidationResult = null; // actor validation if (validationParameters.ValidateActor && !string.IsNullOrWhiteSpace(jsonWebToken.Actor)) { - ValidationResult actorReadingResult = ReadToken(jsonWebToken.Actor, callContext); + ValidationResult actorReadingResult = ReadToken(jsonWebToken.Actor, callContext); if (!actorReadingResult.IsValid) return actorReadingResult.UnwrapError().AddCurrentStackFrame(); @@ -346,7 +345,7 @@ private async ValueTask> ValidateJWSAsync( JsonWebToken actorToken = (actorReadingResult.UnwrapResult() as JsonWebToken)!; ValidationParameters actorParameters = validationParameters.ActorValidationParameters; - ValidationResult innerActorValidationResult = + ValidationResult innerActorValidationResult = await ValidateJWSAsync(actorToken, actorParameters, configuration, callContext, cancellationToken) .ConfigureAwait(false); @@ -356,7 +355,7 @@ await ValidateJWSAsync(actorToken, actorParameters, configuration, callContext, actorValidationResult = innerActorValidationResult; } - ValidationResult typeValidationResult; + ValidationResult typeValidationResult; try { @@ -381,12 +380,13 @@ await ValidateJWSAsync(actorToken, actorParameters, configuration, callContext, } // The signature validation delegate is yet to be migrated to ValidationParameters. - ValidationResult signatureValidationResult = ValidateSignature( + ValidationResult signatureValidationResult = ValidateSignature( jsonWebToken, validationParameters, configuration, callContext); + if (!signatureValidationResult.IsValid) return signatureValidationResult.UnwrapError().AddCurrentStackFrame(); - ValidationResult issuerSigningKeyValidationResult; + ValidationResult issuerSigningKeyValidationResult; try { @@ -445,6 +445,58 @@ await ValidateJWSAsync(actorToken, actorParameters, configuration, callContext, return currentConfiguration; } + + #region Explicit Interface Implementations + async Task> IResultBasedValidation.ValidateTokenAsync( + string token, + ValidationParameters validationParameters, + CallContext callContext) + { + return await ValidateTokenAsync( + token, + validationParameters, + callContext, + default).ConfigureAwait(false); + } + + async Task> IResultBasedValidation.ValidateTokenAsync( + string token, + ValidationParameters validationParameters, + CallContext callContext, + CancellationToken cancellationToken) + { + return await ValidateTokenAsync( + token, + validationParameters, + callContext, + cancellationToken).ConfigureAwait(false); + } + + async Task> IResultBasedValidation.ValidateTokenAsync( + SecurityToken token, + ValidationParameters validationParameters, + CallContext callContext) + { + return await ValidateTokenAsync( + token, + validationParameters, + callContext, + default).ConfigureAwait(false); + } + + async Task> IResultBasedValidation.ValidateTokenAsync( + SecurityToken token, + ValidationParameters validationParameters, + CallContext callContext, + CancellationToken cancellationToken) + { + return await ValidateTokenAsync( + token, + validationParameters, + callContext, + cancellationToken).ConfigureAwait(false); + } + #endregion } } #nullable restore diff --git a/src/Microsoft.IdentityModel.JsonWebTokens/JwtTokenUtilities.DecryptTokenResult.cs b/src/Microsoft.IdentityModel.JsonWebTokens/JwtTokenUtilities.DecryptTokenResult.cs index 1dc514b6da..a595fa56bd 100644 --- a/src/Microsoft.IdentityModel.JsonWebTokens/JwtTokenUtilities.DecryptTokenResult.cs +++ b/src/Microsoft.IdentityModel.JsonWebTokens/JwtTokenUtilities.DecryptTokenResult.cs @@ -4,6 +4,7 @@ using System; using System.Text; using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; namespace Microsoft.IdentityModel.JsonWebTokens { @@ -17,7 +18,7 @@ public partial class JwtTokenUtilities /// The decryption parameters container. /// The call context used for logging. /// The decrypted, and if the 'zip' claim is set, decompressed string representation of the token. - internal static ValidationResult DecryptJwtToken( + internal static ValidationResult DecryptJwtToken( JsonWebToken jsonWebToken, ValidationParameters validationParameters, JwtTokenDecryptionParameters decryptionParameters, @@ -65,7 +66,7 @@ internal static ValidationResult DecryptJwtToken( continue; } - ValidationResult result = validationParameters.AlgorithmValidator(zipAlgorithm, key, jsonWebToken, validationParameters, callContext); + ValidationResult result = validationParameters.AlgorithmValidator(zipAlgorithm, key, jsonWebToken, validationParameters, callContext); if (!result.IsValid) { (exceptionStrings ??= new StringBuilder()).AppendLine(result.UnwrapError().MessageDetail.Message); diff --git a/src/Microsoft.IdentityModel.JsonWebTokens/JwtTokenUtilities.cs b/src/Microsoft.IdentityModel.JsonWebTokens/JwtTokenUtilities.cs index a1d08cdbd5..7a8bcdc3cf 100644 --- a/src/Microsoft.IdentityModel.JsonWebTokens/JwtTokenUtilities.cs +++ b/src/Microsoft.IdentityModel.JsonWebTokens/JwtTokenUtilities.cs @@ -12,6 +12,7 @@ using Microsoft.IdentityModel.Abstractions; using Microsoft.IdentityModel.Logging; using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; using Microsoft.IdentityModel.Tokens.Json; using TokenLogMessages = Microsoft.IdentityModel.Tokens.LogMessages; diff --git a/src/Microsoft.IdentityModel.JsonWebTokens/PublicAPI.Shipped.txt b/src/Microsoft.IdentityModel.JsonWebTokens/PublicAPI.Shipped.txt index 2473427ddf..47b77a440d 100644 --- a/src/Microsoft.IdentityModel.JsonWebTokens/PublicAPI.Shipped.txt +++ b/src/Microsoft.IdentityModel.JsonWebTokens/PublicAPI.Shipped.txt @@ -1,3 +1,4 @@ +#nullable enable const Microsoft.IdentityModel.JsonWebTokens.JsonClaimValueTypes.Json = "JSON" -> string const Microsoft.IdentityModel.JsonWebTokens.JsonClaimValueTypes.JsonArray = "JSON_ARRAY" -> string const Microsoft.IdentityModel.JsonWebTokens.JsonClaimValueTypes.JsonNull = "JSON_NULL" -> string diff --git a/src/Microsoft.IdentityModel.JsonWebTokens/PublicAPI/net6.0/InternalAPI.Unshipped.txt b/src/Microsoft.IdentityModel.JsonWebTokens/PublicAPI/net6.0/InternalAPI.Unshipped.txt index e69de29bb2..812667a1ff 100644 --- a/src/Microsoft.IdentityModel.JsonWebTokens/PublicAPI/net6.0/InternalAPI.Unshipped.txt +++ b/src/Microsoft.IdentityModel.JsonWebTokens/PublicAPI/net6.0/InternalAPI.Unshipped.txt @@ -0,0 +1,6 @@ +Microsoft.IdentityModel.JsonWebTokens.JsonWebToken.TryReadJwtClaim.get -> Microsoft.IdentityModel.Tokens.TryReadJwtClaim +Microsoft.IdentityModel.JsonWebTokens.JsonWebToken.TryReadJwtClaim.set -> void +virtual Microsoft.IdentityModel.JsonWebTokens.JsonWebToken.ReadHeaderValue(ref System.Text.Json.Utf8JsonReader reader, System.Collections.Generic.IDictionary claims) -> void +static Microsoft.IdentityModel.JsonWebTokens.JwtTokenUtilities.DecryptJwtToken(Microsoft.IdentityModel.JsonWebTokens.JsonWebToken jsonWebToken, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters validationParameters, Microsoft.IdentityModel.JsonWebTokens.JwtTokenDecryptionParameters decryptionParameters, Microsoft.IdentityModel.Tokens.CallContext callContext) -> Microsoft.IdentityModel.Tokens.Experimental.ValidationResult +Microsoft.IdentityModel.JsonWebTokens.JsonWebTokenHandler.DecryptToken(Microsoft.IdentityModel.JsonWebTokens.JsonWebToken jwtToken, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.BaseConfiguration configuration, Microsoft.IdentityModel.Tokens.CallContext callContext) -> Microsoft.IdentityModel.Tokens.Experimental.ValidationResult +Microsoft.IdentityModel.JsonWebTokens.JsonWebTokenHandler.GetContentEncryptionKeys(Microsoft.IdentityModel.JsonWebTokens.JsonWebToken jwtToken, Microsoft.IdentityModel.Tokens.ValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.BaseConfiguration configuration, Microsoft.IdentityModel.Tokens.CallContext callContext) -> (System.Collections.Generic.IList, Microsoft.IdentityModel.Tokens.ValidationError) diff --git a/src/Microsoft.IdentityModel.JsonWebTokens/PublicAPI/net8.0/InternalAPI.Unshipped.txt b/src/Microsoft.IdentityModel.JsonWebTokens/PublicAPI/net8.0/InternalAPI.Unshipped.txt index e69de29bb2..812667a1ff 100644 --- a/src/Microsoft.IdentityModel.JsonWebTokens/PublicAPI/net8.0/InternalAPI.Unshipped.txt +++ b/src/Microsoft.IdentityModel.JsonWebTokens/PublicAPI/net8.0/InternalAPI.Unshipped.txt @@ -0,0 +1,6 @@ +Microsoft.IdentityModel.JsonWebTokens.JsonWebToken.TryReadJwtClaim.get -> Microsoft.IdentityModel.Tokens.TryReadJwtClaim +Microsoft.IdentityModel.JsonWebTokens.JsonWebToken.TryReadJwtClaim.set -> void +virtual Microsoft.IdentityModel.JsonWebTokens.JsonWebToken.ReadHeaderValue(ref System.Text.Json.Utf8JsonReader reader, System.Collections.Generic.IDictionary claims) -> void +static Microsoft.IdentityModel.JsonWebTokens.JwtTokenUtilities.DecryptJwtToken(Microsoft.IdentityModel.JsonWebTokens.JsonWebToken jsonWebToken, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters validationParameters, Microsoft.IdentityModel.JsonWebTokens.JwtTokenDecryptionParameters decryptionParameters, Microsoft.IdentityModel.Tokens.CallContext callContext) -> Microsoft.IdentityModel.Tokens.Experimental.ValidationResult +Microsoft.IdentityModel.JsonWebTokens.JsonWebTokenHandler.DecryptToken(Microsoft.IdentityModel.JsonWebTokens.JsonWebToken jwtToken, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.BaseConfiguration configuration, Microsoft.IdentityModel.Tokens.CallContext callContext) -> Microsoft.IdentityModel.Tokens.Experimental.ValidationResult +Microsoft.IdentityModel.JsonWebTokens.JsonWebTokenHandler.GetContentEncryptionKeys(Microsoft.IdentityModel.JsonWebTokens.JsonWebToken jwtToken, Microsoft.IdentityModel.Tokens.ValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.BaseConfiguration configuration, Microsoft.IdentityModel.Tokens.CallContext callContext) -> (System.Collections.Generic.IList, Microsoft.IdentityModel.Tokens.ValidationError) diff --git a/src/Microsoft.IdentityModel.JsonWebTokens/PublicAPI/net9.0/InternalAPI.Unshipped.txt b/src/Microsoft.IdentityModel.JsonWebTokens/PublicAPI/net9.0/InternalAPI.Unshipped.txt index e69de29bb2..812667a1ff 100644 --- a/src/Microsoft.IdentityModel.JsonWebTokens/PublicAPI/net9.0/InternalAPI.Unshipped.txt +++ b/src/Microsoft.IdentityModel.JsonWebTokens/PublicAPI/net9.0/InternalAPI.Unshipped.txt @@ -0,0 +1,6 @@ +Microsoft.IdentityModel.JsonWebTokens.JsonWebToken.TryReadJwtClaim.get -> Microsoft.IdentityModel.Tokens.TryReadJwtClaim +Microsoft.IdentityModel.JsonWebTokens.JsonWebToken.TryReadJwtClaim.set -> void +virtual Microsoft.IdentityModel.JsonWebTokens.JsonWebToken.ReadHeaderValue(ref System.Text.Json.Utf8JsonReader reader, System.Collections.Generic.IDictionary claims) -> void +static Microsoft.IdentityModel.JsonWebTokens.JwtTokenUtilities.DecryptJwtToken(Microsoft.IdentityModel.JsonWebTokens.JsonWebToken jsonWebToken, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters validationParameters, Microsoft.IdentityModel.JsonWebTokens.JwtTokenDecryptionParameters decryptionParameters, Microsoft.IdentityModel.Tokens.CallContext callContext) -> Microsoft.IdentityModel.Tokens.Experimental.ValidationResult +Microsoft.IdentityModel.JsonWebTokens.JsonWebTokenHandler.DecryptToken(Microsoft.IdentityModel.JsonWebTokens.JsonWebToken jwtToken, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.BaseConfiguration configuration, Microsoft.IdentityModel.Tokens.CallContext callContext) -> Microsoft.IdentityModel.Tokens.Experimental.ValidationResult +Microsoft.IdentityModel.JsonWebTokens.JsonWebTokenHandler.GetContentEncryptionKeys(Microsoft.IdentityModel.JsonWebTokens.JsonWebToken jwtToken, Microsoft.IdentityModel.Tokens.ValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.BaseConfiguration configuration, Microsoft.IdentityModel.Tokens.CallContext callContext) -> (System.Collections.Generic.IList, Microsoft.IdentityModel.Tokens.ValidationError) diff --git a/src/Microsoft.IdentityModel.Tokens.Saml/GlobalSuppressions.cs b/src/Microsoft.IdentityModel.Tokens.Saml/GlobalSuppressions.cs index 0dfb75d6f5..68b2a81813 100644 --- a/src/Microsoft.IdentityModel.Tokens.Saml/GlobalSuppressions.cs +++ b/src/Microsoft.IdentityModel.Tokens.Saml/GlobalSuppressions.cs @@ -31,3 +31,7 @@ [assembly: SuppressMessage("Design", "CA1031:Do not catch general exception types", Justification = "Catching all exceptions to match old model, in new models, we should try to avoid this behavior", Scope = "member", Target = "~M:Microsoft.IdentityModel.Tokens.Saml.SamlSecurityTokenHandler.ValidateTokenAsync(System.String,Microsoft.IdentityModel.Tokens.TokenValidationParameters)~System.Threading.Tasks.Task{Microsoft.IdentityModel.Tokens.TokenValidationResult}")] [assembly: SuppressMessage("Design", "CA1031:Do not catch general exception types", Justification = "Catching all exceptions to match old model, in new models, we should try to avoid this behavior", Scope = "member", Target = "~M:Microsoft.IdentityModel.Tokens.Saml2.Saml2SecurityTokenHandler.ValidateTokenAsync(System.String,Microsoft.IdentityModel.Tokens.TokenValidationParameters)~System.Threading.Tasks.Task{Microsoft.IdentityModel.Tokens.TokenValidationResult}")] [assembly: SuppressMessage("Globalization", "CA1307:Specify StringComparison", Justification = "Vendored component", Scope = "module")] +[assembly: SuppressMessage("ApiDesign", "RS0041:Public members should not use oblivious types", Justification = "Nullability annotations are partially implemented.", Scope = "namespaceanddescendants", Target = "~N:Microsoft.IdentityModel.Tokens.Saml")] +[assembly: SuppressMessage("ApiDesign", "RS0041:Public members should not use oblivious types", Justification = "Nullability annotations are partially implemented.", Scope = "namespaceanddescendants", Target = "~N:Microsoft.IdentityModel.Tokens.Saml2")] +[assembly: SuppressMessage("ApiDesign", "RS0036:Annotate nullability of public types and members in the declared API", Justification = "Nullability annotations are partially implemented.", Scope = "namespaceanddescendants", Target = "~N:Microsoft.IdentityModel.Tokens.Saml")] +[assembly: SuppressMessage("ApiDesign", "RS0036:Annotate nullability of public types and members in the declared API", Justification = "Nullability annotations are partially implemented.", Scope = "namespaceanddescendants", Target = "~N:Microsoft.IdentityModel.Tokens.Saml2")] diff --git a/src/Microsoft.IdentityModel.Tokens.Saml/InternalAPI.Unshipped.txt b/src/Microsoft.IdentityModel.Tokens.Saml/InternalAPI.Unshipped.txt index e69de29bb2..c407896e38 100644 --- a/src/Microsoft.IdentityModel.Tokens.Saml/InternalAPI.Unshipped.txt +++ b/src/Microsoft.IdentityModel.Tokens.Saml/InternalAPI.Unshipped.txt @@ -0,0 +1,23 @@ +Microsoft.IdentityModel.Tokens.Saml.SamlSecurityTokenHandler.CreateClaimsIdentity(Microsoft.IdentityModel.Tokens.Saml.SamlSecurityToken samlToken, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters validationParameters, string issuer) -> System.Security.Claims.ClaimsIdentity +Microsoft.IdentityModel.Tokens.Saml.SamlSecurityTokenHandler.ValidatedConditions.ValidatedConditions(string ValidatedAudience, Microsoft.IdentityModel.Tokens.Experimental.ValidatedLifetime? ValidatedLifetime) -> void +Microsoft.IdentityModel.Tokens.Saml.SamlSecurityTokenHandler.ValidatedConditions.ValidatedLifetime.get -> Microsoft.IdentityModel.Tokens.Experimental.ValidatedLifetime? +Microsoft.IdentityModel.Tokens.Saml2.Saml2SecurityTokenHandler.CreateClaimsIdentity(Microsoft.IdentityModel.Tokens.Saml2.Saml2SecurityToken samlToken, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters validationParameters, string issuer) -> System.Security.Claims.ClaimsIdentity +Microsoft.IdentityModel.Tokens.Saml2.Saml2SecurityTokenHandler.ValidatedConditions.ValidatedConditions(string ValidatedAudience, Microsoft.IdentityModel.Tokens.Experimental.ValidatedLifetime? ValidatedLifetime) -> void +Microsoft.IdentityModel.Tokens.Saml2.Saml2SecurityTokenHandler.ValidatedConditions.ValidatedLifetime.get -> Microsoft.IdentityModel.Tokens.Experimental.ValidatedLifetime? +override Microsoft.IdentityModel.Tokens.Saml.SamlSecurityTokenHandler.CreateClaimsIdentityInternal(Microsoft.IdentityModel.Tokens.SecurityToken securityToken, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters validationParameters, string issuer) -> System.Security.Claims.ClaimsIdentity +override Microsoft.IdentityModel.Tokens.Saml.SamlSecurityTokenHandler.ValidateTokenAsync(Microsoft.IdentityModel.Tokens.SecurityToken securityToken, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.CallContext callContext, System.Threading.CancellationToken cancellationToken) -> System.Threading.Tasks.Task> +override Microsoft.IdentityModel.Tokens.Saml.SamlSecurityTokenHandler.ValidateTokenAsync(string token, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.CallContext callContext, System.Threading.CancellationToken cancellationToken) -> System.Threading.Tasks.Task> +override Microsoft.IdentityModel.Tokens.Saml2.Saml2SecurityTokenHandler.CreateClaimsIdentityInternal(Microsoft.IdentityModel.Tokens.SecurityToken securityToken, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters validationParameters, string issuer) -> System.Security.Claims.ClaimsIdentity +override Microsoft.IdentityModel.Tokens.Saml2.Saml2SecurityTokenHandler.ValidateTokenAsync(Microsoft.IdentityModel.Tokens.SecurityToken securityToken, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.CallContext callContext, System.Threading.CancellationToken cancellationToken) -> System.Threading.Tasks.Task> +override Microsoft.IdentityModel.Tokens.Saml2.Saml2SecurityTokenHandler.ValidateTokenAsync(string token, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.CallContext callContext, System.Threading.CancellationToken cancellationToken) -> System.Threading.Tasks.Task> +static Microsoft.IdentityModel.Tokens.Saml.SamlSecurityTokenHandler.ValidateSignature(Microsoft.IdentityModel.Tokens.Saml.SamlSecurityToken samlToken, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.CallContext callContext) -> Microsoft.IdentityModel.Tokens.Experimental.ValidationResult +static Microsoft.IdentityModel.Tokens.Saml.SamlTokenUtilities.PopulateValidationParametersWithCurrentConfigurationAsync(Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters validationParameters, System.Threading.CancellationToken cancellationToken) -> System.Threading.Tasks.Task +static Microsoft.IdentityModel.Tokens.Saml.SamlTokenUtilities.ResolveTokenSigningKey(Microsoft.IdentityModel.Xml.KeyInfo tokenKeyInfo, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters validationParameters) -> Microsoft.IdentityModel.Tokens.SecurityKey +static Microsoft.IdentityModel.Tokens.Saml2.Saml2SecurityTokenHandler.ValidateSignature(Microsoft.IdentityModel.Tokens.Saml2.Saml2SecurityToken samlToken, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.CallContext callContext) -> Microsoft.IdentityModel.Tokens.Experimental.ValidationResult +virtual Microsoft.IdentityModel.Tokens.Saml.SamlSecurityTokenHandler.ProcessStatements(Microsoft.IdentityModel.Tokens.Saml.SamlSecurityToken samlToken, string issuer, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters validationParameters) -> System.Collections.Generic.IEnumerable +virtual Microsoft.IdentityModel.Tokens.Saml.SamlSecurityTokenHandler.ReadSamlToken(string token, Microsoft.IdentityModel.Tokens.CallContext callContext) -> Microsoft.IdentityModel.Tokens.Experimental.ValidationResult +virtual Microsoft.IdentityModel.Tokens.Saml.SamlSecurityTokenHandler.ValidateConditions(Microsoft.IdentityModel.Tokens.Saml.SamlSecurityToken samlToken, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.CallContext callContext) -> Microsoft.IdentityModel.Tokens.Experimental.ValidationResult +virtual Microsoft.IdentityModel.Tokens.Saml2.Saml2SecurityTokenHandler.ReadSaml2Token(string token, Microsoft.IdentityModel.Tokens.CallContext callContext) -> Microsoft.IdentityModel.Tokens.Experimental.ValidationResult +virtual Microsoft.IdentityModel.Tokens.Saml2.Saml2SecurityTokenHandler.ValidateConditions(Microsoft.IdentityModel.Tokens.Saml2.Saml2SecurityToken samlToken, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.CallContext callContext) -> Microsoft.IdentityModel.Tokens.Experimental.ValidationResult +virtual Microsoft.IdentityModel.Tokens.Saml2.Saml2SecurityTokenHandler.ValidateOneTimeUseCondition(Microsoft.IdentityModel.Tokens.Saml2.Saml2SecurityToken samlToken, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.CallContext callContext) -> Microsoft.IdentityModel.Tokens.Experimental.ValidationError +virtual Microsoft.IdentityModel.Tokens.Saml2.Saml2SecurityTokenHandler.ValidateProxyRestriction(Microsoft.IdentityModel.Tokens.Saml2.Saml2SecurityToken samlToken, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.CallContext callContext) -> Microsoft.IdentityModel.Tokens.Experimental.ValidationError \ No newline at end of file diff --git a/src/Microsoft.IdentityModel.Tokens.Saml/InternalsVisibleTo.cs b/src/Microsoft.IdentityModel.Tokens.Saml/InternalsVisibleTo.cs index 6918991a28..a11abe79ea 100644 --- a/src/Microsoft.IdentityModel.Tokens.Saml/InternalsVisibleTo.cs +++ b/src/Microsoft.IdentityModel.Tokens.Saml/InternalsVisibleTo.cs @@ -2,4 +2,5 @@ // Licensed under the MIT License. [assembly: System.Runtime.CompilerServices.InternalsVisibleTo("Microsoft.IdentityModel.TestUtils, PublicKey=0024000004800000940000000602000000240000525341310004000001000100b5fc90e7027f67871e773a8fde8938c81dd402ba65b9201d60593e96c492651e889cc13f1415ebb53fac1131ae0bd333c5ee6021672d9718ea31a8aebd0da0072f25d87dba6fc90ffd598ed4da35e44c398c454307e8e33b8426143daec9f596836f97c8f74750e5975c64e2189f45def46b2a2b1247adc3652bf5c308055da9")] +[assembly: System.Runtime.CompilerServices.InternalsVisibleTo("Microsoft.IdentityModel.Tokens.Saml.Tests, PublicKey=0024000004800000940000000602000000240000525341310004000001000100b5fc90e7027f67871e773a8fde8938c81dd402ba65b9201d60593e96c492651e889cc13f1415ebb53fac1131ae0bd333c5ee6021672d9718ea31a8aebd0da0072f25d87dba6fc90ffd598ed4da35e44c398c454307e8e33b8426143daec9f596836f97c8f74750e5975c64e2189f45def46b2a2b1247adc3652bf5c308055da9")] diff --git a/src/Microsoft.IdentityModel.Tokens.Saml/PublicAPI.Shipped.txt b/src/Microsoft.IdentityModel.Tokens.Saml/PublicAPI.Shipped.txt index d70ce0b6a9..857ab8fe18 100644 --- a/src/Microsoft.IdentityModel.Tokens.Saml/PublicAPI.Shipped.txt +++ b/src/Microsoft.IdentityModel.Tokens.Saml/PublicAPI.Shipped.txt @@ -1,3 +1,4 @@ +#nullable enable const Microsoft.IdentityModel.Tokens.Saml.ClaimProperties.Namespace = "http://schemas.xmlsoap.org/ws/2005/05/identity/claimproperties" -> string const Microsoft.IdentityModel.Tokens.Saml.ClaimProperties.SamlNameIdentifierFormat = "http://schemas.xmlsoap.org/ws/2005/05/identity/claimproperties/format" -> string const Microsoft.IdentityModel.Tokens.Saml.ClaimProperties.SamlNameIdentifierNameQualifier = "http://schemas.xmlsoap.org/ws/2005/05/identity/claimproperties/namequalifier" -> string diff --git a/src/Microsoft.IdentityModel.Tokens.Saml/PublicAPI.Unshipped.txt b/src/Microsoft.IdentityModel.Tokens.Saml/PublicAPI.Unshipped.txt index e69de29bb2..b4526d9e88 100644 --- a/src/Microsoft.IdentityModel.Tokens.Saml/PublicAPI.Unshipped.txt +++ b/src/Microsoft.IdentityModel.Tokens.Saml/PublicAPI.Unshipped.txt @@ -0,0 +1,7 @@ +#nullable enable +Microsoft.IdentityModel.Tokens.Saml.Experimental.SamlValidationError +Microsoft.IdentityModel.Tokens.Saml.Experimental.SamlValidationError.SamlValidationError(Microsoft.IdentityModel.Tokens.Experimental.MessageDetail! messageDetail, Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType! validationFailureType, System.Type! exceptionType, System.Diagnostics.StackFrame! stackFrame, System.Exception? innerException = null) -> void +Microsoft.IdentityModel.Tokens.Saml2.Experimental.Saml2ValidationError +Microsoft.IdentityModel.Tokens.Saml2.Experimental.Saml2ValidationError.Saml2ValidationError(Microsoft.IdentityModel.Tokens.Experimental.MessageDetail! messageDetail, Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType! validationFailureType, System.Type! exceptionType, System.Diagnostics.StackFrame! stackFrame, System.Exception? innerException = null) -> void +override Microsoft.IdentityModel.Tokens.Saml.Experimental.SamlValidationError.CreateException() -> System.Exception! +override Microsoft.IdentityModel.Tokens.Saml2.Experimental.Saml2ValidationError.CreateException() -> System.Exception! diff --git a/src/Microsoft.IdentityModel.Tokens.Saml/Saml/Exceptions/SamlValidationError.cs b/src/Microsoft.IdentityModel.Tokens.Saml/Saml/Exceptions/SamlValidationError.cs index 8883c110ce..1a55c5fb58 100644 --- a/src/Microsoft.IdentityModel.Tokens.Saml/Saml/Exceptions/SamlValidationError.cs +++ b/src/Microsoft.IdentityModel.Tokens.Saml/Saml/Exceptions/SamlValidationError.cs @@ -3,14 +3,15 @@ using System; using System.Diagnostics; +using Microsoft.IdentityModel.Tokens.Experimental; #nullable enable -namespace Microsoft.IdentityModel.Tokens.Saml +namespace Microsoft.IdentityModel.Tokens.Saml.Experimental { /// /// Represents a SAML validation error. /// - internal class SamlValidationError : ValidationError + public class SamlValidationError : ValidationError { /// /// Initializes a new instance of the class. diff --git a/src/Microsoft.IdentityModel.Tokens.Saml/Saml/SamlSecurityTokenHandler.ClaimsIdentity.cs b/src/Microsoft.IdentityModel.Tokens.Saml/Saml/SamlSecurityTokenHandler.ClaimsIdentity.cs index 1e1cef4c4d..4ef036e848 100644 --- a/src/Microsoft.IdentityModel.Tokens.Saml/Saml/SamlSecurityTokenHandler.ClaimsIdentity.cs +++ b/src/Microsoft.IdentityModel.Tokens.Saml/Saml/SamlSecurityTokenHandler.ClaimsIdentity.cs @@ -5,6 +5,7 @@ using System.Linq; using System.Security.Claims; using Microsoft.IdentityModel.Logging; +using Microsoft.IdentityModel.Tokens.Experimental; #nullable enable namespace Microsoft.IdentityModel.Tokens.Saml diff --git a/src/Microsoft.IdentityModel.Tokens.Saml/Saml/SamlSecurityTokenHandler.ReadToken.cs b/src/Microsoft.IdentityModel.Tokens.Saml/Saml/SamlSecurityTokenHandler.ReadToken.cs index f9c658aaf1..df5d2432ca 100644 --- a/src/Microsoft.IdentityModel.Tokens.Saml/Saml/SamlSecurityTokenHandler.ReadToken.cs +++ b/src/Microsoft.IdentityModel.Tokens.Saml/Saml/SamlSecurityTokenHandler.ReadToken.cs @@ -5,6 +5,8 @@ using System.Text; using System.Xml; using Microsoft.IdentityModel.Logging; +using Microsoft.IdentityModel.Tokens.Experimental; +using Microsoft.IdentityModel.Tokens.Saml.Experimental; using TokenLogMessages = Microsoft.IdentityModel.Tokens.LogMessages; namespace Microsoft.IdentityModel.Tokens.Saml @@ -19,7 +21,7 @@ public partial class SamlSecurityTokenHandler : SecurityTokenHandler /// A /// If is null or empty. /// If 'token.Length' is greater than . - internal virtual ValidationResult ReadSamlToken(string token, CallContext callContext) + internal virtual ValidationResult ReadSamlToken(string token, CallContext callContext) { if (string.IsNullOrEmpty(token)) return ValidationError.NullParameter(nameof(token), ValidationError.GetCurrentStackFrame()); diff --git a/src/Microsoft.IdentityModel.Tokens.Saml/Saml/SamlSecurityTokenHandler.ValidateSignature.cs b/src/Microsoft.IdentityModel.Tokens.Saml/Saml/SamlSecurityTokenHandler.ValidateSignature.cs index bb446c3f9c..82f73dca0a 100644 --- a/src/Microsoft.IdentityModel.Tokens.Saml/Saml/SamlSecurityTokenHandler.ValidateSignature.cs +++ b/src/Microsoft.IdentityModel.Tokens.Saml/Saml/SamlSecurityTokenHandler.ValidateSignature.cs @@ -5,6 +5,7 @@ using System.Collections.Generic; using System.Text; using Microsoft.IdentityModel.Logging; +using Microsoft.IdentityModel.Tokens.Experimental; using TokenLogMessages = Microsoft.IdentityModel.Tokens.LogMessages; #nullable enable @@ -12,7 +13,7 @@ namespace Microsoft.IdentityModel.Tokens.Saml { public partial class SamlSecurityTokenHandler : SecurityTokenHandler { - internal static ValidationResult ValidateSignature( + internal static ValidationResult ValidateSignature( SamlSecurityToken samlToken, ValidationParameters validationParameters, #pragma warning disable CA1801 // Review unused parameters @@ -38,15 +39,12 @@ internal static ValidationResult ValidateSignature( { try { - ValidationResult signatureValidationResult = validationParameters.SignatureValidator( + ValidationResult signatureValidationResult = validationParameters.SignatureValidator( samlToken, validationParameters, null, // configuration callContext); - if (!signatureValidationResult.IsValid) - return signatureValidationResult.UnwrapError().AddCurrentStackFrame(); - return signatureValidationResult; } #pragma warning disable CA1031 // Do not catch general exception types @@ -93,12 +91,7 @@ internal static ValidationResult ValidateSignature( if (resolvedKey is not null) { keyMatched = true; - var result = ValidateSignatureUsingKey(resolvedKey, samlToken, validationParameters, callContext); - - if (!result.IsValid) - return result.UnwrapError().AddCurrentStackFrame(); - - return result; + return ValidateSignatureUsingKey(resolvedKey, samlToken, validationParameters, callContext); } bool canMatchKey = samlToken.Assertion.Signature.KeyInfo != null; @@ -163,11 +156,11 @@ internal static ValidationResult ValidateSignature( ValidationError.GetCurrentStackFrame()); } - private static ValidationResult ValidateSignatureUsingKey(SecurityKey key, SamlSecurityToken samlToken, ValidationParameters validationParameters, CallContext callContext) + private static ValidationResult ValidateSignatureUsingKey(SecurityKey key, SamlSecurityToken samlToken, ValidationParameters validationParameters, CallContext callContext) { try { - ValidationResult algorithmValidationResult = validationParameters.AlgorithmValidator( + ValidationResult algorithmValidationResult = validationParameters.AlgorithmValidator( samlToken.Assertion.Signature.SignedInfo.SignatureMethod, key, samlToken, @@ -213,7 +206,7 @@ private static ValidationResult ValidateSignatureUsingKey(SecurityK } else { - return validationError.AddCurrentStackFrame(); + return validationError; } } diff --git a/src/Microsoft.IdentityModel.Tokens.Saml/Saml/SamlSecurityTokenHandler.ValidateToken.Internal.cs b/src/Microsoft.IdentityModel.Tokens.Saml/Saml/SamlSecurityTokenHandler.ValidateToken.Internal.cs index 752c41aba1..b176913b9d 100644 --- a/src/Microsoft.IdentityModel.Tokens.Saml/Saml/SamlSecurityTokenHandler.ValidateToken.Internal.cs +++ b/src/Microsoft.IdentityModel.Tokens.Saml/Saml/SamlSecurityTokenHandler.ValidateToken.Internal.cs @@ -5,6 +5,7 @@ using System.Linq; using System.Threading; using System.Threading.Tasks; +using Microsoft.IdentityModel.Tokens.Experimental; #nullable enable namespace Microsoft.IdentityModel.Tokens.Saml @@ -12,7 +13,7 @@ namespace Microsoft.IdentityModel.Tokens.Saml /// /// A designed for creating and validating Saml Tokens. See: http://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf /// - public partial class SamlSecurityTokenHandler : SecurityTokenHandler + public partial class SamlSecurityTokenHandler : SecurityTokenHandler, IResultBasedValidation { /// /// Validates a token. @@ -23,12 +24,12 @@ public partial class SamlSecurityTokenHandler : SecurityTokenHandler /// The to be used for validating the token. /// A that contains call information. /// A that can be used to request cancellation of the asynchronous operation. - /// A with either a if the token was validated or an with the failure information and exception otherwise. - internal async override Task> ValidateTokenAsync( + /// A with either a if the token was validated or an with the failure information and exception otherwise. + internal async override Task> ValidateTokenAsync( string token, ValidationParameters validationParameters, CallContext callContext, - CancellationToken cancellationToken = default) + CancellationToken cancellationToken) { if (token is null) return ValidationError.NullParameter(nameof(token), ValidationError.GetCurrentStackFrame()); @@ -43,11 +44,12 @@ internal async override Task> ValidateTokenAsyn return await ValidateTokenAsync(tokenReadingResult.UnwrapResult(), validationParameters, callContext, cancellationToken).ConfigureAwait(false); } - internal override async Task> ValidateTokenAsync( + /// + internal override async Task> ValidateTokenAsync( SecurityToken securityToken, ValidationParameters validationParameters, CallContext callContext, - CancellationToken cancellationToken = default) + CancellationToken cancellationToken) { if (securityToken is null) { @@ -76,12 +78,12 @@ internal override async Task> ValidateTokenAsyn ValidationError.GetCurrentStackFrame()); } - ValidationResult conditionsResult = ValidateConditions(samlToken, validationParameters, callContext); + ValidationResult conditionsResult = ValidateConditions(samlToken, validationParameters, callContext); if (!conditionsResult.IsValid) return conditionsResult.UnwrapError().AddCurrentStackFrame(); - ValidationResult issuerValidationResult; + ValidationResult issuerValidationResult; try { @@ -108,7 +110,7 @@ internal override async Task> ValidateTokenAsyn ex); } - ValidationResult? tokenReplayValidationResult = null; + ValidationResult? tokenReplayValidationResult = null; if (samlToken.Assertion.Conditions is not null) { @@ -137,12 +139,12 @@ internal override async Task> ValidateTokenAsyn } } - ValidationResult signatureValidationResult = ValidateSignature(samlToken, validationParameters, callContext); + ValidationResult signatureValidationResult = ValidateSignature(samlToken, validationParameters, callContext); if (!signatureValidationResult.IsValid) return signatureValidationResult.UnwrapError().AddCurrentStackFrame(); - ValidationResult issuerSigningKeyValidationResult; + ValidationResult issuerSigningKeyValidationResult; try { @@ -182,7 +184,7 @@ internal override async Task> ValidateTokenAsyn // ValidatedConditions is basically a named tuple but using a record struct better expresses the intent. internal record struct ValidatedConditions(string? ValidatedAudience, ValidatedLifetime? ValidatedLifetime); - internal virtual ValidationResult ValidateConditions( + internal virtual ValidationResult ValidateConditions( SamlSecurityToken samlToken, ValidationParameters validationParameters, CallContext callContext) @@ -201,7 +203,7 @@ internal virtual ValidationResult ValidateConditions( ValidationError.GetCurrentStackFrame()); } - ValidationResult lifetimeValidationResult; + ValidationResult lifetimeValidationResult; try { @@ -237,7 +239,7 @@ internal virtual ValidationResult ValidateConditions( { // AudienceRestriction.Audiences is an ICollection so we need make a conversion to List before calling our audience validator var audiencesAsList = audienceRestriction.Audiences.Select(static x => x.OriginalString).ToList(); - ValidationResult audienceValidationResult; + ValidationResult audienceValidationResult; try { @@ -273,6 +275,58 @@ internal virtual ValidationResult ValidateConditions( return new ValidatedConditions(validatedAudience, lifetimeValidationResult.UnwrapResult()); } + + #region Explicit Interface Implementations + async Task> IResultBasedValidation.ValidateTokenAsync( + string token, + ValidationParameters validationParameters, + CallContext callContext) + { + return await ValidateTokenAsync( + token, + validationParameters, + callContext, + default).ConfigureAwait(false); + } + + async Task> IResultBasedValidation.ValidateTokenAsync( + string token, + ValidationParameters validationParameters, + CallContext callContext, + CancellationToken cancellationToken) + { + return await ValidateTokenAsync( + token, + validationParameters, + callContext, + cancellationToken).ConfigureAwait(false); + } + + async Task> IResultBasedValidation.ValidateTokenAsync( + SecurityToken token, + ValidationParameters validationParameters, + CallContext callContext) + { + return await ValidateTokenAsync( + token, + validationParameters, + callContext, + default).ConfigureAwait(false); + } + + async Task> IResultBasedValidation.ValidateTokenAsync( + SecurityToken token, + ValidationParameters validationParameters, + CallContext callContext, + CancellationToken cancellationToken) + { + return await ValidateTokenAsync( + token, + validationParameters, + callContext, + cancellationToken).ConfigureAwait(false); + } + #endregion } } #nullable restore diff --git a/src/Microsoft.IdentityModel.Tokens.Saml/Saml/SamlTokenUtilities.cs b/src/Microsoft.IdentityModel.Tokens.Saml/Saml/SamlTokenUtilities.cs index 06842c5f3c..5531c3f7bf 100644 --- a/src/Microsoft.IdentityModel.Tokens.Saml/Saml/SamlTokenUtilities.cs +++ b/src/Microsoft.IdentityModel.Tokens.Saml/Saml/SamlTokenUtilities.cs @@ -12,6 +12,7 @@ using System.Threading.Tasks; using Microsoft.IdentityModel.Logging; using TokenLogMessages = Microsoft.IdentityModel.Tokens.LogMessages; +using Microsoft.IdentityModel.Tokens.Experimental; namespace Microsoft.IdentityModel.Tokens.Saml { diff --git a/src/Microsoft.IdentityModel.Tokens.Saml/Saml2/Exceptions/Saml2ValidationError.cs b/src/Microsoft.IdentityModel.Tokens.Saml/Saml2/Exceptions/Saml2ValidationError.cs index 260f562096..98d8e3cbee 100644 --- a/src/Microsoft.IdentityModel.Tokens.Saml/Saml2/Exceptions/Saml2ValidationError.cs +++ b/src/Microsoft.IdentityModel.Tokens.Saml/Saml2/Exceptions/Saml2ValidationError.cs @@ -3,14 +3,15 @@ using System; using System.Diagnostics; +using Microsoft.IdentityModel.Tokens.Experimental; #nullable enable -namespace Microsoft.IdentityModel.Tokens.Saml2 +namespace Microsoft.IdentityModel.Tokens.Saml2.Experimental { /// /// Represents a SAML2 validation error. /// - internal class Saml2ValidationError : ValidationError + public class Saml2ValidationError : ValidationError { /// /// Initializes a new instance of the class. diff --git a/src/Microsoft.IdentityModel.Tokens.Saml/Saml2/Saml2SecurityTokenHandler.ClaimsIdentity.cs b/src/Microsoft.IdentityModel.Tokens.Saml/Saml2/Saml2SecurityTokenHandler.ClaimsIdentity.cs index f719f1ef17..5d80e91de6 100644 --- a/src/Microsoft.IdentityModel.Tokens.Saml/Saml2/Saml2SecurityTokenHandler.ClaimsIdentity.cs +++ b/src/Microsoft.IdentityModel.Tokens.Saml/Saml2/Saml2SecurityTokenHandler.ClaimsIdentity.cs @@ -3,6 +3,7 @@ using System.Security.Claims; using Microsoft.IdentityModel.Logging; +using Microsoft.IdentityModel.Tokens.Experimental; #nullable enable namespace Microsoft.IdentityModel.Tokens.Saml2 diff --git a/src/Microsoft.IdentityModel.Tokens.Saml/Saml2/Saml2SecurityTokenHandler.ReadToken.cs b/src/Microsoft.IdentityModel.Tokens.Saml/Saml2/Saml2SecurityTokenHandler.ReadToken.cs index cf74c5fc0b..a5b50c5d16 100644 --- a/src/Microsoft.IdentityModel.Tokens.Saml/Saml2/Saml2SecurityTokenHandler.ReadToken.cs +++ b/src/Microsoft.IdentityModel.Tokens.Saml/Saml2/Saml2SecurityTokenHandler.ReadToken.cs @@ -5,8 +5,9 @@ using System.Text; using System.Xml; using Microsoft.IdentityModel.Logging; +using Microsoft.IdentityModel.Tokens.Experimental; using Microsoft.IdentityModel.Tokens.Saml; - +using Microsoft.IdentityModel.Tokens.Saml2.Experimental; using TokenLogMessages = Microsoft.IdentityModel.Tokens.LogMessages; namespace Microsoft.IdentityModel.Tokens.Saml2 @@ -21,7 +22,7 @@ public partial class Saml2SecurityTokenHandler : SecurityTokenHandler /// A /// If is null or empty. /// If 'token.Length' is greater than . - internal virtual ValidationResult ReadSaml2Token(string token, CallContext callContext) + internal virtual ValidationResult ReadSaml2Token(string token, CallContext callContext) { if (string.IsNullOrEmpty(token)) return ValidationError.NullParameter(nameof(token), ValidationError.GetCurrentStackFrame()); diff --git a/src/Microsoft.IdentityModel.Tokens.Saml/Saml2/Saml2SecurityTokenHandler.ValidateSignature.cs b/src/Microsoft.IdentityModel.Tokens.Saml/Saml2/Saml2SecurityTokenHandler.ValidateSignature.cs index 9ac7dc2885..23a1116883 100644 --- a/src/Microsoft.IdentityModel.Tokens.Saml/Saml2/Saml2SecurityTokenHandler.ValidateSignature.cs +++ b/src/Microsoft.IdentityModel.Tokens.Saml/Saml2/Saml2SecurityTokenHandler.ValidateSignature.cs @@ -5,6 +5,7 @@ using System.Collections.Generic; using System.Text; using Microsoft.IdentityModel.Logging; +using Microsoft.IdentityModel.Tokens.Experimental; using Microsoft.IdentityModel.Tokens.Saml; using TokenLogMessages = Microsoft.IdentityModel.Tokens.LogMessages; @@ -13,7 +14,7 @@ namespace Microsoft.IdentityModel.Tokens.Saml2 { public partial class Saml2SecurityTokenHandler : SecurityTokenHandler { - internal static ValidationResult ValidateSignature( + internal static ValidationResult ValidateSignature( Saml2SecurityToken samlToken, ValidationParameters validationParameters, CallContext callContext) @@ -37,15 +38,12 @@ internal static ValidationResult ValidateSignature( { try { - ValidationResult signatureValidationResult = validationParameters.SignatureValidator( + ValidationResult signatureValidationResult = validationParameters.SignatureValidator( samlToken, validationParameters, null, // configuration callContext); - if (!signatureValidationResult.IsValid) - return signatureValidationResult.UnwrapError().AddCurrentStackFrame(); - return signatureValidationResult; } #pragma warning disable CA1031 // Do not catch general exception types @@ -92,11 +90,7 @@ internal static ValidationResult ValidateSignature( if (resolvedKey is not null) { keyMatched = true; - var result = ValidateSignatureUsingKey(resolvedKey, samlToken, validationParameters, callContext); - if (!result.IsValid) - return result.UnwrapError().AddCurrentStackFrame(); - - return result; + return ValidateSignatureUsingKey(resolvedKey, samlToken, validationParameters, callContext); } bool canMatchKey = samlToken.Assertion.Signature.KeyInfo != null; @@ -161,11 +155,11 @@ internal static ValidationResult ValidateSignature( ValidationError.GetCurrentStackFrame()); } - private static ValidationResult ValidateSignatureUsingKey(SecurityKey key, Saml2SecurityToken samlToken, ValidationParameters validationParameters, CallContext callContext) + private static ValidationResult ValidateSignatureUsingKey(SecurityKey key, Saml2SecurityToken