update dev

AzureAD · Jan 7, 2024 · ee6bfe7 · ee6bfe7
2 parents a607fa5 + 1a5e9b4
commit ee6bfe7
Show file tree

Hide file tree

Showing 44 changed files with 3,071 additions and 1,306 deletions.
diff --git a/.github/ISSUE_TEMPLATE/design_proposal.md b/.github/ISSUE_TEMPLATE/design_proposal.md
@@ -1,7 +1,7 @@
 ---
 name: 🤔 Design proposal
 about: Collaborate on a design for a feature/fix or other change
-labels: design-proposal
+labels: ✏️design proposal, needs attention, untriaged
 ---
 
 <!--

diff --git a/.github/ISSUE_TEMPLATE/documentation.md b/.github/ISSUE_TEMPLATE/documentation.md
@@ -2,7 +2,7 @@
 name: Documentation
 about: Suggest a change to the documentation.
 title: '[Documentation] '
-labels: documentation
+labels: documentation, needs attention, untriaged
 assignees: ''
 
 ---

diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md
@@ -2,7 +2,7 @@
 name: Feature request
 about: Suggest an idea for this project.
 title: "[Feature Request] "
-labels: enhancement, Feature Request
+labels: enhancement, needs attention, untriaged
 assignees: ''
 
 ---

diff --git a/...del.Benchmarks/AntiVirusFriendlyConfig.cs → ...entityModel.Benchmarks/BenchmarkConfig.cs b/...del.Benchmarks/AntiVirusFriendlyConfig.cs → ...entityModel.Benchmarks/BenchmarkConfig.cs
@@ -1,18 +1,20 @@
 // Copyright (c) Microsoft Corporation. All rights reserved.
 // Licensed under the MIT License.
 
+using BenchmarkDotNet.Columns;
 using BenchmarkDotNet.Configs;
 using BenchmarkDotNet.Jobs;
 using BenchmarkDotNet.Toolchains.InProcess.Emit;
 
 namespace Microsoft.IdentityModel.Benchmarks
 {
-    public class AntiVirusFriendlyConfig : ManualConfig
+    public class BenchmarkConfig : ManualConfig
     {
-        public AntiVirusFriendlyConfig()
+        public BenchmarkConfig()
         {
             AddJob(Job.MediumRun
-                .WithToolchain(InProcessEmitToolchain.Instance));
+                .WithToolchain(InProcessEmitToolchain.Instance))
+            .AddColumn(StatisticColumn.P90, StatisticColumn.P95, StatisticColumn.P100);
         }
     }
 }
diff --git a/benchmark/Microsoft.IdentityModel.Benchmarks/BenchmarkUtils.cs b/benchmark/Microsoft.IdentityModel.Benchmarks/BenchmarkUtils.cs
@@ -1,24 +1,113 @@
 // Copyright (c) Microsoft Corporation. All rights reserved.
 // Licensed under the MIT License.
 
-using Microsoft.IdentityModel.Tokens;
-using Microsoft.IdentityModel.TestUtils;
+using System;
 using System.Collections.Generic;
+using System.Security.Cryptography;
+using Microsoft.IdentityModel.Protocols;
+using Microsoft.IdentityModel.JsonWebTokens;
+using Microsoft.IdentityModel.Tokens;
 
