Skip to content

Add verification of issuer signing key with integration test #2356

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 12 commits into from
Jul 30, 2023
Merged

Add verification of issuer signing key with integration test #2356

merged 12 commits into from
Jul 30, 2023

Conversation

@jmprieur
Copy link
Collaborator

@jmprieur jmprieur commented Jul 30, 2023
edited
Loading

Add verification of issuer signing key with integration test

  • Fixes AddMicrosoftWebApi() to pass-in the configuration from the JwtBearer options to the token validation parameters.
  • Adds a SimulateOidc project under IntegrationTests to generate invalid sign-in key issuer for the negative test (the authority
    is then exposed to https://localhost:1234/v2.0
  • Updates an integration test to use the test authority
  • Factorize the code that starts an external app to Microsoft.Identity.Web.Test.Commons (ExternalApp.Start)

Fixes #2323

Note that the logs of the IntegrationTestService show the invalid signing key issuer failing the request.
fail: Microsoft.IdentityModel.LoggingExtensions.IdentityLoggerAdapter[0]
IDX40005: Token issuer: 'https://login.microsoftonline.com/f645ad92-e38d-4d1a-b510-d1b09a74a8ca/v2.0', does not match the signing key issuer: 'invalidIssuer'.

@jmprieur jmprieur requested a review from jennyf19 July 30, 2023 01:49
jennyf19
jennyf19 approved these changes Jul 30, 2023
View reviewed changes
Copy link
Collaborator

@jennyf19 jennyf19 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

:shipit:

@jmprieur jmprieur requested a review from GeoK July 30, 2023 03:37
@jmprieur jmprieur merged commit a8bbcc4 into master Jul 30, 2023
@jmprieur jmprieur deleted the jmprieur/investigationMetadata branch July 30, 2023 03:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jennyf19 jennyf19 jennyf19 approved these changes

@GeoK GeoK Awaiting requested review from GeoK

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[Feature Request] Use the new AzureAD key issuer validator in AddMicrosoftIdentityWebApi

4 participants

@jmprieur @jennyf19 @GeoK