samlToken, ValidationParameters validationParameters, CallContext callContext) { try { - ValidationResult algorithmValidationResult = validationParameters.AlgorithmValidator( + ValidationResult algorithmValidationResult = validationParameters.AlgorithmValidator( samlToken.Assertion.Signature.SignedInfo.SignatureMethod, key, samlToken, @@ -211,7 +205,7 @@ private static ValidationResult ValidateSignatureUsingKey(SecurityK } else { - return validationError.AddCurrentStackFrame(); + return validationError; } } diff --git a/src/Microsoft.IdentityModel.Tokens.Saml/Saml2/Saml2SecurityTokenHandler.ValidateToken.Internal.cs b/src/Microsoft.IdentityModel.Tokens.Saml/Saml2/Saml2SecurityTokenHandler.ValidateToken.Internal.cs index 497e62d29a..b0955f7821 100644 --- a/src/Microsoft.IdentityModel.Tokens.Saml/Saml2/Saml2SecurityTokenHandler.ValidateToken.Internal.cs +++ b/src/Microsoft.IdentityModel.Tokens.Saml/Saml2/Saml2SecurityTokenHandler.ValidateToken.Internal.cs @@ -5,6 +5,7 @@ using System.Collections.Generic; using System.Threading; using System.Threading.Tasks; +using Microsoft.IdentityModel.Tokens.Experimental; using Microsoft.IdentityModel.Tokens.Saml; #nullable enable @@ -13,7 +14,7 @@ namespace Microsoft.IdentityModel.Tokens.Saml2 /// /// A designed for creating and validating Saml2 Tokens. See: http://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf /// - public partial class Saml2SecurityTokenHandler : SecurityTokenHandler + public partial class Saml2SecurityTokenHandler : SecurityTokenHandler, IResultBasedValidation { /// /// Validates a token. @@ -24,12 +25,12 @@ public partial class Saml2SecurityTokenHandler : SecurityTokenHandler /// The to be used for validating the token. /// A that contains call information. /// A that can be used to request cancellation of the asynchronous operation. - /// A with either a if the token was validated or an with the failure information and exception otherwise. - internal override async Task> ValidateTokenAsync( + /// A with either a if the token was validated or an with the failure information and exception otherwise. + internal override async Task> ValidateTokenAsync( string token, ValidationParameters validationParameters, CallContext callContext, - CancellationToken cancellationToken = default) + CancellationToken cancellationToken) { if (token is null) return ValidationError.NullParameter(nameof(token), ValidationError.GetCurrentStackFrame()); @@ -44,11 +45,12 @@ internal override async Task> ValidateTokenAsyn return await ValidateTokenAsync(tokenReadingResult.UnwrapResult(), validationParameters, callContext, cancellationToken).ConfigureAwait(false); } - internal override async Task> ValidateTokenAsync( + /// + internal async override Task> ValidateTokenAsync( SecurityToken securityToken, ValidationParameters validationParameters, CallContext callContext, - CancellationToken cancellationToken = default) + CancellationToken cancellationToken) { if (securityToken is null) { @@ -87,7 +89,7 @@ internal override async Task> ValidateTokenAsyn if (!conditionsResult.IsValid) return conditionsResult.UnwrapError().AddCurrentStackFrame(); - ValidationResult issuerValidationResult; + ValidationResult issuerValidationResult; try { @@ -114,7 +116,7 @@ internal override async Task> ValidateTokenAsyn ex); } - ValidationResult? tokenReplayValidationResult = null; + ValidationResult? tokenReplayValidationResult = null; if (samlToken.Assertion.Conditions is not null) { @@ -147,7 +149,7 @@ internal override async Task> ValidateTokenAsyn if (!signatureValidationResult.IsValid) return signatureValidationResult.UnwrapError().AddCurrentStackFrame(); - ValidationResult issuerSigningKeyValidationResult; + ValidationResult issuerSigningKeyValidationResult; try { @@ -187,7 +189,7 @@ internal override async Task> ValidateTokenAsyn // ValidatedConditions is basically a named tuple but using a record struct better expresses the intent. internal record struct ValidatedConditions(string? ValidatedAudience, ValidatedLifetime? ValidatedLifetime); - internal virtual ValidationResult ValidateConditions( + internal virtual ValidationResult ValidateConditions( Saml2SecurityToken samlToken, ValidationParameters validationParameters, CallContext callContext) @@ -206,7 +208,7 @@ internal virtual ValidationResult ValidateConditions( ValidationError.GetCurrentStackFrame()); } - ValidationResult lifetimeValidationResult; + ValidationResult lifetimeValidationResult; try { @@ -261,7 +263,7 @@ internal virtual ValidationResult ValidateConditions( if (audienceRestriction.Audiences is not List audiencesAsList) audiencesAsList = [.. audienceRestriction.Audiences]; - ValidationResult audienceValidationResult; + ValidationResult audienceValidationResult; try { @@ -308,6 +310,58 @@ internal virtual ValidationResult ValidateConditions( { return null; } + + #region Explicit Interface Implementations + async Task> IResultBasedValidation.ValidateTokenAsync( + string token, + ValidationParameters validationParameters, + CallContext callContext) + { + return await ValidateTokenAsync( + token, + validationParameters, + callContext, + default).ConfigureAwait(false); + } + + async Task> IResultBasedValidation.ValidateTokenAsync( + string token, + ValidationParameters validationParameters, + CallContext callContext, + CancellationToken cancellationToken) + { + return await ValidateTokenAsync( + token, + validationParameters, + callContext, + cancellationToken).ConfigureAwait(false); + } + + async Task> IResultBasedValidation.ValidateTokenAsync( + SecurityToken token, + ValidationParameters validationParameters, + CallContext callContext) + { + return await ValidateTokenAsync( + token, + validationParameters, + callContext, + default).ConfigureAwait(false); + } + + async Task> IResultBasedValidation.ValidateTokenAsync( + SecurityToken token, + ValidationParameters validationParameters, + CallContext callContext, + CancellationToken cancellationToken) + { + return await ValidateTokenAsync( + token, + validationParameters, + callContext, + cancellationToken).ConfigureAwait(false); + } + #endregion } } #nullable restore diff --git a/src/Microsoft.IdentityModel.Tokens/Delegates.cs b/src/Microsoft.IdentityModel.Tokens/Delegates.cs index 16a564d04a..42cc1d210b 100644 --- a/src/Microsoft.IdentityModel.Tokens/Delegates.cs +++ b/src/Microsoft.IdentityModel.Tokens/Delegates.cs @@ -171,47 +171,6 @@ namespace Microsoft.IdentityModel.Tokens /// The transformed . public delegate SecurityToken TransformBeforeSignatureValidation(SecurityToken token, TokenValidationParameters validationParameters); -#nullable enable - /// - /// Resolves the signing key used for validating a token's signature. - /// - /// The string representation of the token being validated. - /// The being validated, which may be null. - /// The key identifier, which may be null. - /// The to be used for validating the token. - /// The to be used for validating the token. - /// The used for logging. - /// The used to validate the signature. - /// If both and are set, takes priority. - internal delegate SecurityKey? IssuerSigningKeyResolverDelegate(string token, SecurityToken? securityToken, string? kid, ValidationParameters validationParameters, BaseConfiguration? configuration, CallContext? callContext); - - /// - /// Resolves the decryption key for the security token. - /// - /// The string representation of the token to be decrypted. - /// The to be decrypted, which is null by default. - /// The key identifier, which may be null. - /// The to be used for validating the token. - /// The to be used for logging. - /// The used to decrypt the token. - internal delegate IList DecryptionKeyResolverDelegate(string token, SecurityToken securityToken, string kid, ValidationParameters validationParameters, CallContext? callContext); - - /// - /// Validates the signature of the security token. - /// - /// The with a signature. - /// The to be used for validating the token. - /// The to be used for validating the token. - /// The to be used for logging. - /// This method is not expected to throw. - /// The validated . - internal delegate ValidationResult SignatureValidationDelegate( - SecurityToken token, - ValidationParameters validationParameters, - BaseConfiguration? configuration, - CallContext callContext); -#nullable restore - /// /// When JSON Web Token header or payload is being read claim by claim, /// this delegate is called after all claims known to the library have been processed. diff --git a/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenArgumentNullException.cs b/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenArgumentNullException.cs index 756c0a4566..4f37e44d58 100644 --- a/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenArgumentNullException.cs +++ b/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenArgumentNullException.cs @@ -3,12 +3,12 @@ using System; using System.Diagnostics; +using Microsoft.IdentityModel.Tokens.Experimental; #if !NET8_0_OR_GREATER using System.Text; #endif #nullable enable - namespace Microsoft.IdentityModel.Tokens { internal class SecurityTokenArgumentNullException : ArgumentNullException diff --git a/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenException.cs b/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenException.cs index f0e86568a5..ace51f36c3 100644 --- a/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenException.cs +++ b/src/Microsoft.IdentityModel.Tokens/Exceptions/SecurityTokenException.cs @@ -9,6 +9,8 @@ using Microsoft.IdentityModel.Logging; #endif +using Microsoft.IdentityModel.Tokens.Experimental; + #if !NET8_0_OR_GREATER using System.Text; #endif diff --git a/src/Microsoft.IdentityModel.Tokens/Experimental/Delegates.cs b/src/Microsoft.IdentityModel.Tokens/Experimental/Delegates.cs new file mode 100644 index 0000000000..d812319a82 --- /dev/null +++ b/src/Microsoft.IdentityModel.Tokens/Experimental/Delegates.cs @@ -0,0 +1,173 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +using System.Collections.Generic; +using System.Threading.Tasks; +using System.Threading; +using System; + +#nullable enable +namespace Microsoft.IdentityModel.Tokens.Experimental +{ + /// + /// Definition for delegate that will validate a given algorithm for a . + /// + /// The algorithm to be validated. + /// The that signed the . + /// The being validated. + /// required for validation. + /// + /// A that contains the results of validating the algorithm. + /// This delegate is not expected to throw. + public delegate ValidationResult AlgorithmValidationDelegate( + string algorithm, + SecurityKey securityKey, + SecurityToken securityToken, + ValidationParameters validationParameters, + CallContext callContext); + + /// + /// Definition for delegate that will validate the audiences value in a token. + /// + /// The audiences found in the . + /// The that is being validated. + /// The to be used for validating the token. + /// + /// A that contains the results of validating the issuer. + /// This delegate is not expected to throw. + public delegate ValidationResult AudienceValidationDelegate( + IList tokenAudiences, + SecurityToken? securityToken, + ValidationParameters validationParameters, + CallContext callContext); + + /// + /// Definition for delegate that will validate the issuer value in a token. + /// + /// The issuer to validate. + /// The that is being validated. + /// The to be used for validating the token. + /// + /// + /// An that contains the results of validating the issuer. + /// This delegate is not expected to throw. + public delegate Task> IssuerValidationDelegateAsync( + string issuer, + SecurityToken securityToken, + ValidationParameters validationParameters, + CallContext callContext, + CancellationToken cancellationToken); + + /// + /// Definition for delegate that will validate the that signed a . + /// + /// The security key to validate. + /// The that is being validated. + /// The to be used for validating the token. + /// The to be used for logging. + /// A that contains the results of validating the issuer. + /// This delegate is not expected to throw. + public delegate ValidationResult IssuerSigningKeyValidationDelegate( + SecurityKey signingKey, + SecurityToken securityToken, + ValidationParameters validationParameters, + CallContext callContext); + + /// + /// Definition for delegate that will validate the lifetime of a . + /// + /// The 'notBefore' time found in the . + /// The 'expiration' time found in the . + /// The that is being validated. + /// The to be used for validating the token. + /// The that contains call information. + /// A that contains the results of validating the issuer. + /// This delegate is not expected to throw. + public delegate ValidationResult LifetimeValidationDelegate( + DateTime? notBefore, + DateTime? expires, + SecurityToken? securityToken, + ValidationParameters validationParameters, + CallContext callContext); + + /// + /// Definition for delegate that will validate that a has not been replayed. + /// + /// When does the expire.. + /// The security token that is being validated. + /// The to be used for validating the token. + /// The that contains call information. + /// A that contains the results of validating the token. + /// This delegate is not expected to throw. + public delegate ValidationResult TokenReplayValidationDelegate( + DateTime? expirationTime, + string securityToken, + ValidationParameters validationParameters, + CallContext callContext); + + /// + /// Definition for delegate that will validate the token type of a token. + /// + /// The token type or null if it couldn't be resolved (e.g from the 'typ' header for a JWT). + /// The that is being validated. + /// required for validation. + /// The that contains call information. + /// A that contains the results of validating the token type. + /// An EXACT match is required. (case sensitive) is used for comparing against . + public delegate ValidationResult TokenTypeValidationDelegate( + string? type, + SecurityToken? securityToken, + ValidationParameters validationParameters, + CallContext callContext); + + /// + /// Resolves the signing key used for validating a token's signature. + /// + /// The string representation of the token being validated. + /// The being validated, which may be null. + /// The key identifier, which may be null. + /// The to be used for validating the token. + /// The to be used for validating the token. + /// The used for logging. + /// The used to validate the signature. + /// If both and are set, takes priority. + public delegate SecurityKey? IssuerSigningKeyResolverDelegate( + string token, + SecurityToken? securityToken, + string? kid, + ValidationParameters validationParameters, + BaseConfiguration? configuration, + CallContext? callContext); + + /// + /// Resolves the decryption key for the security token. + /// + /// The string representation of the token to be decrypted. + /// The to be decrypted, which is null by default. + /// The key identifier, which may be null. + /// The to be used for validating the token. + /// The to be used for logging. + /// The used to decrypt the token. + public delegate IList DecryptionKeyResolverDelegate( + string token, + SecurityToken securityToken, + string kid, + ValidationParameters validationParameters, + CallContext? callContext); + + /// + /// Validates the signature of the security token. + /// + /// The with a signature. + /// The to be used for validating the token. + /// The to be used for validating the token. + /// The to be used for logging. + /// This method is not expected to throw. + /// The validated . + public delegate ValidationResult SignatureValidationDelegate( + SecurityToken token, + ValidationParameters validationParameters, + BaseConfiguration? configuration, + CallContext callContext); +#nullable restore +} diff --git a/src/Microsoft.IdentityModel.Tokens/Experimental/IResultBasedValidation.cs b/src/Microsoft.IdentityModel.Tokens/Experimental/IResultBasedValidation.cs new file mode 100644 index 0000000000..26c4f61c77 --- /dev/null +++ b/src/Microsoft.IdentityModel.Tokens/Experimental/IResultBasedValidation.cs @@ -0,0 +1,76 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +#nullable enable +using System.Threading.Tasks; +using System.Threading; + +namespace Microsoft.IdentityModel.Tokens.Experimental +{ + /// + /// Experimental interface that provides result based token validation instead of throwing exceptions. + /// + public interface IResultBasedValidation + { + /// + /// Validates a token. + /// On a validation failure, no exception will be thrown; instead, the will contain the information about the error that occurred. + /// Callers should always check the ValidationResult.IsValid property to verify the validity of the result. + /// + /// The token to be validated. + /// The to be used for validating the token. + /// A that contains call information. + /// A with either a if the token was validated or an with the failure information and exception otherwise. + public Task> ValidateTokenAsync( + string token, + ValidationParameters validationParameters, + CallContext callContext); + + /// + /// Validates a token. + /// On a validation failure, no exception will be thrown; instead, the will contain the information about the error that occurred. + /// Callers should always check the ValidationResult.IsValid property to verify the validity of the result. + /// + /// The token to be validated. + /// The to be used for validating the token. + /// A that contains call information. + /// A that can be used to request cancellation of the asynchronous operation. + /// A with either a if the token was validated or an with the failure information and exception otherwise. + public Task> ValidateTokenAsync( + string token, + ValidationParameters validationParameters, + CallContext callContext, + CancellationToken cancellationToken); + + /// + /// Validates a token. + /// On a validation failure, no exception will be thrown; instead, the will contain the information about the error that occurred. + /// Callers should always check the ValidationResult.IsValid property to verify the validity of the result. + /// + /// The to be validated. + /// The to be used for validating the token. + /// A that contains call information. + /// A with either a if the token was validated or an with the failure information and exception otherwise. + public Task> ValidateTokenAsync( + SecurityToken securityToken, + ValidationParameters validationParameters, + CallContext callContext); + + /// + /// Validates a token. + /// On a validation failure, no exception will be thrown; instead, the will contain the information about the error that occurred. + /// Callers should always check the ValidationResult.IsValid property to verify the validity of the result. + /// + /// The to be validated. + /// The to be used for validating the token. + /// A that contains call information. + /// A that can be used to request cancellation of the asynchronous operation. + /// A with either a if the token was validated or an with the failure information and exception otherwise. + public Task> ValidateTokenAsync( + SecurityToken securityToken, + ValidationParameters validationParameters, + CallContext callContext, + CancellationToken cancellationToken); + } +} +#nullable restore diff --git a/src/Microsoft.IdentityModel.Tokens/GlobalSuppressions.cs b/src/Microsoft.IdentityModel.Tokens/GlobalSuppressions.cs index 27c7f4e0c6..b45866a848 100644 --- a/src/Microsoft.IdentityModel.Tokens/GlobalSuppressions.cs +++ b/src/Microsoft.IdentityModel.Tokens/GlobalSuppressions.cs @@ -45,3 +45,10 @@ #if !NET472 [assembly: SuppressMessage("Design", "CA1031:Do not catch general exception types", Justification = "Used as validation", Scope = "member", Target = "~M:Microsoft.IdentityModel.Tokens.ECDsaAdapter.SupportsECParameters~System.Boolean")] #endif + +// This file is used by Code Analysis to maintain SuppressMessage +// attributes that are applied to the project. +// Project-level suppressions either have no target or are given +// a specific target and scoped to a namespace, type, member, etc. +[assembly: SuppressMessage("ApiDesign", "RS0041:Public members should not use oblivious types", Justification = "Nullability annotations are partially implemented.", Scope = "namespaceanddescendants", Target = "~N:Microsoft.IdentityModel.Tokens")] +[assembly: SuppressMessage("ApiDesign", "RS0036:Annotate nullability of public types and members in the declared API", Justification = "Nullability annotations are partially implemented.", Scope = "namespaceanddescendants", Target = "~N:Microsoft.IdentityModel.Tokens")] diff --git a/src/Microsoft.IdentityModel.Tokens/InternalAPI.Shipped.txt b/src/Microsoft.IdentityModel.Tokens/InternalAPI.Shipped.txt index 50a897424d..0a3ef49b91 100644 --- a/src/Microsoft.IdentityModel.Tokens/InternalAPI.Shipped.txt +++ b/src/Microsoft.IdentityModel.Tokens/InternalAPI.Shipped.txt @@ -685,20 +685,6 @@ Microsoft.IdentityModel.Tokens.ValidationParameters.ValidAudiences.set -> void Microsoft.IdentityModel.Tokens.ValidationParameters.ValidIssuers.get -> System.Collections.Generic.IList Microsoft.IdentityModel.Tokens.ValidationParameters.ValidIssuers.set -> void Microsoft.IdentityModel.Tokens.ValidationParameters.ValidTypes.get -> System.Collections.Generic.IList -Microsoft.IdentityModel.Tokens.ValidationParameters.ValidTypes.set -> void -Microsoft.IdentityModel.Tokens.ValidationResult -Microsoft.IdentityModel.Tokens.ValidationResult.Equals(Microsoft.IdentityModel.Tokens.ValidationResult other) -> bool -Microsoft.IdentityModel.Tokens.ValidationResult.Error.get -> Microsoft.IdentityModel.Tokens.ValidationError -Microsoft.IdentityModel.Tokens.ValidationResult.IsValid.get -> bool -Microsoft.IdentityModel.Tokens.ValidationResult.Log(Microsoft.Extensions.Logging.ILogger logger) -> void -Microsoft.IdentityModel.Tokens.ValidationResult.Result.get -> TResult -Microsoft.IdentityModel.Tokens.ValidationResult.ToResult() -> Microsoft.IdentityModel.Tokens.ValidationResult -Microsoft.IdentityModel.Tokens.ValidationResult.ToValidationResult() -> Microsoft.IdentityModel.Tokens.ValidationResult -Microsoft.IdentityModel.Tokens.ValidationResult.UnwrapError() -> Microsoft.IdentityModel.Tokens.ValidationError -Microsoft.IdentityModel.Tokens.ValidationResult.UnwrapResult() -> TResult -Microsoft.IdentityModel.Tokens.ValidationResult.ValidationResult() -> void -Microsoft.IdentityModel.Tokens.ValidationResult.ValidationResult(Microsoft.IdentityModel.Tokens.ValidationError error) -> void -Microsoft.IdentityModel.Tokens.ValidationResult.ValidationResult(TResult result) -> void Microsoft.IdentityModel.Tokens.ValidatorUtilities Microsoft.IdentityModel.Tokens.VerifyDelegate Microsoft.IdentityModel.Tokens.VerifyUsingOffsetDelegate @@ -728,20 +714,6 @@ override Microsoft.IdentityModel.Tokens.TokenReplayValidationError.CreateExcepti override Microsoft.IdentityModel.Tokens.TokenReplayValidationError.GetException() -> System.Exception override Microsoft.IdentityModel.Tokens.TokenTypeValidationError.CreateException() -> System.Exception override Microsoft.IdentityModel.Tokens.TokenTypeValidationError.GetException() -> System.Exception -override Microsoft.IdentityModel.Tokens.ValidatedIssuer.Equals(object obj) -> bool -override Microsoft.IdentityModel.Tokens.ValidatedIssuer.GetHashCode() -> int -override Microsoft.IdentityModel.Tokens.ValidatedIssuer.ToString() -> string -override Microsoft.IdentityModel.Tokens.ValidatedLifetime.Equals(object obj) -> bool -override Microsoft.IdentityModel.Tokens.ValidatedLifetime.GetHashCode() -> int -override Microsoft.IdentityModel.Tokens.ValidatedLifetime.ToString() -> string -override Microsoft.IdentityModel.Tokens.ValidatedSigningKeyLifetime.Equals(object obj) -> bool -override Microsoft.IdentityModel.Tokens.ValidatedSigningKeyLifetime.GetHashCode() -> int -override Microsoft.IdentityModel.Tokens.ValidatedSigningKeyLifetime.ToString() -> string -override Microsoft.IdentityModel.Tokens.ValidatedTokenType.Equals(object obj) -> bool -override Microsoft.IdentityModel.Tokens.ValidatedTokenType.GetHashCode() -> int -override Microsoft.IdentityModel.Tokens.ValidatedTokenType.ToString() -> string -override Microsoft.IdentityModel.Tokens.ValidationResult.Equals(object obj) -> bool -override Microsoft.IdentityModel.Tokens.ValidationResult.GetHashCode() -> int override Microsoft.IdentityModel.Tokens.X509SecurityKey.InternalId.get -> string override sealed Microsoft.IdentityModel.Tokens.SafeBCryptHandle.IsInvalid.get -> bool readonly Microsoft.IdentityModel.Tokens.ECDsaAdapter.CreateECDsaFunction -> Microsoft.IdentityModel.Tokens.CreateECDsaDelegate @@ -919,12 +891,6 @@ static Microsoft.IdentityModel.Tokens.ValidatedTokenType.operator !=(Microsoft.I static Microsoft.IdentityModel.Tokens.ValidatedTokenType.operator ==(Microsoft.IdentityModel.Tokens.ValidatedTokenType left, Microsoft.IdentityModel.Tokens.ValidatedTokenType right) -> bool static Microsoft.IdentityModel.Tokens.ValidationError.GetCurrentStackFrame(string filePath = "", int lineNumber = 0, int skipFrames = 1) -> System.Diagnostics.StackFrame static Microsoft.IdentityModel.Tokens.ValidationError.NullParameter(string parameterName, System.Diagnostics.StackFrame stackFrame) -> Microsoft.IdentityModel.Tokens.ValidationError -static Microsoft.IdentityModel.Tokens.ValidationResult.implicit operator Microsoft.IdentityModel.Tokens.ValidationResult(Microsoft.IdentityModel.Tokens.ValidationError error) -> Microsoft.IdentityModel.Tokens.ValidationResult -static Microsoft.IdentityModel.Tokens.ValidationResult.implicit operator Microsoft.IdentityModel.Tokens.ValidationResult(TResult result) -> Microsoft.IdentityModel.Tokens.ValidationResult -static Microsoft.IdentityModel.Tokens.ValidationResult.operator !=(Microsoft.IdentityModel.Tokens.ValidationResult left, Microsoft.IdentityModel.Tokens.ValidationResult right) -> bool -static Microsoft.IdentityModel.Tokens.ValidationResult.operator ==(Microsoft.IdentityModel.Tokens.ValidationResult left, Microsoft.IdentityModel.Tokens.ValidationResult right) -> bool -static Microsoft.IdentityModel.Tokens.Validators.ValidateAlgorithm(string algorithm, Microsoft.IdentityModel.Tokens.SecurityKey securityKey, Microsoft.IdentityModel.Tokens.SecurityToken securityToken, Microsoft.IdentityModel.Tokens.ValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.CallContext callContext) -> Microsoft.IdentityModel.Tokens.ValidationResult -static Microsoft.IdentityModel.Tokens.Validators.ValidateAudience(System.Collections.Generic.IList tokenAudiences, Microsoft.IdentityModel.Tokens.SecurityToken securityToken, Microsoft.IdentityModel.Tokens.ValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.CallContext callContext) -> Microsoft.IdentityModel.Tokens.ValidationResult static Microsoft.IdentityModel.Tokens.Validators.ValidateIssuer(string issuer, Microsoft.IdentityModel.Tokens.SecurityToken securityToken, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.BaseConfiguration configuration) -> string static Microsoft.IdentityModel.Tokens.Validators.ValidateIssuerAsync(string issuer, Microsoft.IdentityModel.Tokens.SecurityToken securityToken, Microsoft.IdentityModel.Tokens.TokenValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.BaseConfiguration configuration) -> System.Threading.Tasks.ValueTask static Microsoft.IdentityModel.Tokens.Validators.ValidateIssuerAsync(string issuer, Microsoft.IdentityModel.Tokens.SecurityToken securityToken, Microsoft.IdentityModel.Tokens.ValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.CallContext callContext, System.Threading.CancellationToken cancellationToken) -> System.Threading.Tasks.Task> diff --git a/src/Microsoft.IdentityModel.Tokens/InternalAPI.Unshipped.txt b/src/Microsoft.IdentityModel.Tokens/InternalAPI.Unshipped.txt index 0d9d50b09c..e49192d345 100644 --- a/src/Microsoft.IdentityModel.Tokens/InternalAPI.Unshipped.txt +++ b/src/Microsoft.IdentityModel.Tokens/InternalAPI.Unshipped.txt @@ -1,3 +1,104 @@ const Microsoft.IdentityModel.Tokens.AppContextSwitches.UseCapitalizedXMLTypeAttrSwitch = "Switch.Microsoft.IdentityModel.UseCapitalizedXMLTypeAttr" -> string const Microsoft.IdentityModel.Tokens.LogMessages.IDX10278 = "IDX10278: Unable to retrieve configuration from authority: '{0}'. \nProceeding with token decryption in case the relevant properties have been set manually on the TokenValidationParameters. Exception caught: \n {1}. See https://aka.ms/validate-using-configuration-manager for additional information." -> string -static Microsoft.IdentityModel.Tokens.AppContextSwitches.UseCapitalizedXMLTypeAttr.get -> bool \ No newline at end of file +static Microsoft.IdentityModel.Tokens.AppContextSwitches.UseCapitalizedXMLTypeAttr.get -> bool +const Microsoft.IdentityModel.Telemetry.TelemetryConstants.BlockingTypeTag = "Blocking" -> string +const Microsoft.IdentityModel.Telemetry.TelemetryDataRecorder.BackgroundConfigurationRefreshFailureCounterDescription = "Counter capturing configuration manager background refresh failures." -> string +const Microsoft.IdentityModel.Telemetry.TelemetryDataRecorder.BackgroundConfigurationRefreshFailureCounterName = "IdentityModelConfigurationManagerBackgroundRefreshFailure" -> string +const Microsoft.IdentityModel.Tokens.AppContextSwitches.UpdateConfigAsBlockingSwitch = "Switch.Microsoft.IdentityModel.UpdateConfigAsBlocking" -> string +const Microsoft.IdentityModel.Tokens.LogMessages.IDX10519 = "IDX10519: Signature validation failed. The token's kid is missing and ValidationParameters.TryAllIssuerSigningKeys is set to false." -> string +const Microsoft.IdentityModel.Tokens.LogMessages.IDX10520 = "IDX10520: Signature validation failed. The key provided could not validate the signature. Key tried: '{0}'." -> string +const Microsoft.IdentityModel.Tokens.LogMessages.IDX10521 = "IDX10521: Signature validation failed. An exception was thrown when trying to validate the signature. Key tried: '{0}'. Exception: '{1}'." -> string +const Microsoft.IdentityModel.Tokens.LogMessages.IDX10620 = "IDX10620: Unable to obtain a CryptoProviderFactory, both EncryptingCredentials.CryptoProviderFactory and EncryptingCredentials.Key.CryptoProviderFactory are null." -> string +Microsoft.IdentityModel.Telemetry.ITelemetryClient.LogBackgroundConfigurationRefreshFailure(string metadataAddress, System.Exception exception) -> void +Microsoft.IdentityModel.Telemetry.TelemetryClient.LogBackgroundConfigurationRefreshFailure(string metadataAddress, System.Exception exception) -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidatedSigningKeyLifetime.ValidatedSigningKeyLifetime(System.DateTime? validFrom, System.DateTime? validTo, System.DateTime? validationTime) -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidatedToken.ActorValidationResult.set -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidatedToken.ClaimsIdentityNoLocking.get -> System.Security.Claims.ClaimsIdentity +Microsoft.IdentityModel.Tokens.Experimental.ValidatedToken.ClaimsIdentityNoLocking.set -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidatedToken.ValidatedAudience.set -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidatedToken.ValidatedIssuer.set -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidatedToken.ValidatedLifetime.set -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidatedToken.ValidatedSigningKey.set -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidatedToken.ValidatedSigningKeyLifetime.set -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidatedToken.ValidatedTokenReplayExpirationTime.set -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidatedToken.ValidatedTokenType.set -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidationError.CreateException(System.Type exceptionType, System.Exception innerException) -> System.Exception +Microsoft.IdentityModel.Tokens.Experimental.ValidationError.MessageDetail.get -> Microsoft.IdentityModel.Tokens.Experimental.MessageDetail +Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType.Name.set -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.IssuerSigningKeys.set -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.TimeProvider.get -> System.TimeProvider +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.TimeProvider.set -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.TokenDecryptionKeyResolver.get -> Microsoft.IdentityModel.Tokens.Experimental.DecryptionKeyResolverDelegate +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.TokenDecryptionKeyResolver.set -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.TokenDecryptionKeys.set -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.ValidAlgorithms.set -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.ValidAudiences.set -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.ValidIssuers.set -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.ValidTypes.set -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidationResult.UnwrapError() -> TError +Microsoft.IdentityModel.Tokens.Experimental.ValidationResult.UnwrapResult() -> TResult +Microsoft.IdentityModel.Tokens.LogDetail.LogDetail(Microsoft.IdentityModel.Tokens.Experimental.MessageDetail messageDetail, Microsoft.IdentityModel.Abstractions.EventLogLevel eventLogLevel) -> void +Microsoft.IdentityModel.Tokens.LogDetail.MessageDetail.get -> Microsoft.IdentityModel.Tokens.Experimental.MessageDetail +Microsoft.IdentityModel.Tokens.RsaSecurityKey.InitializeWithRsaParameters(System.Security.Cryptography.RSAParameters rsaParameters) -> void +Microsoft.IdentityModel.Tokens.SecurityTokenArgumentNullException.SetValidationError(Microsoft.IdentityModel.Tokens.Experimental.ValidationError validationError) -> void +Microsoft.IdentityModel.Tokens.SecurityTokenException.SetValidationError(Microsoft.IdentityModel.Tokens.Experimental.ValidationError validationError) -> void +Microsoft.IdentityModel.Tokens.TokenValidationResult.TokenValidationResult(Microsoft.IdentityModel.Tokens.SecurityToken securityToken, Microsoft.IdentityModel.Tokens.TokenHandler tokenHandler, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters validationParameters, string issuer, System.Collections.Generic.List validationResults, Microsoft.IdentityModel.Tokens.Experimental.ValidationError validationError) -> void +Microsoft.IdentityModel.Tokens.TokenValidationResult.TokenValidationResult(Microsoft.IdentityModel.Tokens.SecurityToken securityToken, Microsoft.IdentityModel.Tokens.TokenHandler tokenHandler, Microsoft.IdentityModel.Tokens.TokenValidationParameters tokenValidationParameters, string issuer, System.Collections.Generic.List validationResults) -> void +Microsoft.IdentityModel.Tokens.TokenValidationResult.TokenValidationResult(Microsoft.IdentityModel.Tokens.TokenHandler tokenHandler, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.Experimental.ValidationError validationError) -> void +Microsoft.IdentityModel.Tokens.ValidatedIssuer.Equals(Microsoft.IdentityModel.Tokens.ValidatedIssuer other) -> bool +Microsoft.IdentityModel.Tokens.ValidatedIssuer.ValidatedIssuer(string issuer, Microsoft.IdentityModel.Tokens.IssuerValidationSource validationSource) -> void +Microsoft.IdentityModel.Tokens.ValidatedLifetime.Equals(Microsoft.IdentityModel.Tokens.ValidatedLifetime other) -> bool +Microsoft.IdentityModel.Tokens.ValidatedLifetime.ValidatedLifetime(System.DateTime? notBefore, System.DateTime? expires) -> void +Microsoft.IdentityModel.Tokens.ValidatedSigningKeyLifetime.Equals(Microsoft.IdentityModel.Tokens.ValidatedSigningKeyLifetime other) -> bool +Microsoft.IdentityModel.Tokens.ValidatedSigningKeyLifetime.ValidatedSigningKeyLifetime(System.DateTime? validFrom, System.DateTime? validTo, System.DateTime? validationTime) -> void +Microsoft.IdentityModel.Tokens.ValidatedTokenType.Equals(Microsoft.IdentityModel.Tokens.ValidatedTokenType other) -> bool +Microsoft.IdentityModel.Tokens.ValidatedTokenType.ValidatedTokenType(string type, int validTypeCount) -> void +Microsoft.IdentityModel.Tokens.ValidationError.CreateException(System.Type exceptionType, System.Exception innerException) -> System.Exception +Microsoft.IdentityModel.Tokens.ValidationError.GetException() -> System.Exception +Microsoft.IdentityModel.Tokens.ValidationError.Message.get -> string +Microsoft.IdentityModel.Tokens.ValidationParameters.IssuerSigningKeys.set -> void +Microsoft.IdentityModel.Tokens.ValidationParameters.TryAllDecryptionKeys.get -> bool +Microsoft.IdentityModel.Tokens.ValidationParameters.TryAllDecryptionKeys.set -> void +Microsoft.IdentityModel.Tokens.ValidationParameters.ValidAudiences.set -> void +Microsoft.IdentityModel.Tokens.ValidationParameters.ValidIssuers.set -> void +Microsoft.IdentityModel.Tokens.ValidationParameters.ValidTypes.set -> void +override Microsoft.IdentityModel.Tokens.AlgorithmValidationError.CreateException() -> System.Exception +override Microsoft.IdentityModel.Tokens.AudienceValidationError.CreateException() -> System.Exception +override Microsoft.IdentityModel.Tokens.IssuerSigningKeyValidationError.CreateException() -> System.Exception +override Microsoft.IdentityModel.Tokens.IssuerValidationError.CreateException() -> System.Exception +override Microsoft.IdentityModel.Tokens.IssuerValidationSource.ToString() -> string +override Microsoft.IdentityModel.Tokens.LifetimeValidationError.CreateException() -> System.Exception +override Microsoft.IdentityModel.Tokens.SignatureValidationError.CreateException() -> System.Exception +override Microsoft.IdentityModel.Tokens.TokenReplayValidationError.CreateException() -> System.Exception +override Microsoft.IdentityModel.Tokens.TokenTypeValidationError.CreateException() -> System.Exception +override Microsoft.IdentityModel.Tokens.ValidatedIssuer.Equals(object obj) -> bool +override Microsoft.IdentityModel.Tokens.ValidatedIssuer.GetHashCode() -> int +override Microsoft.IdentityModel.Tokens.ValidatedIssuer.ToString() -> string +override Microsoft.IdentityModel.Tokens.ValidatedLifetime.Equals(object obj) -> bool +override Microsoft.IdentityModel.Tokens.ValidatedLifetime.GetHashCode() -> int +override Microsoft.IdentityModel.Tokens.ValidatedLifetime.ToString() -> string +override Microsoft.IdentityModel.Tokens.ValidatedSigningKeyLifetime.Equals(object obj) -> bool +override Microsoft.IdentityModel.Tokens.ValidatedSigningKeyLifetime.GetHashCode() -> int +override Microsoft.IdentityModel.Tokens.ValidatedSigningKeyLifetime.ToString() -> string +override Microsoft.IdentityModel.Tokens.ValidatedTokenType.Equals(object obj) -> bool +override Microsoft.IdentityModel.Tokens.ValidatedTokenType.GetHashCode() -> int +override Microsoft.IdentityModel.Tokens.ValidatedTokenType.ToString() -> string +static Microsoft.IdentityModel.Telemetry.TelemetryDataRecorder.IncrementBackgroundConfigurationRefreshFailureCounter(in System.Diagnostics.TagList tagList) -> void +static Microsoft.IdentityModel.Tokens.AppContextSwitches.UpdateConfigAsBlocking.get -> bool +static Microsoft.IdentityModel.Tokens.ValidatedIssuer.operator !=(Microsoft.IdentityModel.Tokens.ValidatedIssuer left, Microsoft.IdentityModel.Tokens.ValidatedIssuer right) -> bool +static Microsoft.IdentityModel.Tokens.ValidatedIssuer.operator ==(Microsoft.IdentityModel.Tokens.ValidatedIssuer left, Microsoft.IdentityModel.Tokens.ValidatedIssuer right) -> bool +static Microsoft.IdentityModel.Tokens.ValidatedLifetime.operator !=(Microsoft.IdentityModel.Tokens.ValidatedLifetime left, Microsoft.IdentityModel.Tokens.ValidatedLifetime right) -> bool +static Microsoft.IdentityModel.Tokens.ValidatedLifetime.operator ==(Microsoft.IdentityModel.Tokens.ValidatedLifetime left, Microsoft.IdentityModel.Tokens.ValidatedLifetime right) -> bool +static Microsoft.IdentityModel.Tokens.ValidatedSigningKeyLifetime.operator !=(Microsoft.IdentityModel.Tokens.ValidatedSigningKeyLifetime left, Microsoft.IdentityModel.Tokens.ValidatedSigningKeyLifetime right) -> bool +static Microsoft.IdentityModel.Tokens.ValidatedSigningKeyLifetime.operator ==(Microsoft.IdentityModel.Tokens.ValidatedSigningKeyLifetime left, Microsoft.IdentityModel.Tokens.ValidatedSigningKeyLifetime right) -> bool +static Microsoft.IdentityModel.Tokens.ValidatedTokenType.operator !