 namespace Microsoft.IdentityModel.Benchmarks
 {
     public class BenchmarkUtils
     {
-        public static Dictionary<string, object> SimpleClaims
+        public const string Issuer = "http://www.contoso.com";
+
+        public const string Audience = "http://www.contoso.com/protected";
+
+        private static RSA _rsa;
+        private static SymmetricSecurityKey _symmetricKey;
+
+        public static RSA RSA
+        {
+            get
+            {
+                if (_rsa == null)
+                {
+                    _rsa = RSA.Create();
+                    _rsa.KeySize = 2048;
+                }
+
+                return _rsa;
+            }
+        }
+
+        public static RSAParameters RsaParameters => RSA.ExportParameters(true);
+
+        public static RSAParameters RsaParametersPublic => RSA.ExportParameters(false);
+
+        public static RsaSecurityKey RsaSecurityKey => new(RsaParameters) { KeyId = "RsaPrivate" };
+
+        public static RsaSecurityKey RsaSecurityKeyPublic => new(RsaParametersPublic) { KeyId = "RsaPublic" };
+
+        public static Dictionary<string, object> Claims
+        {
+            get
+            {
+                DateTime now = DateTime.UtcNow;
+                return new Dictionary<string, object>()
+                {
+                    { "role", new List<string>() { "role1", "Developer", "Sales"} },
+                    { JwtRegisteredClaimNames.Email, "[email protected]" },
+                    { JwtRegisteredClaimNames.Exp, EpochTime.GetIntDate(now + TimeSpan.FromDays(1)) },
+                    { JwtRegisteredClaimNames.Nbf, EpochTime.GetIntDate(now) },
+                    { JwtRegisteredClaimNames.Iat, EpochTime.GetIntDate(now) },
+                    { JwtRegisteredClaimNames.GivenName, "Bob" },
+                    { JwtRegisteredClaimNames.Iss, Issuer },
+                    { JwtRegisteredClaimNames.Aud, Audience }
+                };
+            }
+        }
+
+        public static SigningCredentials SigningCredentialsRsaSha256 => new(RsaSecurityKey, SecurityAlgorithms.RsaSha256, SecurityAlgorithms.Sha256);
+
+        public static EncryptingCredentials EncryptingCredentialsAes256Sha512 => new(SymmetricEncryptionKey512, "dir", SecurityAlgorithms.Aes256CbcHmacSha512);
+
+        public static SymmetricSecurityKey SymmetricEncryptionKey512
+        {
+            get
+            {
+                _symmetricKey ??= new SymmetricSecurityKey(SHA512.Create().ComputeHash(Guid.NewGuid().ToByteArray()));
+                return _symmetricKey;
+            }
+        }
+
+        public static string CreateCnfClaim(RsaSecurityKey key, string algorithm)
         {
-            get => new Dictionary<string, object>()
+            return "{\"jwk\":" + CreateJwkClaim(key, algorithm) + "}";
+        }
+
+        public static string CreateJwkClaim(RsaSecurityKey key, string algorithm)
+        {
+            RSAParameters rsaParameters = ((key.Rsa == null) ? key.Parameters : key.Rsa.ExportParameters(includePrivateParameters: false));
+            return "{\"kty\":\"RSA\",\"n\":\"" +
+                    Base64UrlEncoder.Encode(rsaParameters.Modulus) +
+                    "\",\"e\":\"" +
+                    Base64UrlEncoder.Encode(rsaParameters.Exponent) +
+                    "\",\"alg\":\"" +
+                    algorithm +
+                    "\",\"kid\":\"" +
+                    key.KeyId +
+                    "\"}";
+        }
+
+        public static string CreateAccessTokenWithCnf()
+        {
+            Dictionary<string, object> claims = new Dictionary<string, object>(Claims);
+            claims.Add("cnf", CreateCnfClaim(RsaSecurityKeyPublic, SecurityAlgorithms.RsaSha256));
+            return new JsonWebTokenHandler().CreateToken(new SecurityTokenDescriptor
             {
-                { "role", new List<string>() { "role1", "Developer", "Sales"} },
-                { "email", "[email protected]" },
-                { "exp", EpochTime.GetIntDate(Default.Expires).ToString() },
-                { "nbf", EpochTime.GetIntDate(Default.NotBefore).ToString() },
-                { "iat", EpochTime.GetIntDate(Default.IssueInstant).ToString() }
-            };
+                SigningCredentials = SigningCredentialsRsaSha256,
+                Claims = claims,
+                TokenType = JwtHeaderParameterNames.Jwk
+            });
         }
+
+        public static HttpRequestData HttpRequestData => new()
+        {
+            Method = "GET",
+            Uri = new Uri("https://www.relyingparty.com")
+        };
     }
 }
diff --git a/benchmark/Microsoft.IdentityModel.Benchmarks/CreateJWETests.cs b/benchmark/Microsoft.IdentityModel.Benchmarks/CreateJWETests.cs
@@ -2,15 +2,15 @@
 // Licensed under the MIT License.
 
 using System.IdentityModel.Tokens.Jwt;
-using System.Security.Claims;
 using BenchmarkDotNet.Attributes;
 using Microsoft.IdentityModel.JsonWebTokens;
-using Microsoft.IdentityModel.TestUtils;
 using Microsoft.IdentityModel.Tokens;
 
 namespace Microsoft.IdentityModel.Benchmarks
 {
-    [Config(typeof(AntiVirusFriendlyConfig))]
+    // dotnet run -c release -f net8.0 --filter Microsoft.IdentityModel.Benchmarks.CreateJWETests*
+
+    [Config(typeof(BenchmarkConfig))]
     [HideColumns("Type", "Job", "WarmupCount", "LaunchCount")]
     [MemoryDiagnoser]
     public class CreateJWETests
@@ -26,10 +26,9 @@ public void Setup()
             _jwtSecurityTokenHandler = new JwtSecurityTokenHandler();
             _tokenDescriptor = new SecurityTokenDescriptor
             {
-                SigningCredentials = KeyingMaterial.JsonWebKeyRsa256SigningCredentials,
-                EncryptingCredentials = KeyingMaterial.DefaultSymmetricEncryptingCreds_Aes256_Sha512_512,
-                Subject = new ClaimsIdentity(Default.PayloadClaims),
-                TokenType = "TokenType"
+                SigningCredentials = BenchmarkUtils.SigningCredentialsRsaSha256,
+                EncryptingCredentials = BenchmarkUtils.EncryptingCredentialsAes256Sha512,
+                Claims = BenchmarkUtils.Claims
             };
         }
 
