/** * @covers WindowsAzure\MediaServices\Templates\TokenRestrictionTemplate::getAudience * @covers WindowsAzure\MediaServices\Templates\TokenRestrictionTemplate::setAudience */ public function testGetSetAudience() { // Setup $entity = new TokenRestrictionTemplate(); $payload = "payload string"; // Test $entity->setAudience($payload); $result = $entity->getAudience(); // Assert $this->assertEquals($payload, $result); }
/** * Deserialize a TokenRestrictionTemplate xml into a TokenRestrictionTemplate object. * * @param string $options Array containing values for object properties * * @return TokenRestrictionTemplate */ public static function deserialize($template) { $xml = simplexml_load_string($template); $result = new TokenRestrictionTemplate(); // Validation if ($xml->getName() !== 'TokenRestrictionTemplate') { throw new \RuntimeException("This is not a TokenRestrictionTemplate, it is a '{$xml->getName()}'"); } if (!isset($xml->Issuer)) { throw new \RuntimeException("The TokenRestrictionTemplate must contains an 'Issuer' element"); } if (!isset($xml->Audience)) { throw new \RuntimeException("The TokenRestrictionTemplate must contains an 'Audience' element"); } if (!isset($xml->PrimaryVerificationKey) && !isset($xml->OpenIdConnectDiscoveryDocument)) { throw new \RuntimeException("Both PrimaryVerificationKey and OpenIdConnectDiscoveryDocument are undefined"); } // decoding if (isset($xml->AlternateVerificationKeys)) { $result->setAlternateVerificationKeys(TokenRestrictionTemplateSerializer::deserializeAlternateVerificationKeys($xml->AlternateVerificationKeys)); } $result->setAudience((string) $xml->Audience); $result->setIssuer((string) $xml->Issuer); if (isset($xml->PrimaryVerificationKey)) { $result->setPrimaryVerificationKey(TokenRestrictionTemplateSerializer::deserializeTokenVerificationKey($xml->PrimaryVerificationKey)); } if (isset($xml->RequiredClaims)) { $result->setRequiredClaims(TokenRestrictionTemplateSerializer::deserializeRequiredClaims($xml->RequiredClaims)); } if (isset($xml->TokenType)) { $result->setTokenType((string) $xml->TokenType); } if (isset($xml->OpenIdConnectDiscoveryDocument)) { $result->setOpenIdConnectDiscoveryDocument(TokenRestrictionTemplateSerializer::deserializeOpenIdConnectDiscoveryDocument($xml->OpenIdConnectDiscoveryDocument)); } return $result; }
public function testCreateContentKeyAuthorizationPolicyOptionForWidevine() { // Setup Token $widevine = new WidevineMessage(); $widevine->allowed_track_types = AllowedTrackTypes::SD_HD; $contentKeySpecs = new ContentKeySpecs(); $contentKeySpecs->required_output_protection = new RequiredOutputProtection(); $contentKeySpecs->required_output_protection->hdcp = Hdcp::HDCP_NONE; $contentKeySpecs->security_level = 1; $contentKeySpecs->track_type = 'SD'; $widevine->content_key_specs = array($contentKeySpecs); $policyOverrides = new \stdClass(); $policyOverrides->can_play = true; $policyOverrides->can_persist = true; $policyOverrides->can_renew = false; $widevine->policy_overrides = $policyOverrides; $jsonWidevine = WidevineMessageSerializer::serialize($widevine); $template = new TokenRestrictionTemplate(TokenType::SWT); $template->setPrimaryVerificationKey(new SymmetricVerificationKey()); $template->setAlternateVerificationKeys(array(new SymmetricVerificationKey())); $template->setAudience('http://sampleaudience/'); $template->setIssuer('http://sampleissuerurl/'); $claims = array(); $claims[] = new TokenClaim(TokenClaim::CONTENT_KEY_ID_CLAIM_TYPE); $claims[] = new TokenClaim('Rental', 'true'); $template->setRequiredClaims($claims); $serializedTemplate = TokenRestrictionTemplateSerializer::serialize($template); // Setup Options $name = TestResources::MEDIA_SERVICES_CONTENT_KEY_AUTHORIZATION_OPTIONS_NAME . $this->createSuffix(); $restrictionName = TestResources::MEDIA_SERVICES_CONTENT_KEY_AUTHORIZATION_POLICY_RESTRICTION_NAME . $this->createSuffix(); $restriction = new ContentKeyAuthorizationPolicyRestriction(); $restriction->setName($restrictionName); $restriction->setKeyRestrictionType(ContentKeyRestrictionType::TOKEN_RESTRICTED); $restriction->setRequirements($serializedTemplate); $restrictions = array($restriction); $options = new ContentKeyAuthorizationPolicyOption(); $options->setName($name); $options->setKeyDeliveryType(ContentKeyDeliveryType::WIDEVINE); $options->setKeyDeliveryConfiguration($jsonWidevine); $options->setRestrictions($restrictions); // Test $result = $this->createContentKeyAuthorizationPolicyOption($options); // Retrieve the CKAPO again. $result = $this->restProxy->getContentKeyAuthorizationPolicyOption($result->getId()); // Assert Options $this->assertEquals($options->getName(), $result->getName()); $this->assertEquals($options->getKeyDeliveryType(), $result->getKeyDeliveryType()); $this->assertJsonStringEqualsJsonString($jsonWidevine, $result->getKeyDeliveryConfiguration()); $actualWidevine = WidevineMessageSerializer::deserialize($result->getKeyDeliveryConfiguration()); $this->assertEqualsWidevineMessage($widevine, $actualWidevine); return $result->getId(); }
function generateTokenRequirements($tokenType) { $template = new TokenRestrictionTemplate($tokenType); $template->setPrimaryVerificationKey(new SymmetricVerificationKey()); $template->setAudience("urn:contoso"); $template->setIssuer("https://sts.contoso.com"); $claims = array(); $claims[] = new TokenClaim(TokenClaim::CONTENT_KEY_ID_CLAIM_TYPE); $template->setRequiredClaims($claims); return TokenRestrictionTemplateSerializer::serialize($template); }
public function testKnownGoodGenerateTestTokenJWT() { // Arrange $expectedToken = 'eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1cm46bWljcm9zb2Z0OmF6dXJlOm1lZGlhc2VydmljZXM6Y29udGVudGtleWlkZW50aWZpZXIiOiIwOTE0NDM1ZC0xNTAwLTgwYzQtNmMyYi1mMWU1MmZkYTQ3YWUiLCJpc3MiOiJodHRwczpcL1wvdHN0LmNvbnRvc28uY29tIiwiYXVkIjoidXJuOmNvbnRvc28iLCJleHAiOjE0NTE2MDY0MDAsIm5iZiI6MTQ1MTYwNjQwMH0.voBCckYtSgVq6Z1Y8gwOBJO8DfH4-dX9ACmvSSHADso'; $knownSymetricKey = '64bytes6RNhi8EsxcYsdYQ9zpFuNR1Ks9milykbxYWGILaK0LKzd5dCtYonsr456'; $knownGuid = '0914435d-1500-80c4-6c2b-f1e52fda47ae'; $knownExpireOn = 1451606400; // 2016-01-01 as Unix Epoch; $knownNotBefore = 1451606400; // 2016-01-01 as Unix Epoch; $knownAudience = 'urn:contoso'; $knownIssuer = 'https://tst.contoso.com'; $template = new TokenRestrictionTemplate(TokenType::JWT); $key = new SymmetricVerificationKey(); $key->setKeyValue($knownSymetricKey); $template->setPrimaryVerificationKey($key); $template->setAudience($knownAudience); $template->setIssuer($knownIssuer); $template->setRequiredClaims(array(new TokenClaim(TokenClaim::CONTENT_KEY_ID_CLAIM_TYPE))); // Act $resultsToken = TokenRestrictionTemplateSerializer::generateTestToken($template, $key, $knownGuid, $knownExpireOn, $knownNotBefore); // Assert $this->assertEquals($expectedToken, $resultsToken); }