Regression tests: Issuer (#2868)

iNinja · kllysng · web-flow · commit 876def8501e5 · 2024-10-15T16:15:45.000+01:00
* Renamed CreateToken methods in audience and lifetime regression tests

* Added custom ValidationError class for issuer errors. Updated IssuerValidationDelegateAsync to use it.

* Added JWT issuer regression tests

* Update test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.Issuer.cs

Co-authored-by: kellyyangsong &lt;69649063+kellyyangsong@users.noreply.github.com&gt;

* Added IssuerValidationError to InternalAPI.Unshipped. Made constructor internal for the time being

* Updated exception creation in IssuerValidationError

* Adjusted unshipped API contents with the IDE suggestions

---------

Co-authored-by: kellyyangsong &lt;69649063+kellyyangsong@users.noreply.github.com&gt;
diff --git a/src/Microsoft.IdentityModel.Tokens/InternalAPI.Unshipped.txt b/src/Microsoft.IdentityModel.Tokens/InternalAPI.Unshipped.txt
@@ -1,4 +1,5 @@
-﻿const Microsoft.IdentityModel.Tokens.LogMessages.IDX10001 = "IDX10001: Invalid argument '{0}'. Argument must be of type '{1}'." -> string
+﻿Microsoft.IdentityModel.Tokens.IssuerValidationError
+const Microsoft.IdentityModel.Tokens.LogMessages.IDX10001 = "IDX10001: Invalid argument '{0}'. Argument must be of type '{1}'." -> string
 const Microsoft.IdentityModel.Tokens.LogMessages.IDX10502 = "IDX10502: Signature validation failed. The token's kid is: '{0}', but did not match any keys in ValidationParameters or Configuration and TryAllIssuerSigningKeys is false. Number of keys in ValidationParameters: '{1}'. \nNumber of keys in Configuration: '{2}'.\ntoken: '{3}'." -> string
 const Microsoft.IdentityModel.Tokens.LogMessages.IDX10518 = "IDX10518: Signature validation failed. Algorithm validation failed with error: '{0}'." -> string
 Microsoft.IdentityModel.Tokens.AlgorithmValidationDelegate
diff --git a/src/Microsoft.IdentityModel.Tokens/PublicAPI/net462/InternalAPI.Unshipped.txt b/src/Microsoft.IdentityModel.Tokens/PublicAPI/net462/InternalAPI.Unshipped.txt
@@ -1,4 +1,6 @@
-﻿Microsoft.IdentityModel.Tokens.AsymmetricAdapter.DecryptWithRsaCryptoServiceProviderProxy(byte[] bytes) -> byte[]
+﻿Microsoft.IdentityModel.Tokens.IssuerValidationError.IssuerValidationError(Microsoft.IdentityModel.Tokens.MessageDetail messageDetail, System.Type exceptionType, System.Diagnostics.StackFrame stackFrame, string invalidIssuer) -> void
+override Microsoft.IdentityModel.Tokens.IssuerValidationError.GetException() -> System.Exception
+Microsoft.IdentityModel.Tokens.AsymmetricAdapter.DecryptWithRsaCryptoServiceProviderProxy(byte[] bytes) -> byte[]
 Microsoft.IdentityModel.Tokens.AsymmetricAdapter.EncryptWithRsaCryptoServiceProviderProxy(byte[] bytes) -> byte[]
 Microsoft.IdentityModel.Tokens.AsymmetricAdapter.SignWithRsaCryptoServiceProviderProxy(byte[] bytes) -> byte[]
 Microsoft.IdentityModel.Tokens.AsymmetricAdapter.SignWithRsaCryptoServiceProviderProxyUsingOffset(byte[] bytes, int offset, int length) -> byte[]
diff --git a/src/Microsoft.IdentityModel.Tokens/PublicAPI/net6.0/InternalAPI.Unshipped.txt b/src/Microsoft.IdentityModel.Tokens/PublicAPI/net6.0/InternalAPI.Unshipped.txt
@@ -1,3 +1,5 @@
-﻿static readonly Microsoft.IdentityModel.Tokens.Json.JsonWebKeySerializer.JsonWebKeyParameterNamesUpperCase -> System.Collections.Generic.HashSet<string>
+﻿Microsoft.IdentityModel.Tokens.IssuerValidationError.IssuerValidationError(Microsoft.IdentityModel.Tokens.MessageDetail messageDetail, System.Type exceptionType, System.Diagnostics.StackFrame stackFrame, string invalidIssuer) -> void
+override Microsoft.IdentityModel.Tokens.IssuerValidationError.GetException() -> System.Exception
+static readonly Microsoft.IdentityModel.Tokens.Json.JsonWebKeySerializer.JsonWebKeyParameterNamesUpperCase -> System.Collections.Generic.HashSet<string>
 Microsoft.IdentityModel.Tokens.EcdhKeyExchangeProvider.GetEncryptionAlgorithm() -> string
 Microsoft.IdentityModel.Tokens.SignUsingSpanDelegate
diff --git a/src/Microsoft.IdentityModel.Tokens/PublicAPI/net8.0/InternalAPI.Unshipped.txt b/src/Microsoft.IdentityModel.Tokens/PublicAPI/net8.0/InternalAPI.Unshipped.txt
@@ -1,3 +1,5 @@
-﻿static readonly Microsoft.IdentityModel.Tokens.Json.JsonWebKeySerializer.JsonWebKeyParameterNamesUpperCase -> System.Collections.Frozen.FrozenSet<string>
