如何为使用 JwtEncoder 的函数创建单元测试?
How to create a unittest for a function that uses JwtEncoder?
我使用此代码生成授权令牌。
public string Get(string tenantId, string appId, string appSecret)
{
const int TimeoutSecs = 1800;
var tool = new MyDateTimeTool();
var unixTime = tool.ToUnixTimestamp(m_dateTime);
var unixTimeExpires = tool.ToUnixTimestamp(m_dateTime.UtcNow.AddSeconds(TimeoutSecs));
var jwtClaims = new JwtClaims
{
jti = Guid.NewGuid().ToString(),
iat = unixTime,
exp = unixTimeExpires,
iss = "http://cylance.com",
tid = tenantId,
sub = appId
};
var algorithm = new HMACSHA256Algorithm();
var serializer = new JsonNetSerializer();
var encoder = new JwtBase64UrlEncoder();
var jwt = new JwtEncoder(algorithm, serializer, encoder);
return jwt.Encode(jwtClaims, appSecret);
}
所以我想为这个函数创建一个单元测试。这个单元测试看起来像这样:
string tenantId = "ThisIsATennantId";
string appId = "ThisIsAnAppID";
string appSecret = "ThisIsASecret";
IMyDateTime dateTime = new FakeMyDateTime("17.7.2019 17:22:45");
IAuthorizationTokenGetter getter = new AuthorizationTokenGetter(dateTime);
string token = getter.Get(tenantId,appId,appSecret);
Assert.Equal(token, "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE1NjMzNzg3NjUsImlhdCI6MTU2MzM3Njk2NSwiaXNzIjoiaHR0cDovL2N5bGFuY2UuY29tIiwic3ViIjoiRGFzaXN0ZWluZUFwcElEazk4Nzk4aCIsImp0aSI6ImM2MTZjYzFhLTQ2MDUtNGQzNi1hNDBmLTVjZDQ1YjliNzNjMiIsInRpZCI6IkRhc2lzdGVpbmVUZW5uYW50SUQ4OTkwOGdqZ21tbm4ifQ.kzyTnLKykCA_fKuSOMxaS7SwYkB-08pVcNZeABZSq_E");
但令牌总是不同的。所以我认为编码器在内部使用随机发生器或系统时间。
那么有没有办法告诉编码器使用特殊的种子或时间来产生确定性的结果?或者我是否必须为 JwtEncoder 创建一个容器以便我可以伪造结果?
问题不在于编码器,而在于 Guid 的创建。所以我为创建 Guid 创建了一个容器,这样我也可以伪造它。单元测试现在看起来像这样:
string tenantId = "DasisteineTennantID89908gjgmmnn";
string appId = "DasisteineAppIDk98798h";
string appSecret = "DasisteinAppSecret899ahiuhri78789";
IMyDateTime dateTime = new FakeMyDateTime("17.7.2019 17:22:45");
IMyGUIDFactory guidFactory = new FakeMyGUIDFactory("0f889994-f4ea-4db3-9ee3-af40b8313768");
IAuthorizationTokenGetter getter = new AuthorizationTokenGetter(dateTime, guidFactory);
string token = getter.Get(tenantId,appId,appSecret);
Assert.Gleich(token, "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE1NjMzNzg3NjUsImlhdCI6MTU2MzM3Njk2NSwiaXNzIjoiaHR0cDovL2N5bGFuY2UuY29tIiwic3ViIjoiRGFzaXN0ZWluZUFwcElEazk4Nzk4aCIsImp0aSI6IjBmODg5OTk0LWY0ZWEtNGRiMy05ZWUzLWFmNDBiODMxMzc2OCIsInRpZCI6IkRhc2lzdGVpbmVUZW5uYW50SUQ4OTkwOGdqZ21tbm4ifQ.SwkjfpdpHDM1EG1xNVIXaNBrvRVd3wWXr0HLFlJpLSk");
我使用此代码生成授权令牌。
public string Get(string tenantId, string appId, string appSecret)
{
const int TimeoutSecs = 1800;
var tool = new MyDateTimeTool();
var unixTime = tool.ToUnixTimestamp(m_dateTime);
var unixTimeExpires = tool.ToUnixTimestamp(m_dateTime.UtcNow.AddSeconds(TimeoutSecs));
var jwtClaims = new JwtClaims
{
jti = Guid.NewGuid().ToString(),
iat = unixTime,
exp = unixTimeExpires,
iss = "http://cylance.com",
tid = tenantId,
sub = appId
};
var algorithm = new HMACSHA256Algorithm();
var serializer = new JsonNetSerializer();
var encoder = new JwtBase64UrlEncoder();
var jwt = new JwtEncoder(algorithm, serializer, encoder);
return jwt.Encode(jwtClaims, appSecret);
}
所以我想为这个函数创建一个单元测试。这个单元测试看起来像这样:
string tenantId = "ThisIsATennantId";
string appId = "ThisIsAnAppID";
string appSecret = "ThisIsASecret";
IMyDateTime dateTime = new FakeMyDateTime("17.7.2019 17:22:45");
IAuthorizationTokenGetter getter = new AuthorizationTokenGetter(dateTime);
string token = getter.Get(tenantId,appId,appSecret);
Assert.Equal(token, "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE1NjMzNzg3NjUsImlhdCI6MTU2MzM3Njk2NSwiaXNzIjoiaHR0cDovL2N5bGFuY2UuY29tIiwic3ViIjoiRGFzaXN0ZWluZUFwcElEazk4Nzk4aCIsImp0aSI6ImM2MTZjYzFhLTQ2MDUtNGQzNi1hNDBmLTVjZDQ1YjliNzNjMiIsInRpZCI6IkRhc2lzdGVpbmVUZW5uYW50SUQ4OTkwOGdqZ21tbm4ifQ.kzyTnLKykCA_fKuSOMxaS7SwYkB-08pVcNZeABZSq_E");
但令牌总是不同的。所以我认为编码器在内部使用随机发生器或系统时间。
那么有没有办法告诉编码器使用特殊的种子或时间来产生确定性的结果?或者我是否必须为 JwtEncoder 创建一个容器以便我可以伪造结果?
问题不在于编码器,而在于 Guid 的创建。所以我为创建 Guid 创建了一个容器,这样我也可以伪造它。单元测试现在看起来像这样:
string tenantId = "DasisteineTennantID89908gjgmmnn";
string appId = "DasisteineAppIDk98798h";
string appSecret = "DasisteinAppSecret899ahiuhri78789";
IMyDateTime dateTime = new FakeMyDateTime("17.7.2019 17:22:45");
IMyGUIDFactory guidFactory = new FakeMyGUIDFactory("0f889994-f4ea-4db3-9ee3-af40b8313768");
IAuthorizationTokenGetter getter = new AuthorizationTokenGetter(dateTime, guidFactory);
string token = getter.Get(tenantId,appId,appSecret);
Assert.Gleich(token, "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJleHAiOjE1NjMzNzg3NjUsImlhdCI6MTU2MzM3Njk2NSwiaXNzIjoiaHR0cDovL2N5bGFuY2UuY29tIiwic3ViIjoiRGFzaXN0ZWluZUFwcElEazk4Nzk4aCIsImp0aSI6IjBmODg5OTk0LWY0ZWEtNGRiMy05ZWUzLWFmNDBiODMxMzc2OCIsInRpZCI6IkRhc2lzdGVpbmVUZW5uYW50SUQ4OTkwOGdqZ21tbm4ifQ.SwkjfpdpHDM1EG1xNVIXaNBrvRVd3wWXr0HLFlJpLSk");