@@ -38,5 +37,6 @@ public void Setup()
 
         [Benchmark]
         public string JwtSecurityTokenHandler_CreateJWE() => _jwtSecurityTokenHandler.CreateEncodedJwt(_tokenDescriptor);
+
     }
 }
diff --git a/benchmark/Microsoft.IdentityModel.Benchmarks/CreateSignedHttpRequestTests.cs b/benchmark/Microsoft.IdentityModel.Benchmarks/CreateSignedHttpRequestTests.cs
@@ -3,11 +3,12 @@
 
 using BenchmarkDotNet.Attributes;
 using Microsoft.IdentityModel.Protocols.SignedHttpRequest;
-using Microsoft.IdentityModel.Protocols.SignedHttpRequest.Tests;
-using Microsoft.IdentityModel.Protocols;
 
 namespace Microsoft.IdentityModel.Benchmarks
 {
+    // dotnet run -c release -f net8.0 --filter Microsoft.IdentityModel.Benchmarks.CreateSignedHttpRequestTests*
+
+    [Config(typeof(BenchmarkConfig))]
     [HideColumns("Type", "Job", "WarmupCount", "LaunchCount")]
     [MemoryDiagnoser]
     public class CreateSignedHttpRequestTests
@@ -20,19 +21,18 @@ public void Setup()
         {
             _signedHttpRequestHandler = new SignedHttpRequestHandler();
             _signedHttpRequestDescriptor = new SignedHttpRequestDescriptor(
-                    SignedHttpRequestTestUtils.DefaultEncodedAccessToken,
-                    new HttpRequestData(),
-                    SignedHttpRequestTestUtils.DefaultSigningCredentials,
+                    BenchmarkUtils.CreateAccessTokenWithCnf(),
+                    BenchmarkUtils.HttpRequestData,
+                    BenchmarkUtils.SigningCredentialsRsaSha256,
                     new SignedHttpRequestCreationParameters()
                     {
-                        CreateM = false,
+                        CreateM = true,
                         CreateP = false,
-                        CreateU = false
+                        CreateU = true
                     });
         }
 
         [Benchmark]
         public string SHRHandler_CreateSignedHttpRequest() => _signedHttpRequestHandler.CreateSignedHttpRequest(_signedHttpRequestDescriptor);
-
     }
 }
diff --git a/benchmark/Microsoft.IdentityModel.Benchmarks/CreateTokenTests.cs b/benchmark/Microsoft.IdentityModel.Benchmarks/CreateTokenTests.cs
@@ -1,14 +1,16 @@
 // Copyright (c) Microsoft Corporation. All rights reserved.
 // Licensed under the MIT License.
 
-using System.Security.Claims;
+using System;
 using BenchmarkDotNet.Attributes;
 using Microsoft.IdentityModel.JsonWebTokens;
-using Microsoft.IdentityModel.TestUtils;
 using Microsoft.IdentityModel.Tokens;
 
 namespace Microsoft.IdentityModel.Benchmarks
 {
+    // dotnet run -c release -f net8.0 --filter Microsoft.IdentityModel.Benchmarks.CreateTokenTests*
+
+    [Config(typeof(BenchmarkConfig))]
     [HideColumns("Type", "Job", "WarmupCount", "LaunchCount")]
     [MemoryDiagnoser]
     public class CreateTokenTests
@@ -19,16 +21,16 @@ public class CreateTokenTests
         [GlobalSetup]
         public void Setup()
         {
+            DateTime now = DateTime.UtcNow;
             _jsonWebTokenHandler = new JsonWebTokenHandler();
             _tokenDescriptor = new SecurityTokenDescriptor
             {
-                Subject = new ClaimsIdentity(Default.PayloadClaims),
-                SigningCredentials = KeyingMaterial.JsonWebKeyRsa256SigningCredentials,
+                Claims = BenchmarkUtils.Claims,
+                SigningCredentials = BenchmarkUtils.SigningCredentialsRsaSha256,
             };
         }
 
