From bc64aa72e23d0d879b6531b31efb2580e4319d63 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?K=C3=A9vin=20Chalet?= Date: Mon, 5 Apr 2021 17:19:34 +0200 Subject: [PATCH] Rework the development signing/encryption certificates unit tests --- .../OpenIddictServerBuilderTests.cs | 61 +++++++++++++++---- 1 file changed, 48 insertions(+), 13 deletions(-) diff --git a/test/OpenIddict.Server.Tests/OpenIddictServerBuilderTests.cs b/test/OpenIddict.Server.Tests/OpenIddictServerBuilderTests.cs index 744a3065..101f7308 100644 --- a/test/OpenIddict.Server.Tests/OpenIddictServerBuilderTests.cs +++ b/test/OpenIddict.Server.Tests/OpenIddictServerBuilderTests.cs @@ -1,5 +1,8 @@ using System; +using System.Globalization; using System.Reflection; +using System.Security.Cryptography; +using System.Security.Cryptography.X509Certificates; using System.Threading.Tasks; using Microsoft.Extensions.DependencyInjection; using Microsoft.Extensions.Options; @@ -268,30 +271,65 @@ namespace OpenIddict.Server.Tests } [Fact] - public void AddDevelopmentSigningCertificate_ThrowsAnExceptionForNullSubject() + public void AddDevelopmentEncryptionCertificate_ThrowsAnExceptionForNullSubject() { // Arrange var services = CreateServices(); var builder = CreateBuilder(services); // Act and assert - var exception = Assert.Throws(delegate - { - builder.AddDevelopmentSigningCertificate(subject: null!); - }); - + var exception = Assert.Throws(() => builder.AddDevelopmentEncryptionCertificate(subject: null!)); Assert.Equal("subject", exception.ParamName); } +#if SUPPORTS_CERTIFICATE_GENERATION [Fact] - public void AddDevelopmentEncryptionCertificate_ThrowsAnExceptionForNullSubject() + public void AddDevelopmentEncryptionCertificate_CanGenerateCertificate() + { + // Arrange + var services = CreateServices(); + var builder = CreateBuilder(services); + + // Act + builder.AddDevelopmentEncryptionCertificate(); + + var options = GetOptions(services); + + // Assert + Assert.Single(options.EncryptionCredentials); + Assert.Equal(SecurityAlgorithms.RsaOAEP, options.EncryptionCredentials[0].Alg); + Assert.Equal(SecurityAlgorithms.Aes256CbcHmacSha512, options.EncryptionCredentials[0].Enc); + Assert.NotNull(options.EncryptionCredentials[0].Key.KeyId); + } +#else + [Fact] + public void AddDevelopmentEncryptionCertificate_ThrowsAnExceptionOnUnsupportedPlatforms() { // Arrange var services = CreateServices(); var builder = CreateBuilder(services); // Act and assert - var exception = Assert.Throws(() => builder.AddDevelopmentEncryptionCertificate(subject: null!)); + var exception = Assert.Throws(() => builder.AddDevelopmentEncryptionCertificate( + subject: new X500DistinguishedName("CN=" + Guid.NewGuid().ToString("N", CultureInfo.InvariantCulture)))); + + Assert.Equal("X.509 certificate generation is not supported on this platform.", exception.Message); + } +#endif + + [Fact] + public void AddDevelopmentSigningCertificate_ThrowsAnExceptionForNullSubject() + { + // Arrange + var services = CreateServices(); + var builder = CreateBuilder(services); + + // Act and assert + var exception = Assert.Throws(delegate + { + builder.AddDevelopmentSigningCertificate(subject: null!); + }); + Assert.Equal("subject", exception.ParamName); } @@ -322,11 +360,8 @@ namespace OpenIddict.Server.Tests var builder = CreateBuilder(services); // Act and assert - var exception = Assert.Throws(delegate - { - builder.AddDevelopmentSigningCertificate(); - return GetOptions(services); - }); + var exception = Assert.Throws(() => builder.AddDevelopmentSigningCertificate( + subject: new X500DistinguishedName("CN=" + Guid.NewGuid().ToString("N", CultureInfo.InvariantCulture)))); Assert.Equal("X.509 certificate generation is not supported on this platform.", exception.Message); }