Skip to content

Commit

Permalink
Avoid code duplication in extensibility testing (#3041)
Browse files Browse the repository at this point in the history 
* Modified ValidateTokenAsync in SAML and SAML2 token handlers to receive SecurityToken instead of Saml(2)SecurityToken

* Added test interface to unify JsonWebTokenHandler, SamlSecurityTokenHandler and Saml2SecurityTokenHandler's ValidateTokenAsync and CreateToken methods under a shared API

* Added ExtensibilityTheoryData as the base for all extensibility theory data. Added ValidateTokenAsyncExtensibility to test all extensibility aspects across JWT, SAML, and SAML2

* Added issuer specific theory data and extensibility test cases

* Removed all duplicated code in issuer extensibility testing across JWT, SAML, and SAML2 using the new test classes

* Apply suggestions from code review

Co-authored-by: msbw2 <brettwhite@microsoft.com>

* Apply suggestions from code review

---------

Co-authored-by: msbw2 <brettwhite@microsoft.com>
  • Loading branch information
@iNinja @msbw2
iNinja and msbw2 authored Nov 28, 2024
1 parent ae57a3c commit eb0daac
Show file tree
Hide file tree
Showing 12 changed files with 556 additions and 781 deletions.
4 changes: 2 additions & 2 deletions src/Microsoft.IdentityModel.Tokens.Saml/InternalAPI.Unshipped.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,12 +8,12 @@ Microsoft.IdentityModel.Tokens.Saml.SamlSecurityTokenHandler.ValidatedConditions
Microsoft.IdentityModel.Tokens.Saml.SamlSecurityTokenHandler.ValidatedConditions.ValidatedConditions(string ValidatedAudience, Microsoft.IdentityModel.Tokens.ValidatedLifetime? ValidatedLifetime) -> void
Microsoft.IdentityModel.Tokens.Saml.SamlSecurityTokenHandler.ValidatedConditions.ValidatedLifetime.get -> Microsoft.IdentityModel.Tokens.ValidatedLifetime?
Microsoft.IdentityModel.Tokens.Saml.SamlSecurityTokenHandler.ValidatedConditions.ValidatedLifetime.set -> void
Microsoft.IdentityModel.Tokens.Saml.SamlSecurityTokenHandler.ValidateTokenAsync(Microsoft.IdentityModel.Tokens.Saml.SamlSecurityToken samlToken, Microsoft.IdentityModel.Tokens.ValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.CallContext callContext, System.Threading.CancellationToken cancellationToken) -> System.Threading.Tasks.Task<Microsoft.IdentityModel.Tokens.ValidationResult<Microsoft.IdentityModel.Tokens.ValidatedToken>>
Microsoft.IdentityModel.Tokens.Saml.SamlSecurityTokenHandler.ValidateTokenAsync(Microsoft.IdentityModel.Tokens.SecurityToken securityToken, Microsoft.IdentityModel.Tokens.ValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.CallContext callContext, System.Threading.CancellationToken cancellationToken) -> System.Threading.Tasks.Task<Microsoft.IdentityModel.Tokens.ValidationResult<Microsoft.IdentityModel.Tokens.ValidatedToken>>
Microsoft.IdentityModel.Tokens.Saml.SamlSecurityTokenHandler.ValidateTokenAsync(string token, Microsoft.IdentityModel.Tokens.ValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.CallContext callContext, System.Threading.CancellationToken cancellationToken) -> System.Threading.Tasks.Task<Microsoft.IdentityModel.Tokens.ValidationResult<Microsoft.IdentityModel.Tokens.ValidatedToken>>
Microsoft.IdentityModel.Tokens.Saml.SamlValidationError
Microsoft.IdentityModel.Tokens.Saml.SamlValidationError.SamlValidationError(Microsoft.IdentityModel.Tokens.MessageDetail messageDetail, Microsoft.IdentityModel.Tokens.ValidationFailureType validationFailureType, System.Type exceptionType, System.Diagnostics.StackFrame stackFrame, System.Exception innerException = null) -> void
Microsoft.IdentityModel.Tokens.Saml2.Saml2SecurityTokenHandler.StackFrames
Microsoft.IdentityModel.Tokens.Saml2.Saml2SecurityTokenHandler.ValidateTokenAsync(Microsoft.IdentityModel.Tokens.Saml2.Saml2SecurityToken samlToken, Microsoft.IdentityModel.Tokens.ValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.CallContext callContext, System.Threading.CancellationToken cancellationToken) -> System.Threading.Tasks.Task<Microsoft.IdentityModel.Tokens.ValidationResult<Microsoft.IdentityModel.Tokens.ValidatedToken>>
Microsoft.IdentityModel.Tokens.Saml2.Saml2SecurityTokenHandler.ValidateTokenAsync(Microsoft.IdentityModel.Tokens.SecurityToken securityToken, Microsoft.IdentityModel.Tokens.ValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.CallContext callContext, System.Threading.CancellationToken cancellationToken) -> System.Threading.Tasks.Task<Microsoft.IdentityModel.Tokens.ValidationResult<Microsoft.IdentityModel.Tokens.ValidatedToken>>
Microsoft.IdentityModel.Tokens.Saml2.Saml2SecurityTokenHandler.ValidateTokenAsync(string token, Microsoft.IdentityModel.Tokens.ValidationParameters validationParameters, Microsoft.IdentityModel.Tokens.CallContext callContext, System.Threading.CancellationToken cancellationToken) -> System.Threading.Tasks.Task<Microsoft.IdentityModel.Tokens.ValidationResult<Microsoft.IdentityModel.Tokens.ValidatedToken>>
Microsoft.IdentityModel.Tokens.Saml2.Saml2ValidationError
Microsoft.IdentityModel.Tokens.Saml2.Saml2ValidationError.Saml2ValidationError(Microsoft.IdentityModel.Tokens.MessageDetail messageDetail, Microsoft.IdentityModel.Tokens.ValidationFailureType validationFailureType, System.Type exceptionType, System.Diagnostics.StackFrame stackFrame, System.Exception innerException = null) -> void
Expand Down
5 changes: 5 additions & 0 deletions src/Microsoft.IdentityModel.Tokens.Saml/InternalsVisibleTo.cs
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
// Copyright (c) Microsoft Corporation. All rights reserved.
// Licensed under the MIT License.