         [Benchmark]
         public string JsonWebTokenHandler_CreateToken() => _jsonWebTokenHandler.CreateToken(_tokenDescriptor);
-
     }
 }
diff --git a/benchmark/Microsoft.IdentityModel.Benchmarks/Microsoft.IdentityModel.Benchmarks.csproj b/benchmark/Microsoft.IdentityModel.Benchmarks/Microsoft.IdentityModel.Benchmarks.csproj
@@ -4,8 +4,7 @@
     <AssemblyName>Microsoft.IdentityModel.Benchmarks</AssemblyName>
     <PackageId>Microsoft.IdentityModel.Benchmarks</PackageId>
     <OutputType>Exe</OutputType>
-    <TargetFrameworks Condition="'$(TargetNet8)' == 'True'">net6.0; net8.0</TargetFrameworks>
-    <TargetFrameworks Condition="'$(TargetNet8)' != 'True'">net6.0</TargetFrameworks>
+    <TargetFrameworks>net6.0;net8.0</TargetFrameworks>
     <SignAssembly>True</SignAssembly>
     <DelaySign>True</DelaySign>
     <AssemblyOriginatorKeyFile>$(MSBuildThisFileDirectory)..\..\build\35MSSharedLib1024.snk</AssemblyOriginatorKeyFile>
@@ -21,12 +20,10 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <ProjectReference Include="..\..\test\Microsoft.IdentityModel.TestUtils\Microsoft.IdentityModel.TestUtils.csproj" />
     <ProjectReference Include="..\..\src\Microsoft.IdentityModel.JsonWebTokens\Microsoft.IdentityModel.JsonWebTokens.csproj" />
     <ProjectReference Include="..\..\src\Microsoft.IdentityModel.Tokens\Microsoft.IdentityModel.Tokens.csproj" />
     <ProjectReference Include="..\..\src\System.IdentityModel.Tokens.Jwt\System.IdentityModel.Tokens.Jwt.csproj" />
     <ProjectReference Include="..\..\src\Microsoft.IdentityModel.Protocols.SignedHttpRequest\Microsoft.IdentityModel.Protocols.SignedHttpRequest.csproj" />
-    <ProjectReference Include="..\..\test\Microsoft.IdentityModel.Protocols.SignedHttpRequest.Tests\Microsoft.IdentityModel.Protocols.SignedHttpRequest.Tests.csproj" />
   </ItemGroup>
 
 </Project>
diff --git a/benchmark/Microsoft.IdentityModel.Benchmarks/Program.cs b/benchmark/Microsoft.IdentityModel.Benchmarks/Program.cs
@@ -1,6 +1,12 @@
 // Copyright (c) Microsoft Corporation. All rights reserved.
 // Licensed under the MIT License.
 
+//#define DEBUG_TESTS
+
+#if DEBUG_TESTS
+using Microsoft.IdentityModel.Protocols.SignedHttpRequest;
+using Microsoft.IdentityModel.Tokens;
+#endif
 using BenchmarkDotNet.Running;
 
 namespace Microsoft.IdentityModel.Benchmarks
@@ -9,7 +15,35 @@ public static class Program
     {
         public static void Main(string[] args)
         {
+#if DEBUG_TESTS
+            DebugThroughTests();
+#endif
             BenchmarkSwitcher.FromAssembly(typeof(Program).Assembly).Run(args);
         }
+
+#if DEBUG_TESTS
+        private static void DebugThroughTests()
+        {
+            CreateJWETests createJWETests = new CreateJWETests();
+            createJWETests.Setup();
+            string jwe = createJWETests.JsonWebTokenHandler_CreateJWE();
+
+            CreateSignedHttpRequestTests createSignedHttpRequestTests = new CreateSignedHttpRequestTests();
+            createSignedHttpRequestTests.Setup();
+            string shr = createSignedHttpRequestTests.SHRHandler_CreateSignedHttpRequest();
+
+            CreateTokenTests createTokenTests = new CreateTokenTests();
+            createTokenTests.Setup();
+            string jws = createTokenTests.JsonWebTokenHandler_CreateToken();
+
+            ValidateTokenAsyncTests validateTokenAsyncTests = new ValidateTokenAsyncTests();
+            validateTokenAsyncTests.Setup();
+            TokenValidationResult tokenValidationResult = validateTokenAsyncTests.JsonWebTokenHandler_ValidateTokenAsync().Result;
+
+            ValidateSignedHttpRequestAsyncTests validateSignedHttpRequestAsyncTests = new ValidateSignedHttpRequestAsyncTests();
+            validateSignedHttpRequestAsyncTests.Setup();
+            SignedHttpRequestValidationResult signedHttpRequestValidationResult = validateSignedHttpRequestAsyncTests.SHRHandler_ValidateSignedHttpRequestAsync().Result;
+        }
+#endif
     }
 }