IdentityShroud/IdentityShroud.Api.Tests/Mappers/KeyServiceTests.cs

using System.Buffers.Text;
using System.Security.Cryptography;
using IdentityShroud.Core.Contracts;
using IdentityShroud.Core.Model;
using IdentityShroud.Core.Security.Keys;
using IdentityShroud.Core.Services;
using IdentityShroud.TestUtils.Substitutes;

namespace IdentityShroud.Api.Tests.Mappers;

public class KeyServiceTests
{
    private readonly IEncryptionService _encryptionService = EncryptionServiceSubstitute.CreatePassthrough();
    //private readonly IKeyProviderFactory _keyProviderFactory = Substitute.For<IKeyProviderFactory>();

    [Fact]
    public void Test()
    {
        // Setup
        using RSA rsa = RSA.Create(2048);

        RSAParameters parameters = rsa.ExportParameters(includePrivateParameters: false);
        
        RealmKey realmKey = new()
        {
            Id = new("60bb79cf-4bac-4521-87f2-ac87cc15541f"),
            KeyType = "RSA",
            Key = new("", rsa.ExportPkcs8PrivateKey()),
            CreatedAt = DateTime.UtcNow,
            Priority = 10,
        };
        
        // Act
        KeyService sut = new(_encryptionService, new KeyProviderFactory(), new ClockService());
        var jwk = sut.CreateJsonWebKey(realmKey);

        Assert.NotNull(jwk);
        Assert.Equal("RSA", jwk.KeyType);
        Assert.Equal(realmKey.Id.ToString(), jwk.KeyId);
        Assert.Equal("sig", jwk.Use);
        Assert.Equal(parameters.Exponent, Base64Url.DecodeFromChars(jwk.Exponent));
        Assert.Equal(parameters.Modulus, Base64Url.DecodeFromChars(jwk.Modulus));
    }
}
Reworked code around signing keys have key details much more isolated from the other parts of the program. 2026-02-21 20:15:46 +01:00			`using System.Buffers.Text;`
			`using System.Security.Cryptography;`
			`using IdentityShroud.Core.Contracts;`
			`using IdentityShroud.Core.Model;`
			`using IdentityShroud.Core.Security.Keys;`
			`using IdentityShroud.Core.Services;`
			`using IdentityShroud.TestUtils.Substitutes;`

			`namespace IdentityShroud.Api.Tests.Mappers;`

			`public class KeyServiceTests`
			`{`
			`private readonly IEncryptionService _encryptionService = EncryptionServiceSubstitute.CreatePassthrough();`
			`//private readonly IKeyProviderFactory _keyProviderFactory = Substitute.For<IKeyProviderFactory>();`

			`[Fact]`
			`public void Test()`
			`{`
			`// Setup`
			`using RSA rsa = RSA.Create(2048);`

			`RSAParameters parameters = rsa.ExportParameters(includePrivateParameters: false);`

Support rotation of master key. The EncryptionService now loads a set of keys and uses the active one to encrypt and selects key based on keyid during decryption. Introduced EncryptedValue to hold keyId and encrypted data. (There are no intermeddiate keys yet) 2026-02-24 06:32:58 +01:00			`RealmKey realmKey = new()`
Reworked code around signing keys have key details much more isolated from the other parts of the program. 2026-02-21 20:15:46 +01:00			`{`
Support rotation of master key. The EncryptionService now loads a set of keys and uses the active one to encrypt and selects key based on keyid during decryption. Introduced EncryptedValue to hold keyId and encrypted data. (There are no intermeddiate keys yet) 2026-02-24 06:32:58 +01:00			`Id = new("60bb79cf-4bac-4521-87f2-ac87cc15541f"),`
			`KeyType = "RSA",`
			`Key = new("", rsa.ExportPkcs8PrivateKey()),`
			`CreatedAt = DateTime.UtcNow,`
Reworked code around signing keys have key details much more isolated from the other parts of the program. 2026-02-21 20:15:46 +01:00			`Priority = 10,`
			`};`

			`// Act`
			`KeyService sut = new(_encryptionService, new KeyProviderFactory(), new ClockService());`
			`var jwk = sut.CreateJsonWebKey(realmKey);`

Support rotation of master key. The EncryptionService now loads a set of keys and uses the active one to encrypt and selects key based on keyid during decryption. Introduced EncryptedValue to hold keyId and encrypted data. (There are no intermeddiate keys yet) 2026-02-24 06:32:58 +01:00			`Assert.NotNull(jwk);`
Reworked code around signing keys have key details much more isolated from the other parts of the program. 2026-02-21 20:15:46 +01:00			`Assert.Equal("RSA", jwk.KeyType);`
			`Assert.Equal(realmKey.Id.ToString(), jwk.KeyId);`
			`Assert.Equal("sig", jwk.Use);`
			`Assert.Equal(parameters.Exponent, Base64Url.DecodeFromChars(jwk.Exponent));`
			`Assert.Equal(parameters.Modulus, Base64Url.DecodeFromChars(jwk.Modulus));`
			`}`
Support rotation of master key. The EncryptionService now loads a set of keys and uses the active one to encrypt and selects key based on keyid during decryption. Introduced EncryptedValue to hold keyId and encrypted data. (There are no intermeddiate keys yet) 2026-02-24 06:32:58 +01:00			`}`