Regression tests: Audience #2838
Conversation
…ded remaining regression tests for audience scenarios.
...ft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.Audience.cs
Outdated
Show resolved
Hide resolved
...ft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.Audience.cs
Show resolved
Hide resolved
...ft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.Audience.cs
Show resolved
Hide resolved
...ft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.Audience.cs
Outdated
Show resolved
Hide resolved
...ft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.Audience.cs
Show resolved
Hide resolved
...ft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.Audience.cs
Show resolved
Hide resolved
...ft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.Audience.cs
Show resolved
Hide resolved
...ft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.Audience.cs
Outdated
Show resolved
Hide resolved
...ft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.Audience.cs
Outdated
Show resolved
Hide resolved
...ft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.Audience.cs
Show resolved
Hide resolved
...ft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.Audience.cs
Outdated
Show resolved
Hide resolved
| { | ||
| TokenValidationParameters = CreateTokenValidationParameters(null), | ||
| ValidationParameters = CreateValidationParameters(null), | ||
| Audience = string.Empty, |
There was a problem hiding this comment.
nit: Should this be a valid Audience while the Audiences property on TVP or VP is null?
There was a problem hiding this comment.
The current validation path considers the case where no valid audiences are provided to be invalid and throws.
The new validation path took that as a base and kept the same behaviour.
If you believe that having no valid audiences should be considered the same as skipping the validation, we can look into it and find out what the correct behaviour would be.
...ft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.Audience.cs
Show resolved
Hide resolved
...ft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.Audience.cs
Show resolved
Hide resolved
...ft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.Audience.cs
Outdated
Show resolved
Hide resolved
...ft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.Audience.cs
Outdated
Show resolved
Hide resolved
…lidations but audience
src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/AudienceValidationError.cs
Outdated
Show resolved
Hide resolved
src/Microsoft.IdentityModel.Tokens/Validation/Validators.SkipValidations.cs
Outdated
Show resolved
Hide resolved
| _invalidAudiences = invalidAudiences; | ||
| } | ||
|
|
||
| internal override void AddAdditionalInformation(ISecurityTokenException exception) |
There was a problem hiding this comment.
I suspect that since we are creating derived ValidationError types, we do not need the method AddAdditionalInformation or the interface ISecurityTokenException.
For example, when we create the AudienceValidationError, we call the ctor that takes the list of available audiences.
There was a problem hiding this comment.
Let’s keep the conversation going on that to find the best solution that can support any exception our users may decide to return.
I’d rather not expand the scope of this PR to that as it’s already a week in review.
Regression tests: Audience
Note: Upcoming PRs will continue to extract the different aspects of regression tests into separate files.
Part of #2711