[assembly: System.Runtime.CompilerServices.InternalsVisibleTo("Microsoft.IdentityModel.TestUtils, PublicKey=0024000004800000940000000602000000240000525341310004000001000100b5fc90e7027f67871e773a8fde8938c81dd402ba65b9201d60593e96c492651e889cc13f1415ebb53fac1131ae0bd333c5ee6021672d9718ea31a8aebd0da0072f25d87dba6fc90ffd598ed4da35e44c398c454307e8e33b8426143daec9f596836f97c8f74750e5975c64e2189f45def46b2a2b1247adc3652bf5c308055da9")]

19 changes: 16 additions & 3 deletions ...crosoft.IdentityModel.Tokens.Saml/Saml/SamlSecurityTokenHandler.ValidateToken.Internal.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,21 +35,34 @@ internal async Task<ValidationResult<ValidatedToken>> ValidateTokenAsync(
}

internal async Task<ValidationResult<ValidatedToken>> ValidateTokenAsync(
SamlSecurityToken samlToken,
SecurityToken securityToken,
ValidationParameters validationParameters,
CallContext callContext,
#pragma warning disable CA1801 // Review unused parameters
CancellationToken cancellationToken)
#pragma warning restore CA1801 // Review unused parameters
{
if (samlToken is null)
if (securityToken is null)
{
StackFrames.TokenNull ??= new StackFrame(true);
return ValidationError.NullParameter(
nameof(samlToken),
nameof(securityToken),
StackFrames.TokenNull);
}

if (securityToken is not SamlSecurityToken samlToken)
{
return new ValidationError(
new MessageDetail(
LogMessages.IDX11400,
this,
typeof(SamlSecurityToken),
securityToken.GetType()),
ValidationFailureType.InvalidSecurityToken,
typeof(SecurityTokenArgumentException),
ValidationError.GetCurrentStackFrame());
}

if (validationParameters is null)
{
StackFrames.TokenValidationParametersNull ??= new StackFrame(true);
Expand Down
19 changes: 16 additions & 3 deletions ...osoft.IdentityModel.Tokens.Saml/Saml2/Saml2SecurityTokenHandler.ValidateToken.Internal.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,19 +36,32 @@ internal async Task<ValidationResult<ValidatedToken>> ValidateTokenAsync(
}

internal async Task<ValidationResult<ValidatedToken>> ValidateTokenAsync(
Saml2SecurityToken samlToken,
SecurityToken securityToken,
ValidationParameters validationParameters,
CallContext callContext,
CancellationToken cancellationToken)
{
if (samlToken is null)
if (securityToken is null)
{
StackFrames.TokenNull ??= new StackFrame(true);
return ValidationError.NullParameter(
nameof(samlToken),
nameof(securityToken),
StackFrames.TokenNull);
}

if (securityToken is not Saml2SecurityToken samlToken)
{
return new ValidationError(
new MessageDetail(
Tokens.Saml.LogMessages.IDX11400,
this,
typeof(Saml2SecurityToken),
securityToken.GetType()),
ValidationFailureType.InvalidSecurityToken,
typeof(SecurityTokenArgumentException),
ValidationError.GetCurrentStackFrame());
}

if (validationParameters is null)
{
StackFrames.TokenValidationParametersNull ??= new StackFrame(true);
Expand Down
Loading

0 comments on commit eb0daac

Please sign in to comment.