+﻿Microsoft.IdentityModel.Tokens.IssuerValidationError.IssuerValidationError(Microsoft.IdentityModel.Tokens.MessageDetail messageDetail, System.Type exceptionType, System.Diagnostics.StackFrame stackFrame, string invalidIssuer) -> void
+override Microsoft.IdentityModel.Tokens.IssuerValidationError.GetException() -> System.Exception
+static readonly Microsoft.IdentityModel.Tokens.Json.JsonWebKeySerializer.JsonWebKeyParameterNamesUpperCase -> System.Collections.Frozen.FrozenSet<string>
 Microsoft.IdentityModel.Tokens.EcdhKeyExchangeProvider.GetEncryptionAlgorithm() -> string
 Microsoft.IdentityModel.Tokens.SignUsingSpanDelegate
diff --git a/src/Microsoft.IdentityModel.Tokens/PublicAPI/net9.0/InternalAPI.Unshipped.txt b/src/Microsoft.IdentityModel.Tokens/PublicAPI/net9.0/InternalAPI.Unshipped.txt
@@ -1,3 +1,5 @@
-﻿static readonly Microsoft.IdentityModel.Tokens.Json.JsonWebKeySerializer.JsonWebKeyParameterNamesUpperCase -> System.Collections.Frozen.FrozenSet<string>
+﻿Microsoft.IdentityModel.Tokens.IssuerValidationError.IssuerValidationError(Microsoft.IdentityModel.Tokens.MessageDetail messageDetail, System.Type exceptionType, System.Diagnostics.StackFrame stackFrame, string invalidIssuer) -> void
+override Microsoft.IdentityModel.Tokens.IssuerValidationError.GetException() -> System.Exception
+static readonly Microsoft.IdentityModel.Tokens.Json.JsonWebKeySerializer.JsonWebKeyParameterNamesUpperCase -> System.Collections.Frozen.FrozenSet<string>
 Microsoft.IdentityModel.Tokens.EcdhKeyExchangeProvider.GetEncryptionAlgorithm() -> string
 Microsoft.IdentityModel.Tokens.SignUsingSpanDelegate
diff --git a/src/Microsoft.IdentityModel.Tokens/PublicAPI/netstandard2.0/InternalAPI.Unshipped.txt b/src/Microsoft.IdentityModel.Tokens/PublicAPI/netstandard2.0/InternalAPI.Unshipped.txt
@@ -1 +1,3 @@
-﻿static readonly Microsoft.IdentityModel.Tokens.Json.JsonWebKeySerializer.JsonWebKeyParameterNamesUpperCase -> System.Collections.Generic.HashSet<string>
+﻿Microsoft.IdentityModel.Tokens.IssuerValidationError.IssuerValidationError(Microsoft.IdentityModel.Tokens.MessageDetail messageDetail, System.Type exceptionType, System.Diagnostics.StackFrame stackFrame, string invalidIssuer) -> void
+override Microsoft.IdentityModel.Tokens.IssuerValidationError.GetException() -> System.Exception
+static readonly Microsoft.IdentityModel.Tokens.Json.JsonWebKeySerializer.JsonWebKeyParameterNamesUpperCase -> System.Collections.Generic.HashSet<string>
diff --git a/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/IssuerValidationError.cs b/src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/IssuerValidationError.cs
@@ -0,0 +1,40 @@
+﻿// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+using System;
+using System.Diagnostics;
+
+#nullable enable
+namespace Microsoft.IdentityModel.Tokens
+{
+    internal class IssuerValidationError : ValidationError
+    {
+        private string? _invalidIssuer;
+
+        internal IssuerValidationError(
+            MessageDetail messageDetail,
+            Type exceptionType,
+            StackFrame stackFrame,
+            string? invalidIssuer)
+            : base(messageDetail, ValidationFailureType.IssuerValidationFailed, exceptionType, stackFrame)
+        {
+            _invalidIssuer = invalidIssuer;
+        }
+
+        public override Exception GetException()
+        {
+            if (ExceptionType == typeof(SecurityTokenInvalidIssuerException))
+            {
+                SecurityTokenInvalidIssuerException exception = new(MessageDetail.Message, InnerException)
+                {
+                    InvalidIssuer = _invalidIssuer
+                };
+
+                return exception;
+            }
+
+            return base.GetException();
+        }
+    }
+}
+#nullable restore
diff --git a/src/Microsoft.IdentityModel.Tokens/Validation/Validators.Issuer.cs b/src/Microsoft.IdentityModel.Tokens/Validation/Validators.Issuer.cs
@@ -61,11 +61,11 @@ internal static async Task<ValidationResult<ValidatedIssuer>> ValidateIssuerAsyn
         {
             if (string.IsNullOrWhiteSpace(issuer))
             {
-                return new ValidationError(
+                return new IssuerValidationError(
                     new MessageDetail(LogMessages.IDX10211),
-                    ValidationFailureType.IssuerValidationFailed,
                     typeof(SecurityTokenInvalidIssuerException),
-                    new StackFrame(true));
+                    new StackFrame(true),
+                    issuer);
             }
 