=(Microsoft.IdentityModel.Tokens.ValidatedTokenType left, Microsoft.IdentityModel.Tokens.ValidatedTokenType right) -> bool +static Microsoft.IdentityModel.Tokens.ValidatedTokenType.operator ==(Microsoft.IdentityModel.Tokens.ValidatedTokenType left, Microsoft.IdentityModel.Tokens.ValidatedTokenType right) -> bool +static Microsoft.IdentityModel.Tokens.Validators.ValidateIssuerSigningKeyLifeTime(Microsoft.IdentityModel.Tokens.SecurityKey securityKey, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.CallContext callContext) -> Microsoft.IdentityModel.Tokens.Experimental.ValidationResult +static readonly Microsoft.IdentityModel.Telemetry.TelemetryDataRecorder.BackgroundConfigurationRefreshFailureCounter -> System.Diagnostics.Metrics.Counter +static readonly Microsoft.IdentityModel.Tokens.IssuerValidationSource.IssuerMatchedConfiguration -> Microsoft.IdentityModel.Tokens.IssuerValidationSource +static readonly Microsoft.IdentityModel.Tokens.IssuerValidationSource.IssuerMatchedValidationParameters -> Microsoft.IdentityModel.Tokens.IssuerValidationSource +static readonly Microsoft.IdentityModel.Tokens.IssuerValidationSource.NotValidated -> Microsoft.IdentityModel.Tokens.IssuerValidationSource +virtual Microsoft.IdentityModel.Tokens.TokenHandler.CreateClaimsIdentityInternal(Microsoft.IdentityModel.Tokens.SecurityToken securityToken, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters validationParameters, string issuer) -> System.Security.Claims.ClaimsIdentity +virtual Microsoft.IdentityModel.Tokens.TokenHandler.ValidateTokenAsync(Microsoft.IdentityModel.Tokens.SecurityToken token, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.CallContext callContext, System.Threading.CancellationToken cancellationToken) -> System.Threading.Tasks.Task> +virtual Microsoft.IdentityModel.Tokens.TokenHandler.ValidateTokenAsync(string token, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.CallContext callContext, System.Threading.CancellationToken cancellationToken) -> System.Threading.Tasks.Task> +virtual Microsoft.IdentityModel.Tokens.ValidationError.CreateException() -> System.Exception diff --git a/src/Microsoft.IdentityModel.Tokens/PublicAPI.Unshipped.txt b/src/Microsoft.IdentityModel.Tokens/PublicAPI.Unshipped.txt index e69de29bb2..3bd5a88157 100644 --- a/src/Microsoft.IdentityModel.Tokens/PublicAPI.Unshipped.txt +++ b/src/Microsoft.IdentityModel.Tokens/PublicAPI.Unshipped.txt @@ -0,0 +1,271 @@ +#nullable enable +const Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.DefaultAuthenticationType = "AuthenticationTypes.Federation" -> string! +const Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.DefaultMaximumTokenSizeInBytes = 256000 -> int +Microsoft.IdentityModel.Tokens.Experimental.AlgorithmValidationDelegate +Microsoft.IdentityModel.Tokens.Experimental.AlgorithmValidationError +Microsoft.IdentityModel.Tokens.Experimental.AlgorithmValidationError.AlgorithmValidationError(Microsoft.IdentityModel.Tokens.Experimental.MessageDetail! messageDetail, Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType! validationFailureType, System.Type! exceptionType, System.Diagnostics.StackFrame! stackFrame, string? invalidAlgorithm, System.Exception? innerException = null) -> void +Microsoft.IdentityModel.Tokens.Experimental.AlgorithmValidationError.InvalidAlgorithm.get -> string? +Microsoft.IdentityModel.Tokens.Experimental.AudienceValidationDelegate +Microsoft.IdentityModel.Tokens.Experimental.AudienceValidationError +Microsoft.IdentityModel.Tokens.Experimental.AudienceValidationError.AudienceValidationError(Microsoft.IdentityModel.Tokens.Experimental.MessageDetail! messageDetail, Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType! validationFailureType, System.Type! exceptionType, System.Diagnostics.StackFrame! stackFrame, System.Collections.Generic.IList? tokenAudiences, System.Collections.Generic.IList? validAudiences, System.Exception? innerException = null) -> void +Microsoft.IdentityModel.Tokens.Experimental.AudienceValidationError.TokenAudiences.get -> System.Collections.Generic.IList? +Microsoft.IdentityModel.Tokens.Experimental.AudienceValidationError.ValidAudiences.get -> System.Collections.Generic.IList? +Microsoft.IdentityModel.Tokens.Experimental.DecryptionKeyResolverDelegate +Microsoft.IdentityModel.Tokens.Experimental.IResultBasedValidation +Microsoft.IdentityModel.Tokens.Experimental.IResultBasedValidation.ValidateTokenAsync(Microsoft.IdentityModel.Tokens.SecurityToken! securityToken, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters! validationParameters, Microsoft.IdentityModel.Tokens.CallContext! callContext) -> System.Threading.Tasks.Task>! +Microsoft.IdentityModel.Tokens.Experimental.IResultBasedValidation.ValidateTokenAsync(Microsoft.IdentityModel.Tokens.SecurityToken! securityToken, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters! validationParameters, Microsoft.IdentityModel.Tokens.CallContext! callContext, System.Threading.CancellationToken cancellationToken) -> System.Threading.Tasks.Task>! +Microsoft.IdentityModel.Tokens.Experimental.IResultBasedValidation.ValidateTokenAsync(string! token, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters! validationParameters, Microsoft.IdentityModel.Tokens.CallContext! callContext) -> System.Threading.Tasks.Task>! +Microsoft.IdentityModel.Tokens.Experimental.IResultBasedValidation.ValidateTokenAsync(string! token, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters! validationParameters, Microsoft.IdentityModel.Tokens.CallContext! callContext, System.Threading.CancellationToken cancellationToken) -> System.Threading.Tasks.Task>! +Microsoft.IdentityModel.Tokens.Experimental.IssuerSigningKeyResolverDelegate +Microsoft.IdentityModel.Tokens.Experimental.IssuerSigningKeyValidationDelegate +Microsoft.IdentityModel.Tokens.Experimental.IssuerSigningKeyValidationError +Microsoft.IdentityModel.Tokens.Experimental.IssuerSigningKeyValidationError.InvalidSigningKey.get -> Microsoft.IdentityModel.Tokens.SecurityKey? +Microsoft.IdentityModel.Tokens.Experimental.IssuerSigningKeyValidationError.IssuerSigningKeyValidationError(Microsoft.IdentityModel.Tokens.Experimental.MessageDetail! messageDetail, Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType! validationFailureType, System.Type! exceptionType, System.Diagnostics.StackFrame! stackFrame, Microsoft.IdentityModel.Tokens.SecurityKey? invalidSigningKey, System.Exception? innerException = null) -> void +Microsoft.IdentityModel.Tokens.Experimental.IssuerValidationDelegateAsync +Microsoft.IdentityModel.Tokens.Experimental.IssuerValidationError +Microsoft.IdentityModel.Tokens.Experimental.IssuerValidationError.InvalidIssuer.get -> string? +Microsoft.IdentityModel.Tokens.Experimental.IssuerValidationError.IssuerValidationError(Microsoft.IdentityModel.Tokens.Experimental.MessageDetail! messageDetail, Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType! validationFailureType, System.Type! exceptionType, System.Diagnostics.StackFrame! stackFrame, string? invalidIssuer, System.Exception? innerException = null) -> void +Microsoft.IdentityModel.Tokens.Experimental.IssuerValidationSource +Microsoft.IdentityModel.Tokens.Experimental.IssuerValidationSource.IssuerValidationSource(string! name) -> void +Microsoft.IdentityModel.Tokens.Experimental.IssuerValidationSource.Name.get -> string! +Microsoft.IdentityModel.Tokens.Experimental.LifetimeValidationDelegate +Microsoft.IdentityModel.Tokens.Experimental.LifetimeValidationError +Microsoft.IdentityModel.Tokens.Experimental.LifetimeValidationError.Expires.get -> System.DateTime? +Microsoft.IdentityModel.Tokens.Experimental.LifetimeValidationError.LifetimeValidationError(Microsoft.IdentityModel.Tokens.Experimental.MessageDetail! messageDetail, Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType! validationFailureType, System.Type! exceptionType, System.Diagnostics.StackFrame! stackFrame, System.DateTime? notBefore, System.DateTime? expires, System.Exception? innerException = null) -> void +Microsoft.IdentityModel.Tokens.Experimental.LifetimeValidationError.NotBefore.get -> System.DateTime? +Microsoft.IdentityModel.Tokens.Experimental.MessageDetail +Microsoft.IdentityModel.Tokens.Experimental.SignatureValidationDelegate +Microsoft.IdentityModel.Tokens.Experimental.SignatureValidationError +Microsoft.IdentityModel.Tokens.Experimental.SignatureValidationError.InnerValidationError.get -> Microsoft.IdentityModel.Tokens.Experimental.ValidationError? +Microsoft.IdentityModel.Tokens.Experimental.SignatureValidationError.SignatureValidationError(Microsoft.IdentityModel.Tokens.Experimental.MessageDetail! messageDetail, Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType! validationFailureType, System.Type! exceptionType, System.Diagnostics.StackFrame! stackFrame, Microsoft.IdentityModel.Tokens.Experimental.ValidationError? innerValidationError = null, System.Exception? innerException = null) -> void +Microsoft.IdentityModel.Tokens.Experimental.TokenReplayValidationDelegate +Microsoft.IdentityModel.Tokens.Experimental.TokenReplayValidationError +Microsoft.IdentityModel.Tokens.Experimental.TokenReplayValidationError.ExpirationTime.get -> System.DateTime? +Microsoft.IdentityModel.Tokens.Experimental.TokenReplayValidationError.TokenReplayValidationError(Microsoft.IdentityModel.Tokens.Experimental.MessageDetail! messageDetail, Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType! validationFailureType, System.Type! exceptionType, System.Diagnostics.StackFrame! stackFrame, System.DateTime? expirationTime, System.Exception? innerException = null) -> void +Microsoft.IdentityModel.Tokens.Experimental.TokenTypeValidationDelegate +Microsoft.IdentityModel.Tokens.Experimental.TokenTypeValidationError +Microsoft.IdentityModel.Tokens.Experimental.TokenTypeValidationError.InvalidTokenType.get -> string? +Microsoft.IdentityModel.Tokens.Experimental.TokenTypeValidationError.TokenTypeValidationError(Microsoft.IdentityModel.Tokens.Experimental.MessageDetail! messageDetail, Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType! validationFailureType, System.Type! exceptionType, System.Diagnostics.StackFrame! stackFrame, string? invalidTokenType, System.Exception? innerException = null) -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidatedIssuer +Microsoft.IdentityModel.Tokens.Experimental.ValidatedIssuer.Equals(Microsoft.IdentityModel.Tokens.Experimental.ValidatedIssuer other) -> bool +Microsoft.IdentityModel.Tokens.Experimental.ValidatedIssuer.Issuer.get -> string! +Microsoft.IdentityModel.Tokens.Experimental.ValidatedIssuer.ValidatedIssuer() -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidatedIssuer.ValidatedIssuer(string! issuer, Microsoft.IdentityModel.Tokens.Experimental.IssuerValidationSource! validationSource) -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidatedIssuer.ValidationSource.get -> Microsoft.IdentityModel.Tokens.Experimental.IssuerValidationSource! +Microsoft.IdentityModel.Tokens.Experimental.ValidatedLifetime +Microsoft.IdentityModel.Tokens.Experimental.ValidatedLifetime.Equals(Microsoft.IdentityModel.Tokens.Experimental.ValidatedLifetime other) -> bool +Microsoft.IdentityModel.Tokens.Experimental.ValidatedLifetime.Expires.get -> System.DateTime? +Microsoft.IdentityModel.Tokens.Experimental.ValidatedLifetime.NotBefore.get -> System.DateTime? +Microsoft.IdentityModel.Tokens.Experimental.ValidatedLifetime.ValidatedLifetime() -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidatedLifetime.ValidatedLifetime(System.DateTime? notBefore, System.DateTime? expires) -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidatedSigningKeyLifetime +Microsoft.IdentityModel.Tokens.Experimental.ValidatedSigningKeyLifetime.Equals(Microsoft.IdentityModel.Tokens.Experimental.ValidatedSigningKeyLifetime other) -> bool +Microsoft.IdentityModel.Tokens.Experimental.ValidatedSigningKeyLifetime.ValidatedSigningKeyLifetime() -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidatedSigningKeyLifetime.ValidationTime.get -> System.DateTime? +Microsoft.IdentityModel.Tokens.Experimental.ValidatedSigningKeyLifetime.ValidFrom.get -> System.DateTime? +Microsoft.IdentityModel.Tokens.Experimental.ValidatedSigningKeyLifetime.ValidTo.get -> System.DateTime? +Microsoft.IdentityModel.Tokens.Experimental.ValidatedToken +Microsoft.IdentityModel.Tokens.Experimental.ValidatedToken.ActorValidationResult.get -> Microsoft.IdentityModel.Tokens.Experimental.ValidatedToken? +Microsoft.IdentityModel.Tokens.Experimental.ValidatedToken.Claims.get -> System.Collections.Generic.IDictionary! +Microsoft.IdentityModel.Tokens.Experimental.ValidatedToken.ClaimsIdentity.get -> System.Security.Claims.ClaimsIdentity! +Microsoft.IdentityModel.Tokens.Experimental.ValidatedToken.ClaimsIdentity.set -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidatedToken.Log(Microsoft.Extensions.Logging.ILogger! logger) -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidatedToken.SecurityToken.get -> Microsoft.IdentityModel.Tokens.SecurityToken! +Microsoft.IdentityModel.Tokens.Experimental.ValidatedToken.TokenHandler.get -> Microsoft.IdentityModel.Tokens.TokenHandler! +Microsoft.IdentityModel.Tokens.Experimental.ValidatedToken.ValidatedAudience.get -> string? +Microsoft.IdentityModel.Tokens.Experimental.ValidatedToken.ValidatedIssuer.get -> Microsoft.IdentityModel.Tokens.Experimental.ValidatedIssuer? +Microsoft.IdentityModel.Tokens.Experimental.ValidatedToken.ValidatedLifetime.get -> Microsoft.IdentityModel.Tokens.Experimental.ValidatedLifetime? +Microsoft.IdentityModel.Tokens.Experimental.ValidatedToken.ValidatedSigningKey.get -> Microsoft.IdentityModel.Tokens.SecurityKey? +Microsoft.IdentityModel.Tokens.Experimental.ValidatedToken.ValidatedSigningKeyLifetime.get -> Microsoft.IdentityModel.Tokens.Experimental.ValidatedSigningKeyLifetime? +Microsoft.IdentityModel.Tokens.Experimental.ValidatedToken.ValidatedToken(Microsoft.IdentityModel.Tokens.SecurityToken! securityToken, Microsoft.IdentityModel.Tokens.TokenHandler! tokenHandler, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters! validationParameters) -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidatedToken.ValidatedTokenReplayExpirationTime.get -> System.DateTime? +Microsoft.IdentityModel.Tokens.Experimental.ValidatedToken.ValidatedTokenType.get -> Microsoft.IdentityModel.Tokens.Experimental.ValidatedTokenType? +Microsoft.IdentityModel.Tokens.Experimental.ValidatedToken.ValidationParameters.get -> Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters! +Microsoft.IdentityModel.Tokens.Experimental.ValidatedTokenType +Microsoft.IdentityModel.Tokens.Experimental.ValidatedTokenType.Equals(Microsoft.IdentityModel.Tokens.Experimental.ValidatedTokenType other) -> bool +Microsoft.IdentityModel.Tokens.Experimental.ValidatedTokenType.Type.get -> string! +Microsoft.IdentityModel.Tokens.Experimental.ValidatedTokenType.ValidatedTokenType() -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidatedTokenType.ValidatedTokenType(string! type, int validTypeCount) -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidatedTokenType.ValidTypeCount.get -> int +Microsoft.IdentityModel.Tokens.Experimental.ValidationError +Microsoft.IdentityModel.Tokens.Experimental.ValidationError.AddCurrentStackFrame(string! filePath = "", int lineNumber = 0, int skipFrames = 1) -> Microsoft.IdentityModel.Tokens.Experimental.ValidationError! +Microsoft.IdentityModel.Tokens.Experimental.ValidationError.AddStackFrame(System.Diagnostics.StackFrame! stackFrame) -> Microsoft.IdentityModel.Tokens.Experimental.ValidationError! +Microsoft.IdentityModel.Tokens.Experimental.ValidationError.ExceptionType.get -> System.Type! +Microsoft.IdentityModel.Tokens.Experimental.ValidationError.FailureType.get -> Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType! +Microsoft.IdentityModel.Tokens.Experimental.ValidationError.GetException() -> System.Exception! +Microsoft.IdentityModel.Tokens.Experimental.ValidationError.InnerException.get -> System.Exception? +Microsoft.IdentityModel.Tokens.Experimental.ValidationError.Log(Microsoft.Extensions.Logging.ILogger! logger) -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidationError.Message.get -> string! +Microsoft.IdentityModel.Tokens.Experimental.ValidationError.StackFrames.get -> System.Collections.Generic.IList! +Microsoft.IdentityModel.Tokens.Experimental.ValidationError.ValidationError(Microsoft.IdentityModel.Tokens.Experimental.MessageDetail! messageDetail, Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType! validationFailureType, System.Type! exceptionType, System.Diagnostics.StackFrame! stackFrame, System.Exception? innerException = null) -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType +Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType.Name.get -> string! +Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType.ValidationFailureType(string! name) -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.ActorValidationParameters.get -> Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters? +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.ActorValidationParameters.set -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.AlgorithmValidator.get -> Microsoft.IdentityModel.Tokens.Experimental.AlgorithmValidationDelegate! +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.AlgorithmValidator.set -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.AudienceValidator.get -> Microsoft.IdentityModel.Tokens.Experimental.AudienceValidationDelegate! +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.AudienceValidator.set -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.AuthenticationType.get -> string? +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.AuthenticationType.set -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.ClockSkew.get -> System.TimeSpan +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.ClockSkew.set -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.ConfigurationManager.get -> Microsoft.IdentityModel.Tokens.BaseConfigurationManager? +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.ConfigurationManager.set -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.CryptoProviderFactory.get -> Microsoft.IdentityModel.Tokens.CryptoProviderFactory? +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.CryptoProviderFactory.set -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.DebugId.get -> string? +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.DebugId.set -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.IgnoreTrailingSlashWhenValidatingAudience.get -> bool +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.IgnoreTrailingSlashWhenValidatingAudience.set -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.IncludeTokenOnFailedValidation.get -> bool +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.IncludeTokenOnFailedValidation.set -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.InstancePropertyBag.get -> System.Collections.Generic.IDictionary! +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.IsClone.get -> bool +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.IsClone.set -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.IssuerSigningKeyResolver.get -> Microsoft.IdentityModel.Tokens.Experimental.IssuerSigningKeyResolverDelegate? +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.IssuerSigningKeyResolver.set -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.IssuerSigningKeys.get -> System.Collections.Generic.IList! +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.IssuerSigningKeyValidator.get -> Microsoft.IdentityModel.Tokens.Experimental.IssuerSigningKeyValidationDelegate! +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.IssuerSigningKeyValidator.set -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.IssuerValidatorAsync.get -> Microsoft.IdentityModel.Tokens.Experimental.IssuerValidationDelegateAsync! +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.IssuerValidatorAsync.set -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.LifetimeValidator.get -> Microsoft.IdentityModel.Tokens.Experimental.LifetimeValidationDelegate! +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.LifetimeValidator.set -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.LogTokenId.get -> bool +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.LogTokenId.set -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.NameClaimType.get -> string! +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.NameClaimType.set -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.NameClaimTypeRetriever.get -> System.Func? +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.NameClaimTypeRetriever.set -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.PropertyBag.get -> System.Collections.Generic.IDictionary! +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.RefreshBeforeValidation.get -> bool +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.RefreshBeforeValidation.set -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.RoleClaimType.get -> string! +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.RoleClaimType.set -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.RoleClaimTypeRetriever.get -> System.Func? +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.RoleClaimTypeRetriever.set -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.SaveSigninToken.get -> bool +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.SaveSigninToken.set -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.SignatureValidator.get -> Microsoft.IdentityModel.Tokens.Experimental.SignatureValidationDelegate? +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.SignatureValidator.set -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.TokenDecryptionKeys.get -> System.Collections.Generic.IList! +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.TokenReplayCache.get -> Microsoft.IdentityModel.Tokens.ITokenReplayCache? +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.TokenReplayCache.set -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.TokenReplayValidator.get -> Microsoft.IdentityModel.Tokens.Experimental.TokenReplayValidationDelegate! +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.TokenReplayValidator.set -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.TokenTypeValidator.get -> Microsoft.IdentityModel.Tokens.Experimental.TokenTypeValidationDelegate! +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.TokenTypeValidator.set -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.TryAllDecryptionKeys.get -> bool +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.TryAllDecryptionKeys.set -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.TryAllIssuerSigningKeys.get -> bool +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.TryAllIssuerSigningKeys.set -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.ValidAlgorithms.get -> System.Collections.Generic.IList! +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.ValidateActor.get -> bool +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.ValidateActor.set -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.ValidateWithLKG.get -> bool +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.ValidateWithLKG.set -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.ValidationParameters() -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.ValidationParameters(Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters! other) -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.ValidAudiences.get -> System.Collections.Generic.IList! +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.ValidIssuers.get -> System.Collections.Generic.IList! +Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.ValidTypes.get -> System.Collections.Generic.IList! +Microsoft.IdentityModel.Tokens.Experimental.ValidationResult +Microsoft.IdentityModel.Tokens.Experimental.ValidationResult.Equals(Microsoft.IdentityModel.Tokens.Experimental.ValidationResult other) -> bool +Microsoft.IdentityModel.Tokens.Experimental.ValidationResult.Error.get -> TError? +Microsoft.IdentityModel.Tokens.Experimental.ValidationResult.IsValid.get -> bool +Microsoft.IdentityModel.Tokens.Experimental.ValidationResult.Result.get -> TResult? +Microsoft.IdentityModel.Tokens.Experimental.ValidationResult.ToValidationResult() -> Microsoft.IdentityModel.Tokens.Experimental.ValidationResult +Microsoft.IdentityModel.Tokens.Experimental.ValidationResult.ValidationResult() -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidationResult.ValidationResult(TError error) -> void +Microsoft.IdentityModel.Tokens.Experimental.ValidationResult.ValidationResult(TResult result) -> void +override Microsoft.IdentityModel.Tokens.Experimental.AlgorithmValidationError.CreateException() -> System.Exception! +override Microsoft.IdentityModel.Tokens.Experimental.AudienceValidationError.CreateException() -> System.Exception! +override Microsoft.IdentityModel.Tokens.Experimental.IssuerSigningKeyValidationError.CreateException() -> System.Exception! +override Microsoft.IdentityModel.Tokens.Experimental.IssuerValidationError.CreateException() -> System.Exception! +override Microsoft.IdentityModel.Tokens.Experimental.IssuerValidationSource.ToString() -> string! +override Microsoft.IdentityModel.Tokens.Experimental.LifetimeValidationError.CreateException() -> System.Exception! +override Microsoft.IdentityModel.Tokens.Experimental.SignatureValidationError.CreateException() -> System.Exception! +override Microsoft.IdentityModel.Tokens.Experimental.TokenReplayValidationError.CreateException() -> System.Exception! +override Microsoft.IdentityModel.Tokens.Experimental.TokenTypeValidationError.CreateException() -> System.Exception! +override Microsoft.IdentityModel.Tokens.Experimental.ValidatedIssuer.Equals(object? obj) -> bool +override Microsoft.IdentityModel.Tokens.Experimental.ValidatedIssuer.GetHashCode() -> int +override Microsoft.IdentityModel.Tokens.Experimental.ValidatedIssuer.ToString() -> string! +override Microsoft.IdentityModel.Tokens.Experimental.ValidatedLifetime.Equals(object? obj) -> bool +override Microsoft.IdentityModel.Tokens.Experimental.ValidatedLifetime.GetHashCode() -> int +override Microsoft.IdentityModel.Tokens.Experimental.ValidatedLifetime.ToString() -> string! +override Microsoft.IdentityModel.Tokens.Experimental.ValidatedSigningKeyLifetime.Equals(object? obj) -> bool +override Microsoft.IdentityModel.Tokens.Experimental.ValidatedSigningKeyLifetime.GetHashCode() -> int +override Microsoft.IdentityModel.Tokens.Experimental.ValidatedSigningKeyLifetime.ToString() -> string! +override Microsoft.IdentityModel.Tokens.Experimental.ValidatedTokenType.Equals(object? obj) -> bool +override Microsoft.IdentityModel.Tokens.Experimental.ValidatedTokenType.GetHashCode() -> int +override Microsoft.IdentityModel.Tokens.Experimental.ValidatedTokenType.ToString() -> string! +override Microsoft.IdentityModel.Tokens.Experimental.ValidationResult.Equals(object? obj) -> bool +override Microsoft.IdentityModel.Tokens.Experimental.ValidationResult.GetHashCode() -> int +static Microsoft.IdentityModel.Tokens.Experimental.AlgorithmValidationError.NullParameter(string! parameterName, System.Diagnostics.StackFrame! stackFrame) -> Microsoft.IdentityModel.Tokens.Experimental.AlgorithmValidationError! +static Microsoft.IdentityModel.Tokens.Experimental.AudienceValidationError.NullParameter(string! parameterName, System.Diagnostics.StackFrame! stackFrame) -> Microsoft.IdentityModel.Tokens.Experimental.AudienceValidationError! +static Microsoft.IdentityModel.Tokens.Experimental.IssuerSigningKeyValidationError.NullParameter(string! parameterName, System.Diagnostics.StackFrame! stackFrame) -> Microsoft.IdentityModel.Tokens.Experimental.IssuerSigningKeyValidationError! +static Microsoft.IdentityModel.Tokens.Experimental.IssuerValidationError.NullParameter(string! parameterName, System.Diagnostics.StackFrame! stackFrame) -> Microsoft.IdentityModel.Tokens.Experimental.IssuerValidationError! +static Microsoft.IdentityModel.Tokens.Experimental.LifetimeValidationError.NullParameter(string! parameterName, System.Diagnostics.StackFrame! stackFrame) -> Microsoft.IdentityModel.Tokens.Experimental.LifetimeValidationError! +static Microsoft.IdentityModel.Tokens.Experimental.SignatureValidationError.NullParameter(string! parameterName, System.Diagnostics.StackFrame! stackFrame) -> Microsoft.IdentityModel.Tokens.Experimental.SignatureValidationError! +static Microsoft.IdentityModel.Tokens.Experimental.TokenReplayValidationError.NullParameter(string! parameterName, System.Diagnostics.StackFrame! stackFrame) -> Microsoft.IdentityModel.Tokens.Experimental.TokenReplayValidationError! +static Microsoft.IdentityModel.Tokens.Experimental.TokenTypeValidationError.NullParameter(string! parameterName, System.Diagnostics.StackFrame! stackFrame) -> Microsoft.IdentityModel.Tokens.Experimental.TokenTypeValidationError! +static Microsoft.IdentityModel.Tokens.Experimental.ValidatedIssuer.operator !=(Microsoft.IdentityModel.Tokens.Experimental.ValidatedIssuer left, Microsoft.IdentityModel.Tokens.Experimental.ValidatedIssuer right) -> bool +static Microsoft.IdentityModel.Tokens.Experimental.ValidatedIssuer.operator ==(Microsoft.IdentityModel.Tokens.Experimental.ValidatedIssuer left, Microsoft.IdentityModel.Tokens.Experimental.ValidatedIssuer right) -> bool +static Microsoft.IdentityModel.Tokens.Experimental.ValidatedLifetime.operator !=(Microsoft.IdentityModel.Tokens.Experimental.ValidatedLifetime left, Microsoft.IdentityModel.Tokens.Experimental.ValidatedLifetime right) -> bool +static Microsoft.IdentityModel.Tokens.Experimental.ValidatedLifetime.operator ==(Microsoft.IdentityModel.Tokens.Experimental.ValidatedLifetime left, Microsoft.IdentityModel.Tokens.Experimental.ValidatedLifetime right) -> bool +static Microsoft.IdentityModel.Tokens.Experimental.ValidatedSigningKeyLifetime.operator !=(Microsoft.IdentityModel.Tokens.Experimental.ValidatedSigningKeyLifetime left, Microsoft.IdentityModel.Tokens.Experimental.ValidatedSigningKeyLifetime right) -> bool +static Microsoft.IdentityModel.Tokens.Experimental.ValidatedSigningKeyLifetime.operator ==(Microsoft.IdentityModel.Tokens.Experimental.ValidatedSigningKeyLifetime left, Microsoft.IdentityModel.Tokens.Experimental.ValidatedSigningKeyLifetime right) -> bool +static Microsoft.IdentityModel.Tokens.Experimental.ValidatedTokenType.operator !=(Microsoft.IdentityModel.Tokens.Experimental.ValidatedTokenType left, Microsoft.IdentityModel.Tokens.Experimental.ValidatedTokenType right) -> bool +static Microsoft.IdentityModel.Tokens.Experimental.ValidatedTokenType.operator ==(Microsoft.IdentityModel.Tokens.Experimental.ValidatedTokenType left, Microsoft.IdentityModel.Tokens.Experimental.ValidatedTokenType right) -> bool +static Microsoft.IdentityModel.Tokens.Experimental.ValidationError.GetCurrentStackFrame(string! filePath = "", int lineNumber = 0, int skipFrames = 1) -> System.Diagnostics.StackFrame! +static Microsoft.IdentityModel.Tokens.Experimental.ValidationError.NullParameter(string! parameterName, System.Diagnostics.StackFrame! stackFrame) -> Microsoft.IdentityModel.Tokens.Experimental.ValidationError! +static Microsoft.IdentityModel.Tokens.Experimental.ValidationResult.implicit operator Microsoft.IdentityModel.Tokens.Experimental.ValidationResult(TError error) -> Microsoft.IdentityModel.Tokens.Experimental.ValidationResult +static Microsoft.IdentityModel.Tokens.Experimental.ValidationResult.implicit operator Microsoft.IdentityModel.Tokens.Experimental.ValidationResult(TResult result) -> Microsoft.IdentityModel.Tokens.Experimental.ValidationResult +static Microsoft.IdentityModel.Tokens.Experimental.ValidationResult.operator !=(Microsoft.IdentityModel.Tokens.Experimental.ValidationResult left, Microsoft.IdentityModel.Tokens.Experimental.ValidationResult right) -> bool +static Microsoft.IdentityModel.Tokens.Experimental.ValidationResult.operator ==(Microsoft.IdentityModel.Tokens.Experimental.ValidationResult left, Microsoft.IdentityModel.Tokens.Experimental.ValidationResult right) -> bool +static Microsoft.IdentityModel.Tokens.Validators.ValidateAlgorithm(string! algorithm, Microsoft.IdentityModel.Tokens.SecurityKey! securityKey, Microsoft.IdentityModel.Tokens.SecurityToken! securityToken, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters! validationParameters, Microsoft.IdentityModel.Tokens.CallContext! callContext) -> Microsoft.IdentityModel.Tokens.Experimental.ValidationResult +static Microsoft.IdentityModel.Tokens.Validators.ValidateAudience(System.Collections.Generic.IList! tokenAudiences, Microsoft.IdentityModel.Tokens.SecurityToken? securityToken, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters! validationParameters, Microsoft.IdentityModel.Tokens.CallContext! callContext) -> Microsoft.IdentityModel.Tokens.Experimental.ValidationResult +static Microsoft.IdentityModel.Tokens.Validators.ValidateIssuerAsync(string? issuer, Microsoft.IdentityModel.Tokens.SecurityToken? securityToken, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters! validationParameters, Microsoft.IdentityModel.Tokens.CallContext? callContext, System.Threading.CancellationToken cancellationToken) -> System.Threading.Tasks.Task>! +static Microsoft.IdentityModel.Tokens.Validators.ValidateIssuerSigningKey(Microsoft.IdentityModel.Tokens.SecurityKey! securityKey, Microsoft.IdentityModel.Tokens.SecurityToken! securityToken, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters! validationParameters, Microsoft.IdentityModel.Tokens.CallContext! callContext) -> Microsoft.IdentityModel.Tokens.Experimental.ValidationResult +static Microsoft.IdentityModel.Tokens.Validators.ValidateLifetime(System.DateTime? notBefore, System.DateTime? expires, Microsoft.IdentityModel.Tokens.SecurityToken? securityToken, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters! validationParameters, Microsoft.IdentityModel.Tokens.CallContext! callContext) -> Microsoft.IdentityModel.Tokens.Experimental.ValidationResult +static Microsoft.IdentityModel.Tokens.Validators.ValidateTokenReplay(System.DateTime? expirationTime, string! securityToken, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters! validationParameters, Microsoft.IdentityModel.Tokens.CallContext! callContext) -> Microsoft.IdentityModel.Tokens.Experimental.ValidationResult +static Microsoft.IdentityModel.Tokens.Validators.ValidateTokenType(string? type, Microsoft.IdentityModel.Tokens.SecurityToken? securityToken, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters! validationParameters, Microsoft.IdentityModel.Tokens.CallContext! callContext) -> Microsoft.IdentityModel.Tokens.Experimental.ValidationResult +static readonly Microsoft.IdentityModel.Tokens.Experimental.IssuerValidationSource.IssuerMatchedConfiguration -> Microsoft.IdentityModel.Tokens.Experimental.IssuerValidationSource! +static readonly Microsoft.IdentityModel.Tokens.Experimental.IssuerValidationSource.IssuerMatchedValidationParameters -> Microsoft.IdentityModel.Tokens.Experimental.IssuerValidationSource! +static readonly Microsoft.IdentityModel.Tokens.Experimental.IssuerValidationSource.NotValidated -> Microsoft.IdentityModel.Tokens.Experimental.IssuerValidationSource! +static readonly Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType.AlgorithmValidationFailed -> Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType! +static readonly Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType.AlgorithmValidatorThrew -> Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType! +static readonly Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType.AudienceValidationFailed -> Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType! +static readonly Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType.AudienceValidatorThrew -> Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType! +static readonly Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType.InvalidSecurityToken -> Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType! +static readonly Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType.IssuerSigningKeyValidatorThrew -> Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType! +static readonly Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType.IssuerValidationFailed -> Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType! +static readonly Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType.IssuerValidatorThrew -> Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType! +static readonly Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType.LifetimeValidationFailed -> Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType! +static readonly Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType.LifetimeValidatorThrew -> Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType! +static readonly Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType.NoTokenAudiencesProvided -> Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType! +static readonly Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType.NoValidationParameterAudiencesProvided -> Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType! +static readonly Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType.NullArgument -> Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType! +static readonly Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType.SignatureAlgorithmValidationFailed -> Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType! +static readonly Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType.SignatureValidationFailed -> Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType! +static readonly Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType.SignatureValidatorThrew -> Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType! +static readonly Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType.SigningKeyValidationFailed -> Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType! +static readonly Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType.TokenDecryptionFailed -> Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType! +static readonly Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType.TokenExceedsMaximumSize -> Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType! +static readonly Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType.TokenIsNotSigned -> Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType! +static readonly Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType.TokenReadingFailed -> Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType! +static readonly Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType.TokenReplayValidationFailed -> Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType! +static readonly Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType.TokenReplayValidatorThrew -> Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType! +static readonly Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType.TokenTypeValidationFailed -> Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType! +static readonly Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType.TokenTypeValidatorThrew -> Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType! +static readonly Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType.XmlValidationFailed -> Microsoft.IdentityModel.Tokens.Experimental.ValidationFailureType! +static readonly Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.DefaultClockSkew -> System.TimeSpan +virtual Microsoft.IdentityModel.Tokens.Experimental.ValidationError.CreateException() -> System.Exception! +virtual Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.Clone() -> Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters! +virtual Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters.CreateClaimsIdentity(Microsoft.IdentityModel.Tokens.SecurityToken! securityToken, string! issuer) -> System.Security.Claims.ClaimsIdentity! +~Microsoft.IdentityModel.Tokens.Experimental.MessageDetail.Message.get -> string +~Microsoft.IdentityModel.Tokens.Experimental.MessageDetail.MessageDetail(string formatString, params object[] parameters) -> void +~static Microsoft.IdentityModel.Tokens.Experimental.MessageDetail.NullParameter(string parameterName) -> Microsoft.IdentityModel.Tokens.Experimental.MessageDetail diff --git a/src/Microsoft.IdentityModel.Tokens/PublicAPI/net472/InternalAPI.Shipped.txt b/src/Microsoft.IdentityModel.Tokens/PublicAPI/net472/InternalAPI.Shipped.txt index 3dfed97825..aab733aca3 100644 --- a/src/Microsoft.IdentityModel.Tokens/PublicAPI/net472/InternalAPI.Shipped.txt +++ b/src/Microsoft.IdentityModel.Tokens/PublicAPI/net472/InternalAPI.Shipped.txt @@ -95,28 +95,11 @@ Microsoft.IdentityModel.Tokens.ValidationError.StackFrames.get -> System.Collect Microsoft.IdentityModel.Tokens.ValidationError.ValidationError(Microsoft.IdentityModel.Tokens.MessageDetail MessageDetail, Microsoft.IdentityModel.Tokens.ValidationFailureType failureType, System.Type exceptionType, System.Diagnostics.StackFrame stackFrame) -> void Microsoft.IdentityModel.Tokens.ValidationError.ValidationError(Microsoft.IdentityModel.Tokens.MessageDetail messageDetail, Microsoft.IdentityModel.Tokens.ValidationFailureType failureType, System.Type exceptionType, System.Diagnostics.StackFrame stackFrame, Microsoft.IdentityModel.Tokens.ValidationError innerValidationError) -> void Microsoft.IdentityModel.Tokens.ValidationError.ValidationError(Microsoft.IdentityModel.Tokens.MessageDetail messageDetail, Microsoft.IdentityModel.Tokens.ValidationFailureType failureType, System.Type exceptionType, System.Diagnostics.StackFrame stackFrame, System.Exception innerException) -> void -Microsoft.IdentityModel.Tokens.ValidationResult -Microsoft.IdentityModel.Tokens.ValidationResult.Equals(Microsoft.IdentityModel.Tokens.ValidationResult other) -> bool -Microsoft.IdentityModel.Tokens.ValidationResult.IsSuccess.get -> bool -Microsoft.IdentityModel.Tokens.ValidationResult.ToResult() -> Microsoft.IdentityModel.Tokens.ValidationResult -Microsoft.IdentityModel.Tokens.ValidationResult.UnwrapError() -> Microsoft.IdentityModel.Tokens.ValidationError -Microsoft.IdentityModel.Tokens.ValidationResult.UnwrapResult() -> TResult -Microsoft.IdentityModel.Tokens.ValidationResult.ValidationResult() -> void -Microsoft.IdentityModel.Tokens.ValidationResult.ValidationResult(Microsoft.IdentityModel.Tokens.ValidationError error) -> void -Microsoft.IdentityModel.Tokens.ValidationResult.ValidationResult(TResult result) -> void override Microsoft.IdentityModel.Tokens.LifetimeValidationError.AddAdditionalInformation(System.Exception exception) -> void -override Microsoft.IdentityModel.Tokens.ValidationResult.Equals(object obj) -> bool -override Microsoft.IdentityModel.Tokens.ValidationResult.GetHashCode() -> int static Microsoft.IdentityModel.Tokens.MessageDetail.NullParameter(string parameterName) -> Microsoft.IdentityModel.Tokens.MessageDetail static Microsoft.IdentityModel.Tokens.TokenUtilities.IsRecoverableConfigurationAndExceptionType(string kid, Microsoft.IdentityModel.Tokens.BaseConfiguration currentConfiguration, Microsoft.IdentityModel.Tokens.BaseConfiguration lkgConfiguration, System.Type currentExceptionType) -> bool static Microsoft.IdentityModel.Tokens.TokenUtilities.IsRecoverableExceptionType(System.Type exceptionType) -> bool static Microsoft.IdentityModel.Tokens.ValidationError.NullParameter(string parameterName, System.Diagnostics.StackFrame stackFrame) -> Microsoft.IdentityModel.Tokens.ValidationError -static Microsoft.IdentityModel.Tokens.ValidationResult.implicit operator Microsoft.IdentityModel.Tokens.ValidationResult(Microsoft.IdentityModel.Tokens.ValidationError error) -> Microsoft.IdentityModel.Tokens.ValidationResult -static Microsoft.IdentityModel.Tokens.ValidationResult.implicit operator Microsoft.IdentityModel.Tokens.ValidationResult(TResult result) -> Microsoft.IdentityModel.Tokens.ValidationResult -static Microsoft.IdentityModel.Tokens.ValidationResult.operator !