hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
ginsbach/NewOverlayLocalJava
codeql/csharp/ql/test/experimental/Security Features/JsonWebTokenHandler/security-validation-disabled-test.cs
Raul Garcia 7f725137e5 Addressing some of the feedback. Work pending.
2022-07-20 10:56:44 -07:00

43 lines
1.5 KiB
C#
Raw Permalink Blame History

using System;
using System.Collections.Generic;
using Microsoft.IdentityModel.Tokens;
namespace JsonWebTokenHandlerTest
{
public class JsonWebTokenHandler_class01
{
public void TestCase01()
{
TokenValidationParameters tokenValidationParamsBaseline = new TokenValidationParameters
{
ClockSkew = TimeSpan.FromMinutes(5),
ValidateActor = true,
ValidateIssuerSigningKey = true,
ValidateIssuer = true,
ValidateAudience = true,
ValidateLifetime = true,
RequireExpirationTime = true,
ValidateTokenReplay = true,
RequireSignedTokens = true,
RequireAudience = true,
SaveSigninToken = true
};
TokenValidationParameters tokenValidationParams = new TokenValidationParameters
{
ClockSkew = TimeSpan.FromMinutes(5),
ValidateActor = false,
ValidateIssuerSigningKey = false,
ValidateIssuer = false, // BUG
ValidateAudience = false, // BUG
ValidateLifetime = false, // BUG
RequireExpirationTime = false, // BUG
ValidateTokenReplay = false,
RequireSignedTokens = false,
RequireAudience = false, // BUG
SaveSigninToken = false
};
}
}
}
Reference in New Issue View Git Blame Copy Permalink