             if (validationParameters == null)
@@ -84,11 +84,11 @@ internal static async Task<ValidationResult<ValidatedIssuer>> ValidateIssuerAsyn
 
             // Return failed IssuerValidationResult if all possible places to validate against are null or empty.
             if (validationParameters.ValidIssuers.Count == 0 && string.IsNullOrWhiteSpace(configuration?.Issuer))
-                return new ValidationError(
+                return new IssuerValidationError(
                     new MessageDetail(LogMessages.IDX10211),
-                    ValidationFailureType.IssuerValidationFailed,
                     typeof(SecurityTokenInvalidIssuerException),
-                    new StackFrame(true));
+                    new StackFrame(true),
+                    issuer);
 
             if (configuration != null)
             {
@@ -130,15 +130,15 @@ internal static async Task<ValidationResult<ValidatedIssuer>> ValidateIssuerAsyn
                 }
             }
 
-            return new ValidationError(
+            return new IssuerValidationError(
                 new MessageDetail(
                     LogMessages.IDX10212,
                     LogHelper.MarkAsNonPII(issuer),
                     LogHelper.MarkAsNonPII(Utility.SerializeAsSingleCommaDelimitedString(validationParameters.ValidIssuers)),
                     LogHelper.MarkAsNonPII(configuration?.Issuer)),
-                ValidationFailureType.IssuerValidationFailed,
                 typeof(SecurityTokenInvalidIssuerException),
-                new StackFrame(true));
+                new StackFrame(true),
+                issuer);
         }
     }
 }
diff --git a/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.Audience.cs b/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.Audience.cs
@@ -17,7 +17,7 @@ public async Task ValidateTokenAsync_Audience(ValidateTokenAsyncAudienceTheoryDa
         {
             var context = TestUtilities.WriteHeader($"{this}.ValidateTokenAsync_Audience", theoryData);
 
-            string jwtString = CreateToken(theoryData.Audience);
+            string jwtString = CreateTokenWithAudience(theoryData.Audience);
 
             await ValidateAndCompareResults(jwtString, theoryData, context);
 
@@ -155,7 +155,7 @@ public ValidateTokenAsyncAudienceTheoryData(string testId) : base(testId) { }
             public string? Audience { get; internal set; } = Default.Audience;
         }
 
-        private static string CreateToken(string? audience)
+        private static string CreateTokenWithAudience(string? audience)
         {
             JsonWebTokenHandler jsonWebTokenHandler = new JsonWebTokenHandler();
 