=(Microsoft.IdentityModel.Tokens.ValidationResult left, Microsoft.IdentityModel.Tokens.ValidationResult right) -> bool -static Microsoft.IdentityModel.Tokens.ValidationResult.operator ==(Microsoft.IdentityModel.Tokens.ValidationResult left, Microsoft.IdentityModel.Tokens.ValidationResult right) -> bool -static Microsoft.IdentityModel.Tokens.Validators.ValidateAlgorithm(string algorithm, Microsoft.IdentityModel.Tokens.SecurityKey securityKey, Microsoft.IdentityModel.Tokens.SecurityToken securityToken, Microsoft.IdentityModel.Tokens.ValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.CallContext callContext) -> Microsoft.IdentityModel.Tokens.ValidationResult -static Microsoft.IdentityModel.Tokens.Validators.ValidateAudience(System.Collections.Generic.IList tokenAudiences, Microsoft.IdentityModel.Tokens.SecurityToken securityToken, Microsoft.IdentityModel.Tokens.ValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.CallContext callContext) -> Microsoft.IdentityModel.Tokens.ValidationResult static Microsoft.IdentityModel.Tokens.Validators.ValidateIssuerAsync(string issuer, Microsoft.IdentityModel.Tokens.SecurityToken securityToken, Microsoft.IdentityModel.Tokens.ValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.CallContext callContext, System.Threading.CancellationToken cancellationToken) -> System.Threading.Tasks.Task> static Microsoft.IdentityModel.Tokens.Validators.ValidateIssuerSigningKey(Microsoft.IdentityModel.Tokens.SecurityKey securityKey, Microsoft.IdentityModel.Tokens.SecurityToken securityToken, Microsoft.IdentityModel.Tokens.ValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.BaseConfiguration configuration, Microsoft.IdentityModel.Tokens.CallContext callContext) -> Microsoft.IdentityModel.Tokens.ValidationResult static Microsoft.IdentityModel.Tokens.Validators.ValidateIssuerSigningKeyLifeTime(Microsoft.IdentityModel.Tokens.SecurityKey securityKey, Microsoft.IdentityModel.Tokens.ValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.CallContext callContext) -> Microsoft.IdentityModel.Tokens.ValidationResult diff --git a/src/Microsoft.IdentityModel.Tokens/TokenHandler.Internal.cs b/src/Microsoft.IdentityModel.Tokens/TokenHandler.Internal.cs index b6ba14d101..5a5d334f0c 100644 --- a/src/Microsoft.IdentityModel.Tokens/TokenHandler.Internal.cs +++ b/src/Microsoft.IdentityModel.Tokens/TokenHandler.Internal.cs @@ -4,6 +4,7 @@ using System; using System.Threading; using System.Threading.Tasks; +using Microsoft.IdentityModel.Tokens.Experimental; using static Microsoft.IdentityModel.Logging.LogHelper; namespace Microsoft.IdentityModel.Tokens @@ -13,7 +14,7 @@ namespace Microsoft.IdentityModel.Tokens /// public abstract partial class TokenHandler { - internal virtual Task> ValidateTokenAsync( + internal virtual Task> ValidateTokenAsync( string token, ValidationParameters validationParameters, CallContext callContext, @@ -23,12 +24,12 @@ internal virtual Task> ValidateTokenAsync( new NotImplementedException( FormatInvariant( LogMessages.IDX10267, - MarkAsNonPII("internal virtual Task> " + + MarkAsNonPII("internal virtual Task> " + "ValidateTokenAsync(string token, ValidationParameters validationParameters, CallContext callContext, CancellationToken cancellationToken)"), MarkAsNonPII(GetType().FullName)))); } - internal virtual Task> ValidateTokenAsync( + internal virtual Task> ValidateTokenAsync( SecurityToken token, ValidationParameters validationParameters, CallContext callContext, @@ -38,7 +39,7 @@ internal virtual Task> ValidateTokenAsync( new NotImplementedException( FormatInvariant( LogMessages.IDX10267, - MarkAsNonPII("internal virtual Task> " + + MarkAsNonPII("internal virtual Task> " + "ValidateTokenAsync(SecurityToken token, ValidationParameters validationParameters, CallContext callContext, CancellationToken cancellationToken)"), MarkAsNonPII(GetType().FullName)))); } diff --git a/src/Microsoft.IdentityModel.Tokens/TokenHandler.cs b/src/Microsoft.IdentityModel.Tokens/TokenHandler.cs index 754a87eea3..6b5becda7a 100644 --- a/src/Microsoft.IdentityModel.Tokens/TokenHandler.cs +++ b/src/Microsoft.IdentityModel.Tokens/TokenHandler.cs @@ -5,6 +5,7 @@ using System.ComponentModel; using System.Security.Claims; using System.Threading.Tasks; +using Microsoft.IdentityModel.Tokens.Experimental; using static Microsoft.IdentityModel.Logging.LogHelper; namespace Microsoft.IdentityModel.Tokens diff --git a/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/AlgorithmValidationError.cs b/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/AlgorithmValidationError.cs index d07e05a3fd..1f720aedfd 100644 --- a/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/AlgorithmValidationError.cs +++ b/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/AlgorithmValidationError.cs @@ -5,13 +5,13 @@ using System.Diagnostics; #nullable enable -namespace Microsoft.IdentityModel.Tokens +namespace Microsoft.IdentityModel.Tokens.Experimental { /// /// Represents a validation error that occurs when a token's algorithm cannot be validated. /// If available, the invalid algorithm is stored in . /// - internal class AlgorithmValidationError : ValidationError + public class AlgorithmValidationError : ValidationError { /// /// Initializes a new instance of the class. @@ -54,6 +54,19 @@ protected override Exception CreateException() return base.CreateException(); } + /// + /// Creates a new instance of representing a null parameter. + /// + /// The name of the parameter. + /// The stack frame where the error occurred. + /// A new . + public static new AlgorithmValidationError NullParameter(string parameterName, StackFrame stackFrame) => new( + MessageDetail.NullParameter(parameterName), + ValidationFailureType.NullArgument, + typeof(SecurityTokenArgumentNullException), + stackFrame, + null); // InvalidAlgorithm + /// /// The algorithm that could not be validated. /// diff --git a/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/AudienceValidationError.cs b/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/AudienceValidationError.cs index 431a3ff584..2aabfaa8f6 100644 --- a/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/AudienceValidationError.cs +++ b/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/AudienceValidationError.cs @@ -6,14 +6,14 @@ using System.Diagnostics; #nullable enable -namespace Microsoft.IdentityModel.Tokens +namespace Microsoft.IdentityModel.Tokens.Experimental { /// /// Represents an error that occurs when the token's audience cannot be validated. /// If available, the invalid audiences from the token are stored in /// and the allowed audiences are stored in . /// - internal class AudienceValidationError : ValidationError + public class AudienceValidationError : ValidationError { /// /// Initializes a new instance of the class. @@ -55,9 +55,23 @@ protected override Exception CreateException() return exception; } - return base.CreateException(ExceptionType, null); + return CreateException(ExceptionType, null); } + /// + /// Creates a new instance of representing a null parameter. + /// + /// The name of the parameter. + /// The stack frame where the error occurred. + /// A new . + public static new AudienceValidationError NullParameter(string parameterName, StackFrame stackFrame) => new( + MessageDetail.NullParameter(parameterName), + ValidationFailureType.NullArgument, + typeof(SecurityTokenArgumentNullException), + stackFrame, + null, // TokenAudiences + null); // ValidAudiences + /// /// The audiences that were in the token. /// diff --git a/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/IssuerSigningKeyValidationError.cs b/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/IssuerSigningKeyValidationError.cs index 2251c43eb0..e01e297703 100644 --- a/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/IssuerSigningKeyValidationError.cs +++ b/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/IssuerSigningKeyValidationError.cs @@ -5,13 +5,13 @@ using System; #nullable enable -namespace Microsoft.IdentityModel.Tokens +namespace Microsoft.IdentityModel.Tokens.Experimental { /// /// Represents a validation error that occurs when the issuer signing key cannot be validated. /// If available, the invalid signing key is stored in . /// - internal class IssuerSigningKeyValidationError : ValidationError + public class IssuerSigningKeyValidationError : ValidationError { /// /// Initializes a new instance of the class. diff --git a/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/IssuerValidationError.cs b/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/IssuerValidationError.cs index 8b384c763a..9ea836fa1e 100644 --- a/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/IssuerValidationError.cs +++ b/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/IssuerValidationError.cs @@ -5,13 +5,13 @@ using System.Diagnostics; #nullable enable -namespace Microsoft.IdentityModel.Tokens +namespace Microsoft.IdentityModel.Tokens.Experimental { /// /// Represents an error that occurs when the issuer of a token cannot be validated. /// If available, the invalid issuer is stored in . /// - internal class IssuerValidationError : ValidationError + public class IssuerValidationError : ValidationError { /// /// Initializes a new instance of the class. @@ -58,6 +58,19 @@ protected override Exception CreateException() return base.CreateException(); } + + /// + /// Creates a new instance of representing a null parameter. + /// + /// The name of the parameter. + /// The stack frame where the error occurred. + /// A new . + public static new IssuerValidationError NullParameter(string parameterName, StackFrame stackFrame) => new( + MessageDetail.NullParameter(parameterName), + ValidationFailureType.NullArgument, + typeof(SecurityTokenArgumentNullException), + stackFrame, + null); // InvalidIssuer } } #nullable restore diff --git a/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/LifetimeValidationError.cs b/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/LifetimeValidationError.cs index 38762280ad..134cd459e4 100644 --- a/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/LifetimeValidationError.cs +++ b/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/LifetimeValidationError.cs @@ -5,13 +5,13 @@ using System.Diagnostics; #nullable enable -namespace Microsoft.IdentityModel.Tokens +namespace Microsoft.IdentityModel.Tokens.Experimental { /// /// Represents an error that occurs when a token's lifetime cannot be validated. /// If available, the not before and expires values are stored in and . /// - internal class LifetimeValidationError : ValidationError + public class LifetimeValidationError : ValidationError { /// /// Initializes a new instance of the class. @@ -79,9 +79,23 @@ protected override Exception CreateException() return exception; } else - return base.CreateException(ExceptionType, null); + return CreateException(ExceptionType, null); } + /// + /// Creates a new instance of representing a null parameter. + /// + /// The name of the parameter. + /// The stack frame where the error occurred. + /// A new . + public static new LifetimeValidationError NullParameter(string parameterName, StackFrame stackFrame) => new( + MessageDetail.NullParameter(parameterName), + ValidationFailureType.NullArgument, + typeof(SecurityTokenArgumentNullException), + stackFrame, + null, // NotBefore + null); // Expires + /// /// The date from which the token is valid. /// diff --git a/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/LogDetail.cs b/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/LogDetail.cs index 6b91a67c1e..b307c907ac 100644 --- a/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/LogDetail.cs +++ b/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/LogDetail.cs @@ -2,6 +2,7 @@ // Licensed under the MIT License. using Microsoft.IdentityModel.Abstractions; +using Microsoft.IdentityModel.Tokens.Experimental; namespace Microsoft.IdentityModel.Tokens { diff --git a/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/MessageDetail.cs b/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/MessageDetail.cs index b0b71fd296..e1625c097e 100644 --- a/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/MessageDetail.cs +++ b/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/MessageDetail.cs @@ -3,12 +3,12 @@ using Microsoft.IdentityModel.Logging; -namespace Microsoft.IdentityModel.Tokens +namespace Microsoft.IdentityModel.Tokens.Experimental { /// /// Contains information about a message that is used to generate a message for logging or exceptions. /// - internal class MessageDetail + public class MessageDetail { private string _message; diff --git a/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/SignatureValidationError.cs b/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/SignatureValidationError.cs index 9d024a074f..2c5b3936ba 100644 --- a/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/SignatureValidationError.cs +++ b/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/SignatureValidationError.cs @@ -5,12 +5,12 @@ using System.Diagnostics; #nullable enable -namespace Microsoft.IdentityModel.Tokens +namespace Microsoft.IdentityModel.Tokens.Experimental { /// /// Represents an error that occurs when the token's signature cannot be validated. /// - internal class SignatureValidationError : ValidationError + public class SignatureValidationError : ValidationError { /// /// Initializes a new instance of the class. diff --git a/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/TokenReplayValidationError.cs b/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/TokenReplayValidationError.cs index 125df5e6a7..47f298f504 100644 --- a/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/TokenReplayValidationError.cs +++ b/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/TokenReplayValidationError.cs @@ -5,13 +5,13 @@ using System.Diagnostics; #nullable enable -namespace Microsoft.IdentityModel.Tokens +namespace Microsoft.IdentityModel.Tokens.Experimental { /// /// Represents an error that occurs when a token cannot be validated against being re-used or replay is detected. /// If available, the expiration time of the token that failed the validation is included. /// - internal class TokenReplayValidationError : ValidationError + public class TokenReplayValidationError : ValidationError { /// /// Initializes a new instance of the class. diff --git a/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/TokenTypeValidationError.cs b/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/TokenTypeValidationError.cs index 1dd7d5f68a..3ca3613462 100644 --- a/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/TokenTypeValidationError.cs +++ b/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/TokenTypeValidationError.cs @@ -5,13 +5,13 @@ using System.Diagnostics; #nullable enable -namespace Microsoft.IdentityModel.Tokens +namespace Microsoft.IdentityModel.Tokens.Experimental { /// /// Represents an error that occurs when a token type cannot be validated. /// If available, the invalid token type is stored in . /// - internal class TokenTypeValidationError : ValidationError + public class TokenTypeValidationError : ValidationError { /// /// Initializes a new instance of the class. diff --git a/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/ValidationError.cs b/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/ValidationError.cs index 4923331cdb..5312d79ffe 100644 --- a/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/ValidationError.cs +++ b/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/ValidationError.cs @@ -10,13 +10,13 @@ using Microsoft.IdentityModel.Logging; #nullable enable -namespace Microsoft.IdentityModel.Tokens +namespace Microsoft.IdentityModel.Tokens.Experimental { /// /// Represents an error that occurred during token validation. /// If necessary, it can be used to create an instance of . /// - internal class ValidationError + public class ValidationError { private Type _exceptionType; @@ -30,7 +30,7 @@ internal class ValidationError /// is the type of exception that occurred. /// is the stack frame where the exception occurred. /// if present, represents the exception that occurred during validation. - internal protected ValidationError( + protected internal ValidationError( MessageDetail messageDetail, ValidationFailureType validationFailureType, Type exceptionType, @@ -47,6 +47,10 @@ internal protected ValidationError( }; } + /// + /// Creates and returns instance of an using + /// + /// An instance of an Exception. public Exception GetException() { if (_exception is null) @@ -199,8 +203,12 @@ internal Exception CreateException(Type exceptionType, Exception? innerException /// Logs the validation error. /// /// The to be used for logging. + [CLSCompliant(false)] public void Log(ILogger logger) { + if (logger == null) + throw new ArgumentNullException(nameof(logger)); + Logger.TokenValidationFailed(logger, FailureType.Name, MessageDetail.Message); } @@ -220,7 +228,7 @@ public void Log(ILogger logger) /// /// Gets the type of validation failure that occurred. /// - internal ValidationFailureType FailureType { get; } + public ValidationFailureType FailureType { get; } /// /// Gets the type of exception that occurred. diff --git a/src/Microsoft.IdentityModel.Tokens/Validation/Results/IssuerValidationSource.cs b/src/Microsoft.IdentityModel.Tokens/Validation/Results/IssuerValidationSource.cs index 7d066dd15a..fb59fc677c 100644 --- a/src/Microsoft.IdentityModel.Tokens/Validation/Results/IssuerValidationSource.cs +++ b/src/Microsoft.IdentityModel.Tokens/Validation/Results/IssuerValidationSource.cs @@ -2,14 +2,14 @@ // Licensed under the MIT License. #nullable enable -namespace Microsoft.IdentityModel.Tokens +namespace Microsoft.IdentityModel.Tokens.Experimental { /// /// Represents the source from which the token issuer was validated. /// i.e. whether the issuer was matched with the configuration provided or the validation parameters provided. /// If a custom issuer validation delegate is used, a custom validation source can be instantiated and used. /// - internal class IssuerValidationSource + public class IssuerValidationSource { /// /// Initializes a new instance of . diff --git a/src/Microsoft.IdentityModel.Tokens/Validation/Results/TokenValidationResult.cs b/src/Microsoft.IdentityModel.Tokens/Validation/Results/TokenValidationResult.cs index 21a9b76cda..987ddb77cc 100644 --- a/src/Microsoft.IdentityModel.Tokens/Validation/Results/TokenValidationResult.cs +++ b/src/Microsoft.IdentityModel.Tokens/Validation/Results/TokenValidationResult.cs @@ -7,6 +7,7 @@ using System.Security.Claims; using System.Threading; using Microsoft.IdentityModel.Logging; +using Microsoft.IdentityModel.Tokens.Experimental; namespace Microsoft.IdentityModel.Tokens { diff --git a/src/Microsoft.IdentityModel.Tokens/Validation/Results/ValidatedIssuer.cs b/src/Microsoft.IdentityModel.Tokens/Validation/Results/ValidatedIssuer.cs index d797da269a..41dbaf9d10 100644 --- a/src/Microsoft.IdentityModel.Tokens/Validation/Results/ValidatedIssuer.cs +++ b/src/Microsoft.IdentityModel.Tokens/Validation/Results/ValidatedIssuer.cs @@ -4,12 +4,12 @@ using System; #nullable enable -namespace Microsoft.IdentityModel.Tokens +namespace Microsoft.IdentityModel.Tokens.Experimental { /// /// Represents a validated issuer, including the source of the validation. /// - internal readonly struct ValidatedIssuer : IEquatable + public readonly struct ValidatedIssuer : IEquatable { /// /// Initializes a new instance of . diff --git a/src/Microsoft.IdentityModel.Tokens/Validation/Results/ValidatedLifetime.cs b/src/Microsoft.IdentityModel.Tokens/Validation/Results/ValidatedLifetime.cs index 7ad05123a3..e19cb62127 100644 --- a/src/Microsoft.IdentityModel.Tokens/Validation/Results/ValidatedLifetime.cs +++ b/src/Microsoft.IdentityModel.Tokens/Validation/Results/ValidatedLifetime.cs @@ -4,12 +4,12 @@ using System; #nullable enable -namespace Microsoft.IdentityModel.Tokens +namespace Microsoft.IdentityModel.Tokens.Experimental { /// /// Represents a validated lifetime, including the NotBefore and Expires values. /// - internal readonly struct ValidatedLifetime : IEquatable + public readonly struct ValidatedLifetime : IEquatable { /// /// Initializes a new instance of . diff --git a/src/Microsoft.IdentityModel.Tokens/Validation/Results/ValidatedSigningKeyLifetime.cs b/src/Microsoft.IdentityModel.Tokens/Validation/Results/ValidatedSigningKeyLifetime.cs index 646ba63e97..9e0d474f63 100644 --- a/src/Microsoft.IdentityModel.Tokens/Validation/Results/ValidatedSigningKeyLifetime.cs +++ b/src/Microsoft.IdentityModel.Tokens/Validation/Results/ValidatedSigningKeyLifetime.cs @@ -4,12 +4,12 @@ using System; #nullable enable -namespace Microsoft.IdentityModel.Tokens +namespace Microsoft.IdentityModel.Tokens.Experimental { /// /// Represents a validated signing key lifetime. /// - internal readonly struct ValidatedSigningKeyLifetime : IEquatable + public readonly struct ValidatedSigningKeyLifetime : IEquatable { /// /// Initializes a new instance of . diff --git a/src/Microsoft.IdentityModel.Tokens/Validation/Results/ValidatedToken.cs b/src/Microsoft.IdentityModel.Tokens/Validation/Results/ValidatedToken.cs index 149d5213ea..29edd3a273 100644 --- a/src/Microsoft.IdentityModel.Tokens/Validation/Results/ValidatedToken.cs +++ b/src/Microsoft.IdentityModel.Tokens/Validation/Results/ValidatedToken.cs @@ -9,12 +9,15 @@ using Microsoft.Extensions.Logging; #nullable enable -namespace Microsoft.IdentityModel.Tokens +namespace Microsoft.IdentityModel.Tokens.Experimental { /// /// Contains the results of successfully validating a . /// - internal class ValidatedToken + /// + /// Creates an instance of + /// + public class ValidatedToken { /// /// Initializes a new instance of . @@ -36,7 +39,13 @@ public ValidatedToken( /// /// Logs the validation result. /// - public void Log(ILogger logger) => Logger.TokenValidationSucceeded( + [CLSCompliant(false)] + public void Log(ILogger logger) + { + if (logger is null) + throw new ArgumentNullException(nameof(logger)); + + Logger.TokenValidationSucceeded( logger, ValidatedAudience ?? "none", ValidatedLifetime, @@ -45,6 +54,7 @@ public void Log(ILogger logger) => Logger.TokenValidationSucceeded( ValidatedSigningKey?.KeyId ?? "none", ActorValidationResult is not null ); + } /// /// The that was validated. diff --git a/src/Microsoft.IdentityModel.Tokens/Validation/Results/ValidatedTokenType.cs b/src/Microsoft.IdentityModel.Tokens/Validation/Results/ValidatedTokenType.cs index e94470c95e..d7c4054887 100644 --- a/src/Microsoft.IdentityModel.Tokens/Validation/Results/ValidatedTokenType.cs +++ b/src/Microsoft.IdentityModel.Tokens/Validation/Results/ValidatedTokenType.cs @@ -4,12 +4,12 @@ using System; #nullable enable -namespace Microsoft.IdentityModel.Tokens +namespace Microsoft.IdentityModel.Tokens.Experimental { /// /// Represents a validated token type, including the number of valid types present in the validation parameters. /// - internal readonly struct ValidatedTokenType : IEquatable + public readonly struct ValidatedTokenType : IEquatable { /// /// Initializes a new instance of . diff --git a/src/Microsoft.IdentityModel.Tokens/Validation/Results/ValidationResult.cs b/src/Microsoft.IdentityModel.Tokens/Validation/Results/ValidationResult.cs index 8bb3c9d5e0..5f36e39952 100644 --- a/src/Microsoft.IdentityModel.Tokens/Validation/Results/ValidationResult.cs +++ b/src/Microsoft.IdentityModel.Tokens/Validation/Results/ValidationResult.cs @@ -5,35 +5,36 @@ using Microsoft.IdentityModel.Logging; #nullable enable -namespace Microsoft.IdentityModel.Tokens +namespace Microsoft.IdentityModel.Tokens.Experimental { /// /// Represents a validation result that can be either valid or invalid. /// /// - internal readonly struct ValidationResult : IEquatable> + /// + public readonly struct ValidationResult : IEquatable> { readonly TResult? _result; - readonly ValidationError? _error; + readonly TError? _error; /// - /// Creates a new instance of indicating a successful operation + /// Creates a new instance of indicating a successful operation /// and containing an object of the associated type. /// /// The value associated with the success. public ValidationResult(TResult result) { _result = result; - _error = null; + _error = default(TError); IsValid = true; } /// - /// Creates a new instance of indicating a failed operation - /// and containing a with the error information. + /// Creates a new instance of + /// indicating a failed operation and containing an error information. /// /// The error associated with the failure. - public ValidationResult(ValidationError error) + public ValidationResult(TError error) { _result = default; _error = error; @@ -52,13 +53,13 @@ public ValidationResult(ValidationError error) /// Creates a successful, valid result implicitly from the value. /// /// The value to be stored in the result. - public static implicit operator ValidationResult(TResult result) => new(result); + public static implicit operator ValidationResult(TResult result) => new(result); /// /// Creates an error result implicitly from the error value. /// /// The error to be stored in the result. - public static implicit operator ValidationResult(ValidationError error) => new(error); + public static implicit operator ValidationResult(TError error) => new(error); /// /// Gets a value indicating whether the result is valid. @@ -79,14 +80,14 @@ public ValidationResult(ValidationError error) /// The wrapped error value. /// This method is only valid if the result type is not valid. /// Thrown if attempted to unwrap an error from a valid result. - internal ValidationError UnwrapError() => IsValid ? throw new InvalidOperationException("Cannot unwrap success result") : _error!; + internal TError UnwrapError() => IsValid ? throw new InvalidOperationException("Cannot unwrap success result") : _error!; /// /// Gets the error associated with the validation result. /// /// The error associated with the validation result. /// This property is only valid if the result type is not valid. - public ValidationError? Error + public TError? Error { get { @@ -117,13 +118,13 @@ public TResult? Result } /// - /// Determines whether the specified object is equal to the current instance of . + /// Determines whether the specified object is equal to the current instance of . /// /// The object to compare with the current instance. /// true if the specified object is equal to the current instance; otherwise, false. public override bool Equals(object? obj) { - if (obj is ValidationResult other) + if (obj is ValidationResult other) { return Equals(other); } @@ -132,7 +133,7 @@ public override bool Equals(object? obj) } /// - /// Returns the hash code for this instance of . + /// Returns the hash code for this instance of . /// /// The hash code for the current instance. public override int GetHashCode() @@ -144,33 +145,33 @@ public override int GetHashCode() } /// - /// Equality comparison operator for . + /// Equality comparison operator for . /// /// The left value to compare. /// The right value to compare. /// A boolean indicating whether the left value is equal to the right one. - public static bool operator ==(ValidationResult left, ValidationResult right) + public static bool operator ==(ValidationResult left, ValidationResult right) { return left.Equals(right); } /// - /// Inequality comparison operator for . + /// Inequality comparison operator for . /// /// The left value to compare. /// The right value to compare. /// A boolean indicating whether the left value is not equal to the right one. - public static bool operator !=(ValidationResult left, ValidationResult right) + public static bool operator !=(ValidationResult left, ValidationResult right) { return !(left == right); } /// - /// Determines whether the specified is equal to the current instance. + /// Determines whether the specified is equal to the current instance. /// - /// The to compare with the current instance. - /// true if the specified is equal to the current instance; otherwise, false. - public bool Equals(ValidationResult other) + /// The to compare with the current instance. + /// true if the specified is equal to the current instance; otherwise, false. + public bool Equals(ValidationResult other) { if (other.IsValid != IsValid) return false; @@ -182,11 +183,11 @@ public bool Equals(ValidationResult other) } /// - /// Casts the result to a . + /// Casts the result to a . /// # /// Required for compatibility, see CA2225 for more information /// The existing instance. - public ValidationResult ToValidationResult() + public ValidationResult ToValidationResult() { return this; } diff --git a/src/Microsoft.IdentityModel.Tokens/Validation/ValidationFailureType.cs b/src/Microsoft.IdentityModel.Tokens/Validation/ValidationFailureType.cs index 2556fea941..78cbae881f 100644 --- a/src/Microsoft.IdentityModel.Tokens/Validation/ValidationFailureType.cs +++ b/src/Microsoft.IdentityModel.Tokens/Validation/ValidationFailureType.cs @@ -1,12 +1,13 @@ // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. -namespace Microsoft.IdentityModel.Tokens +#nullable enable +namespace Microsoft.IdentityModel.Tokens.Experimental { /// /// The type of the failure that occurred when validating a . /// - internal abstract class ValidationFailureType + public abstract class ValidationFailureType { /// /// Creates an instance of @@ -19,7 +20,7 @@ protected ValidationFailureType(string name) /// /// Gets the name of the . /// - public string Name { get; } + public string Name { get; internal set; } /// /// Defines a type that represents a required parameter was null. @@ -171,3 +172,4 @@ private class IssuerValidatorFailure : ValidationFailureType { internal IssuerVa public static readonly ValidationFailureType TokenTypeValidatorThrew = new TokenTypeValidationFailure("TokenTypeValidatorThrew"); } } +#nullable restore diff --git a/src/Microsoft.IdentityModel.Tokens/Validation/ValidationParameters.cs b/src/Microsoft.IdentityModel.Tokens/Validation/ValidationParameters.cs index b4a792a1cb..fb481fd550 100644 --- a/src/Microsoft.IdentityModel.Tokens/Validation/ValidationParameters.cs +++ b/src/Microsoft.IdentityModel.Tokens/Validation/ValidationParameters.cs @@ -9,12 +9,12 @@ using Microsoft.IdentityModel.Logging; #nullable enable -namespace Microsoft.IdentityModel.Tokens +namespace Microsoft.IdentityModel.Tokens.Experimental { /// /// Contains a set of parameters that are used by a when validating a . /// - internal class ValidationParameters + public class ValidationParameters { private string? _authenticationType; private TimeSpan _clockSkew = DefaultClockSkew; @@ -332,7 +332,7 @@ internal set /// Allows overriding the delegate that will be used to validate the issuer of the token. /// /// Thrown when the value is set as null. - /// The used to validate the issuer of a token + /// The used to validate the issuer of a token public IssuerValidationDelegateAsync IssuerValidatorAsync { get { return _issuerValidatorAsync; } @@ -534,7 +534,7 @@ public TokenReplayValidationDelegate TokenReplayValidator /// /// Allows overriding the delegate that will be used to validate the type of the token. - /// If the token type cannot be validated, a MUST be returned by the delegate. + /// If the token type cannot be validated, a MUST be returned by the delegate. /// Note: the 'type' parameter may be null if it couldn't be extracted from its usual location. /// Implementations that need to resolve it from a different location can use the 'token' parameter. /// diff --git a/src/Microsoft.IdentityModel.Tokens/Validation/Validators.Algorithm.cs b/src/Microsoft.IdentityModel.Tokens/Validation/Validators.Algorithm.cs index 1ed23b224b..26d1a4444e 100644 --- a/src/Microsoft.IdentityModel.Tokens/Validation/Validators.Algorithm.cs +++ b/src/Microsoft.IdentityModel.Tokens/Validation/Validators.Algorithm.cs @@ -4,27 +4,11 @@ using System; using System.Linq; using Microsoft.IdentityModel.Logging; +using Microsoft.IdentityModel.Tokens.Experimental; #nullable enable namespace Microsoft.IdentityModel.Tokens { - /// - /// Definition for delegate that will validate a given algorithm for a . - /// - /// The algorithm to be validated. - /// The that signed the . - /// The being validated. - /// required for validation. - /// - /// A that contains the results of validating the algorithm. - /// This delegate is not expected to throw. - internal delegate ValidationResult AlgorithmValidationDelegate( - string algorithm, - SecurityKey securityKey, - SecurityToken securityToken, - ValidationParameters validationParameters, - CallContext callContext); - /// /// Partial class for Algorithm Validation. /// @@ -38,7 +22,7 @@ public static partial class Validators /// The being validated. /// required for validation. /// The that contains call information. - internal static ValidationResult ValidateAlgorithm( + public static ValidationResult ValidateAlgorithm( string algorithm, #pragma warning disable CA1801 SecurityKey securityKey, @@ -48,7 +32,7 @@ internal static ValidationResult ValidateAlgorithm( #pragma warning restore CA1801 { if (validationParameters == null) - return ValidationError.NullParameter( + return AlgorithmValidationError.NullParameter( nameof(validationParameters), ValidationError.GetCurrentStackFrame()); diff --git a/src/Microsoft.IdentityModel.Tokens/Validation/Validators.Audience.cs b/src/Microsoft.IdentityModel.Tokens/Validation/Validators.Audience.cs index 338a8cc4d4..202df29e69 100644 --- a/src/Microsoft.IdentityModel.Tokens/Validation/Validators.Audience.cs +++ b/src/Microsoft.IdentityModel.Tokens/Validation/Validators.Audience.cs @@ -5,25 +5,11 @@ using System.Collections.Generic; using Microsoft.IdentityModel.Abstractions; using Microsoft.IdentityModel.Logging; +using Microsoft.IdentityModel.Tokens.Experimental; #nullable enable namespace Microsoft.IdentityModel.Tokens { - /// - /// Definition for delegate that will validate the audiences value in a token. - /// - /// The audiences found in the . - /// The that is being validated. - /// The to be used for validating the token. - /// - /// A that contains the results of validating the issuer. - /// This delegate is not expected to throw. - internal delegate ValidationResult AudienceValidationDelegate( - IList tokenAudiences, - SecurityToken? securityToken, - ValidationParameters validationParameters, - CallContext callContext); - /// /// Partial class for Audience Validation. /// @@ -37,7 +23,7 @@ public static partial class Validators /// The to be used for validating the token. /// The that contains call information. /// An EXACT match is required. - internal static ValidationResult ValidateAudience( + public static ValidationResult ValidateAudience( IList tokenAudiences, #pragma warning disable CA1801 SecurityToken? securityToken, @@ -167,7 +153,6 @@ private static bool AudienceMatchesIgnoringTrailingSlash(string tokenAudience, s return false; } - } } #nullable disable diff --git a/src/Microsoft.IdentityModel.Tokens/Validation/Validators.Issuer.cs b/src/Microsoft.IdentityModel.Tokens/Validation/Validators.Issuer.cs index 4772b31fc4..84ddf770e7 100644 --- a/src/Microsoft.IdentityModel.Tokens/Validation/Validators.Issuer.cs +++ b/src/Microsoft.IdentityModel.Tokens/Validation/Validators.Issuer.cs @@ -4,27 +4,11 @@ using System.Threading; using System.Threading.Tasks; using Microsoft.IdentityModel.Logging; +using Microsoft.IdentityModel.Tokens.Experimental; #nullable enable namespace Microsoft.IdentityModel.Tokens { - /// - /// Definition for delegate that will validate the issuer value in a token. - /// - /// The issuer to validate. - /// The that is being validated. - /// The to be used for validating the token. - /// - /// - /// An that contains the results of validating the issuer. - /// This delegate is not expected to throw. - internal delegate Task> IssuerValidationDelegateAsync( - string issuer, - SecurityToken securityToken, - ValidationParameters validationParameters, - CallContext callContext, - CancellationToken cancellationToken); - /// /// Partial class for Issuer Validation. /// @@ -38,9 +22,9 @@ public static partial class Validators /// The to be used for validating the token. /// /// - /// An that contains either the issuer that was validated or an error. + /// An that contains either the issuer that was validated or an error. /// An EXACT match is required. - internal static async Task> ValidateIssuerAsync( + public static async Task> ValidateIssuerAsync( string? issuer, SecurityToken? securityToken, ValidationParameters validationParameters, @@ -60,12 +44,12 @@ internal static async Task> ValidateIssuerAsyn } if (validationParameters == null) - return ValidationError.NullParameter( + return IssuerValidationError.NullParameter( nameof(validationParameters), ValidationError.GetCurrentStackFrame()); if (securityToken == null) - return ValidationError.NullParameter( + return IssuerValidationError.NullParameter( nameof(securityToken), ValidationError.GetCurrentStackFrame()); diff --git a/src/Microsoft.IdentityModel.Tokens/Validation/Validators.IssuerSigningKey.cs b/src/Microsoft.IdentityModel.Tokens/Validation/Validators.IssuerSigningKey.cs index 6d980531df..f2db69c5c9 100644 --- a/src/Microsoft.IdentityModel.Tokens/Validation/Validators.IssuerSigningKey.cs +++ b/src/Microsoft.IdentityModel.Tokens/Validation/Validators.IssuerSigningKey.cs @@ -4,25 +4,11 @@ using System; using System.Security.Cryptography.X509Certificates; using Microsoft.IdentityModel.Logging; +using Microsoft.IdentityModel.Tokens.Experimental; #nullable enable namespace Microsoft.IdentityModel.Tokens { - /// - /// Definition for delegate that will validate the that signed a . - /// - /// The security key to validate. - /// The that is being validated. - /// The to be used for validating the token. - /// The to be used for logging. - /// A that contains the results of validating the issuer. - /// This delegate is not expected to throw. - internal delegate ValidationResult IssuerSigningKeyValidationDelegate( - SecurityKey signingKey, - SecurityToken securityToken, - ValidationParameters validationParameters, - CallContext callContext); - /// /// Partial class for Issuer Signing Key Validation. /// @@ -35,7 +21,7 @@ public static partial class Validators /// The being validated. /// The to be used for validating the token. /// The that contains call information. - internal static ValidationResult ValidateIssuerSigningKey( + public static ValidationResult ValidateIssuerSigningKey( SecurityKey securityKey, SecurityToken securityToken, ValidationParameters validationParameters, @@ -69,7 +55,7 @@ internal static ValidationResult ValidateIssuerSign /// The to be used for validating the token. /// The that contains call information. #pragma warning disable CA1801 // Review unused parameters - internal static ValidationResult ValidateIssuerSigningKeyLifeTime( + internal static ValidationResult ValidateIssuerSigningKeyLifeTime( SecurityKey securityKey, ValidationParameters validationParameters, CallContext callContext) diff --git a/src/Microsoft.IdentityModel.Tokens/Validation/Validators.Lifetime.cs b/src/Microsoft.IdentityModel.Tokens/Validation/Validators.Lifetime.cs index 7aa37577b3..2355d25ebb 100644 --- a/src/Microsoft.IdentityModel.Tokens/Validation/Validators.Lifetime.cs +++ b/src/Microsoft.IdentityModel.Tokens/Validation/Validators.Lifetime.cs @@ -3,27 +3,11 @@ using System; using Microsoft.IdentityModel.Logging; +using Microsoft.IdentityModel.Tokens.Experimental; #nullable enable namespace Microsoft.IdentityModel.Tokens { - /// - /// Definition for delegate that will validate the lifetime of a . - /// - /// The 'notBefore' time found in the . - /// The 'expiration' time found in the . - /// The that is being validated. - /// The to be used for validating the token. - /// The that contains call information. - /// A that contains the results of validating the issuer. - /// This delegate is not expected to throw. - internal delegate ValidationResult LifetimeValidationDelegate( - DateTime? notBefore, - DateTime? expires, - SecurityToken? securityToken, - ValidationParameters validationParameters, - CallContext callContext); - /// /// Partial class for Lifetime Validation. /// @@ -37,10 +21,10 @@ public static partial class Validators /// The being validated. /// The to be used for validating the token. /// The that contains call information. - /// A indicating whether validation was successful, and providing a if it was not. + /// A indicating whether validation was successful, and providing a if it was not. /// All time comparisons apply . #pragma warning disable CA1801 - internal static ValidationResult ValidateLifetime( + public static ValidationResult ValidateLifetime( DateTime? notBefore, DateTime? expires, SecurityToken? securityToken, @@ -49,7 +33,7 @@ internal static ValidationResult ValidateLifetime( #pragma warning restore CA1801 { if (validationParameters == null) - return ValidationError.NullParameter( + return LifetimeValidationError.NullParameter( nameof(validationParameters), ValidationError.GetCurrentStackFrame()); diff --git a/src/Microsoft.IdentityModel.Tokens/Validation/Validators.TokenReplay.cs b/src/Microsoft.IdentityModel.Tokens/Validation/Validators.TokenReplay.cs index f25292e5cb..6557c15aa9 100644 --- a/src/Microsoft.IdentityModel.Tokens/Validation/Validators.TokenReplay.cs +++ b/src/Microsoft.IdentityModel.Tokens/Validation/Validators.TokenReplay.cs @@ -2,25 +2,11 @@ // Licensed under the MIT License. using System; +using Microsoft.IdentityModel.Tokens.Experimental; #nullable enable namespace Microsoft.IdentityModel.Tokens { - /// - /// Definition for delegate that will validate that a has not been replayed. - /// - /// When does the expire.. - /// The security token that is being validated. - /// The to be used for validating the token. - /// The that contains call information. - /// A that contains the results of validating the token. - /// This delegate is not expected to throw. - internal delegate ValidationResult TokenReplayValidationDelegate( - DateTime? expirationTime, - string securityToken, - ValidationParameters validationParameters, - CallContext callContext); - /// /// Partial class for Token Replay validation. /// @@ -34,7 +20,7 @@ public static partial class Validators /// The to be used for validating the token. /// The that contains call information. #pragma warning disable CA1801 // Review unused parameters - internal static ValidationResult ValidateTokenReplay( + public static ValidationResult ValidateTokenReplay( DateTime? expirationTime, string securityToken, ValidationParameters validationParameters, diff --git a/src/Microsoft.IdentityModel.Tokens/Validation/Validators.TokenType.cs b/src/Microsoft.IdentityModel.Tokens/Validation/Validators.TokenType.cs index 2ccce42550..462895f633 100644 --- a/src/Microsoft.IdentityModel.Tokens/Validation/Validators.TokenType.cs +++ b/src/Microsoft.IdentityModel.Tokens/Validation/Validators.TokenType.cs @@ -4,25 +4,11 @@ using System; using System.Linq; using Microsoft.IdentityModel.Logging; +using Microsoft.IdentityModel.Tokens.Experimental; #nullable enable namespace Microsoft.IdentityModel.Tokens { - /// - /// Definition for delegate that will validate the token type of a token. - /// - /// The token type or null if it couldn't be resolved (e.g from the 'typ' header for a JWT). - /// The that is being validated. - /// required for validation. - /// The that contains call information. - /// A that contains the results of validating the token type. - /// An EXACT match is required. (case sensitive) is used for comparing against . - internal delegate ValidationResult TokenTypeValidationDelegate( - string? type, - SecurityToken? securityToken, - ValidationParameters validationParameters, - CallContext callContext); - /// /// Partial class for Token Type Validation. /// @@ -35,13 +21,13 @@ public static partial class Validators /// The that is being validated. /// required for validation. /// The that contains call information. - /// A that contains the results of validating the token type. + /// A that contains the results of validating the token type. /// An EXACT match is required. (case sensitive) is used for comparing against . -#pragma warning disable CA1801 - internal static ValidationResult ValidateTokenType( + public static ValidationResult ValidateTokenType( string? type, SecurityToken? securityToken, ValidationParameters validationParameters, +#pragma warning disable CA1801 CallContext callContext) #pragma warning restore CA1801 { diff --git a/src/Microsoft.IdentityModel.Validators/AadIssuerValidator/AadIssuerValidator.Internal.cs b/src/Microsoft.IdentityModel.Validators/AadIssuerValidator/AadIssuerValidator.Internal.cs index c1a68e0626..5d7a5089eb 100644 --- a/src/Microsoft.IdentityModel.Validators/AadIssuerValidator/AadIssuerValidator.Internal.cs +++ b/src/Microsoft.IdentityModel.Validators/AadIssuerValidator/AadIssuerValidator.Internal.cs @@ -7,6 +7,7 @@ using System.Threading; using Microsoft.IdentityModel.Logging; using System.Diagnostics; +using Microsoft.IdentityModel.Tokens.Experimental; namespace Microsoft.IdentityModel.Validators { @@ -24,9 +25,9 @@ public partial class AadIssuerValidator /// The to be used for validating the token. /// The call context used for logging. /// CancellationToken used to cancel call. - /// An that contains either the issuer that was validated or an error. + /// An that contains either the issuer that was validated or an error. /// An EXACT match is required. - internal async Task> ValidateIssuerAsync( + internal async Task> ValidateIssuerAsync( string issuer, SecurityToken securityToken, ValidationParameters validationParameters, diff --git a/src/Microsoft.IdentityModel.Validators/AadValidationParametersExtension.Internal.cs b/src/Microsoft.IdentityModel.Validators/AadValidationParametersExtension.Internal.cs index 2fcb73b357..f198e432b1 100644 --- a/src/Microsoft.IdentityModel.Validators/AadValidationParametersExtension.Internal.cs +++ b/src/Microsoft.IdentityModel.Validators/AadValidationParametersExtension.Internal.cs @@ -6,6 +6,7 @@ using Microsoft.IdentityModel.Logging; using Microsoft.IdentityModel.Protocols.OpenIdConnect; using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; namespace Microsoft.IdentityModel.Validators { @@ -118,7 +119,7 @@ internal static void ValidateSigningKeyCloudInstance(SecurityKey securityKey, Ba /// The that signed the . /// The that are used to validate the token. /// true if the issuer signing key certificate is valid; otherwise, false. - internal static ValidationResult ValidateIssuerSigningKeyCertificate(SecurityKey securityKey, ValidationParameters validationParameters) + internal static ValidationResult ValidateIssuerSigningKeyCertificate(SecurityKey securityKey, ValidationParameters validationParameters) { if (securityKey == null) { diff --git a/src/Microsoft.IdentityModel.Validators/InternalAPI.Unshipped.txt b/src/Microsoft.IdentityModel.Validators/InternalAPI.Unshipped.txt index e69de29bb2..73e2fa0159 100644 --- a/src/Microsoft.IdentityModel.Validators/InternalAPI.Unshipped.txt +++ b/src/Microsoft.IdentityModel.Validators/InternalAPI.Unshipped.txt @@ -0,0 +1,4 @@ +Microsoft.IdentityModel.Validators.AadIssuerValidator.ValidateIssuerAsync(string issuer, Microsoft.IdentityModel.Tokens.SecurityToken securityToken, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.CallContext callContext, System.Threading.CancellationToken cancellationToken) -> System.Threading.Tasks.Task> +static Microsoft.IdentityModel.Validators.AadValidationParametersExtension.EnableAadSigningKeyIssuerValidation(this Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters validationParameters) -> void +static Microsoft.IdentityModel.Validators.AadValidationParametersExtension.EnableEntraIdSigningKeyCloudInstanceValidation(this Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters validationParameters) -> void +static Microsoft.IdentityModel.Validators.AadValidationParametersExtension.ValidateIssuerSigningKeyCertificate(Microsoft.IdentityModel.Tokens.SecurityKey securityKey, Microsoft.IdentityModel.Tokens.Experimental.ValidationParameters validationParameters) -> Microsoft.IdentityModel.Tokens.Experimental.ValidationResult \ No newline at end of file diff --git a/src/Microsoft.IdentityModel.Xml/Exceptions/XmlValidationException.cs b/src/Microsoft.IdentityModel.Xml/Exceptions/XmlValidationException.cs index 702ff103bc..efcdeffd47 100644 --- a/src/Microsoft.IdentityModel.Xml/Exceptions/XmlValidationException.cs +++ b/src/Microsoft.IdentityModel.Xml/Exceptions/XmlValidationException.cs @@ -7,7 +7,7 @@ #pragma warning disable IDE0005 // Using directive is unnecessary. using System.Text; #pragma warning restore IDE0005 // Using directive is unnecessary. -using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; namespace Microsoft.IdentityModel.Xml { diff --git a/src/Microsoft.IdentityModel.Xml/InternalAPI.Unshipped.txt b/src/Microsoft.IdentityModel.Xml/InternalAPI.Unshipped.txt index e69de29bb2..c63be39553 100644 --- a/src/Microsoft.IdentityModel.Xml/InternalAPI.Unshipped.txt +++ b/src/Microsoft.IdentityModel.Xml/InternalAPI.Unshipped.txt @@ -0,0 +1,4 @@ +Microsoft.IdentityModel.Xml.Reference.Verify(Microsoft.IdentityModel.Tokens.CryptoProviderFactory cryptoProviderFactory, Microsoft.IdentityModel.Tokens.CallContext callContext) -> Microsoft.IdentityModel.Tokens.Experimental.SignatureValidationError +Microsoft.IdentityModel.Xml.Signature.Verify(Microsoft.IdentityModel.Tokens.SecurityKey key, Microsoft.IdentityModel.Tokens.CryptoProviderFactory cryptoProviderFactory, Microsoft.IdentityModel.Tokens.CallContext callContext) -> Microsoft.IdentityModel.Tokens.Experimental.SignatureValidationError +Microsoft.IdentityModel.Xml.SignedInfo.Verify(Microsoft.IdentityModel.Tokens.CryptoProviderFactory cryptoProviderFactory, Microsoft.IdentityModel.Tokens.CallContext callContext) -> Microsoft.IdentityModel.Tokens.Experimental.SignatureValidationError +Microsoft.IdentityModel.Xml.XmlValidationException.SetValidationError(Microsoft.IdentityModel.Tokens.Experimental.ValidationError validationError) -> void \ No newline at end of file diff --git a/src/Microsoft.IdentityModel.Xml/Reference.cs b/src/Microsoft.IdentityModel.Xml/Reference.cs index a2534ef1cf..44bc737bec 100644 --- a/src/Microsoft.IdentityModel.Xml/Reference.cs +++ b/src/Microsoft.IdentityModel.Xml/Reference.cs @@ -7,6 +7,7 @@ using System.Security.Cryptography; using System.Xml; using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; using static Microsoft.IdentityModel.Logging.LogHelper; using static Microsoft.IdentityModel.Xml.XmlUtil; diff --git a/src/Microsoft.IdentityModel.Xml/Signature.cs b/src/Microsoft.IdentityModel.Xml/Signature.cs index 8fad20a3db..f5ef70b93a 100644 --- a/src/Microsoft.IdentityModel.Xml/Signature.cs +++ b/src/Microsoft.IdentityModel.Xml/Signature.cs @@ -5,6 +5,7 @@ using System.IO; using Microsoft.IdentityModel.Logging; using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; using static Microsoft.IdentityModel.Logging.LogHelper; using static Microsoft.IdentityModel.Xml.XmlUtil; diff --git a/src/Microsoft.IdentityModel.Xml/SignedInfo.cs b/src/Microsoft.IdentityModel.Xml/SignedInfo.cs index 3ccf96df8e..e9c04c03e0 100644 --- a/src/Microsoft.IdentityModel.Xml/SignedInfo.cs +++ b/src/Microsoft.IdentityModel.Xml/SignedInfo.cs @@ -7,6 +7,7 @@ using System.Xml; using Microsoft.IdentityModel.Logging; using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; using static Microsoft.IdentityModel.Logging.LogHelper; namespace Microsoft.IdentityModel.Xml diff --git a/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.DecryptTokenTests.cs b/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.DecryptTokenTests.cs index 8e31716b3d..1729e9d64d 100644 --- a/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.DecryptTokenTests.cs +++ b/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.DecryptTokenTests.cs @@ -10,6 +10,7 @@ using Microsoft.IdentityModel.Logging; using Microsoft.IdentityModel.TestUtils; using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; using Xunit; using TokenLogMessages = Microsoft.IdentityModel.Tokens.LogMessages; using System.Threading.Tasks; @@ -36,7 +37,7 @@ public async Task DecryptTokenWithConfiguration(TokenDecryptingTheoryData theory } CompareContext context = TestUtilities.WriteHeader($"{this}.JsonWebTokenHandlerDecryptTokenTests", theoryData); - ValidationResult result = await jsonWebTokenHandler.DecryptTokenWithConfigurationAsync( + ValidationResult result = await jsonWebTokenHandler.DecryptTokenWithConfigurationAsync( theoryData.Token, theoryData.ValidationParameters, new CallContext(), @@ -83,7 +84,7 @@ public void DecryptToken(TokenDecryptingTheoryData theoryData) } CompareContext context = TestUtilities.WriteHeader($"{this}.JsonWebTokenHandlerDecryptTokenTests", theoryData); - ValidationResult result = jsonWebTokenHandler.DecryptToken( + ValidationResult result = jsonWebTokenHandler.DecryptToken( theoryData.Token, theoryData.ValidationParameters, theoryData.Configuration, @@ -117,7 +118,7 @@ public void DecryptToken(TokenDecryptingTheoryData theoryData) public void DecryptToken_ThrowsIfAccessingSecurityTokenOnFailedRead() { JsonWebTokenHandler jsonWebTokenHandler = new JsonWebTokenHandler(); - ValidationResult tokenDecryptionResult = jsonWebTokenHandler.DecryptToken( + ValidationResult tokenDecryptionResult = jsonWebTokenHandler.DecryptToken( null, null, null, @@ -378,7 +379,7 @@ private static CustomConfiguration CreateCustomConfigurationThatThrows(SecurityK public class TokenDecryptingTheoryData : TheoryDataBase { public JsonWebToken Token { get; set; } - internal ValidationResult Result { get; set; } + internal ValidationResult Result { get; set; } public BaseConfiguration Configuration { get; internal set; } public SecurityTokenDescriptor SecurityTokenDescriptor { get; internal set; } public string TokenString { get; internal set; } diff --git a/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.Extensibility.Signature.cs b/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.Extensibility.Signature.cs index 8c6c8a75d0..6e5f5f1471 100644 --- a/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.Extensibility.Signature.cs +++ b/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.Extensibility.Signature.cs @@ -12,7 +12,7 @@ public partial class JsonWebTokenHandlerValidateTokenAsyncTests { [Theory, MemberData( nameof(GenerateSignatureExtensibilityTestCases), - parameters: ["JWT", 3], + parameters: ["JWT", 2], DisableDiscoveryEnumeration = true)] public async Task ValidateTokenAsync_SignatureValidator_Extensibility( SignatureExtensibilityTheoryData theoryData) diff --git a/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ReadTokenTests.cs b/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ReadTokenTests.cs index 823a522cc4..2411a26a3d 100644 --- a/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ReadTokenTests.cs +++ b/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ReadTokenTests.cs @@ -6,6 +6,7 @@ using Microsoft.IdentityModel.Logging; using Microsoft.IdentityModel.TestUtils; using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; using Xunit; using TokenLogMessages = Microsoft.IdentityModel.Tokens.LogMessages; @@ -17,7 +18,7 @@ public class JsonWebTokenHandlerReadTokenTests public void ReadToken(TokenReadingTheoryData theoryData) { CompareContext context = TestUtilities.WriteHeader($"{this}.JsonWebTokenHandlerReadTokenTests", theoryData); - ValidationResult result = JsonWebTokenHandler.ReadToken( + ValidationResult result = JsonWebTokenHandler.ReadToken( theoryData.Token, new CallContext()); @@ -47,7 +48,7 @@ public void ReadToken(TokenReadingTheoryData theoryData) [Fact] public void ReadToken_ThrowsIfAccessingSecurityTokenOnFailedRead() { - ValidationResult result = JsonWebTokenHandler.ReadToken( + ValidationResult result = JsonWebTokenHandler.ReadToken( null, new CallContext()); @@ -117,6 +118,6 @@ public static TheoryData JsonWebTokenHandlerReadTokenTes public class TokenReadingTheoryData : TheoryDataBase { public string Token { get; set; } - internal ValidationResult Result { get; set; } + internal ValidationResult Result { get; set; } } } diff --git a/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateSignatureTests.cs b/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateSignatureTests.cs index 41ef472f65..168332d9e8 100644 --- a/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateSignatureTests.cs +++ b/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateSignatureTests.cs @@ -7,6 +7,7 @@ using Microsoft.IdentityModel.Protocols.OpenIdConnect; using Microsoft.IdentityModel.TestUtils; using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; using Xunit; using TokenLogMessages = Microsoft.IdentityModel.Tokens.LogMessages; @@ -38,7 +39,7 @@ public void ValidateSignature(JsonWebTokenHandlerValidateSignatureTheoryData the if (theoryData.ValidationParameters is not null && theoryData.KeyToAddToValidationParameters is not null) theoryData.ValidationParameters.IssuerSigningKeys.Add(theoryData.KeyToAddToValidationParameters); - ValidationResult result = JsonWebTokenHandler.ValidateSignature( + ValidationResult result = JsonWebTokenHandler.ValidateSignature( jsonWebToken, theoryData.ValidationParameters, theoryData.Configuration, @@ -111,13 +112,17 @@ public static TheoryData JsonWeb JWT = new JsonWebToken(EncodedJwts.LiveJwt), ValidationParameters = new ValidationParameters { - SignatureValidator = (token, parameters, configuration, callContext) => ValidationError.NullParameter("fakeParameter", null) + SignatureValidator = (token, parameters, configuration, callContext) => new SignatureValidationError( + new MessageDetail("IDX10000: NullArgument", null), + ValidationFailureType.NullArgument, + typeof(SecurityTokenArgumentNullException), + ValidationError.GetCurrentStackFrame()) }, ExpectedException = ExpectedException.SecurityTokenArgumentNullException("IDX10000:"), Result = new ValidationError( new MessageDetail( TokenLogMessages.IDX10000, - "fakeParameter"), + "NullArgument"), ValidationFailureType.NullArgument, typeof(SecurityTokenArgumentNullException), null) @@ -229,7 +234,7 @@ public class JsonWebTokenHandlerValidateSignatureTheoryData : TheoryDataBase public SigningCredentials SigningCredentials { get; internal set; } public SecurityKey KeyToAddToConfiguration { get; internal set; } public SecurityKey KeyToAddToValidationParameters { get; internal set; } - internal ValidationResult Result { get; set; } + internal ValidationResult Result { get; set; } internal ValidationParameters ValidationParameters { get; set; } } } diff --git a/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.Algorithm.cs b/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.Algorithm.cs index b6872c70e9..a3f7f8b83b 100644 --- a/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.Algorithm.cs +++ b/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.Algorithm.cs @@ -6,6 +6,7 @@ using System.Threading.Tasks; using Microsoft.IdentityModel.TestUtils; using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; using Xunit; namespace Microsoft.IdentityModel.JsonWebTokens.Tests diff --git a/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.Audience.cs b/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.Audience.cs index be14c04424..442d16bbb9 100644 --- a/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.Audience.cs +++ b/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.Audience.cs @@ -6,6 +6,7 @@ using System.Threading.Tasks; using Microsoft.IdentityModel.TestUtils; using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; using Xunit; namespace Microsoft.IdentityModel.JsonWebTokens.Tests diff --git a/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.Common.cs b/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.Common.cs index 5d33d39107..1f8c3422ce 100644 --- a/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.Common.cs +++ b/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.Common.cs @@ -6,6 +6,7 @@ using System.Threading; using Microsoft.IdentityModel.TestUtils; using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; namespace Microsoft.IdentityModel.JsonWebTokens.Tests { @@ -23,7 +24,7 @@ internal static async Task ValidateAndCompareResults( await jsonWebTokenHandler.ValidateTokenAsync(jwtString, theoryData.TokenValidationParameters); // Validate the token using ValidationParameters - ValidationResult validationParametersResult = + ValidationResult validationParametersResult = await jsonWebTokenHandler.ValidateTokenAsync( jwtString, theoryData.ValidationParameters!, theoryData.CallContext, CancellationToken.None); diff --git a/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.Decryption.cs b/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.Decryption.cs index 688694d4f9..201c83a953 100644 --- a/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.Decryption.cs +++ b/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.Decryption.cs @@ -10,6 +10,7 @@ using System.Threading.Tasks; using Microsoft.IdentityModel.TestUtils; using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; using Xunit; using Microsoft.IdentityModel.Protocols.OpenIdConnect; diff --git a/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.Issuer.cs b/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.Issuer.cs index a7fccd28dc..354bf71171 100644 --- a/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.Issuer.cs +++ b/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.Issuer.cs @@ -6,6 +6,7 @@ using Microsoft.IdentityModel.Protocols.OpenIdConnect; using Microsoft.IdentityModel.TestUtils; using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; using Xunit; namespace Microsoft.IdentityModel.JsonWebTokens.Tests diff --git a/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.IssuerSigningKey.cs b/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.IssuerSigningKey.cs index b9de8fa8a3..e80e94ae1b 100644 --- a/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.IssuerSigningKey.cs +++ b/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.IssuerSigningKey.cs @@ -6,6 +6,7 @@ using System.Threading.Tasks; using Microsoft.IdentityModel.TestUtils; using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; using Xunit; namespace Microsoft.IdentityModel.JsonWebTokens.Tests diff --git a/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.Lifetime.cs b/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.Lifetime.cs index 89268e8b71..7b8c9ce726 100644 --- a/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.Lifetime.cs +++ b/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.Lifetime.cs @@ -6,6 +6,7 @@ using System.Threading.Tasks; using Microsoft.IdentityModel.TestUtils; using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; using Xunit; namespace Microsoft.IdentityModel.JsonWebTokens.Tests diff --git a/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.Signature.cs b/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.Signature.cs index 9c031275b6..be1fab77d1 100644 --- a/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.Signature.cs +++ b/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.Signature.cs @@ -5,6 +5,7 @@ using System.Threading.Tasks; using Microsoft.IdentityModel.TestUtils; using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; using Xunit; namespace Microsoft.IdentityModel.JsonWebTokens.Tests diff --git a/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.TokenReplay.cs b/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.TokenReplay.cs index 70332b4f55..97d9c0bc4f 100644 --- a/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.TokenReplay.cs +++ b/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.TokenReplay.cs @@ -5,6 +5,7 @@ using System.Threading.Tasks; using Microsoft.IdentityModel.TestUtils; using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; using Xunit; namespace Microsoft.IdentityModel.JsonWebTokens.Tests diff --git a/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.TokenType.cs b/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.TokenType.cs index cb543864f3..0deea4fd45 100644 --- a/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.TokenType.cs +++ b/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.TokenType.cs @@ -5,6 +5,7 @@ using System.Threading.Tasks; using Microsoft.IdentityModel.TestUtils; using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; using Xunit; namespace Microsoft.IdentityModel.JsonWebTokens.Tests diff --git a/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests_e2e.cs b/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests_e2e.cs index f9d542e4ce..f7e1fd92bc 100644 --- a/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests_e2e.cs +++ b/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests_e2e.cs @@ -6,6 +6,7 @@ using Microsoft.IdentityModel.Tokens; using Xunit; using Microsoft.IdentityModel.TestUtils; +using Microsoft.IdentityModel.Tokens.Experimental; namespace Microsoft.IdentityModel.JsonWebTokens.Tests { @@ -17,6 +18,8 @@ public class JsonWebTokenHandlerValidateTokenAsyncTestsE2e }; private JsonWebTokenHandler jsonWebTokenHandler = new JsonWebTokenHandler(); + private IResultBasedValidation resultBasedJsonWebTokenHandler => jsonWebTokenHandler; + [Fact] public async Task TestDefaultValidToken() { @@ -29,7 +32,7 @@ public async Task TestDefaultValidToken() }; CallContext callContext = new CallContext(); - ValidationResult validationResult = await jsonWebTokenHandler.ValidateTokenAsync(token, validationParameters, callContext, default); + ValidationResult validationResult = await resultBasedJsonWebTokenHandler.ValidateTokenAsync(token, validationParameters, callContext, default); Assert.True(validationResult.IsValid); Assert.NotNull(validationResult.Result); @@ -47,7 +50,7 @@ public async Task TestDefaultValidTokenValidAudiencesNotSpecified() }; CallContext callContext = new CallContext(); - ValidationResult validationResult = await jsonWebTokenHandler.ValidateTokenAsync(token, validationParameters, callContext, default); + ValidationResult validationResult = await resultBasedJsonWebTokenHandler.ValidateTokenAsync(token, validationParameters, callContext, default); Assert.False(validationResult.IsValid); Assert.Null(validationResult.Result); @@ -68,7 +71,7 @@ public async Task TestDefaultValidTokenValidIssuersNotSpecified() }; CallContext callContext = new CallContext(); - ValidationResult validationResult = await jsonWebTokenHandler.ValidateTokenAsync(token, validationParameters, callContext, default); + ValidationResult validationResult = await resultBasedJsonWebTokenHandler.ValidateTokenAsync(token, validationParameters, callContext, default); Assert.False(validationResult.IsValid); Assert.Null(validationResult.Result); @@ -89,7 +92,7 @@ public async Task TestDefaultValidTokenIssuerSigningKeyNotSpecified() }; CallContext callContext = new CallContext(); - ValidationResult validationResult = await jsonWebTokenHandler.ValidateTokenAsync(token, validationParameters, callContext, default); + ValidationResult validationResult = await resultBasedJsonWebTokenHandler.ValidateTokenAsync(token, validationParameters, callContext, default); Assert.False(validationResult.IsValid); Assert.Null(validationResult.Result); @@ -113,7 +116,7 @@ public async Task TestTokenWithInvalidSignature() }; CallContext callContext = new CallContext(); - ValidationResult validationResult = await jsonWebTokenHandler.ValidateTokenAsync(token, validationParameters, callContext, default); + ValidationResult validationResult = await resultBasedJsonWebTokenHandler.ValidateTokenAsync(token, validationParameters, callContext, default); Assert.False(validationResult.IsValid); Assert.Null(validationResult.Result); @@ -135,7 +138,7 @@ public async Task TestTokenWithNoSignature() }; CallContext callContext = new CallContext(); - ValidationResult validationResult = await jsonWebTokenHandler.ValidateTokenAsync(token, validationParameters, callContext, default); + ValidationResult validationResult = await resultBasedJsonWebTokenHandler.ValidateTokenAsync(token, validationParameters, callContext, default); Assert.False(validationResult.IsValid); Assert.Null(validationResult.Result); @@ -157,7 +160,7 @@ public async Task TestExpiredToken() }; CallContext callContext = new CallContext(); - ValidationResult validationResult = await jsonWebTokenHandler.ValidateTokenAsync(token, validationParameters, callContext, default); + ValidationResult validationResult = await resultBasedJsonWebTokenHandler.ValidateTokenAsync(token, validationParameters, callContext, default); Assert.False(validationResult.IsValid); Assert.Null(validationResult.Result); @@ -179,7 +182,7 @@ public async Task TestNotYetValidToken() }; CallContext callContext = new CallContext(); - ValidationResult validationResult = await jsonWebTokenHandler.ValidateTokenAsync(token, validationParameters, callContext, default); + ValidationResult validationResult = await resultBasedJsonWebTokenHandler.ValidateTokenAsync(token, validationParameters, callContext, default); Assert.False(validationResult.IsValid); Assert.Null(validationResult.Result); @@ -201,7 +204,7 @@ public async Task TestTokenWithFutureIssuedAt() }; CallContext callContext = new CallContext(); - ValidationResult validationResult = await jsonWebTokenHandler.ValidateTokenAsync(token, validationParameters, callContext, default); + ValidationResult validationResult = await resultBasedJsonWebTokenHandler.ValidateTokenAsync(token, validationParameters, callContext, default); Assert.True(validationResult.IsValid); Assert.NotNull(validationResult.Result); @@ -222,7 +225,7 @@ public async Task TestTokenWithBadAudience() }; CallContext callContext = new CallContext(); - ValidationResult validationResult = await jsonWebTokenHandler.ValidateTokenAsync(token, validationParameters, callContext, default); + ValidationResult validationResult = await resultBasedJsonWebTokenHandler.ValidateTokenAsync(token, validationParameters, callContext, default); Assert.False(validationResult.IsValid); Assert.Null(validationResult.Result); @@ -244,7 +247,7 @@ public async Task TestTokenWithBadIssuer() }; CallContext callContext = new CallContext(); - ValidationResult validationResult = await jsonWebTokenHandler.ValidateTokenAsync(token, validationParameters, callContext, default); + ValidationResult validationResult = await resultBasedJsonWebTokenHandler.ValidateTokenAsync(token, validationParameters, callContext, default); Assert.False(validationResult.IsValid); Assert.Null(validationResult.Result); @@ -266,7 +269,7 @@ public async Task TestTokenWithBadSignatureKey_TryAllIssuerSigningKeysFalse() }; CallContext callContext = new CallContext(); - ValidationResult validationResult = await jsonWebTokenHandler.ValidateTokenAsync(token, validationParameters, callContext, default); + ValidationResult validationResult = await resultBasedJsonWebTokenHandler.ValidateTokenAsync(token, validationParameters, callContext, default); Assert.False(validationResult.IsValid); Assert.Null(validationResult.Result); @@ -289,7 +292,7 @@ public async Task TestTokenWithBadSignatureKey_TryAllIssuerSigningKeysTrue() validationParameters.TryAllIssuerSigningKeys = true; CallContext callContext = new CallContext(); - ValidationResult validationResult = await jsonWebTokenHandler.ValidateTokenAsync(token, validationParameters, callContext, default); + ValidationResult validationResult = await resultBasedJsonWebTokenHandler.ValidateTokenAsync(token, validationParameters, callContext, default); Assert.False(validationResult.IsValid); Assert.Null(validationResult.Result); @@ -311,7 +314,7 @@ public async Task TestTokenWithMissingIssuer() }; CallContext callContext = new CallContext(); - ValidationResult validationResult = await jsonWebTokenHandler.ValidateTokenAsync(token, validationParameters, callContext, default); + ValidationResult validationResult = await resultBasedJsonWebTokenHandler.ValidateTokenAsync(token, validationParameters, callContext, default); Assert.False(validationResult.IsValid); Assert.Null(validationResult.Result); @@ -335,7 +338,7 @@ public async Task TestTokenWithMissingAudience() }; CallContext callContext = new CallContext(); - ValidationResult validationResult = await jsonWebTokenHandler.ValidateTokenAsync(token, validationParameters, callContext, default); + ValidationResult validationResult = await resultBasedJsonWebTokenHandler.ValidateTokenAsync(token, validationParameters, callContext, default); Assert.False(validationResult.IsValid); Assert.Null(validationResult.Result); @@ -358,7 +361,7 @@ public async Task TestTokenWithMissingIssuedAt() }; CallContext callContext = new CallContext(); - ValidationResult validationResult = await jsonWebTokenHandler.ValidateTokenAsync(token, validationParameters, callContext, default); + ValidationResult validationResult = await resultBasedJsonWebTokenHandler.ValidateTokenAsync(token, validationParameters, callContext, default); Assert.True(validationResult.IsValid); Assert.NotNull(validationResult.Result); @@ -378,7 +381,7 @@ public async Task TestTokenWithMissingNotBefore() }; CallContext callContext = new CallContext(); - ValidationResult validationResult = await jsonWebTokenHandler.ValidateTokenAsync(token, validationParameters, callContext, default); + ValidationResult validationResult = await resultBasedJsonWebTokenHandler.ValidateTokenAsync(token, validationParameters, callContext, default); Assert.True(validationResult.IsValid); Assert.NotNull(validationResult.Result); @@ -398,7 +401,7 @@ public async Task TestTokenWithMissingExpires() }; CallContext callContext = new CallContext(); - ValidationResult validationResult = await jsonWebTokenHandler.ValidateTokenAsync(token, validationParameters, callContext, default); + ValidationResult validationResult = await resultBasedJsonWebTokenHandler.ValidateTokenAsync(token, validationParameters, callContext, default); Assert.False(validationResult.IsValid); Assert.Null(validationResult.Result); @@ -420,7 +423,7 @@ public async Task TestTokenWithMissingKey() }; CallContext callContext = new CallContext(); - ValidationResult validationResult = await jsonWebTokenHandler.ValidateTokenAsync(token, validationParameters, callContext, default); + ValidationResult validationResult = await resultBasedJsonWebTokenHandler.ValidateTokenAsync(token, validationParameters, callContext, default); Assert.False(validationResult.IsValid); Assert.Null(validationResult.Result); diff --git a/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandlerTests.cs b/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandlerTests.cs index 4cc8aa1c46..f9aa459cb2 100644 --- a/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandlerTests.cs +++ b/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandlerTests.cs @@ -18,6 +18,7 @@ using Microsoft.IdentityModel.Protocols.OpenIdConnect; using Microsoft.IdentityModel.TestUtils; using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; using Microsoft.IdentityModel.Tokens.Json; using Microsoft.IdentityModel.Validators; using Newtonsoft.Json; diff --git a/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JwtTokenUtilitiesTests.cs b/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JwtTokenUtilitiesTests.cs index 22850a97d5..b1fbd805cd 100644 --- a/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JwtTokenUtilitiesTests.cs +++ b/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JwtTokenUtilitiesTests.cs @@ -13,6 +13,7 @@ using Microsoft.IdentityModel.Protocols.OpenIdConnect; using Microsoft.IdentityModel.TestUtils; using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; using Moq; using Xunit; diff --git a/test/Microsoft.IdentityModel.TestUtils/ExpectedException.cs b/test/Microsoft.IdentityModel.TestUtils/ExpectedException.cs index 6f8f717392..99823b8350 100644 --- a/test/Microsoft.IdentityModel.TestUtils/ExpectedException.cs +++ b/test/Microsoft.IdentityModel.TestUtils/ExpectedException.cs @@ -9,6 +9,7 @@ using System.Text.Json; using System.Xml; using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; using Microsoft.IdentityModel.Tokens.Saml; using Microsoft.IdentityModel.Tokens.Saml2; diff --git a/test/Microsoft.IdentityModel.TestUtils/IdentityComparer.cs b/test/Microsoft.IdentityModel.TestUtils/IdentityComparer.cs index dc7f78345b..605b0a4437 100644 --- a/test/Microsoft.IdentityModel.TestUtils/IdentityComparer.cs +++ b/test/Microsoft.IdentityModel.TestUtils/IdentityComparer.cs @@ -25,6 +25,7 @@ using Microsoft.IdentityModel.Protocols.OpenIdConnect; using Microsoft.IdentityModel.Protocols.WsFederation; using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; using Microsoft.IdentityModel.Tokens.Saml; using Microsoft.IdentityModel.Tokens.Saml2; using Microsoft.IdentityModel.Xml; diff --git a/test/Microsoft.IdentityModel.TestUtils/SamlClaimsIdentityComparisonTestBase.cs b/test/Microsoft.IdentityModel.TestUtils/SamlClaimsIdentityComparisonTestBase.cs index ebbfb2587a..28d5a01e16 100644 --- a/test/Microsoft.IdentityModel.TestUtils/SamlClaimsIdentityComparisonTestBase.cs +++ b/test/Microsoft.IdentityModel.TestUtils/SamlClaimsIdentityComparisonTestBase.cs @@ -3,6 +3,7 @@ using Microsoft.IdentityModel.TestUtils.TokenValidationExtensibility.Tests; using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; using System; using System.Collections.Generic; using System.Threading; @@ -42,7 +43,7 @@ public static async Task ValidateTokenAsync_ClaimsIdentity_Comparison( NotBefore = utcNow.AddHours(-1), }); - ValidationResult validationResult = await tokenHandler.ValidateTokenAsync( + ValidationResult validationResult = await tokenHandler.ValidateTokenAsync( token, validationParameters, new CallContext(), diff --git a/test/Microsoft.IdentityModel.TestUtils/SkipValidationDelegates.cs b/test/Microsoft.IdentityModel.TestUtils/SkipValidationDelegates.cs index 3e94c810c1..9da8063359 100644 --- a/test/Microsoft.IdentityModel.TestUtils/SkipValidationDelegates.cs +++ b/test/Microsoft.IdentityModel.TestUtils/SkipValidationDelegates.cs @@ -6,6 +6,7 @@ using System.Threading; using System.Threading.Tasks; using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; #nullable enable namespace Microsoft.IdentityModel.TestUtils @@ -39,7 +40,7 @@ public static class SkipValidationDelegates CallContext callContext, CancellationToken cancellationToken) { - return Task.FromResult(new ValidationResult( + return Task.FromResult(new ValidationResult( new ValidatedIssuer(issuer, IssuerValidationSource.NotValidated))); }; diff --git a/test/Microsoft.IdentityModel.TestUtils/TestUtilities.cs b/test/Microsoft.IdentityModel.TestUtils/TestUtilities.cs index 25450bda69..c378772b1c 100644 --- a/test/Microsoft.IdentityModel.TestUtils/TestUtilities.cs +++ b/test/Microsoft.IdentityModel.TestUtils/TestUtilities.cs @@ -8,6 +8,7 @@ using System.Security.Claims; using System.Text; using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; using Xunit; namespace Microsoft.IdentityModel.TestUtils diff --git a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/CustomAlgorithmValidationDelegates.cs b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/CustomAlgorithmValidationDelegates.cs index 42fa04d6de..c25adc2fd9 100644 --- a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/CustomAlgorithmValidationDelegates.cs +++ b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/CustomAlgorithmValidationDelegates.cs @@ -3,13 +3,14 @@ using System; using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; #nullable enable namespace Microsoft.IdentityModel.TestUtils { internal class CustomAlgorithmValidationDelegates { - internal static ValidationResult CustomAlgorithmValidatorDelegate( + internal static ValidationResult CustomAlgorithmValidatorDelegate( string algorithm, SecurityKey securityKey, SecurityToken securityToken, @@ -25,7 +26,7 @@ internal static ValidationResult CustomAlgorithmValidatorDelegate( algorithm); } - internal static ValidationResult CustomAlgorithmValidatorCustomExceptionDelegate( + internal static ValidationResult CustomAlgorithmValidatorCustomExceptionDelegate( string algorithm, SecurityKey securityKey, SecurityToken securityToken, @@ -40,7 +41,7 @@ internal static ValidationResult CustomAlgorithmValidatorCustomException algorithm); } - internal static ValidationResult CustomAlgorithmValidatorCustomExceptionCustomFailureTypeDelegate( + internal static ValidationResult CustomAlgorithmValidatorCustomExceptionCustomFailureTypeDelegate( string algorithm, SecurityKey securityKey, SecurityToken securityToken, @@ -55,7 +56,7 @@ internal static ValidationResult CustomAlgorithmValidatorCustomException algorithm); } - internal static ValidationResult CustomAlgorithmValidatorUnknownExceptionDelegate( + internal static ValidationResult CustomAlgorithmValidatorUnknownExceptionDelegate( string algorithm, SecurityKey securityKey, SecurityToken securityToken, @@ -70,7 +71,7 @@ internal static ValidationResult CustomAlgorithmValidatorUnknownExceptio algorithm); } - internal static ValidationResult CustomAlgorithmValidatorWithoutGetExceptionOverrideDelegate( + internal static ValidationResult CustomAlgorithmValidatorWithoutGetExceptionOverrideDelegate( string algorithm, SecurityKey securityKey, SecurityToken securityToken, @@ -85,7 +86,7 @@ internal static ValidationResult CustomAlgorithmValidatorWithoutGetExcep algorithm); } - internal static ValidationResult AlgorithmValidatorDelegate( + internal static ValidationResult AlgorithmValidatorDelegate( string algorithm, SecurityKey securityKey, SecurityToken securityToken, @@ -100,7 +101,7 @@ internal static ValidationResult AlgorithmValidatorDelegate( algorithm); } - internal static ValidationResult AlgorithmValidatorThrows( + internal static ValidationResult AlgorithmValidatorThrows( string algorithm, SecurityKey securityKey, SecurityToken securityToken, @@ -110,7 +111,7 @@ internal static ValidationResult AlgorithmValidatorThrows( throw new CustomSecurityTokenInvalidAlgorithmException(nameof(AlgorithmValidatorThrows), null); } - internal static ValidationResult AlgorithmValidatorCustomAlgorithmExceptionTypeDelegate( + internal static ValidationResult AlgorithmValidatorCustomAlgorithmExceptionTypeDelegate( string algorithm, SecurityKey securityKey, SecurityToken securityToken, @@ -125,7 +126,7 @@ internal static ValidationResult AlgorithmValidatorCustomAlgorithmExcept algorithm); } - internal static ValidationResult AlgorithmValidatorCustomExceptionTypeDelegate( + internal static ValidationResult AlgorithmValidatorCustomExceptionTypeDelegate( string algorithm, SecurityKey securityKey, SecurityToken securityToken, diff --git a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/CustomAudienceValidationDelegates.cs b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/CustomAudienceValidationDelegates.cs index 8b5010a8be..92ddb929ce 100644 --- a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/CustomAudienceValidationDelegates.cs +++ b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/CustomAudienceValidationDelegates.cs @@ -4,13 +4,14 @@ using System; using System.Collections.Generic; using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; #nullable enable namespace Microsoft.IdentityModel.TestUtils { internal class CustomAudienceValidationDelegates { - internal static ValidationResult CustomAudienceValidatorDelegate( + internal static ValidationResult CustomAudienceValidatorDelegate( IList tokenAudiences, SecurityToken? securityToken, ValidationParameters validationParameters, @@ -26,7 +27,7 @@ internal static ValidationResult CustomAudienceValidatorDelegate( null); } - internal static ValidationResult CustomAudienceValidatorCustomExceptionDelegate( + internal static ValidationResult CustomAudienceValidatorCustomExceptionDelegate( IList tokenAudiences, SecurityToken? securityToken, ValidationParameters validationParameters, @@ -41,7 +42,7 @@ internal static ValidationResult CustomAudienceValidatorCustomExceptionD null); } - internal static ValidationResult CustomAudienceValidatorCustomExceptionCustomFailureTypeDelegate( + internal static ValidationResult CustomAudienceValidatorCustomExceptionCustomFailureTypeDelegate( IList tokenAudiences, SecurityToken? securityToken, ValidationParameters validationParameters, @@ -56,7 +57,7 @@ internal static ValidationResult CustomAudienceValidatorCustomExceptionC null); } - internal static ValidationResult CustomAudienceValidatorUnknownExceptionDelegate( + internal static ValidationResult CustomAudienceValidatorUnknownExceptionDelegate( IList tokenAudiences, SecurityToken? securityToken, ValidationParameters validationParameters, @@ -71,7 +72,7 @@ internal static ValidationResult CustomAudienceValidatorUnknownException null); } - internal static ValidationResult CustomAudienceValidatorWithoutGetExceptionOverrideDelegate( + internal static ValidationResult CustomAudienceValidatorWithoutGetExceptionOverrideDelegate( IList tokenAudiences, SecurityToken? securityToken, ValidationParameters validationParameters, @@ -85,7 +86,7 @@ internal static ValidationResult CustomAudienceValidatorWithoutGetExcept null); } - internal static ValidationResult AudienceValidatorDelegate( + internal static ValidationResult AudienceValidatorDelegate( IList tokenAudiences, SecurityToken? securityToken, ValidationParameters validationParameters, @@ -100,7 +101,7 @@ internal static ValidationResult AudienceValidatorDelegate( null); } - internal static ValidationResult AudienceValidatorThrows( + internal static ValidationResult AudienceValidatorThrows( IList tokenAudiences, SecurityToken? securityToken, ValidationParameters validationParameters, @@ -109,7 +110,7 @@ internal static ValidationResult AudienceValidatorThrows( throw new CustomSecurityTokenInvalidAudienceException(nameof(AudienceValidatorThrows), null); } - internal static ValidationResult AudienceValidatorCustomAudienceExceptionTypeDelegate( + internal static ValidationResult AudienceValidatorCustomAudienceExceptionTypeDelegate( IList tokenAudiences, SecurityToken? securityToken, ValidationParameters validationParameters, @@ -124,7 +125,7 @@ internal static ValidationResult AudienceValidatorCustomAudienceExceptio null); } - internal static ValidationResult AudienceValidatorCustomExceptionTypeDelegate( + internal static ValidationResult AudienceValidatorCustomExceptionTypeDelegate( IList tokenAudiences, SecurityToken? securityToken, ValidationParameters validationParameters, diff --git a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/CustomIssuerSigningKeyValidationDelegates.cs b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/CustomIssuerSigningKeyValidationDelegates.cs index 1e596e687f..a6d6e474e0 100644 --- a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/CustomIssuerSigningKeyValidationDelegates.cs +++ b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/CustomIssuerSigningKeyValidationDelegates.cs @@ -3,13 +3,14 @@ using System; using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; #nullable enable namespace Microsoft.IdentityModel.TestUtils { internal class CustomIssuerSigningKeyValidationDelegates { - internal static ValidationResult CustomIssuerSigningKeyValidatorDelegate( + internal static ValidationResult CustomIssuerSigningKeyValidatorDelegate( SecurityKey signingKey, SecurityToken securityToken, ValidationParameters validationParameters, @@ -25,7 +26,7 @@ internal static ValidationResult CustomIssuerSignin null); } - internal static ValidationResult CustomIssuerSigningKeyValidatorCustomExceptionDelegate( + internal static ValidationResult CustomIssuerSigningKeyValidatorCustomExceptionDelegate( SecurityKey signingKey, SecurityToken securityToken, ValidationParameters validationParameters, @@ -40,7 +41,7 @@ internal static ValidationResult CustomIssuerSignin null); } - internal static ValidationResult CustomIssuerSigningKeyValidatorCustomExceptionCustomFailureTypeDelegate( + internal static ValidationResult CustomIssuerSigningKeyValidatorCustomExceptionCustomFailureTypeDelegate( SecurityKey signingKey, SecurityToken securityToken, ValidationParameters validationParameters, @@ -54,7 +55,7 @@ internal static ValidationResult CustomIssuerSignin signingKey); } - internal static ValidationResult CustomIssuerSigningKeyValidatorUnknownExceptionDelegate( + internal static ValidationResult CustomIssuerSigningKeyValidatorUnknownExceptionDelegate( SecurityKey signingKey, SecurityToken securityToken, ValidationParameters validationParameters, @@ -69,7 +70,7 @@ internal static ValidationResult CustomIssuerSignin null); } - internal static ValidationResult CustomIssuerSigningKeyValidatorWithoutGetExceptionOverrideDelegate( + internal static ValidationResult CustomIssuerSigningKeyValidatorWithoutGetExceptionOverrideDelegate( SecurityKey signingKey, SecurityToken securityToken, ValidationParameters validationParameters, @@ -83,7 +84,7 @@ internal static ValidationResult CustomIssuerSignin null); } - internal static ValidationResult IssuerSigningKeyValidatorDelegate( + internal static ValidationResult IssuerSigningKeyValidatorDelegate( SecurityKey signingKey, SecurityToken securityToken, ValidationParameters validationParameters, @@ -98,7 +99,7 @@ internal static ValidationResult IssuerSigningKeyVa null); } - internal static ValidationResult IssuerSigningKeyValidatorThrows( + internal static ValidationResult IssuerSigningKeyValidatorThrows( SecurityKey signingKey, SecurityToken securityToken, ValidationParameters validationParameters, @@ -107,7 +108,7 @@ internal static ValidationResult IssuerSigningKeyVa throw new CustomSecurityTokenInvalidSigningKeyException(nameof(IssuerSigningKeyValidatorThrows), null); } - internal static ValidationResult IssuerSigningKeyValidatorCustomIssuerSigningKeyExceptionTypeDelegate( + internal static ValidationResult IssuerSigningKeyValidatorCustomIssuerSigningKeyExceptionTypeDelegate( SecurityKey signingKey, SecurityToken securityToken, ValidationParameters validationParameters, @@ -122,7 +123,7 @@ internal static ValidationResult IssuerSigningKeyVa null); } - internal static ValidationResult IssuerSigningKeyValidatorCustomExceptionTypeDelegate( + internal static ValidationResult IssuerSigningKeyValidatorCustomExceptionTypeDelegate( SecurityKey signingKey, SecurityToken securityToken, ValidationParameters validationParameters, diff --git a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/CustomIssuerValidationDelegates.cs b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/CustomIssuerValidationDelegates.cs index f5f1e73537..0965235640 100644 --- a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/CustomIssuerValidationDelegates.cs +++ b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/CustomIssuerValidationDelegates.cs @@ -5,13 +5,14 @@ using System.Threading; using System.Threading.Tasks; using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; #nullable enable namespace Microsoft.IdentityModel.TestUtils { internal class CustomIssuerValidationDelegates { - internal async static Task> CustomIssuerValidatorDelegateAsync( + internal async static Task> CustomIssuerValidatorDelegateAsync( string issuer, SecurityToken securityToken, ValidationParameters validationParameters, @@ -19,7 +20,7 @@ internal async static Task> CustomIssuerValida CancellationToken cancellationToken) { // Returns a CustomIssuerValidationError : IssuerValidationError - return await Task.FromResult(new ValidationResult( + return await Task.FromResult(new ValidationResult( new CustomIssuerValidationError( new MessageDetail(nameof(CustomIssuerValidatorDelegateAsync), null), ValidationFailureType.IssuerValidationFailed, @@ -28,14 +29,14 @@ internal async static Task> CustomIssuerValida issuer))); } - internal async static Task> CustomIssuerValidatorCustomExceptionDelegateAsync( + internal async static Task> CustomIssuerValidatorCustomExceptionDelegateAsync( string issuer, SecurityToken securityToken, ValidationParameters validationParameters, CallContext callContext, CancellationToken cancellationToken) { - return await Task.FromResult(new ValidationResult( + return await Task.FromResult(new ValidationResult( new CustomIssuerValidationError( new MessageDetail(nameof(CustomIssuerValidatorCustomExceptionDelegateAsync), null), ValidationFailureType.IssuerValidationFailed, @@ -44,14 +45,14 @@ internal async static Task> CustomIssuerValida issuer))); } - internal async static Task> CustomIssuerValidatorCustomExceptionCustomFailureTypeDelegateAsync( + internal async static Task> CustomIssuerValidatorCustomExceptionCustomFailureTypeDelegateAsync( string issuer, SecurityToken securityToken, ValidationParameters validationParameters, CallContext callContext, CancellationToken cancellationToken) { - return await Task.FromResult(new ValidationResult( + return await Task.FromResult(new ValidationResult( new CustomIssuerValidationError( new MessageDetail(nameof(CustomIssuerValidatorCustomExceptionCustomFailureTypeDelegateAsync), null), CustomIssuerValidationError.CustomIssuerValidationFailureType, @@ -61,14 +62,14 @@ internal async static Task> CustomIssuerValida null))); } - internal async static Task> CustomIssuerValidatorUnknownExceptionDelegateAsync( + internal async static Task> CustomIssuerValidatorUnknownExceptionDelegateAsync( string issuer, SecurityToken securityToken, ValidationParameters validationParameters, CallContext callContext, CancellationToken cancellationToken) { - return await Task.FromResult(new ValidationResult( + return await Task.FromResult(new ValidationResult( new CustomIssuerValidationError( new MessageDetail(nameof(CustomIssuerValidatorUnknownExceptionDelegateAsync), null), ValidationFailureType.IssuerValidationFailed, @@ -77,14 +78,14 @@ internal async static Task> CustomIssuerValida issuer))); } - internal async static Task> CustomIssuerValidatorWithoutGetExceptionOverrideDelegateAsync( + internal async static Task> CustomIssuerValidatorWithoutGetExceptionOverrideDelegateAsync( string issuer, SecurityToken securityToken, ValidationParameters validationParameters, CallContext callContext, CancellationToken cancellationToken) { - return await Task.FromResult(new ValidationResult( + return await Task.FromResult(new ValidationResult( new CustomIssuerWithoutGetExceptionValidationOverrideError( new MessageDetail(nameof(CustomIssuerValidatorWithoutGetExceptionOverrideDelegateAsync), null), typeof(CustomSecurityTokenInvalidIssuerException), @@ -92,14 +93,14 @@ internal async static Task> CustomIssuerValida issuer))); } - internal async static Task> IssuerValidatorDelegateAsync( + internal async static Task> IssuerValidatorDelegateAsync( string issuer, SecurityToken securityToken, ValidationParameters validationParameters, CallContext callContext, CancellationToken cancellationToken) { - return await Task.FromResult(new ValidationResult( + return await Task.FromResult(new ValidationResult( new IssuerValidationError( new MessageDetail(nameof(IssuerValidatorDelegateAsync), null), ValidationFailureType.IssuerValidationFailed, @@ -108,7 +109,7 @@ internal async static Task> IssuerValidatorDel issuer))); } - internal static Task> IssuerValidatorThrows( + internal static Task> IssuerValidatorThrows( string issuer, SecurityToken securityToken, ValidationParameters validationParameters, @@ -118,14 +119,14 @@ internal static Task> IssuerValidatorThrows( throw new CustomSecurityTokenInvalidIssuerException(nameof(IssuerValidatorThrows), null); } - internal async static Task> IssuerValidatorCustomIssuerExceptionTypeDelegateAsync( + internal async static Task> IssuerValidatorCustomIssuerExceptionTypeDelegateAsync( string issuer, SecurityToken securityToken, ValidationParameters validationParameters, CallContext callContext, CancellationToken cancellationToken) { - return await Task.FromResult(new ValidationResult( + return await Task.FromResult(new ValidationResult( new IssuerValidationError( new MessageDetail(nameof(IssuerValidatorCustomIssuerExceptionTypeDelegateAsync), null), ValidationFailureType.IssuerValidationFailed, @@ -133,14 +134,14 @@ internal async static Task> IssuerValidatorCus ValidationError.GetCurrentStackFrame(), issuer))); } - internal async static Task> IssuerValidatorCustomExceptionTypeDelegateAsync( + internal async static Task> IssuerValidatorCustomExceptionTypeDelegateAsync( string issuer, SecurityToken securityToken, ValidationParameters validationParameters, CallContext callContext, CancellationToken cancellationToken) { - return await Task.FromResult(new ValidationResult( + return await Task.FromResult(new ValidationResult( new IssuerValidationError( new MessageDetail(nameof(IssuerValidatorCustomExceptionTypeDelegateAsync), null), ValidationFailureType.IssuerValidationFailed, diff --git a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/CustomLifetimeValidationDelegates.cs b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/CustomLifetimeValidationDelegates.cs index 141eb4a584..ba18b778c4 100644 --- a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/CustomLifetimeValidationDelegates.cs +++ b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/CustomLifetimeValidationDelegates.cs @@ -3,13 +3,14 @@ using System; using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; #nullable enable namespace Microsoft.IdentityModel.TestUtils { internal class CustomLifetimeValidationDelegates { - internal static ValidationResult CustomLifetimeValidatorDelegate( + internal static ValidationResult CustomLifetimeValidatorDelegate( DateTime? notBefore, DateTime? expires, SecurityToken? securityToken, @@ -27,7 +28,7 @@ internal static ValidationResult CustomLifetimeValidatorDeleg null); } - internal static ValidationResult CustomLifetimeValidatorCustomExceptionDelegate( + internal static ValidationResult CustomLifetimeValidatorCustomExceptionDelegate( DateTime? notBefore, DateTime? expires, SecurityToken? securityToken, @@ -44,7 +45,7 @@ internal static ValidationResult CustomLifetimeValidatorCusto null); } - internal static ValidationResult CustomLifetimeValidatorCustomExceptionCustomFailureTypeDelegate( + internal static ValidationResult CustomLifetimeValidatorCustomExceptionCustomFailureTypeDelegate( DateTime? notBefore, DateTime? expires, SecurityToken? securityToken, @@ -60,7 +61,7 @@ internal static ValidationResult CustomLifetimeValidatorCusto expires); } - internal static ValidationResult CustomLifetimeValidatorUnknownExceptionDelegate( + internal static ValidationResult CustomLifetimeValidatorUnknownExceptionDelegate( DateTime? notBefore, DateTime? expires, SecurityToken? securityToken, @@ -77,7 +78,7 @@ internal static ValidationResult CustomLifetimeValidatorUnkno null); } - internal static ValidationResult CustomLifetimeValidatorWithoutGetExceptionOverrideDelegate( + internal static ValidationResult CustomLifetimeValidatorWithoutGetExceptionOverrideDelegate( DateTime? notBefore, DateTime? expires, SecurityToken? securityToken, @@ -94,7 +95,7 @@ internal static ValidationResult CustomLifetimeValidatorWitho null); } - internal static ValidationResult LifetimeValidatorDelegate( + internal static ValidationResult LifetimeValidatorDelegate( DateTime? notBefore, DateTime? expires, SecurityToken? securityToken, @@ -111,7 +112,7 @@ internal static ValidationResult LifetimeValidatorDelegate( null); } - internal static ValidationResult LifetimeValidatorThrows( + internal static ValidationResult LifetimeValidatorThrows( DateTime? notBefore, DateTime? expires, SecurityToken? securityToken, @@ -121,7 +122,7 @@ internal static ValidationResult LifetimeValidatorThrows( throw new CustomSecurityTokenInvalidLifetimeException(nameof(LifetimeValidatorThrows), null); } - internal static ValidationResult LifetimeValidatorCustomLifetimeExceptionTypeDelegate( + internal static ValidationResult LifetimeValidatorCustomLifetimeExceptionTypeDelegate( DateTime? notBefore, DateTime? expires, SecurityToken? securityToken, @@ -138,7 +139,7 @@ internal static ValidationResult LifetimeValidatorCustomLifet null); } - internal static ValidationResult LifetimeValidatorCustomExceptionTypeDelegate( + internal static ValidationResult LifetimeValidatorCustomExceptionTypeDelegate( DateTime? notBefore, DateTime? expires, SecurityToken? securityToken, diff --git a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/CustomSignatureValidationDelegates.cs b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/CustomSignatureValidationDelegates.cs index f80e2e46c8..e99db3ed97 100644 --- a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/CustomSignatureValidationDelegates.cs +++ b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/CustomSignatureValidationDelegates.cs @@ -3,13 +3,14 @@ using System; using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; #nullable enable namespace Microsoft.IdentityModel.TestUtils { internal class CustomSignatureValidationDelegates { - internal static ValidationResult CustomSignatureValidatorDelegate( + internal static ValidationResult CustomSignatureValidatorDelegate( SecurityToken? securityToken, ValidationParameters validationParameters, BaseConfiguration? configuration, @@ -23,7 +24,7 @@ internal static ValidationResult CustomSignatureValidatorDelegate( ValidationError.GetCurrentStackFrame()); } - internal static ValidationResult CustomSignatureValidatorCustomExceptionDelegate( + internal static ValidationResult CustomSignatureValidatorCustomExceptionDelegate( SecurityToken? securityToken, ValidationParameters validationParameters, BaseConfiguration? configuration, @@ -36,7 +37,7 @@ internal static ValidationResult CustomSignatureValidatorCustomExce ValidationError.GetCurrentStackFrame()); } - internal static ValidationResult CustomSignatureValidatorCustomExceptionCustomFailureTypeDelegate( + internal static ValidationResult CustomSignatureValidatorCustomExceptionCustomFailureTypeDelegate( SecurityToken? securityToken, ValidationParameters validationParameters, BaseConfiguration? configuration, @@ -49,7 +50,7 @@ internal static ValidationResult CustomSignatureValidatorCustomExce ValidationError.GetCurrentStackFrame()); } - internal static ValidationResult CustomSignatureValidatorUnknownExceptionDelegate( + internal static ValidationResult CustomSignatureValidatorUnknownExceptionDelegate( SecurityToken? securityToken, ValidationParameters validationParameters, BaseConfiguration? configuration, @@ -62,7 +63,7 @@ internal static ValidationResult CustomSignatureValidatorUnknownExc ValidationError.GetCurrentStackFrame()); } - internal static ValidationResult CustomSignatureValidatorWithoutGetExceptionOverrideDelegate( + internal static ValidationResult CustomSignatureValidatorWithoutGetExceptionOverrideDelegate( SecurityToken? securityToken, ValidationParameters validationParameters, BaseConfiguration? configuration, @@ -75,7 +76,7 @@ internal static ValidationResult CustomSignatureValidatorWithoutGet ValidationError.GetCurrentStackFrame()); } - internal static ValidationResult SignatureValidatorDelegate( + internal static ValidationResult SignatureValidatorDelegate( SecurityToken? securityToken, ValidationParameters validationParameters, BaseConfiguration? configuration, @@ -88,7 +89,7 @@ internal static ValidationResult SignatureValidatorDelegate( ValidationError.GetCurrentStackFrame()); } - internal static ValidationResult SignatureValidatorThrows( + internal static ValidationResult SignatureValidatorThrows( SecurityToken? securityToken, ValidationParameters validationParameters, BaseConfiguration? configuration, @@ -97,7 +98,7 @@ internal static ValidationResult SignatureValidatorThrows( throw new CustomSecurityTokenInvalidSignatureException(nameof(SignatureValidatorThrows), null); } - internal static ValidationResult SignatureValidatorCustomSignatureExceptionTypeDelegate( + internal static ValidationResult SignatureValidatorCustomSignatureExceptionTypeDelegate( SecurityToken? securityToken, ValidationParameters validationParameters, BaseConfiguration? configuration, @@ -110,7 +111,7 @@ internal static ValidationResult SignatureValidatorCustomSignatureE ValidationError.GetCurrentStackFrame()); } - internal static ValidationResult SignatureValidatorCustomExceptionTypeDelegate( + internal static ValidationResult SignatureValidatorCustomExceptionTypeDelegate( SecurityToken? securityToken, ValidationParameters validationParameters, BaseConfiguration? configuration, diff --git a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/CustomTokenReplayValidationDelegates.cs b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/CustomTokenReplayValidationDelegates.cs index 6e10f6cba8..b7b9436df8 100644 --- a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/CustomTokenReplayValidationDelegates.cs +++ b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/CustomTokenReplayValidationDelegates.cs @@ -2,15 +2,15 @@ // Licensed under the MIT License. using System; -using System.Threading.Tasks; using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; #nullable enable namespace Microsoft.IdentityModel.TestUtils { internal class CustomTokenReplayValidationDelegates { - internal static ValidationResult CustomTokenReplayValidationDelegate( + internal static ValidationResult CustomTokenReplayValidationDelegate( DateTime? expirationTime, string securityToken, ValidationParameters validationParameters, @@ -25,7 +25,7 @@ internal class CustomTokenReplayValidationDelegates expirationTime); } - internal static ValidationResult CustomTokenReplayValidatorCustomExceptionDelegate( + internal static ValidationResult CustomTokenReplayValidatorCustomExceptionDelegate( DateTime? expirationTime, string securityToken, ValidationParameters validationParameters, @@ -39,7 +39,7 @@ internal class CustomTokenReplayValidationDelegates expirationTime); } - internal static ValidationResult CustomTokenReplayValidatorCustomExceptionCustomFailureTypeDelegate( + internal static ValidationResult CustomTokenReplayValidatorCustomExceptionCustomFailureTypeDelegate( DateTime? expirationTime, string securityToken, ValidationParameters validationParameters, @@ -54,7 +54,7 @@ internal class CustomTokenReplayValidationDelegates null); } - internal static ValidationResult CustomTokenReplayValidatorUnknownExceptionDelegate( + internal static ValidationResult CustomTokenReplayValidatorUnknownExceptionDelegate( DateTime? expirationTime, string securityToken, ValidationParameters validationParameters, @@ -68,7 +68,7 @@ internal class CustomTokenReplayValidationDelegates expirationTime); } - internal static ValidationResult CustomTokenReplayValidatorWithoutGetExceptionOverrideDelegate( + internal static ValidationResult CustomTokenReplayValidatorWithoutGetExceptionOverrideDelegate( DateTime? expirationTime, string securityToken, ValidationParameters validationParameters, @@ -81,7 +81,7 @@ internal class CustomTokenReplayValidationDelegates expirationTime); } - internal static ValidationResult TokenReplayValidationDelegate( + internal static ValidationResult TokenReplayValidationDelegate( DateTime? expirationTime, string securityToken, ValidationParameters validationParameters, @@ -95,7 +95,7 @@ internal class CustomTokenReplayValidationDelegates expirationTime); } - internal static ValidationResult TokenReplayValidatorThrows( + internal static ValidationResult TokenReplayValidatorThrows( DateTime? expirationTime, string securityToken, ValidationParameters validationParameters, @@ -104,7 +104,7 @@ internal class CustomTokenReplayValidationDelegates throw new CustomSecurityTokenReplayDetectedException(nameof(TokenReplayValidatorThrows), null); } - internal static ValidationResult TokenReplayValidatorCustomTokenReplayDetectedExceptionTypeDelegate( + internal static ValidationResult TokenReplayValidatorCustomTokenReplayDetectedExceptionTypeDelegate( DateTime? expirationTime, string securityToken, ValidationParameters validationParameters, @@ -117,7 +117,7 @@ internal class CustomTokenReplayValidationDelegates ValidationError.GetCurrentStackFrame(), expirationTime); } - internal static ValidationResult TokenReplayValidatorCustomExceptionTypeDelegate( + internal static ValidationResult TokenReplayValidatorCustomExceptionTypeDelegate( DateTime? expirationTime, string securityToken, ValidationParameters validationParameters, diff --git a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/CustomTokenTypeValidationDelegates.cs b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/CustomTokenTypeValidationDelegates.cs index ebc10c95e4..032805a3f5 100644 --- a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/CustomTokenTypeValidationDelegates.cs +++ b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/CustomTokenTypeValidationDelegates.cs @@ -3,13 +3,14 @@ using System; using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; #nullable enable namespace Microsoft.IdentityModel.TestUtils { internal class CustomTokenTypeValidationDelegates { - internal static ValidationResult CustomTokenTypeValidatorDelegate( + internal static ValidationResult CustomTokenTypeValidatorDelegate( string? type, SecurityToken? securityToken, ValidationParameters validationParameters, @@ -25,7 +26,7 @@ internal static ValidationResult CustomTokenTypeValidatorDel null); } - internal static ValidationResult CustomTokenTypeValidatorCustomExceptionDelegate( + internal static ValidationResult CustomTokenTypeValidatorCustomExceptionDelegate( string? type, SecurityToken? securityToken, ValidationParameters validationParameters, @@ -40,7 +41,7 @@ internal static ValidationResult CustomTokenTypeValidatorCus null); } - internal static ValidationResult CustomTokenTypeValidatorCustomExceptionCustomFailureTypeDelegate( + internal static ValidationResult CustomTokenTypeValidatorCustomExceptionCustomFailureTypeDelegate( string? type, SecurityToken? securityToken, ValidationParameters validationParameters, @@ -54,7 +55,7 @@ internal static ValidationResult CustomTokenTypeValidatorCus type); } - internal static ValidationResult CustomTokenTypeValidatorUnknownExceptionDelegate( + internal static ValidationResult CustomTokenTypeValidatorUnknownExceptionDelegate( string? type, SecurityToken? securityToken, ValidationParameters validationParameters, @@ -69,7 +70,7 @@ internal static ValidationResult CustomTokenTypeValidatorUnk null); } - internal static ValidationResult CustomTokenTypeValidatorWithoutGetExceptionOverrideDelegate( + internal static ValidationResult CustomTokenTypeValidatorWithoutGetExceptionOverrideDelegate( string? type, SecurityToken? securityToken, ValidationParameters validationParameters, @@ -83,7 +84,7 @@ internal static ValidationResult CustomTokenTypeValidatorWit null); } - internal static ValidationResult TokenTypeValidatorDelegate( + internal static ValidationResult TokenTypeValidatorDelegate( string? type, SecurityToken? securityToken, ValidationParameters validationParameters, @@ -98,7 +99,7 @@ internal static ValidationResult TokenTypeValidatorDelegate( null); } - internal static ValidationResult TokenTypeValidatorThrows( + internal static ValidationResult TokenTypeValidatorThrows( string? type, SecurityToken? securityToken, ValidationParameters validationParameters, @@ -107,7 +108,7 @@ internal static ValidationResult TokenTypeValidatorThrows( throw new CustomSecurityTokenInvalidTypeException(nameof(TokenTypeValidatorThrows), null); } - internal static ValidationResult TokenTypeValidatorCustomTokenTypeExceptionTypeDelegate( + internal static ValidationResult TokenTypeValidatorCustomTokenTypeExceptionTypeDelegate( string? type, SecurityToken? securityToken, ValidationParameters validationParameters, @@ -122,7 +123,7 @@ internal static ValidationResult TokenTypeValidatorCustomTok null); } - internal static ValidationResult TokenTypeValidatorCustomExceptionTypeDelegate( + internal static ValidationResult TokenTypeValidatorCustomExceptionTypeDelegate( string? type, SecurityToken? securityToken, ValidationParameters validationParameters, diff --git a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/CustomValidationErrors.cs b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/CustomValidationErrors.cs index 6989427b5c..72bce538d2 100644 --- a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/CustomValidationErrors.cs +++ b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/CustomValidationErrors.cs @@ -5,6 +5,7 @@ using System.Collections.Generic; using System.Diagnostics; using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; #nullable enable namespace Microsoft.IdentityModel.TestUtils @@ -221,6 +222,7 @@ public CustomTokenTypeValidationError( : base(messageDetail, validationFailureType, exceptionType, stackFrame, invalidTokenType, innerException) { } + protected override Exception CreateException() { if (ExceptionType == typeof(CustomSecurityTokenInvalidTypeException)) @@ -266,6 +268,7 @@ public CustomSignatureValidationError( base(messageDetail, validationFailureType, exceptionType, stackFrame, innerValidationError, innerException) { } + protected override Exception CreateException() { if (ExceptionType == typeof(CustomSecurityTokenInvalidSignatureException)) @@ -312,6 +315,7 @@ public CustomAlgorithmValidationError( : base(messageDetail, validationFailureType, exceptionType, stackFrame, algorithm, innerException) { } + protected override Exception CreateException() { if (ExceptionType == typeof(CustomSecurityTokenInvalidAlgorithmException)) diff --git a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/AlgorithmExtensibilityTestCases.cs b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/AlgorithmExtensibilityTestCases.cs index d28fefce62..1514403c3d 100644 --- a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/AlgorithmExtensibilityTestCases.cs +++ b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/AlgorithmExtensibilityTestCases.cs @@ -6,6 +6,7 @@ using Xunit; using Microsoft.IdentityModel.Tokens; using Microsoft.IdentityModel.Logging; +using Microsoft.IdentityModel.Tokens.Experimental; #nullable enable namespace Microsoft.IdentityModel.TestUtils.TokenValidationExtensibility.Tests @@ -196,11 +197,13 @@ public static TheoryData GenerateAlgorithmExte }); // SignatureValidationError : ValidationError, ExceptionType: SecurityTokenInvalidSignatureException, inner: CustomSecurityTokenInvalidAlgorithmException + int addStackFrames = (tokenHandlerType == "JWT") ? 1 : 0; + theoryData.Add(new AlgorithmExtensibilityTheoryData( "AlgorithmValidatorThrows", tokenHandlerType, CustomAlgorithmValidationDelegates.AlgorithmValidatorThrows, - extraStackFrames: extraStackFrames + 1) + extraStackFrames: extraStackFrames + addStackFrames) { ExpectedException = new ExpectedException( typeof(SecurityTokenInvalidSignatureException), diff --git a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/AlgorithmExtensibilityTheoryData.cs b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/AlgorithmExtensibilityTheoryData.cs index 90a6888d32..9a061f33b0 100644 --- a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/AlgorithmExtensibilityTheoryData.cs +++ b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/AlgorithmExtensibilityTheoryData.cs @@ -1,7 +1,7 @@ // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. -using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; #nullable enable namespace Microsoft.IdentityModel.TestUtils.TokenValidationExtensibility.Tests diff --git a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/AudienceExtensibilityTestCases.cs b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/AudienceExtensibilityTestCases.cs index d6d56aa50f..3a642c1a88 100644 --- a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/AudienceExtensibilityTestCases.cs +++ b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/AudienceExtensibilityTestCases.cs @@ -7,6 +7,7 @@ using Microsoft.IdentityModel.Tokens; using Microsoft.IdentityModel.Logging; using System.Collections.Generic; +using Microsoft.IdentityModel.Tokens.Experimental; #nullable enable namespace Microsoft.IdentityModel.TestUtils.TokenValidationExtensibility.Tests diff --git a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/AudienceExtensibilityTheoryData.cs b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/AudienceExtensibilityTheoryData.cs index 7b1da2d0ad..792d6c0bb1 100644 --- a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/AudienceExtensibilityTheoryData.cs +++ b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/AudienceExtensibilityTheoryData.cs @@ -1,7 +1,7 @@ // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. -using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; #nullable enable namespace Microsoft.IdentityModel.TestUtils.TokenValidationExtensibility.Tests diff --git a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/ExtensibilityTheoryData.cs b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/ExtensibilityTheoryData.cs index 839e636701..2462bae712 100644 --- a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/ExtensibilityTheoryData.cs +++ b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/ExtensibilityTheoryData.cs @@ -4,6 +4,7 @@ using System.Security.Claims; using System; using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; #nullable enable namespace Microsoft.IdentityModel.TestUtils.TokenValidationExtensibility.Tests diff --git a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/ITestingTokenHandler.cs b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/ITestingTokenHandler.cs index ebfb32d418..e734a4c502 100644 --- a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/ITestingTokenHandler.cs +++ b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/ITestingTokenHandler.cs @@ -5,6 +5,7 @@ using System.Threading.Tasks; using Microsoft.IdentityModel.JsonWebTokens; using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; using Microsoft.IdentityModel.Tokens.Saml; using Microsoft.IdentityModel.Tokens.Saml2; @@ -16,7 +17,7 @@ namespace Microsoft.IdentityModel.TestUtils.TokenValidationExtensibility.Tests // since the ValidateTokenAsync method with ValidationParameters is not part of any shared interface. internal interface ITestingTokenHandler { - Task> ValidateTokenAsync( + Task> ValidateTokenAsync( string token, ValidationParameters validationParameters, CallContext callContext, @@ -26,7 +27,7 @@ Task ValidateTokenAsync( string token, TokenValidationParameters validationParameters); - Task> ValidateTokenAsync( + Task> ValidateTokenAsync( SecurityToken token, ValidationParameters validationParameters, CallContext callContext, @@ -46,7 +47,7 @@ public JsonWebTokenHandlerWithResult() { } - public async Task> ValidateTokenAsync( + public async Task> ValidateTokenAsync( SecurityToken token, ValidationParameters validationParameters, CallContext callContext, @@ -55,7 +56,7 @@ public async Task> ValidateTokenAsync( return await _handler.ValidateTokenAsync(token, validationParameters, callContext, cancellationToken); } - public async Task> ValidateTokenAsync( + public async Task> ValidateTokenAsync( string token, ValidationParameters validationParameters, CallContext callContext, @@ -86,7 +87,7 @@ internal class SamlSecurityTokenHandlerWithResult : ITestingTokenHandler { private readonly SamlSecurityTokenHandler _handler = new SamlSecurityTokenHandler(); - public async Task> ValidateTokenAsync( + public async Task> ValidateTokenAsync( SecurityToken token, ValidationParameters validationParameters, CallContext callContext, @@ -95,7 +96,7 @@ public async Task> ValidateTokenAsync( return await _handler.ValidateTokenAsync(token, validationParameters, callContext, cancellationToken); } - public async Task> ValidateTokenAsync( + public async Task> ValidateTokenAsync( string token, ValidationParameters validationParameters, CallContext callContext, @@ -129,7 +130,7 @@ internal class Saml2SecurityTokenHandlerWithResult : ITestingTokenHandler { private readonly Saml2SecurityTokenHandler _handler = new Saml2SecurityTokenHandler(); - public async Task> ValidateTokenAsync( + public async Task> ValidateTokenAsync( SecurityToken token, ValidationParameters validationParameters, CallContext callContext, @@ -138,7 +139,7 @@ public async Task> ValidateTokenAsync( return await _handler.ValidateTokenAsync(token, validationParameters, callContext, cancellationToken); } - public async Task> ValidateTokenAsync( + public async Task> ValidateTokenAsync( string token, ValidationParameters validationParameters, CallContext callContext, diff --git a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/IssuerExtensibilityTestCases.cs b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/IssuerExtensibilityTestCases.cs index 296708b70a..4178822216 100644 --- a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/IssuerExtensibilityTestCases.cs +++ b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/IssuerExtensibilityTestCases.cs @@ -6,6 +6,7 @@ using Xunit; using Microsoft.IdentityModel.Tokens; using Microsoft.IdentityModel.Logging; +using Microsoft.IdentityModel.Tokens.Experimental; #nullable enable namespace Microsoft.IdentityModel.TestUtils.TokenValidationExtensibility.Tests diff --git a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/IssuerExtensibilityTheoryData.cs b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/IssuerExtensibilityTheoryData.cs index 329658ddde..670f10bdcf 100644 --- a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/IssuerExtensibilityTheoryData.cs +++ b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/IssuerExtensibilityTheoryData.cs @@ -1,7 +1,7 @@ // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. -using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; #nullable enable namespace Microsoft.IdentityModel.TestUtils.TokenValidationExtensibility.Tests diff --git a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/IssuerSigningKeyExtensibilityTestCases.cs b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/IssuerSigningKeyExtensibilityTestCases.cs index e504f3c82a..f059cebf33 100644 --- a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/IssuerSigningKeyExtensibilityTestCases.cs +++ b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/IssuerSigningKeyExtensibilityTestCases.cs @@ -6,6 +6,7 @@ using Xunit; using Microsoft.IdentityModel.Tokens; using Microsoft.IdentityModel.Logging; +using Microsoft.IdentityModel.Tokens.Experimental; #nullable enable namespace Microsoft.IdentityModel.TestUtils.TokenValidationExtensibility.Tests diff --git a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/IssuerSigningKeyExtensibilityTheoryData.cs b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/IssuerSigningKeyExtensibilityTheoryData.cs index 990ed5152a..2a470a55d6 100644 --- a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/IssuerSigningKeyExtensibilityTheoryData.cs +++ b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/IssuerSigningKeyExtensibilityTheoryData.cs @@ -2,6 +2,7 @@ // Licensed under the MIT License. using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; #nullable enable namespace Microsoft.IdentityModel.TestUtils.TokenValidationExtensibility.Tests diff --git a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/LifetimeExtensibilityTestCases.cs b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/LifetimeExtensibilityTestCases.cs index 24c92c20f5..9d139014d4 100644 --- a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/LifetimeExtensibilityTestCases.cs +++ b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/LifetimeExtensibilityTestCases.cs @@ -6,6 +6,7 @@ using Xunit; using Microsoft.IdentityModel.Tokens; using Microsoft.IdentityModel.Logging; +using Microsoft.IdentityModel.Tokens.Experimental; #nullable enable namespace Microsoft.IdentityModel.TestUtils.TokenValidationExtensibility.Tests diff --git a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/LifetimeExtensibilityTheoryData.cs b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/LifetimeExtensibilityTheoryData.cs index f4e209f8e9..0061244f7f 100644 --- a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/LifetimeExtensibilityTheoryData.cs +++ b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/LifetimeExtensibilityTheoryData.cs @@ -2,7 +2,7 @@ // Licensed under the MIT License. using System; -using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; #nullable enable namespace Microsoft.IdentityModel.TestUtils.TokenValidationExtensibility.Tests diff --git a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/SignatureExtensibilityTestCases.cs b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/SignatureExtensibilityTestCases.cs index d943f6041d..6acd5aa750 100644 --- a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/SignatureExtensibilityTestCases.cs +++ b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/SignatureExtensibilityTestCases.cs @@ -6,6 +6,7 @@ using Xunit; using Microsoft.IdentityModel.Tokens; using Microsoft.IdentityModel.Logging; +using Microsoft.IdentityModel.Tokens.Experimental; #nullable enable namespace Microsoft.IdentityModel.TestUtils.TokenValidationExtensibility.Tests @@ -166,7 +167,7 @@ public static TheoryData GenerateSignatureExte "SignatureValidatorThrows", tokenHandlerType, CustomSignatureValidationDelegates.SignatureValidatorThrows, - extraStackFrames: extraStackFrames - 1) + extraStackFrames: extraStackFrames) { ExpectedException = new ExpectedException( typeof(SecurityTokenInvalidSignatureException), diff --git a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/SignatureExtensibilityTheoryData.cs b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/SignatureExtensibilityTheoryData.cs index f3d222bae8..1d221a4d94 100644 --- a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/SignatureExtensibilityTheoryData.cs +++ b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/SignatureExtensibilityTheoryData.cs @@ -1,7 +1,7 @@ // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. -using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; #nullable enable namespace Microsoft.IdentityModel.TestUtils.TokenValidationExtensibility.Tests diff --git a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/TokenReplayExtensibilityTestCases.cs b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/TokenReplayExtensibilityTestCases.cs index 2828262df9..22e0c3decb 100644 --- a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/TokenReplayExtensibilityTestCases.cs +++ b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/TokenReplayExtensibilityTestCases.cs @@ -6,6 +6,7 @@ using Xunit; using Microsoft.IdentityModel.Tokens; using Microsoft.IdentityModel.Logging; +using Microsoft.IdentityModel.Tokens.Experimental; #nullable enable namespace Microsoft.IdentityModel.TestUtils.TokenValidationExtensibility.Tests diff --git a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/TokenReplayExtensibilityTheoryData.cs b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/TokenReplayExtensibilityTheoryData.cs index 20f2111df6..c8aa4e6faf 100644 --- a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/TokenReplayExtensibilityTheoryData.cs +++ b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/TokenReplayExtensibilityTheoryData.cs @@ -2,7 +2,7 @@ // Licensed under the MIT License. using System; -using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; #nullable enable namespace Microsoft.IdentityModel.TestUtils.TokenValidationExtensibility.Tests diff --git a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/TokenTypeExtensibilityTestCases.cs b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/TokenTypeExtensibilityTestCases.cs index 1afd67a6dd..3400b178b0 100644 --- a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/TokenTypeExtensibilityTestCases.cs +++ b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/TokenTypeExtensibilityTestCases.cs @@ -6,6 +6,7 @@ using Xunit; using Microsoft.IdentityModel.Tokens; using Microsoft.IdentityModel.Logging; +using Microsoft.IdentityModel.Tokens.Experimental; #nullable enable namespace Microsoft.IdentityModel.TestUtils.TokenValidationExtensibility.Tests diff --git a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/TokenTypeExtensibilityTheoryData.cs b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/TokenTypeExtensibilityTheoryData.cs index c83ccdbd4f..f2341c918f 100644 --- a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/TokenTypeExtensibilityTheoryData.cs +++ b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/TokenTypeExtensibilityTheoryData.cs @@ -1,7 +1,7 @@ // Copyright (c) Microsoft Corporation. All rights reserved. // Licensed under the MIT License. -using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; #nullable enable namespace Microsoft.IdentityModel.TestUtils.TokenValidationExtensibility.Tests diff --git a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/ValidateTokenAsyncExtensibility.cs b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/ValidateTokenAsyncExtensibility.cs index 240fd24e4a..ccfce83ef3 100644 --- a/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/ValidateTokenAsyncExtensibility.cs +++ b/test/Microsoft.IdentityModel.TestUtils/TokenValidationExtensibility/Tests/ValidateTokenAsyncExtensibility.cs @@ -6,6 +6,7 @@ using System.Threading; using System.Threading.Tasks; using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; #nullable enable namespace Microsoft.IdentityModel.TestUtils.TokenValidationExtensibility.Tests @@ -23,7 +24,7 @@ public static async Task ValidateTokenAsync_Extensibility(ExtensibilityTheoryDat try { - ValidationResult validationResult = await theoryData.TokenHandler.ValidateTokenAsync( + ValidationResult validationResult = await theoryData.TokenHandler.ValidateTokenAsync( securityToken, theoryData.ValidationParameters!, theoryData.CallContext, diff --git a/test/Microsoft.IdentityModel.Tokens.Saml.Tests/Saml2SecurityTokenHandler.Extensibility.Signature.cs b/test/Microsoft.IdentityModel.Tokens.Saml.Tests/Saml2SecurityTokenHandler.Extensibility.Signature.cs index 7f39a236ca..d4f55117c0 100644 --- a/test/Microsoft.IdentityModel.Tokens.Saml.Tests/Saml2SecurityTokenHandler.Extensibility.Signature.cs +++ b/test/Microsoft.IdentityModel.Tokens.Saml.Tests/Saml2SecurityTokenHandler.Extensibility.Signature.cs @@ -12,7 +12,7 @@ public partial class Saml2SecurityTokenHandlerValidateTokenAsyncTests { [Theory, MemberData( nameof(GenerateSignatureExtensibilityTestCases), - parameters: ["SAML2", 2], + parameters: ["SAML2", 1], DisableDiscoveryEnumeration = true)] public async Task ValidateTokenAsync_SignatureValidator_Extensibility( SignatureExtensibilityTheoryData theoryData) diff --git a/test/Microsoft.IdentityModel.Tokens.Saml.Tests/Saml2SecurityTokenHandlerTests.ReadToken.cs b/test/Microsoft.IdentityModel.Tokens.Saml.Tests/Saml2SecurityTokenHandlerTests.ReadToken.cs index d51f1f0c3b..5ed5954d5b 100644 --- a/test/Microsoft.IdentityModel.Tokens.Saml.Tests/Saml2SecurityTokenHandlerTests.ReadToken.cs +++ b/test/Microsoft.IdentityModel.Tokens.Saml.Tests/Saml2SecurityTokenHandlerTests.ReadToken.cs @@ -6,6 +6,7 @@ using Microsoft.IdentityModel.TestUtils; using TokenLogMessages = Microsoft.IdentityModel.Tokens.LogMessages; using Microsoft.IdentityModel.Logging; +using Microsoft.IdentityModel.Tokens.Experimental; namespace Microsoft.IdentityModel.Tokens.Saml2.Tests { @@ -16,7 +17,7 @@ public void ReadToken_ResultType(TokenReadingTheoryData theoryData) { CompareContext context = TestUtilities.WriteHeader($"{this}.ReadToken_ResultType", theoryData); Saml2SecurityTokenHandler handler = new Saml2SecurityTokenHandler(); - ValidationResult result = handler.ReadSaml2Token( + ValidationResult result = handler.ReadSaml2Token( theoryData.Token, new CallContext()); @@ -106,6 +107,6 @@ public TokenReadingTheoryData(string testId) public string Token { get; set; } - internal ValidationResult Result { get; set; } + internal ValidationResult Result { get; set; } } } diff --git a/test/Microsoft.IdentityModel.Tokens.Saml.Tests/Saml2SecurityTokenHandlerTests.ValidateTokenAsyncTests.Algorithm.cs b/test/Microsoft.IdentityModel.Tokens.Saml.Tests/Saml2SecurityTokenHandlerTests.ValidateTokenAsyncTests.Algorithm.cs index 17fdda1df1..2767a327f6 100644 --- a/test/Microsoft.IdentityModel.Tokens.Saml.Tests/Saml2SecurityTokenHandlerTests.ValidateTokenAsyncTests.Algorithm.cs +++ b/test/Microsoft.IdentityModel.Tokens.Saml.Tests/Saml2SecurityTokenHandlerTests.ValidateTokenAsyncTests.Algorithm.cs @@ -6,6 +6,7 @@ using System.Threading; using System.Threading.Tasks; using Microsoft.IdentityModel.TestUtils; +using Microsoft.IdentityModel.Tokens.Experimental; using Microsoft.IdentityModel.Tokens.Saml2; using Xunit; @@ -28,7 +29,7 @@ public async Task ValidateTokenAsync_AlgorithmComparison(ValidateTokenAsyncAlgor await saml2TokenHandler.ValidateTokenAsync(saml2Token.Assertion.CanonicalString, theoryData.TokenValidationParameters); // Validate the token using ValidationParameters. - ValidationResult validationResult = + ValidationResult validationResult = await saml2TokenHandler.ValidateTokenAsync( saml2Token, theoryData.ValidationParameters!, diff --git a/test/Microsoft.IdentityModel.Tokens.Saml.Tests/Saml2SecurityTokenHandlerTests.ValidateTokenAsyncTests.Audience.cs b/test/Microsoft.IdentityModel.Tokens.Saml.Tests/Saml2SecurityTokenHandlerTests.ValidateTokenAsyncTests.Audience.cs index 2c04472039..20f035017b 100644 --- a/test/Microsoft.IdentityModel.Tokens.Saml.Tests/Saml2SecurityTokenHandlerTests.ValidateTokenAsyncTests.Audience.cs +++ b/test/Microsoft.IdentityModel.Tokens.Saml.Tests/Saml2SecurityTokenHandlerTests.ValidateTokenAsyncTests.Audience.cs @@ -6,6 +6,7 @@ using System.Threading; using System.Threading.Tasks; using Microsoft.IdentityModel.TestUtils; +using Microsoft.IdentityModel.Tokens.Experimental; using Microsoft.IdentityModel.Tokens.Saml2; using Xunit; @@ -35,7 +36,7 @@ public async Task ValidateTokenAsync_AudienceComparison(ValidateTokenAsyncAudien await saml2TokenHandler.ValidateTokenAsync(saml2Token.Assertion.CanonicalString, tokenValidationParameters); // Validate the token using ValidationParameters. - ValidationResult validationResult = + ValidationResult validationResult = await saml2TokenHandler.ValidateTokenAsync( saml2Token, theoryData.ValidationParameters!, diff --git a/test/Microsoft.IdentityModel.Tokens.Saml.Tests/Saml2SecurityTokenHandlerTests.ValidateTokenAsyncTests.Issuer.cs b/test/Microsoft.IdentityModel.Tokens.Saml.Tests/Saml2SecurityTokenHandlerTests.ValidateTokenAsyncTests.Issuer.cs index 0246ca0046..67d4123e33 100644 --- a/test/Microsoft.IdentityModel.Tokens.Saml.Tests/Saml2SecurityTokenHandlerTests.ValidateTokenAsyncTests.Issuer.cs +++ b/test/Microsoft.IdentityModel.Tokens.Saml.Tests/Saml2SecurityTokenHandlerTests.ValidateTokenAsyncTests.Issuer.cs @@ -5,6 +5,7 @@ using System.Threading.Tasks; using Microsoft.IdentityModel.Protocols.WsFederation; using Microsoft.IdentityModel.TestUtils; +using Microsoft.IdentityModel.Tokens.Experimental; using Microsoft.IdentityModel.Tokens.Saml2; using Xunit; @@ -33,7 +34,7 @@ public async Task ValidateTokenAsync_IssuerComparison(ValidateTokenAsyncIssuerTh await saml2TokenHandler.ValidateTokenAsync(saml2Token.Assertion.CanonicalString, tokenValidationParameters); // Validate token using ValidationParameters. - ValidationResult validationResult = + ValidationResult validationResult = await saml2TokenHandler.ValidateTokenAsync( saml2Token, theoryData.ValidationParameters!, diff --git a/test/Microsoft.IdentityModel.Tokens.Saml.Tests/Saml2SecurityTokenHandlerTests.ValidateTokenAsyncTests.IssuerSigningKey.cs b/test/Microsoft.IdentityModel.Tokens.Saml.Tests/Saml2SecurityTokenHandlerTests.ValidateTokenAsyncTests.IssuerSigningKey.cs index 38f25ddc2a..108642b142 100644 --- a/test/Microsoft.IdentityModel.Tokens.Saml.Tests/Saml2SecurityTokenHandlerTests.ValidateTokenAsyncTests.IssuerSigningKey.cs +++ b/test/Microsoft.IdentityModel.Tokens.Saml.Tests/Saml2SecurityTokenHandlerTests.ValidateTokenAsyncTests.IssuerSigningKey.cs @@ -5,6 +5,7 @@ using System.Threading; using System.Threading.Tasks; using Microsoft.IdentityModel.TestUtils; +using Microsoft.IdentityModel.Tokens.Experimental; using Microsoft.IdentityModel.Tokens.Saml2; using Xunit; @@ -27,7 +28,7 @@ public async Task ValidateTokenAsync_IssuerSigningKeyComparison(ValidateTokenAsy await saml2TokenHandler.ValidateTokenAsync(saml2Token.Assertion.CanonicalString, theoryData.TokenValidationParameters!); // Validate the token using ValidationParameters. - ValidationResult validationResult = + ValidationResult validationResult = await saml2TokenHandler.ValidateTokenAsync( saml2Token, theoryData.ValidationParameters!, diff --git a/test/Microsoft.IdentityModel.Tokens.Saml.Tests/Saml2SecurityTokenHandlerTests.ValidateTokenAsyncTests.Lifetime.cs b/test/Microsoft.IdentityModel.Tokens.Saml.Tests/Saml2SecurityTokenHandlerTests.ValidateTokenAsyncTests.Lifetime.cs index a2478ffdb9..3990944371 100644 --- a/test/Microsoft.IdentityModel.Tokens.Saml.Tests/Saml2SecurityTokenHandlerTests.ValidateTokenAsyncTests.Lifetime.cs +++ b/test/Microsoft.IdentityModel.Tokens.Saml.Tests/Saml2SecurityTokenHandlerTests.ValidateTokenAsyncTests.Lifetime.cs @@ -5,6 +5,7 @@ using System.Threading; using System.Threading.Tasks; using Microsoft.IdentityModel.TestUtils; +using Microsoft.IdentityModel.Tokens.Experimental; using Microsoft.IdentityModel.Tokens.Saml2; using Xunit; @@ -35,7 +36,7 @@ public async Task ValidateTokenAsync_LifetimeComparison(ValidateTokenAsyncLifeti await saml2TokenHandler.ValidateTokenAsync(saml2Token.Assertion.CanonicalString, tokenValidationParameters); // Validate token using ValidationParameters. - ValidationResult validationResult = + ValidationResult validationResult = await saml2TokenHandler.ValidateTokenAsync( saml2Token, theoryData.ValidationParameters!, diff --git a/test/Microsoft.IdentityModel.Tokens.Saml.Tests/Saml2SecurityTokenHandlerTests.ValidateTokenAsyncTests.Signature.cs b/test/Microsoft.IdentityModel.Tokens.Saml.Tests/Saml2SecurityTokenHandlerTests.ValidateTokenAsyncTests.Signature.cs index dbe28f7582..3d2583732a 100644 --- a/test/Microsoft.IdentityModel.Tokens.Saml.Tests/Saml2SecurityTokenHandlerTests.ValidateTokenAsyncTests.Signature.cs +++ b/test/Microsoft.IdentityModel.Tokens.Saml.Tests/Saml2SecurityTokenHandlerTests.ValidateTokenAsyncTests.Signature.cs @@ -4,6 +4,7 @@ using System.Threading; using System.Threading.Tasks; using Microsoft.IdentityModel.TestUtils; +using Microsoft.IdentityModel.Tokens.Experimental; using Microsoft.IdentityModel.Tokens.Saml2; using Xunit; @@ -26,7 +27,7 @@ public async Task ValidateTokenAsync_SignatureComparison(ValidateTokenAsyncSigna await saml2TokenHandler.ValidateTokenAsync(saml2Token.Assertion.CanonicalString, theoryData.TokenValidationParameters); // Validate the token using ValidationParameters. - ValidationResult validationResult = + ValidationResult validationResult = await saml2TokenHandler.ValidateTokenAsync( saml2Token, theoryData.ValidationParameters!, diff --git a/test/Microsoft.IdentityModel.Tokens.Saml.Tests/Saml2SecurityTokenHandlerTests.ValidateTokenAsyncTests.TokenReplay.cs b/test/Microsoft.IdentityModel.Tokens.Saml.Tests/Saml2SecurityTokenHandlerTests.ValidateTokenAsyncTests.TokenReplay.cs index 098dde0650..213fe6710f 100644 --- a/test/Microsoft.IdentityModel.Tokens.Saml.Tests/Saml2SecurityTokenHandlerTests.ValidateTokenAsyncTests.TokenReplay.cs +++ b/test/Microsoft.IdentityModel.Tokens.Saml.Tests/Saml2SecurityTokenHandlerTests.ValidateTokenAsyncTests.TokenReplay.cs @@ -4,6 +4,7 @@ using System.Threading; using System.Threading.Tasks; using Microsoft.IdentityModel.TestUtils; +using Microsoft.IdentityModel.Tokens.Experimental; using Microsoft.IdentityModel.Tokens.Saml2; using Xunit; @@ -26,7 +27,7 @@ public async Task ValidateTokenAsync_TokenReplayComparison(ValidateTokenAsyncTok await saml2TokenHandler.ValidateTokenAsync(saml2Token.Assertion.CanonicalString, theoryData.TokenValidationParameters); // Validate the token using ValidationParameters. - ValidationResult validationResult = + ValidationResult validationResult = await saml2TokenHandler.ValidateTokenAsync( saml2Token, theoryData.ValidationParameters!, diff --git a/test/Microsoft.IdentityModel.Tokens.Saml.Tests/SamlSecurityTokenHandler.Extensibility.Signature.cs b/test/Microsoft.IdentityModel.Tokens.Saml.Tests/SamlSecurityTokenHandler.Extensibility.Signature.cs index 85f57bb942..07dc650f87 100644 --- a/test/Microsoft.IdentityModel.Tokens.Saml.Tests/SamlSecurityTokenHandler.Extensibility.Signature.cs +++ b/test/Microsoft.IdentityModel.Tokens.Saml.Tests/SamlSecurityTokenHandler.Extensibility.Signature.cs @@ -12,7 +12,7 @@ public partial class SamlSecurityTokenHandlerValidateTokenAsyncTests { [Theory, MemberData( nameof(GenerateSignatureExtensibilityTestCases), - parameters: ["SAML", 2], + parameters: ["SAML", 1], DisableDiscoveryEnumeration = true)] public async Task ValidateTokenAsync_SignatureValidator_Extensibility( SignatureExtensibilityTheoryData theoryData) diff --git a/test/Microsoft.IdentityModel.Tokens.Saml.Tests/SamlSecurityTokenHandlerTests.ReadToken.cs b/test/Microsoft.IdentityModel.Tokens.Saml.Tests/SamlSecurityTokenHandlerTests.ReadToken.cs index a62c5c4938..c87f5c8a9a 100644 --- a/test/Microsoft.IdentityModel.Tokens.Saml.Tests/SamlSecurityTokenHandlerTests.ReadToken.cs +++ b/test/Microsoft.IdentityModel.Tokens.Saml.Tests/SamlSecurityTokenHandlerTests.ReadToken.cs @@ -6,6 +6,7 @@ using Microsoft.IdentityModel.TestUtils; using TokenLogMessages = Microsoft.IdentityModel.Tokens.LogMessages; using Microsoft.IdentityModel.Logging; +using Microsoft.IdentityModel.Tokens.Experimental; namespace Microsoft.IdentityModel.Tokens.Saml.Tests { @@ -16,7 +17,7 @@ public void ReadToken_ResultType(TokenReadingTheoryData theoryData) { CompareContext context = TestUtilities.WriteHeader($"{this}.ReadToken_ResultType", theoryData); SamlSecurityTokenHandler handler = new SamlSecurityTokenHandler(); - ValidationResult result = handler.ReadSamlToken( + ValidationResult result = handler.ReadSamlToken( theoryData.Token, new CallContext()); @@ -106,6 +107,6 @@ public TokenReadingTheoryData(string testId) public string Token { get; set; } - internal ValidationResult Result { get; set; } + internal ValidationResult Result { get; set; } } } diff --git a/test/Microsoft.IdentityModel.Tokens.Saml.Tests/SamlSecurityTokenHandlerTests.ValidateTokenAsyncTests.Algorithm.cs b/test/Microsoft.IdentityModel.Tokens.Saml.Tests/SamlSecurityTokenHandlerTests.ValidateTokenAsyncTests.Algorithm.cs index 258cda2eb4..dd50e894fb 100644 --- a/test/Microsoft.IdentityModel.Tokens.Saml.Tests/SamlSecurityTokenHandlerTests.ValidateTokenAsyncTests.Algorithm.cs +++ b/test/Microsoft.IdentityModel.Tokens.Saml.Tests/SamlSecurityTokenHandlerTests.ValidateTokenAsyncTests.Algorithm.cs @@ -6,6 +6,7 @@ using System.Threading; using System.Threading.Tasks; using Microsoft.IdentityModel.TestUtils; +using Microsoft.IdentityModel.Tokens.Experimental; using Xunit; namespace Microsoft.IdentityModel.Tokens.Saml.Tests @@ -27,7 +28,7 @@ public async Task ValidateTokenAsync_AlgorithmComparison(ValidateTokenAsyncAlgor await samlTokenHandler.ValidateTokenAsync(samlToken.Assertion.CanonicalString, theoryData.TokenValidationParameters); // Validate the token using ValidationParameters. - ValidationResult validationResult = + ValidationResult validationResult = await samlTokenHandler.ValidateTokenAsync( samlToken, theoryData.ValidationParameters!, diff --git a/test/Microsoft.IdentityModel.Tokens.Saml.Tests/SamlSecurityTokenHandlerTests.ValidateTokenAsyncTests.Audience.cs b/test/Microsoft.IdentityModel.Tokens.Saml.Tests/SamlSecurityTokenHandlerTests.ValidateTokenAsyncTests.Audience.cs index 8249bf8e95..26ce808b2b 100644 --- a/test/Microsoft.IdentityModel.Tokens.Saml.Tests/SamlSecurityTokenHandlerTests.ValidateTokenAsyncTests.Audience.cs +++ b/test/Microsoft.IdentityModel.Tokens.Saml.Tests/SamlSecurityTokenHandlerTests.ValidateTokenAsyncTests.Audience.cs @@ -6,6 +6,7 @@ using System.Threading; using System.Threading.Tasks; using Microsoft.IdentityModel.TestUtils; +using Microsoft.IdentityModel.Tokens.Experimental; using Xunit; namespace Microsoft.IdentityModel.Tokens.Saml.Tests @@ -34,7 +35,7 @@ public async Task ValidateTokenAsync_AudienceComparison(ValidateTokenAsyncAudien await samlTokenHandler.ValidateTokenAsync(samlToken.Assertion.CanonicalString, tokenValidationParameters); // Validate the token using ValidationParameters. - ValidationResult validationResult = + ValidationResult validationResult = await samlTokenHandler.ValidateTokenAsync( samlToken, theoryData.ValidationParameters!, diff --git a/test/Microsoft.IdentityModel.Tokens.Saml.Tests/SamlSecurityTokenHandlerTests.ValidateTokenAsyncTests.Issuer.cs b/test/Microsoft.IdentityModel.Tokens.Saml.Tests/SamlSecurityTokenHandlerTests.ValidateTokenAsyncTests.Issuer.cs index 310984ba35..d3f6e026b9 100644 --- a/test/Microsoft.IdentityModel.Tokens.Saml.Tests/SamlSecurityTokenHandlerTests.ValidateTokenAsyncTests.Issuer.cs +++ b/test/Microsoft.IdentityModel.Tokens.Saml.Tests/SamlSecurityTokenHandlerTests.ValidateTokenAsyncTests.Issuer.cs @@ -4,6 +4,7 @@ using System.Threading; using System.Threading.Tasks; using Microsoft.IdentityModel.TestUtils; +using Microsoft.IdentityModel.Tokens.Experimental; using Xunit; namespace Microsoft.IdentityModel.Tokens.Saml.Tests @@ -30,7 +31,7 @@ public async Task ValidateTokenAsync_IssuerComparison(ValidateTokenAsyncIssuerTh await samlTokenHandler.ValidateTokenAsync(samlToken.Assertion.CanonicalString, tokenValidationParameters); // Validate token using ValidationParameters. - ValidationResult validationResult = + ValidationResult validationResult = await samlTokenHandler.ValidateTokenAsync( samlToken, theoryData.ValidationParameters!, diff --git a/test/Microsoft.IdentityModel.Tokens.Saml.Tests/SamlSecurityTokenHandlerTests.ValidateTokenAsyncTests.IssuerSigningKey.cs b/test/Microsoft.IdentityModel.Tokens.Saml.Tests/SamlSecurityTokenHandlerTests.ValidateTokenAsyncTests.IssuerSigningKey.cs index 3598ad2c06..49c0c5ace4 100644 --- a/test/Microsoft.IdentityModel.Tokens.Saml.Tests/SamlSecurityTokenHandlerTests.ValidateTokenAsyncTests.IssuerSigningKey.cs +++ b/test/Microsoft.IdentityModel.Tokens.Saml.Tests/SamlSecurityTokenHandlerTests.ValidateTokenAsyncTests.IssuerSigningKey.cs @@ -5,6 +5,7 @@ using System.Threading; using System.Threading.Tasks; using Microsoft.IdentityModel.TestUtils; +using Microsoft.IdentityModel.Tokens.Experimental; using Xunit; #nullable enable @@ -26,7 +27,7 @@ public async Task ValidateTokenAsync_IssuerSigningKeyComparison(ValidateTokenAsy await samlTokenHandler.ValidateTokenAsync(samlToken.Assertion.CanonicalString, theoryData.TokenValidationParameters!); // Validate the token using ValidationParameters. - ValidationResult validationResult = + ValidationResult validationResult = await samlTokenHandler.ValidateTokenAsync( samlToken, theoryData.ValidationParameters!, diff --git a/test/Microsoft.IdentityModel.Tokens.Saml.Tests/SamlSecurityTokenHandlerTests.ValidateTokenAsyncTests.Lifetime.cs b/test/Microsoft.IdentityModel.Tokens.Saml.Tests/SamlSecurityTokenHandlerTests.ValidateTokenAsyncTests.Lifetime.cs index d4ae7cd788..a781cee72e 100644 --- a/test/Microsoft.IdentityModel.Tokens.Saml.Tests/SamlSecurityTokenHandlerTests.ValidateTokenAsyncTests.Lifetime.cs +++ b/test/Microsoft.IdentityModel.Tokens.Saml.Tests/SamlSecurityTokenHandlerTests.ValidateTokenAsyncTests.Lifetime.cs @@ -5,6 +5,7 @@ using System.Threading; using System.Threading.Tasks; using Microsoft.IdentityModel.TestUtils; +using Microsoft.IdentityModel.Tokens.Experimental; using Xunit; namespace Microsoft.IdentityModel.Tokens.Saml.Tests @@ -34,7 +35,7 @@ public async Task ValidateTokenAsync_LifetimeComparison(ValidateTokenAsyncLifeti await samlTokenHandler.ValidateTokenAsync(samlToken.Assertion.CanonicalString, tokenValidationParameters); // Validate token using ValidationParameters. - ValidationResult validationResult = + ValidationResult validationResult = await samlTokenHandler.ValidateTokenAsync( samlToken, theoryData.ValidationParameters!, diff --git a/test/Microsoft.IdentityModel.Tokens.Saml.Tests/SamlSecurityTokenHandlerTests.ValidateTokenAsyncTests.Signature.cs b/test/Microsoft.IdentityModel.Tokens.Saml.Tests/SamlSecurityTokenHandlerTests.ValidateTokenAsyncTests.Signature.cs index d3714f73b4..486fd62558 100644 --- a/test/Microsoft.IdentityModel.Tokens.Saml.Tests/SamlSecurityTokenHandlerTests.ValidateTokenAsyncTests.Signature.cs +++ b/test/Microsoft.IdentityModel.Tokens.Saml.Tests/SamlSecurityTokenHandlerTests.ValidateTokenAsyncTests.Signature.cs @@ -5,6 +5,7 @@ using System.Threading; using System.Threading.Tasks; using Microsoft.IdentityModel.TestUtils; +using Microsoft.IdentityModel.Tokens.Experimental; using Xunit; namespace Microsoft.IdentityModel.Tokens.Saml.Tests @@ -26,7 +27,7 @@ public async Task ValidateTokenAsync_SignatureComparison(ValidateTokenAsyncSigna await samlTokenHandler.ValidateTokenAsync(samlToken.Assertion.CanonicalString, theoryData.TokenValidationParameters); // Validate the token using ValidationParameters. - ValidationResult validationResult = + ValidationResult validationResult = await samlTokenHandler.ValidateTokenAsync( samlToken, theoryData.ValidationParameters!, diff --git a/test/Microsoft.IdentityModel.Tokens.Saml.Tests/SamlSecurityTokenHandlerTests.ValidateTokenAsyncTests.TokenReplay.cs b/test/Microsoft.IdentityModel.Tokens.Saml.Tests/SamlSecurityTokenHandlerTests.ValidateTokenAsyncTests.TokenReplay.cs index 0ae2a2ed76..29bc083fe8 100644 --- a/test/Microsoft.IdentityModel.Tokens.Saml.Tests/SamlSecurityTokenHandlerTests.ValidateTokenAsyncTests.TokenReplay.cs +++ b/test/Microsoft.IdentityModel.Tokens.Saml.Tests/SamlSecurityTokenHandlerTests.ValidateTokenAsyncTests.TokenReplay.cs @@ -4,6 +4,7 @@ using System.Threading; using System.Threading.Tasks; using Microsoft.IdentityModel.TestUtils; +using Microsoft.IdentityModel.Tokens.Experimental; using Xunit; namespace Microsoft.IdentityModel.Tokens.Saml.Tests @@ -25,7 +26,7 @@ public async Task ValidateTokenAsync_TokenReplayComparison(ValidateTokenAsyncTok await samlTokenHandler.ValidateTokenAsync(samlToken.Assertion.CanonicalString, theoryData.TokenValidationParameters); // Validate the token using ValidationParameters. - ValidationResult validationResult = + ValidationResult validationResult = await samlTokenHandler.ValidateTokenAsync( samlToken, theoryData.ValidationParameters!, diff --git a/test/Microsoft.IdentityModel.Tokens.Tests/AbstractVirtualsTests.cs b/test/Microsoft.IdentityModel.Tokens.Tests/AbstractVirtualsTests.cs index d60e7c58e3..2194ddd6a7 100644 --- a/test/Microsoft.IdentityModel.Tokens.Tests/AbstractVirtualsTests.cs +++ b/test/Microsoft.IdentityModel.Tokens.Tests/AbstractVirtualsTests.cs @@ -5,6 +5,7 @@ using System.Threading; using System.Threading.Tasks; using Microsoft.IdentityModel.TestUtils; +using Microsoft.IdentityModel.Tokens.Experimental; using Xunit; namespace Microsoft.IdentityModel.Tokens.Tests @@ -179,7 +180,7 @@ public async Task TokenHandler_ValidationParameters_ValidateTokenAsyncString() } catch (Exception ex) { - Assert.Contains("internal virtual Task> " + + Assert.Contains("internal virtual Task> " + "ValidateTokenAsync(string token, ValidationParameters validationParameters, CallContext callContext, CancellationToken cancellationToken)", ex.Message); @@ -202,7 +203,7 @@ public async Task TokenHandler_ValidationParameters_ValidateTokenAsyncToken() } catch (Exception ex) { - Assert.Contains("internal virtual Task> " + + Assert.Contains("internal virtual Task> " + "ValidateTokenAsync(SecurityToken token, ValidationParameters validationParameters, CallContext callContext, CancellationToken cancellationToken)", ex.Message); diff --git a/test/Microsoft.IdentityModel.Tokens.Tests/Validation/AlgorithmValidationResultTests.cs b/test/Microsoft.IdentityModel.Tokens.Tests/Validation/AlgorithmValidationResultTests.cs index 3c55debd4b..2c54827072 100644 --- a/test/Microsoft.IdentityModel.Tokens.Tests/Validation/AlgorithmValidationResultTests.cs +++ b/test/Microsoft.IdentityModel.Tokens.Tests/Validation/AlgorithmValidationResultTests.cs @@ -5,6 +5,7 @@ using Microsoft.IdentityModel.Logging; using Xunit; using System; +using Microsoft.IdentityModel.Tokens.Experimental; namespace Microsoft.IdentityModel.Tokens.Validation.Tests { @@ -15,7 +16,7 @@ public void ValidateAlgorithm(AlgorithmTheoryData theoryData) { CompareContext context = TestUtilities.WriteHeader($"{this}.AlgorithmValidationResultTests", theoryData); - ValidationResult result = Validators.ValidateAlgorithm( + ValidationResult result = Validators.ValidateAlgorithm( theoryData.Algorithm, theoryData.SecurityKey, theoryData.SecurityToken, @@ -62,13 +63,14 @@ public static TheoryData AlgorithmValidationTestCases SecurityKey = null, SecurityToken = null, ValidationParameters = null, - Result = new ValidationError( + Result = new AlgorithmValidationError( new MessageDetail( LogMessages.IDX10000, LogHelper.MarkAsNonPII("validationParameters")), ValidationFailureType.NullArgument, typeof(SecurityTokenArgumentNullException), - null), // StackFrame + null, // StackFrame + null) // InvalidAlgorithm }, new AlgorithmTheoryData { @@ -81,13 +83,14 @@ public static TheoryData AlgorithmValidationTestCases { ValidAlgorithms = new[] { SecurityAlgorithms.HmacSha256 } }, - Result = new ValidationError( + Result = new AlgorithmValidationError( new MessageDetail( LogMessages.IDX10696, LogHelper.MarkAsNonPII(SecurityAlgorithms.Sha256)), ValidationFailureType.AlgorithmValidationFailed, typeof(SecurityTokenInvalidAlgorithmException), - null), // StackFrame + null, // StackFrame + SecurityAlgorithms.Sha256) // InvalidAlgorithm }, new AlgorithmTheoryData { @@ -127,7 +130,7 @@ public class AlgorithmTheoryData : TheoryDataBase internal ValidationParameters ValidationParameters { get; set; } - internal ValidationResult Result { get; set; } + internal ValidationResult Result { get; set; } } } } diff --git a/test/Microsoft.IdentityModel.Tokens.Tests/Validation/AudienceValidationResultTests.cs b/test/Microsoft.IdentityModel.Tokens.Tests/Validation/AudienceValidationResultTests.cs index 848cb2d4e7..8cf1160d5a 100644 --- a/test/Microsoft.IdentityModel.Tokens.Tests/Validation/AudienceValidationResultTests.cs +++ b/test/Microsoft.IdentityModel.Tokens.Tests/Validation/AudienceValidationResultTests.cs @@ -6,6 +6,7 @@ using Microsoft.IdentityModel.JsonWebTokens; using Microsoft.IdentityModel.Logging; using Microsoft.IdentityModel.TestUtils; +using Microsoft.IdentityModel.Tokens.Experimental; using Microsoft.IdentityModel.Tokens.Json.Tests; using Xunit; @@ -28,7 +29,7 @@ public void ValidateAudienceParameters(AudienceValidationTheoryData theoryData) theoryData.ValidationParameters.ValidAudiences.Add(audience); } - ValidationResult result = Validators.ValidateAudience( + ValidationResult result = Validators.ValidateAudience( theoryData.TokenAudiences, theoryData.SecurityToken, theoryData.ValidationParameters, @@ -79,20 +80,24 @@ public static TheoryData ValidateAudienceParameter TokenAudiences = new List { "audience1" }, ExpectedException = ExpectedException.SecurityTokenArgumentNullException("IDX10000:"), ValidationParameters = null, - Result = new ValidationError( + Result = new AudienceValidationError( MessageDetail.NullParameter("validationParameters"), ValidationFailureType.NullArgument, typeof(SecurityTokenArgumentNullException), + null, + null, null) }, new AudienceValidationTheoryData("AudiencesNull") { TokenAudiences = null, ExpectedException = ExpectedException.SecurityTokenArgumentNullException("IDX10000:"), - Result = new ValidationError( + Result = new AudienceValidationError( MessageDetail.NullParameter("tokenAudiences"), ValidationFailureType.NullArgument, typeof(SecurityTokenInvalidAudienceException), + null, + null, null) }, new AudienceValidationTheoryData("AudiencesEmptyList") @@ -100,12 +105,14 @@ public static TheoryData ValidateAudienceParameter TokenAudiences = new List { }, ExpectedException = ExpectedException.SecurityTokenInvalidAudienceException("IDX10206:"), ValidationParameters = new ValidationParameters(), - Result = new ValidationError( + Result = new AudienceValidationError( new MessageDetail( LogMessages.IDX10206, null), ValidationFailureType.NoTokenAudiencesProvided, typeof(SecurityTokenInvalidAudienceException), + null, + null, null) }, new AudienceValidationTheoryData("AudiencesEmptyString_ScrubbedMessage") @@ -114,11 +121,13 @@ public static TheoryData ValidateAudienceParameter ExpectedException = ExpectedException.SecurityTokenInvalidAudienceException("IDX10215:"), ValidationParameters = new ValidationParameters(), ValidAudiences = ["audience1"], - Result = new ValidationError( + Result = new AudienceValidationError( new MessageDetail( LogMessages.IDX10215S), ValidationFailureType.AudienceValidationFailed, typeof(SecurityTokenInvalidAudienceException), + null, + null, null) }, new AudienceValidationTheoryData("AudiencesWhiteSpace_ScrubbedMessage") @@ -127,11 +136,13 @@ public static TheoryData ValidateAudienceParameter ExpectedException = ExpectedException.SecurityTokenInvalidAudienceException("IDX10215:"), ValidationParameters = new ValidationParameters(), ValidAudiences = ["audience1"], - Result = new ValidationError( + Result = new AudienceValidationError( new MessageDetail( LogMessages.IDX10215S), ValidationFailureType.AudienceValidationFailed, typeof(SecurityTokenInvalidAudienceException), + null, + null, null) }, @@ -141,13 +152,15 @@ public static TheoryData ValidateAudienceParameter ExpectedException = ExpectedException.SecurityTokenInvalidAudienceException("IDX10215:"), ValidationParameters = new ValidationParameters(), ValidAudiences = ["audience1"], - Result = new ValidationError( + Result = new AudienceValidationError( new MessageDetail( LogMessages.IDX10215, LogHelper.MarkAsNonPII(string.Empty), LogHelper.MarkAsNonPII("audience1")), ValidationFailureType.AudienceValidationFailed, typeof(SecurityTokenInvalidAudienceException), + null, + null, null), DoNotScrubErrorMessages = true }, @@ -157,13 +170,15 @@ public static TheoryData ValidateAudienceParameter ExpectedException = ExpectedException.SecurityTokenInvalidAudienceException("IDX10215:"), ValidationParameters = new ValidationParameters(), ValidAudiences = ["audience1"], - Result = new ValidationError( + Result = new AudienceValidationError( new MessageDetail( LogMessages.IDX10215, LogHelper.MarkAsNonPII(" "), LogHelper.MarkAsNonPII("audience1")), ValidationFailureType.AudienceValidationFailed, typeof(SecurityTokenInvalidAudienceException), + null, + null, null), DoNotScrubErrorMessages = true }, @@ -182,7 +197,7 @@ public void ValidateAudienceTests(AudienceValidationTheoryData theoryData) theoryData.ValidationParameters.ValidAudiences.Add(audience); } - ValidationResult result = Validators.ValidateAudience( + ValidationResult result = Validators.ValidateAudience( theoryData.TokenAudiences, theoryData.SecurityToken, theoryData.ValidationParameters, @@ -248,14 +263,16 @@ public static TheoryData ValidateAudienceTestCases ValidationParameters = new ValidationParameters(), ValidAudiences = [audience2], SecurityToken = JsonUtilities.CreateUnsignedJsonWebToken(JwtRegisteredClaimNames.Iss, "Issuer"), - Result = new ValidationError( + Result = new AudienceValidationError( new MessageDetail( LogMessages.IDX10215, LogHelper.MarkAsNonPII(commaAudience1), LogHelper.MarkAsNonPII(audience2)), ValidationFailureType.AudienceValidationFailed, typeof(SecurityTokenInvalidAudienceException), - null) + null, + audiences1, + [audience2]) }, new AudienceValidationTheoryData("Invalid_AudiencesValidAudienceWithSlashNotMatched") { @@ -264,14 +281,16 @@ public static TheoryData ValidateAudienceTestCases ValidationParameters = new ValidationParameters(), ValidAudiences = [audience2 + "/"], SecurityToken = JsonUtilities.CreateUnsignedJsonWebToken(JwtRegisteredClaimNames.Iss, "Issuer"), - Result = new ValidationError( + Result = new AudienceValidationError( new MessageDetail( LogMessages.IDX10215, LogHelper.MarkAsNonPII(commaAudience1), LogHelper.MarkAsNonPII(audience2Slash)), ValidationFailureType.AudienceValidationFailed, typeof(SecurityTokenInvalidAudienceException), - null) + null, + audiences1, + [audience2 + "/"]) }, new AudienceValidationTheoryData("Invalid_AudiencesWithSlashValidAudienceSameLengthNotMatched") { @@ -279,14 +298,16 @@ public static TheoryData ValidateAudienceTestCases ExpectedException = ExpectedException.SecurityTokenInvalidAudienceException("IDX10215:"), ValidationParameters = new ValidationParameters(), ValidAudiences = [audience1], - Result = new ValidationError( + Result = new AudienceValidationError( new MessageDetail( LogMessages.IDX10215, LogHelper.MarkAsNonPII(commaAudience2Slash), LogHelper.MarkAsNonPII(audience1)), ValidationFailureType.AudienceValidationFailed, typeof(SecurityTokenInvalidAudienceException), - null) + null, + audiences1WithSlash, + [audience1]) }, new AudienceValidationTheoryData("Invalid_ValidAudienceWithSlash_IgnoreTrailingSlashFalse") { @@ -294,14 +315,16 @@ public static TheoryData ValidateAudienceTestCases ExpectedException = ExpectedException.SecurityTokenInvalidAudienceException("IDX10215:"), ValidationParameters = new ValidationParameters{ IgnoreTrailingSlashWhenValidatingAudience = false }, ValidAudiences = [audience1 + "/"], - Result = new ValidationError( + Result = new AudienceValidationError( new MessageDetail( LogMessages.IDX10215, LogHelper.MarkAsNonPII(commaAudience1), LogHelper.MarkAsNonPII(audience1Slash)), ValidationFailureType.AudienceValidationFailed, typeof(SecurityTokenInvalidAudienceException), - null) + null, + audiences1, + [audience1 + "/"]) }, new AudienceValidationTheoryData("Valid_ValidAudienceWithSlash_IgnoreTrailingSlashTrue") { @@ -316,14 +339,16 @@ public static TheoryData ValidateAudienceTestCases ExpectedException = ExpectedException.SecurityTokenInvalidAudienceException("IDX10215:"), ValidationParameters = new ValidationParameters{ IgnoreTrailingSlashWhenValidatingAudience = false }, ValidAudiences = audiences1WithSlash, - Result = new ValidationError( + Result = new AudienceValidationError( new MessageDetail( LogMessages.IDX10215, LogHelper.MarkAsNonPII(commaAudience1), LogHelper.MarkAsNonPII(commaAudience1Slash)), ValidationFailureType.AudienceValidationFailed, typeof(SecurityTokenInvalidAudienceException), - null) + null, + audiences1, + audiences1WithSlash) }, new AudienceValidationTheoryData("Valid_ValidAudiencesWithSlash_IgnoreTrailingSlashTrue") { @@ -338,14 +363,16 @@ public static TheoryData ValidateAudienceTestCases ExpectedException = ExpectedException.SecurityTokenInvalidAudienceException("IDX10215:"), ValidationParameters = new ValidationParameters(), ValidAudiences = [audience1 + "A"], - Result = new ValidationError( + Result = new AudienceValidationError( new MessageDetail( LogMessages.IDX10215, LogHelper.MarkAsNonPII(commaAudience1), LogHelper.MarkAsNonPII(audience1 + "A")), ValidationFailureType.AudienceValidationFailed, typeof(SecurityTokenInvalidAudienceException), - null) + null, + audiences1, + [audience1 + "A"]) }, new AudienceValidationTheoryData("Invalid_ValidAudienceWithDoubleSlash_IgnoreTrailingSlashTrue") { @@ -353,14 +380,16 @@ public static TheoryData ValidateAudienceTestCases ExpectedException = ExpectedException.SecurityTokenInvalidAudienceException("IDX10215:"), ValidationParameters = new ValidationParameters(), ValidAudiences = [audience1 + "//"], - Result = new ValidationError( + Result = new AudienceValidationError( new MessageDetail( LogMessages.IDX10215, LogHelper.MarkAsNonPII(commaAudience1), LogHelper.MarkAsNonPII(audience1 + "//")), ValidationFailureType.AudienceValidationFailed, typeof(SecurityTokenInvalidAudienceException), - null) + null, + audiences1, + [audience1 + "//"]) }, new AudienceValidationTheoryData("Invalid_ValidAudiencesWithDoubleSlash_IgnoreTrailingSlashTrue") { @@ -368,14 +397,16 @@ public static TheoryData ValidateAudienceTestCases ExpectedException = ExpectedException.SecurityTokenInvalidAudienceException("IDX10215:"), ValidationParameters = new ValidationParameters(), ValidAudiences = audiences1WithTwoSlashes, - Result = new ValidationError( + Result = new AudienceValidationError( new MessageDetail( LogMessages.IDX10215, LogHelper.MarkAsNonPII(commaAudience1), LogHelper.MarkAsNonPII(commaAudience1 + "//")), ValidationFailureType.AudienceValidationFailed, typeof(SecurityTokenInvalidAudienceException), - null) + null, + audiences1, + audiences1WithTwoSlashes) }, new AudienceValidationTheoryData("Invalid_TokenAudienceWithSlash_IgnoreTrailingSlashFalse") { @@ -383,14 +414,16 @@ public static TheoryData ValidateAudienceTestCases ExpectedException = ExpectedException.SecurityTokenInvalidAudienceException("IDX10215:"), ValidationParameters = new ValidationParameters{ IgnoreTrailingSlashWhenValidatingAudience = false }, ValidAudiences = [audience1], - Result = new ValidationError( + Result = new AudienceValidationError( new MessageDetail( LogMessages.IDX10215, LogHelper.MarkAsNonPII(commaAudience1Slash), LogHelper.MarkAsNonPII(audience1)), ValidationFailureType.AudienceValidationFailed, typeof(SecurityTokenInvalidAudienceException), - null) + null, + audiences1WithSlash, + [audience1]) }, new AudienceValidationTheoryData("Valid_TokenAudienceWithSlash_IgnoreTrailingSlashTrue") { @@ -405,14 +438,16 @@ public static TheoryData ValidateAudienceTestCases ExpectedException = ExpectedException.SecurityTokenInvalidAudienceException("IDX10215:"), ValidationParameters = new ValidationParameters(), ValidAudiences = [audience1], - Result = new ValidationError( + Result = new AudienceValidationError( new MessageDetail( LogMessages.IDX10215, LogHelper.MarkAsNonPII(commaAudience2Slash), LogHelper.MarkAsNonPII(audience1)), ValidationFailureType.AudienceValidationFailed, typeof(SecurityTokenInvalidAudienceException), - null) + null, + audiences2WithSlash, + [audience1]) }, new AudienceValidationTheoryData("Invalid_TokenAudiencesWithSlash_IgnoreTrailingSlashFalse") { @@ -420,14 +455,16 @@ public static TheoryData ValidateAudienceTestCases ExpectedException = ExpectedException.SecurityTokenInvalidAudienceException("IDX10215:"), ValidationParameters = new ValidationParameters{ IgnoreTrailingSlashWhenValidatingAudience = false }, ValidAudiences = [audience1], - Result = new ValidationError( + Result = new AudienceValidationError( new MessageDetail( LogMessages.IDX10215, LogHelper.MarkAsNonPII(commaAudience1Slash), LogHelper.MarkAsNonPII(audience1)), ValidationFailureType.AudienceValidationFailed, typeof(SecurityTokenInvalidAudienceException), - null) + null, + audiences1WithSlash, + [audience1]) }, new AudienceValidationTheoryData("Valid_TokenAudiencesWithSlash_IgnoreTrailingSlashTrue") { @@ -442,14 +479,16 @@ public static TheoryData ValidateAudienceTestCases ExpectedException = ExpectedException.SecurityTokenInvalidAudienceException("IDX10215:"), ValidationParameters = new ValidationParameters(), ValidAudiences = audiences2, - Result = new ValidationError( + Result = new AudienceValidationError( new MessageDetail( LogMessages.IDX10215, LogHelper.MarkAsNonPII(commaAudience1Slash), LogHelper.MarkAsNonPII(commaAudience2)), ValidationFailureType.AudienceValidationFailed, typeof(SecurityTokenInvalidAudienceException), - null) + null, + audiences1WithSlash, + audiences2) }, new AudienceValidationTheoryData("TokenAudienceWithTwoSlashesVPTrue") { @@ -457,14 +496,16 @@ public static TheoryData ValidateAudienceTestCases ExpectedException = ExpectedException.SecurityTokenInvalidAudienceException("IDX10215:"), ValidationParameters = new ValidationParameters(), ValidAudiences = [audience1], - Result = new ValidationError( + Result = new AudienceValidationError( new MessageDetail( LogMessages.IDX10215, LogHelper.MarkAsNonPII(commaAudience1 + "//"), LogHelper.MarkAsNonPII(audience1)), ValidationFailureType.AudienceValidationFailed, typeof(SecurityTokenInvalidAudienceException), - null) + null, + audiences1WithTwoSlashes, + [audience1]) } }; } @@ -484,7 +525,7 @@ public AudienceValidationTheoryData(string testId) : base(testId) { } public List ValidAudiences { get; set; } - internal ValidationResult Result { get; set; } + internal ValidationResult Result { get; set; } internal bool DoNotScrubErrorMessages { get; set; } } diff --git a/test/Microsoft.IdentityModel.Tokens.Tests/Validation/IssuerValidationResultTests.cs b/test/Microsoft.IdentityModel.Tokens.Tests/Validation/IssuerValidationResultTests.cs index e16148631e..5b776a891a 100644 --- a/test/Microsoft.IdentityModel.Tokens.Tests/Validation/IssuerValidationResultTests.cs +++ b/test/Microsoft.IdentityModel.Tokens.Tests/Validation/IssuerValidationResultTests.cs @@ -10,6 +10,7 @@ using Microsoft.IdentityModel.Tokens.Json.Tests; using Microsoft.IdentityModel.Protocols.OpenIdConnect; using Xunit; +using Microsoft.IdentityModel.Tokens.Experimental; namespace Microsoft.IdentityModel.Tokens.IssuerValidation.Tests { @@ -23,7 +24,7 @@ public async Task IssuerValidatorAsyncTests(IssuerValidationResultsTheoryData th if (theoryData.ValidIssuerToAdd != null) theoryData.ValidationParameters.ValidIssuers.Add(theoryData.ValidIssuerToAdd); - ValidationResult result = await Validators.ValidateIssuerAsync( + ValidationResult result = await Validators.ValidateIssuerAsync( theoryData.Issuer, theoryData.SecurityToken, theoryData.ValidationParameters, @@ -68,7 +69,7 @@ public static TheoryData IssuerValdationResul theoryData.Add(new IssuerValidationResultsTheoryData("NULL_Issuer") { ExpectedException = ExpectedException.SecurityTokenInvalidIssuerException("IDX10211:"), - Result = new ValidationError( + Result = new IssuerValidationError( new MessageDetail( LogMessages.IDX10211, LogHelper.MarkAsNonPII(null), @@ -77,6 +78,7 @@ public static TheoryData IssuerValdationResul LogHelper.MarkAsNonPII(null)), ValidationFailureType.IssuerValidationFailed, typeof(SecurityTokenInvalidIssuerException), + null, null), SecurityToken = JsonUtilities.CreateUnsignedJsonWebToken(JwtRegisteredClaimNames.Iss, issClaim), ValidationParameters = new ValidationParameters() @@ -86,12 +88,13 @@ public static TheoryData IssuerValdationResul { ExpectedException = ExpectedException.SecurityTokenArgumentNullException("IDX10000:"), Issuer = issClaim, - Result = new ValidationError( + Result = new IssuerValidationError( new MessageDetail( LogMessages.IDX10000, LogHelper.MarkAsNonPII("validationParameters")), ValidationFailureType.NullArgument, typeof(SecurityTokenArgumentNullException), + null, null), SecurityToken = JsonUtilities.CreateUnsignedJsonWebToken(JwtRegisteredClaimNames.Iss, issClaim), ValidationParameters = null @@ -101,12 +104,13 @@ public static TheoryData IssuerValdationResul { ExpectedException = ExpectedException.SecurityTokenArgumentNullException("IDX10000:"), Issuer = issClaim, - Result = new ValidationError( + Result = new IssuerValidationError( new MessageDetail( LogMessages.IDX10000, LogHelper.MarkAsNonPII("securityToken")), ValidationFailureType.NullArgument, typeof(SecurityTokenArgumentNullException), + null, null), SecurityToken = null, ValidationParameters = new ValidationParameters() @@ -136,7 +140,7 @@ public static TheoryData IssuerValdationResul { ExpectedException = ExpectedException.SecurityTokenInvalidIssuerException("IDX10212:"), Issuer = issClaim, - Result = new ValidationError( + Result = new IssuerValidationError( new MessageDetail( LogMessages.IDX10212, LogHelper.MarkAsNonPII(issClaim), @@ -144,7 +148,8 @@ public static TheoryData IssuerValdationResul LogHelper.MarkAsNonPII(null)), ValidationFailureType.IssuerValidationFailed, typeof(SecurityTokenInvalidIssuerException), - null), + null, + issClaim), SecurityToken = JsonUtilities.CreateUnsignedJsonWebToken(JwtRegisteredClaimNames.Iss, issClaim), ValidationParameters = new ValidationParameters(), ValidIssuerToAdd = validIssuer @@ -165,7 +170,7 @@ public IssuerValidationResultsTheoryData(string testId) : base(testId) public string Issuer { get; set; } - internal ValidationResult Result { get; set; } + internal ValidationResult Result { get; set; } public SecurityToken SecurityToken { get; set; } diff --git a/test/Microsoft.IdentityModel.Tokens.Tests/Validation/LifetimeValidationResultTests.cs b/test/Microsoft.IdentityModel.Tokens.Tests/Validation/LifetimeValidationResultTests.cs index 76eacd288d..45aae663ad 100644 --- a/test/Microsoft.IdentityModel.Tokens.Tests/Validation/LifetimeValidationResultTests.cs +++ b/test/Microsoft.IdentityModel.Tokens.Tests/Validation/LifetimeValidationResultTests.cs @@ -4,6 +4,7 @@ using System; using Microsoft.IdentityModel.Logging; using Microsoft.IdentityModel.TestUtils; +using Microsoft.IdentityModel.Tokens.Experimental; using Xunit; namespace Microsoft.IdentityModel.Tokens.Validation.Tests @@ -15,7 +16,7 @@ public void ValidateLifetime(ValidateLifetimeTheoryData theoryData) { CompareContext context = TestUtilities.WriteHeader($"{this}.LifetimeValidatorTests", theoryData); - ValidationResult result = Validators.ValidateLifetime( + ValidationResult result = Validators.ValidateLifetime( theoryData.NotBefore, theoryData.Expires, theoryData.SecurityToken, @@ -104,21 +105,25 @@ public static TheoryData ValidateLifetimeTestCases Expires = oneHourFromNow, NotBefore = oneHourAgo, ValidationParameters = null, - Result = new ValidationError( + Result = new LifetimeValidationError( new MessageDetail(LogMessages.IDX10000, "validationParameters"), ValidationFailureType.NullArgument, typeof(SecurityTokenArgumentNullException), - null), + null, + oneHourAgo, + oneHourFromNow), }, new ValidateLifetimeTheoryData("Invalid_ExpiresIsNull") { ExpectedException = ExpectedException.SecurityTokenNoExpirationException("IDX10225:"), NotBefore = oneHourAgo, ValidationParameters = new ValidationParameters() { TimeProvider = timeProvider }, - Result = new ValidationError( + Result = new LifetimeValidationError( new MessageDetail(LogMessages.IDX10225, "null"), ValidationFailureType.LifetimeValidationFailed, typeof(SecurityTokenNoExpirationException), + null, + oneHourAgo, null), }, new ValidateLifetimeTheoryData("Invalid_NotBeforeIsAfterExpires") @@ -127,14 +132,16 @@ public static TheoryData ValidateLifetimeTestCases Expires = oneHourAgo, NotBefore = oneHourFromNow, ValidationParameters = new ValidationParameters() { TimeProvider = timeProvider }, - Result = new ValidationError( + Result = new LifetimeValidationError( new MessageDetail( LogMessages.IDX10224, LogHelper.MarkAsNonPII(oneHourFromNow), LogHelper.MarkAsNonPII(oneHourAgo)), ValidationFailureType.LifetimeValidationFailed, typeof(SecurityTokenInvalidLifetimeException), - null), + null, + oneHourFromNow, + oneHourAgo), }, new ValidateLifetimeTheoryData("Invalid_NotYetValid") { @@ -142,14 +149,16 @@ public static TheoryData ValidateLifetimeTestCases Expires = twoHoursFromNow, NotBefore = oneHourFromNow, ValidationParameters = new ValidationParameters() { TimeProvider = timeProvider }, - Result = new ValidationError( + Result = new LifetimeValidationError( new MessageDetail( LogMessages.IDX10222, LogHelper.MarkAsNonPII(oneHourFromNow), LogHelper.MarkAsNonPII(utcNow)), ValidationFailureType.LifetimeValidationFailed, typeof(SecurityTokenNotYetValidException), - null), + null, + oneHourFromNow, + twoHoursFromNow), }, new ValidateLifetimeTheoryData("Invalid_Expired") { @@ -157,14 +166,16 @@ public static TheoryData ValidateLifetimeTestCases Expires = oneHourAgo, NotBefore = twoHoursAgo, ValidationParameters = new ValidationParameters() { TimeProvider = timeProvider }, - Result = new ValidationError( + Result = new LifetimeValidationError( new MessageDetail( LogMessages.IDX10223, LogHelper.MarkAsNonPII(oneHourAgo), LogHelper.MarkAsNonPII(utcNow)), ValidationFailureType.LifetimeValidationFailed, typeof(SecurityTokenExpiredException), - null), + null, + twoHoursAgo, + oneHourAgo), }, new ValidateLifetimeTheoryData("Invalid_NotYetValid_SkewForward") { @@ -175,14 +186,16 @@ public static TheoryData ValidateLifetimeTestCases ClockSkew = TimeSpan.FromMinutes(5), TimeProvider = timeProvider }, - Result = new ValidationError( + Result = new LifetimeValidationError( new MessageDetail( LogMessages.IDX10222, LogHelper.MarkAsNonPII(sixMinutesFromNow), LogHelper.MarkAsNonPII(utcNow)), ValidationFailureType.LifetimeValidationFailed, typeof(SecurityTokenNotYetValidException), - null), + null, + sixMinutesFromNow, + oneHourFromNow), }, new ValidateLifetimeTheoryData("Invalid_Expired_SkewBackward") { @@ -193,14 +206,16 @@ public static TheoryData ValidateLifetimeTestCases ClockSkew = TimeSpan.FromMinutes(5), TimeProvider = timeProvider }, - Result = new ValidationError( + Result = new LifetimeValidationError( new MessageDetail( LogMessages.IDX10223, LogHelper.MarkAsNonPII(sixMinutesAgo), LogHelper.MarkAsNonPII(utcNow)), ValidationFailureType.LifetimeValidationFailed, typeof(SecurityTokenExpiredException), - null), + null, + twoHoursAgo, + sixMinutesAgo), } }; } @@ -221,7 +236,7 @@ public ValidateLifetimeTheoryData(string testId) : base(testId) internal ValidationParameters ValidationParameters { get; set; } - internal ValidationResult Result { get; set; } + internal ValidationResult Result { get; set; } internal ValidationFailureType ValidationFailureType { get; set; } } diff --git a/test/Microsoft.IdentityModel.Tokens.Tests/Validation/ReplayValidationResultTests.cs b/test/Microsoft.IdentityModel.Tokens.Tests/Validation/ReplayValidationResultTests.cs index 5759e055eb..c0791dc270 100644 --- a/test/Microsoft.IdentityModel.Tokens.Tests/Validation/ReplayValidationResultTests.cs +++ b/test/Microsoft.IdentityModel.Tokens.Tests/Validation/ReplayValidationResultTests.cs @@ -4,6 +4,7 @@ using System; using Microsoft.IdentityModel.Logging; using Microsoft.IdentityModel.TestUtils; +using Microsoft.IdentityModel.Tokens.Experimental; using Xunit; namespace Microsoft.IdentityModel.Tokens.Validation.Tests @@ -15,7 +16,7 @@ public void ValidateTokenReplay(TokenReplayTheoryData theoryData) { CompareContext context = TestUtilities.WriteHeader($"{this}.TokenReplayValidationResultTests", theoryData); - ValidationResult result = Validators.ValidateTokenReplay( + ValidationResult result = Validators.ValidateTokenReplay( theoryData.ExpirationTime, theoryData.SecurityToken, theoryData.ValidationParameters, @@ -85,12 +86,13 @@ public static TheoryData TokenReplayValidationTestCases ExpirationTime = now, SecurityToken = null, ValidationParameters = new ValidationParameters(), - Result = new ValidationError( + Result = new TokenReplayValidationError( new MessageDetail( LogMessages.IDX10000, LogHelper.MarkAsNonPII("securityToken")), ValidationFailureType.NullArgument, typeof(SecurityTokenArgumentNullException), + null, null), }, new TokenReplayTheoryData @@ -100,12 +102,13 @@ public static TheoryData TokenReplayValidationTestCases ExpirationTime = now, SecurityToken = string.Empty, ValidationParameters = new ValidationParameters(), - Result = new ValidationError( + Result = new TokenReplayValidationError( new MessageDetail( LogMessages.IDX10000, LogHelper.MarkAsNonPII("securityToken")), ValidationFailureType.NullArgument, typeof(SecurityTokenArgumentNullException), + null, null), }, new TokenReplayTheoryData @@ -115,12 +118,13 @@ public static TheoryData TokenReplayValidationTestCases ExpirationTime = now, SecurityToken = "token", ValidationParameters = null, - Result = new ValidationError( + Result = new TokenReplayValidationError( new MessageDetail( LogMessages.IDX10000, LogHelper.MarkAsNonPII("validationParameters")), ValidationFailureType.NullArgument, typeof(SecurityTokenArgumentNullException), + null, null), }, new TokenReplayTheoryData @@ -137,12 +141,13 @@ public static TheoryData TokenReplayValidationTestCases OnFindReturnValue = false } }, - Result = new ValidationError( + Result = new TokenReplayValidationError( new MessageDetail( LogMessages.IDX10227, LogHelper.MarkAsUnsafeSecurityArtifact("token", t => t.ToString())), ValidationFailureType.TokenReplayValidationFailed, typeof(SecurityTokenReplayDetectedException), + null, null), }, new TokenReplayTheoryData @@ -159,12 +164,13 @@ public static TheoryData TokenReplayValidationTestCases OnFindReturnValue = true }, }, - Result = new ValidationError( + Result = new TokenReplayValidationError( new MessageDetail( LogMessages.IDX10228, LogHelper.MarkAsUnsafeSecurityArtifact("token", t => t.ToString())), ValidationFailureType.TokenReplayValidationFailed, typeof(SecurityTokenReplayDetectedException), + null, null), }, new TokenReplayTheoryData @@ -181,12 +187,13 @@ public static TheoryData TokenReplayValidationTestCases } }, ExpectedException = ExpectedException.SecurityTokenReplayAddFailed("IDX10229:"), - Result = new ValidationError( + Result = new TokenReplayValidationError( new MessageDetail( LogMessages.IDX10229, LogHelper.MarkAsUnsafeSecurityArtifact("token", t => t.ToString())), ValidationFailureType.TokenReplayValidationFailed, typeof(SecurityTokenReplayDetectedException), + null, null), } }; @@ -202,6 +209,6 @@ public class TokenReplayTheoryData : TheoryDataBase internal ValidationParameters ValidationParameters { get; set; } - internal ValidationResult Result { get; set; } + internal ValidationResult Result { get; set; } } } diff --git a/test/Microsoft.IdentityModel.Tokens.Tests/Validation/SigningKeyValidationResultTests.cs b/test/Microsoft.IdentityModel.Tokens.Tests/Validation/SigningKeyValidationResultTests.cs index 4edfe8af9a..462c41a2b1 100644 --- a/test/Microsoft.IdentityModel.Tokens.Tests/Validation/SigningKeyValidationResultTests.cs +++ b/test/Microsoft.IdentityModel.Tokens.Tests/Validation/SigningKeyValidationResultTests.cs @@ -5,6 +5,7 @@ using System.IdentityModel.Tokens.Jwt; using Microsoft.IdentityModel.Logging; using Microsoft.IdentityModel.TestUtils; +using Microsoft.IdentityModel.Tokens.Experimental; using Xunit; namespace Microsoft.IdentityModel.Tokens.Validation.Tests @@ -16,7 +17,7 @@ public void SecurityKey(SigningKeyValidationTheoryData theoryData) { CompareContext context = TestUtilities.WriteHeader($"{this}.SigningKeyValidationResultTests", theoryData); - ValidationResult result = Validators.ValidateIssuerSigningKey( + ValidationResult result = Validators.ValidateIssuerSigningKey( theoryData.SecurityKey, theoryData.SecurityToken, theoryData.ValidationParameters, @@ -72,11 +73,12 @@ public static TheoryData SigningKeyValidationTes SecurityKey = null, SecurityToken = new JwtSecurityToken(), ValidationParameters = new ValidationParameters(){ TimeProvider = timeProvider }, - Result = new ValidationError( + Result = new IssuerSigningKeyValidationError( new MessageDetail(LogMessages.IDX10253), ValidationFailureType.SigningKeyValidationFailed, typeof(SecurityTokenArgumentNullException), - null), + null, + null), // InvalidSigningKey }, new SigningKeyValidationTheoryData { @@ -85,13 +87,14 @@ public static TheoryData SigningKeyValidationTes SecurityKey = KeyingMaterial.SymmetricSecurityKey2_256, SecurityToken = null, ValidationParameters = new ValidationParameters() { TimeProvider = timeProvider }, - Result = new ValidationError( + Result = new IssuerSigningKeyValidationError( new MessageDetail( LogMessages.IDX10000, LogHelper.MarkAsNonPII("securityToken")), ValidationFailureType.NullArgument, typeof(SecurityTokenArgumentNullException), - null), + null, + null), // InvalidSigningKey }, new SigningKeyValidationTheoryData { @@ -100,13 +103,14 @@ public static TheoryData SigningKeyValidationTes SecurityKey = KeyingMaterial.SymmetricSecurityKey2_256, SecurityToken = new JwtSecurityToken(), ValidationParameters = null, - Result = new ValidationError( + Result = new IssuerSigningKeyValidationError( new MessageDetail( LogMessages.IDX10000, LogHelper.MarkAsNonPII("validationParameters")), ValidationFailureType.NullArgument, typeof(SecurityTokenArgumentNullException), - null), + null, + null), // InvalidSigningKey }, new SigningKeyValidationTheoryData { @@ -115,14 +119,15 @@ public static TheoryData SigningKeyValidationTes SecurityKey = KeyingMaterial.ExpiredX509SecurityKey_Public, SecurityToken = new JwtSecurityToken(), ValidationParameters = new ValidationParameters() { TimeProvider = timeProvider }, - Result = new ValidationError( + Result = new IssuerSigningKeyValidationError( new MessageDetail( LogMessages.IDX10249, LogHelper.MarkAsNonPII(utcExpired), LogHelper.MarkAsNonPII(utcNow)), ValidationFailureType.SigningKeyValidationFailed, typeof(SecurityTokenInvalidSigningKeyException), - null), + null, + null), // InvalidSigningKey }, new SigningKeyValidationTheoryData { @@ -131,14 +136,15 @@ public static TheoryData SigningKeyValidationTes SecurityKey = KeyingMaterial.NotYetValidX509SecurityKey_Public, SecurityToken = new JwtSecurityToken(), ValidationParameters = new ValidationParameters() { TimeProvider = timeProvider }, - Result = new ValidationError( + Result = new IssuerSigningKeyValidationError( new MessageDetail( LogMessages.IDX10248, LogHelper.MarkAsNonPII(utcNotYetValid), LogHelper.MarkAsNonPII(utcNow)), ValidationFailureType.SigningKeyValidationFailed, typeof(SecurityTokenInvalidSigningKeyException), - null), + null, + null), // InvalidSigningKey }, new SigningKeyValidationTheoryData { @@ -147,11 +153,12 @@ public static TheoryData SigningKeyValidationTes SecurityKey = null, SecurityToken = new JwtSecurityToken(), ValidationParameters = new ValidationParameters() { TimeProvider = timeProvider }, - Result = new ValidationError( + Result = new IssuerSigningKeyValidationError( new MessageDetail(LogMessages.IDX10253), ValidationFailureType.SigningKeyValidationFailed, typeof(SecurityTokenArgumentNullException), - null), + null, + null), // InvalidSigningKey }, }; @@ -165,6 +172,6 @@ public class SigningKeyValidationTheoryData : TheoryDataBase public SecurityToken SecurityToken { get; set; } internal ValidationParameters ValidationParameters { get; set; } public BaseConfiguration BaseConfiguration { get; set; } - internal ValidationResult Result { get; set; } + internal ValidationResult Result { get; set; } } } diff --git a/test/Microsoft.IdentityModel.Tokens.Tests/Validation/StackFrameTests.cs b/test/Microsoft.IdentityModel.Tokens.Tests/Validation/StackFrameTests.cs new file mode 100644 index 0000000000..12de43f70d --- /dev/null +++ b/test/Microsoft.IdentityModel.Tokens.Tests/Validation/StackFrameTests.cs @@ -0,0 +1,97 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +using System; +using System.Threading; +using System.Threading.Tasks; +using Microsoft.IdentityModel.JsonWebTokens; +using Microsoft.IdentityModel.TestUtils; +using Microsoft.IdentityModel.Tokens.Experimental; +using Xunit; + +namespace Microsoft.IdentityModel.Tokens.Validation.Tests +{ + public class StackFrameTests + { + [Theory, MemberData(nameof(StackFrameTestCases), DisableDiscoveryEnumeration = true)] + public async Task CallStack(StackFrameTheoryData theoryData) + { + CompareContext context = TestUtilities.WriteHeader($"{this}.LifetimeValidatorTests", theoryData); + JsonWebTokenHandler jsonWebTokenHandler = new JsonWebTokenHandler(); + + ValidationResult validationResult = + await jsonWebTokenHandler.ValidateTokenAsync(theoryData.SecurityToken, theoryData.ValidationParameters, theoryData.CallContext, CancellationToken.None); + + validationResult = + await jsonWebTokenHandler.ValidateTokenAsync(theoryData.SecurityToken, theoryData.ValidationParameters, theoryData.CallContext, CancellationToken.None); + + TestUtilities.AssertFailIfErrors(context); + } + + public static TheoryData StackFrameTestCases + { + get + { + + TheoryData theoryData = new TheoryData(); + + theoryData.Add(new StackFrameTheoryData("Expired") + { + SecurityToken = CreateToken(DateTime.UtcNow, DateTime.UtcNow.AddMinutes(-1), DateTime.UtcNow.AddMinutes(-20)), + ValidationParameters = CreateValidationParameters() + }); + + return theoryData; + } + } + + static ValidationParameters CreateValidationParameters(TimeSpan? clockSkew = null) + { + ValidationParameters validationParameters = new ValidationParameters(); + + if (clockSkew is not null) + validationParameters.ClockSkew = clockSkew.Value; + + // Skip all validations except lifetime + validationParameters.AlgorithmValidator = SkipValidationDelegates.SkipAlgorithmValidation; + validationParameters.AudienceValidator = SkipValidationDelegates.SkipAudienceValidation; + validationParameters.IssuerValidatorAsync = SkipValidationDelegates.SkipIssuerValidation; + validationParameters.IssuerSigningKeyValidator = SkipValidationDelegates.SkipIssuerSigningKeyValidation; + validationParameters.SignatureValidator = SkipValidationDelegates.SkipSignatureValidation; + + return validationParameters; + } + + private static JsonWebToken CreateToken(DateTime? issuedAt, DateTime? notBefore, DateTime? expires) + { + JsonWebTokenHandler jsonWebTokenHandler = new JsonWebTokenHandler(); + jsonWebTokenHandler.SetDefaultTimesOnTokenCreation = false; // Allow for null values to be passed in to validate. + + SecurityTokenDescriptor securityTokenDescriptor = new SecurityTokenDescriptor + { + Subject = Default.ClaimsIdentity, + SigningCredentials = KeyingMaterial.RsaSigningCreds_2048, + IssuedAt = issuedAt, + NotBefore = notBefore, + Expires = expires, + }; + + return new JsonWebToken(jsonWebTokenHandler.CreateToken(securityTokenDescriptor)); + } + } + + public class StackFrameTheoryData : TheoryDataBase + { + public StackFrameTheoryData(string testId) : base(testId) + { + } + + public SecurityToken SecurityToken { get; set; } + + internal ValidationParameters ValidationParameters { get; set; } + + internal ValidationResult Result { get; set; } + + internal ValidationFailureType ValidationFailureType { get; set; } + } +} diff --git a/test/Microsoft.IdentityModel.Tokens.Tests/Validation/TokenTypeValidationResultTests.cs b/test/Microsoft.IdentityModel.Tokens.Tests/Validation/TokenTypeValidationResultTests.cs index ca77e6ca35..1618e3fd31 100644 --- a/test/Microsoft.IdentityModel.Tokens.Tests/Validation/TokenTypeValidationResultTests.cs +++ b/test/Microsoft.IdentityModel.Tokens.Tests/Validation/TokenTypeValidationResultTests.cs @@ -8,6 +8,7 @@ using Microsoft.IdentityModel.Logging; using Xunit; using System.Collections.Generic; +using Microsoft.IdentityModel.Tokens.Experimental; namespace Microsoft.IdentityModel.Tokens.Validation.Tests { @@ -24,7 +25,7 @@ public void ValidateTokenType(TokenTypeTheoryData theoryData) theoryData.ValidationParameters.ValidTypes.Add(tokenType); } - ValidationResult result = Validators.ValidateTokenType( + ValidationResult result = Validators.ValidateTokenType( theoryData.Type, theoryData.SecurityToken, theoryData.ValidationParameters, @@ -80,13 +81,14 @@ public static TheoryData TokenTypeValidationTestCases Type = "JWT", SecurityToken = null, ValidationParameters = null, - Result = new ValidationError( + Result = new TokenTypeValidationError( new MessageDetail( LogMessages.IDX10000, LogHelper.MarkAsNonPII("securityToken")), ValidationFailureType.NullArgument, typeof(SecurityTokenArgumentNullException), - null) + null, + "JWT") }, new TokenTypeTheoryData { @@ -95,13 +97,14 @@ public static TheoryData TokenTypeValidationTestCases Type = "JWT", SecurityToken = JsonUtilities.CreateUnsignedJsonWebToken(JwtRegisteredClaimNames.Typ, "JWT"), ValidationParameters = null, - Result = new ValidationError( + Result = new TokenTypeValidationError( new MessageDetail( LogMessages.IDX10000, LogHelper.MarkAsNonPII("validationParameters")), ValidationFailureType.NullArgument, typeof(SecurityTokenArgumentNullException), - null) + null, + "JWT") }, new TokenTypeTheoryData { @@ -111,13 +114,14 @@ public static TheoryData TokenTypeValidationTestCases SecurityToken = JsonUtilities.CreateUnsignedJsonWebToken(JwtRegisteredClaimNames.Typ, String.Empty), ValidationParameters = new ValidationParameters(), TokenTypesToAdd = validTypesNoJwt, - Result = new ValidationError( + Result = new TokenTypeValidationError( new MessageDetail( LogMessages.IDX10256, LogHelper.MarkAsNonPII("type")), ValidationFailureType.TokenTypeValidationFailed, typeof(SecurityTokenInvalidTypeException), - null) + null, + "") }, new TokenTypeTheoryData { @@ -127,12 +131,13 @@ public static TheoryData TokenTypeValidationTestCases SecurityToken = JsonUtilities.CreateUnsignedJsonWebToken(JwtRegisteredClaimNames.Typ, null), ValidationParameters = new ValidationParameters(), TokenTypesToAdd = validTypesNoJwt, - Result = new ValidationError( + Result = new TokenTypeValidationError( new MessageDetail( LogMessages.IDX10256, LogHelper.MarkAsNonPII("type")), ValidationFailureType.TokenTypeValidationFailed, typeof(SecurityTokenInvalidTypeException), + null, null) }, new TokenTypeTheoryData @@ -143,14 +148,15 @@ public static TheoryData TokenTypeValidationTestCases SecurityToken = JsonUtilities.CreateUnsignedJsonWebToken(JwtRegisteredClaimNames.Typ, "JWT"), ValidationParameters = new ValidationParameters(), TokenTypesToAdd = validTypesNoJwt, - Result = new ValidationError( + Result = new TokenTypeValidationError( new MessageDetail( LogMessages.IDX10257, LogHelper.MarkAsNonPII("type"), LogHelper.MarkAsNonPII(Utility.SerializeAsSingleCommaDelimitedString(validTypesNoJwt))), ValidationFailureType.TokenTypeValidationFailed, typeof(SecurityTokenInvalidTypeException), - null) + null, + "JWT") } }; } @@ -163,7 +169,7 @@ public class TokenTypeTheoryData : TheoryDataBase public SecurityToken SecurityToken { get; set; } public IList TokenTypesToAdd { get; internal set; } internal ValidationParameters ValidationParameters { get; set; } - internal ValidationResult Result { get; set; } + internal ValidationResult Result { get; set; } } } } diff --git a/test/Microsoft.IdentityModel.Tokens.Tests/Validation/ValidationErrorTests.cs b/test/Microsoft.IdentityModel.Tokens.Tests/Validation/ValidationErrorTests.cs index 03915c766c..81d357e358 100644 --- a/test/Microsoft.IdentityModel.Tokens.Tests/Validation/ValidationErrorTests.cs +++ b/test/Microsoft.IdentityModel.Tokens.Tests/Validation/ValidationErrorTests.cs @@ -2,6 +2,7 @@ // Licensed under the MIT License. using System.Runtime.CompilerServices; +using Microsoft.IdentityModel.Tokens.Experimental; using Xunit; namespace Microsoft.IdentityModel.Tokens.Tests diff --git a/test/Microsoft.IdentityModel.Tokens.Tests/Validation/ValidationParametersTests.cs b/test/Microsoft.IdentityModel.Tokens.Tests/Validation/ValidationParametersTests.cs index c88c9eba40..f48bc01cc3 100644 --- a/test/Microsoft.IdentityModel.Tokens.Tests/Validation/ValidationParametersTests.cs +++ b/test/Microsoft.IdentityModel.Tokens.Tests/Validation/ValidationParametersTests.cs @@ -5,6 +5,7 @@ using System.Collections.Generic; using Xunit; using Microsoft.IdentityModel.TestUtils; +using Microsoft.IdentityModel.Tokens.Experimental; namespace Microsoft.IdentityModel.Tokens.Validation.Tests { diff --git a/test/Microsoft.IdentityModel.Validators.Tests/AadTokenValidationParametersExtensionTests.cs b/test/Microsoft.IdentityModel.Validators.Tests/AadTokenValidationParametersExtensionTests.cs index c493a0b6ca..ce7564fa36 100644 --- a/test/Microsoft.IdentityModel.Validators.Tests/AadTokenValidationParametersExtensionTests.cs +++ b/test/Microsoft.IdentityModel.Validators.Tests/AadTokenValidationParametersExtensionTests.cs @@ -12,6 +12,7 @@ using Microsoft.IdentityModel.Protocols.OpenIdConnect; using Microsoft.IdentityModel.TestUtils; using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; using Microsoft.IdentityModel.Tokens.Saml2; using Xunit; @@ -61,7 +62,7 @@ public async Task EnableEntraIdSigningKeyCloudInstanceValidationTests(EnableEntr theoryData.TokenValidationParameters.EnableEntraIdSigningKeyCloudInstanceValidation(); var validationResult = await handler.ValidateTokenAsync(theoryData.Token, theoryData.TokenValidationParameters); - ValidationResult validatedToken = await handler.ValidateTokenAsync(theoryData.Token, validationParameters, new CallContext(), CancellationToken.None); + ValidationResult validatedToken = await handler.ValidateTokenAsync(theoryData.Token, validationParameters, new CallContext(), CancellationToken.None); theoryData.ExpectedException.ProcessNoException(context); Assert.NotNull(theoryData.TokenValidationParameters.IssuerSigningKeyValidatorUsingConfiguration); @@ -220,7 +221,7 @@ public async Task EnableAadSigningKeyIssuerValidationTests(EnableEntraIdSigningK theoryData.TokenValidationParameters.EnableAadSigningKeyIssuerValidation(); var validationResult = await handler.ValidateTokenAsync(jwt, theoryData.TokenValidationParameters); - ValidationResult validatedToken = await handler.ValidateTokenAsync(jwt, validationParameters, new CallContext(), CancellationToken.None); + ValidationResult validatedToken = await handler.ValidateTokenAsync(jwt, validationParameters, new CallContext(), CancellationToken.None); theoryData.ExpectedException.ProcessNoException(context); Assert.NotNull(theoryData.TokenValidationParameters.IssuerSigningKeyValidatorUsingConfiguration); diff --git a/test/Microsoft.IdentityModel.Validators.Tests/MicrosoftIdentityIssuerValidatorTest.cs b/test/Microsoft.IdentityModel.Validators.Tests/MicrosoftIdentityIssuerValidatorTest.cs index fb9311cea9..31bddbe461 100644 --- a/test/Microsoft.IdentityModel.Validators.Tests/MicrosoftIdentityIssuerValidatorTest.cs +++ b/test/Microsoft.IdentityModel.Validators.Tests/MicrosoftIdentityIssuerValidatorTest.cs @@ -13,6 +13,7 @@ using Microsoft.IdentityModel.Protocols.OpenIdConnect; using Microsoft.IdentityModel.TestUtils; using Microsoft.IdentityModel.Tokens; +using Microsoft.IdentityModel.Tokens.Experimental; using NSubstitute; using Xunit; @@ -153,7 +154,7 @@ public async Task Validate_NullOrEmptyParameters_ThrowsException() await Assert.ThrowsAsync(async () => await ValidateIssuerAsync(null, jwtSecurityToken, validator)); var exception = Assert.Throws(() => validator.Validate(string.Empty, jwtSecurityToken, validationParams)); - ValidationResult validatedIssuer = await ValidateIssuerAsync(string.Empty, jwtSecurityToken, validator); + ValidationResult validatedIssuer = await ValidateIssuerAsync(string.Empty, jwtSecurityToken, validator); Assert.False(validatedIssuer.IsValid); IdentityComparer.AreEqual(LogMessages.IDX40003, exception.Message); @@ -213,7 +214,7 @@ public async Task Validate_IssuerMatchedInValidIssuer_ReturnsIssuer(string tidCl var jwtSecurityToken = new JwtSecurityToken(issuer: issuer, claims: new[] { issClaim, tidClaim }); var actualIssuer = validator.Validate(issuer, jwtSecurityToken, new TokenValidationParameters() { ValidIssuer = issuer }); - ValidationResult validatedIssuer = await ValidateIssuerAsync(issuer, issuer, jwtSecurityToken, validator); + ValidationResult validatedIssuer = await ValidateIssuerAsync(issuer, issuer, jwtSecurityToken, validator); IdentityComparer.AreEqual(validatedIssuer.Result.Issuer, actualIssuer, context); IdentityComparer.AreEqual(issuer, actualIssuer, context); @@ -238,7 +239,7 @@ public async Task Validate_NoHttpclientFactory_ReturnsIssuer(string tidClaimType new MockConfigurationManager(new OpenIdConnectConfiguration() { Issuer = issuer }); var tokenValidationParams = new TokenValidationParameters() { ConfigurationManager = configurationManager }; - ValidationResult validatedIssuer = await ValidateIssuerAsync(issuer, configurationManager, jwtSecurityToken, validator); + ValidationResult validatedIssuer = await ValidateIssuerAsync(issuer, configurationManager, jwtSecurityToken, validator); IdentityComparer.AreEqual(issuer, validatedIssuer.Result.Issuer, context); IdentityComparer.AreEqual(issuer, validator.Validate(issuer, jwtSecurityToken, tokenValidationParams), context); @@ -266,7 +267,7 @@ public async Task Validate_IssuerMatchedInValidV1Issuer_ReturnsIssuer(string tid var jwtSecurityToken = new JwtSecurityToken(issuer: issuer, claims: new[] { issClaim, tidClaim }); var actualIssuer = validator.Validate(issuer, jwtSecurityToken, new TokenValidationParameters() { ValidIssuer = issuer }); - ValidationResult validatedIssuer = await ValidateIssuerAsync(issuer, issuer, jwtSecurityToken, validator); + ValidationResult validatedIssuer = await ValidateIssuerAsync(issuer, issuer, jwtSecurityToken, validator); IdentityComparer.AreEqual(issuer, validatedIssuer.Result.Issuer, context); IdentityComparer.AreEqual(issuer, actualIssuer, context); @@ -300,7 +301,7 @@ public async Task Validate_IssuerMatchedInValidIssuers_ReturnsIssuer(string tidC var actualIssuers = validator.Validate(ValidatorConstants.AadIssuer, jwtSecurityToken, new TokenValidationParameters() { ValidIssuers = new[] { ValidatorConstants.AadIssuer } }); IdentityComparer.AreEqual(ValidatorConstants.AadIssuer, actualIssuers, context); - ValidationResult validatedIssuerResult = await ValidateIssuerAsync( + ValidationResult validatedIssuerResult = await ValidateIssuerAsync( ValidatorConstants.AadIssuer, ValidatorConstants.AadIssuer, jwtSecurityToken, @@ -366,7 +367,7 @@ public async Task ValidateJsonWebToken_ReturnsIssuer(string tidClaimType, string var jsonWebToken = new JsonWebToken(Default.Jwt(Default.SecurityTokenDescriptor(Default.SymmetricSigningCredentials, claims))); var actualIssuer = validator.Validate(issuer, jsonWebToken, new TokenValidationParameters()); - ValidationResult validatedIssuerResult = await ValidateIssuerAsync( + ValidationResult validatedIssuerResult = await ValidateIssuerAsync( issuer, jsonWebToken, validator); @@ -397,7 +398,7 @@ public async Task Validate_V1IssuerNotInTokenValidationParameters_ReturnsV1Issue var jwtSecurityToken = new JwtSecurityToken(issuer: ValidatorConstants.V1Issuer, claims: new[] { issClaim, tidClaim }); var actualIssuer = validator.Validate(ValidatorConstants.V1Issuer, jwtSecurityToken, new TokenValidationParameters()); - ValidationResult validatedIssuer = await ValidateIssuerAsync( + ValidationResult validatedIssuer = await ValidateIssuerAsync( ValidatorConstants.V1Issuer, jwtSecurityToken, validator); @@ -417,7 +418,7 @@ public async Task Validate_TenantIdInIssuerNotInToken_ReturnsIssuer() var jwtSecurityToken = new JwtSecurityToken(issuer: ValidatorConstants.AadIssuer, claims: new[] { issClaim }); var actualIssuer = validator.Validate(ValidatorConstants.AadIssuer, jwtSecurityToken, new TokenValidationParameters() { ValidIssuer = ValidatorConstants.AadIssuer }); - ValidationResult validatedIssuer = await ValidateIssuerAsync( + ValidationResult validatedIssuer = await ValidateIssuerAsync( ValidatorConstants.AadIssuer, ValidatorConstants.AadIssuer, jwtSecurityToken, @@ -440,7 +441,7 @@ public async Task Validate_TidClaimInToken_ReturnsIssuer() var jsonWebToken = new JsonWebToken($"{{}}", $"{{\"{ValidatorConstants.ClaimNameIss}\":\"{ValidatorConstants.AadIssuer}\",\"{ValidatorConstants.ClaimNameTid}\":\"{ValidatorConstants.TenantIdAsGuid}\"}}"); var actualIssuer = validator.Validate(ValidatorConstants.AadIssuer, jwtSecurityToken, new TokenValidationParameters() { ValidIssuer = ValidatorConstants.AadIssuer }); - ValidationResult validatedIssuer = await ValidateIssuerAsync( + ValidationResult validatedIssuer = await ValidateIssuerAsync( ValidatorConstants.AadIssuer, ValidatorConstants.AadIssuer, jwtSecurityToken, @@ -484,7 +485,7 @@ public async Task Validate_InvalidIssuerToValidate_ThrowsException() var exception = Assert.Throws(() => validator.Validate(invalidIssuerToValidate, jwtSecurityToken, new TokenValidationParameters() { ValidIssuers = new[] { ValidatorConstants.AadIssuer } })); - ValidationResult validatedIssuer = await ValidateIssuerAsync( + ValidationResult validatedIssuer = await ValidateIssuerAsync( invalidIssuerToValidate, ValidatorConstants.AadIssuer, jwtSecurityToken, @@ -516,7 +517,7 @@ public async Task Validate_FromB2CAuthority_WithNoTidClaim_ValidateSuccessfully( ValidIssuers = new[] { ValidatorConstants.B2CIssuer }, }); - ValidationResult validatedIssuer = await ValidateIssuerAsync( + ValidationResult validatedIssuer = await ValidateIssuerAsync( ValidatorConstants.B2CIssuer, ValidatorConstants.B2CIssuer, jwtSecurityToken, @@ -556,7 +557,7 @@ public async Task Validate_FromB2CAuthority_WithTokenValidateParametersValidIssu jwtSecurityToken, tokenValidationParams); - ValidationResult validatedIssuer = await ValidateIssuerAsync( + ValidationResult validatedIssuer = await ValidateIssuerAsync( ValidatorConstants.B2CIssuer, configurationManager, jwtSecurityToken, @@ -588,7 +589,7 @@ public async Task Validate_FromB2CAuthority_WithTidClaim_ValidateSuccessfully() ValidIssuers = new[] { ValidatorConstants.B2CIssuer }, }); - ValidationResult validatedIssuer = await ValidateIssuerAsync( + ValidationResult validatedIssuer = await ValidateIssuerAsync( ValidatorConstants.B2CIssuer, ValidatorConstants.B2CIssuer, jwtSecurityToken, @@ -623,7 +624,7 @@ public async Task Validate_FromB2CAuthority_InvalidIssuer_Fails() ValidIssuers = new[] { ValidatorConstants.B2CIssuer }, })); - ValidationResult validatedIssuer = await ValidateIssuerAsync( + ValidationResult validatedIssuer = await ValidateIssuerAsync( ValidatorConstants.B2CIssuer2, ValidatorConstants.B2CIssuer, jwtSecurityToken, @@ -656,7 +657,7 @@ public async Task Validate_FromB2CAuthority_InvalidIssuerTid_Fails() ValidIssuers = new[] { ValidatorConstants.B2CIssuer }, })); - ValidationResult validatedIssuer = await ValidateIssuerAsync( + ValidationResult validatedIssuer = await ValidateIssuerAsync( issuerWithInvalidTid, ValidatorConstants.B2CIssuer, jwtSecurityToken, @@ -687,7 +688,7 @@ public async Task Validate_FromCustomB2CAuthority_ValidateSuccessfully() ValidIssuers = new[] { ValidatorConstants.B2CCustomDomainIssuer }, }); - ValidationResult validatedIssuer = await ValidateIssuerAsync( + ValidationResult validatedIssuer = await ValidateIssuerAsync( ValidatorConstants.B2CCustomDomainIssuer, ValidatorConstants.B2CCustomDomainIssuer, jwtSecurityToken, @@ -721,7 +722,7 @@ public async Task Validate_FromB2CAuthority_WithTfpIssuer_ThrowsException() ValidIssuers = new[] { ValidatorConstants.B2CIssuerTfp }, })); - ValidationResult validatedIssuer = await ValidateIssuerAsync( + ValidationResult validatedIssuer = await ValidateIssuerAsync( ValidatorConstants.B2CIssuerTfp, ValidatorConstants.B2CIssuerTfp, jwtSecurityToken, @@ -812,7 +813,7 @@ public async Task Validate_WithAuthorityUsingConfigurationProvider(ProtocolVersi var aadIssuerValidator = AadIssuerValidator.GetAadIssuerValidator(authority, _httpClient, configurationManagerProvider); var actualIssuer = aadIssuerValidator.Validate(tokenIssuer, jwtSecurityToken, new TokenValidationParameters()); - ValidationResult validatedIssuer = await ValidateIssuerAsync( + ValidationResult validatedIssuer = await ValidateIssuerAsync( tokenIssuer, jwtSecurityToken, aadIssuerValidator); @@ -919,7 +920,7 @@ public async Task Validate_UsesLKGWithoutConfigurationProvider(ProtocolVersion a // set LKG var actualIssuer = aadIssuerValidator.Validate(issuer, jwtSecurityToken, new TokenValidationParameters()); - ValidationResult validatedIssuer = await ValidateIssuerAsync( + ValidationResult validatedIssuer = await ValidateIssuerAsync( issuer, jwtSecurityToken, aadIssuerValidator); @@ -989,7 +990,7 @@ public async Task Validate_CanFetchMetadataWithoutConfigurationProvider(Protocol var authority = authorityUrlProvider(authorityVersion); var validator = AadIssuerValidator.GetAadIssuerValidator(authority, _httpClient); - ValidationResult validatedIssuer = await ValidateIssuerAsync(issuer, jwtSecurityToken, validator); + ValidationResult validatedIssuer = await ValidateIssuerAsync(issuer, jwtSecurityToken, validator); var actualIssuer = validator.Validate(issuer, jwtSecurityToken, new TokenValidationParameters()); Assert.True(validatedIssuer.IsValid); @@ -1055,7 +1056,7 @@ public async Task Validate_UsesLKGWithConfigurationProvider() // set LKG var actualIssuer = aadIssuerValidator.Validate(v2TokenIssuer, jwtSecurityToken, new TokenValidationParameters()); - ValidationResult validatedIssuer = await ValidateIssuerAsync( + ValidationResult validatedIssuer = await ValidateIssuerAsync( v2TokenIssuer, jwtSecurityToken, aadIssuerValidator); @@ -1175,7 +1176,7 @@ public async Task Validate_UsesLKGWithConfigurationProvider() TestUtilities.AssertFailIfErrors(context); } - private static async Task> ValidateIssuerAsync( + private static async Task> ValidateIssuerAsync( string issuerFromToken, SecurityToken securityToken, AadIssuerValidator validator, @@ -1192,7 +1193,7 @@ private static async Task> ValidateIssuerAsync CancellationToken.None); } - private static async Task> ValidateIssuerAsync( + private static async Task> ValidateIssuerAsync( string issuerFromToken, string addIssuerToValidationParameters, SecurityToken securityToken, @@ -1210,7 +1211,7 @@ private static async Task> ValidateIssuerAsync CancellationToken.None); } - private static async Task> ValidateIssuerAsync( + private static async Task> ValidateIssuerAsync( string issuerFromToken, BaseConfigurationManager configurationManager, SecurityToken securityToken,