diff --git a/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.Issuer.cs b/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.Issuer.cs
@@ -0,0 +1,149 @@
+﻿// Copyright (c) Microsoft Corporation. All rights reserved.
+// Licensed under the MIT License.
+
+#nullable enable
+using System.Threading.Tasks;
+using Microsoft.IdentityModel.Protocols.OpenIdConnect;
+using Microsoft.IdentityModel.TestUtils;
+using Microsoft.IdentityModel.Tokens;
+using Xunit;
+
+namespace Microsoft.IdentityModel.JsonWebTokens.Tests
+{
+    public partial class JsonWebTokenHandlerValidateTokenAsyncTests
+    {
+        [Theory, MemberData(nameof(ValidateTokenAsync_IssuerTestCases), DisableDiscoveryEnumeration = true)]
+        public async Task ValidateTokenAsync_Issuer(ValidateTokenAsyncIssuerTheoryData theoryData)
+        {
+            var context = TestUtilities.WriteHeader($"{this}.ValidateTokenAsync_Issuer", theoryData);
+
+            string jwtString = CreateTokenWithIssuer(theoryData.TokenIssuer);
+
+            await ValidateAndCompareResults(jwtString, theoryData, context);
+
+            TestUtilities.AssertFailIfErrors(context);
+        }
+
+        public static TheoryData<ValidateTokenAsyncIssuerTheoryData> ValidateTokenAsync_IssuerTestCases
+        {
+            get
+            {
+                return new TheoryData<ValidateTokenAsyncIssuerTheoryData>
+                {
+                    new ValidateTokenAsyncIssuerTheoryData("Valid_IssuerIsValidIssuer")
+                    {
+                        TokenIssuer = Default.Issuer,
+                        TokenValidationParameters = CreateTokenValidationParameters(validIssuer: Default.Issuer),
+                        ValidationParameters = CreateValidationParameters(validIssuer: Default.Issuer),
+                    },
+                    new ValidateTokenAsyncIssuerTheoryData("Valid_IssuerIsConfigurationIssuer")
+                    {
+                        TokenIssuer = Default.Issuer,
+                        TokenValidationParameters = CreateTokenValidationParameters(configurationIssuer: Default.Issuer),
+                        ValidationParameters = CreateValidationParameters(configurationIssuer: Default.Issuer),
+                    },
+                    new ValidateTokenAsyncIssuerTheoryData("Invalid_IssuerIsNotValid")
+                    {
+                        TokenIssuer = "InvalidIssuer",
+                        TokenValidationParameters = CreateTokenValidationParameters(validIssuer: Default.Issuer),
+                        ValidationParameters = CreateValidationParameters(validIssuer: Default.Issuer),
+                        ExpectedIsValid = false,
+                        ExpectedException = new ExpectedException(typeof(SecurityTokenInvalidIssuerException), "IDX10205:"),
+                        ExpectedExceptionValidationParameters = new ExpectedException(typeof(SecurityTokenInvalidIssuerException), "IDX10212:"),
+                    },
+                    new ValidateTokenAsyncIssuerTheoryData("Invalid_IssuerIsNull")
+                    {
+                        TokenIssuer = null,
+                        TokenValidationParameters = CreateTokenValidationParameters(validIssuer: Default.Issuer),
+                        ValidationParameters = CreateValidationParameters(validIssuer: Default.Issuer),
+                        ExpectedIsValid = false,
+                        ExpectedException = new ExpectedException(typeof(SecurityTokenInvalidIssuerException), "IDX10211:"),
+                    },
+                    new ValidateTokenAsyncIssuerTheoryData("Invalid_IssuerIsEmpty")
+                    {
+                        TokenIssuer = string.Empty,
+                        TokenValidationParameters = CreateTokenValidationParameters(validIssuer: Default.Issuer),
+                        ValidationParameters = CreateValidationParameters(validIssuer: Default.Issuer),
+                        ExpectedIsValid = false,
+                        ExpectedException = new ExpectedException(typeof(SecurityTokenInvalidIssuerException), "IDX10211:"),
+                    },
+                    new ValidateTokenAsyncIssuerTheoryData("Invalid_NoValidIssuersProvided")
+                                        {
+                        TokenIssuer = Default.Issuer,
+                        TokenValidationParameters = CreateTokenValidationParameters(),
+                        ValidationParameters = CreateValidationParameters(),
+                        ExpectedIsValid = false,
+                        ExpectedException = new ExpectedException(typeof(SecurityTokenInvalidIssuerException), "IDX10204:"),
+                        ExpectedExceptionValidationParameters = new ExpectedException(typeof(SecurityTokenInvalidIssuerException), "IDX10211:"),
+                    },
+                };
+
+                static TokenValidationParameters CreateTokenValidationParameters(
+                    string? validIssuer = null, string? configurationIssuer = null)
+                {
+                    var tokenValidationParameters = new TokenValidationParameters
+                    {
+                        ValidateAudience = true,
+                        ValidateIssuer = true,
+                        ValidateLifetime = true,
+                        ValidateTokenReplay = true,
+                        ValidateIssuerSigningKey = true,
+                        IssuerSigningKey = Default.AsymmetricSigningKey,
+                        ValidAudiences = [Default.Audience],
+                        ValidIssuer = validIssuer
+                    };
+
+                    if (configurationIssuer is not null)
+                    {
+                        var validConfig = new OpenIdConnectConfiguration() { Issuer = configurationIssuer };
+                        tokenValidationParameters.ConfigurationManager = new MockConfigurationManager<OpenIdConnectConfiguration>(validConfig);
+                    }
+
+                    return tokenValidationParameters;
+                }
+
+                static ValidationParameters CreateValidationParameters(
+                    string? validIssuer = null, string? configurationIssuer = null)
+                {
+                    ValidationParameters validationParameters = new ValidationParameters();
+                    validationParameters.ValidAudiences.Add(Default.Audience);
+                    validationParameters.IssuerSigningKeys.Add(Default.AsymmetricSigningKey);
+
+                    if (configurationIssuer is not null)
+                    {
+                        var validConfig = new OpenIdConnectConfiguration() { Issuer = configurationIssuer };
+                        validationParameters.ConfigurationManager = new MockConfigurationManager<OpenIdConnectConfiguration>(validConfig);
+                    }
+
+                    if (validIssuer is not null)
+                        validationParameters.ValidIssuers.Add(validIssuer);
+
+                    return validationParameters;
+                }
+            }
+        }
+
+        public class ValidateTokenAsyncIssuerTheoryData : ValidateTokenAsyncBaseTheoryData
+        {
+            public ValidateTokenAsyncIssuerTheoryData(string testId) : base(testId) { }
+
+            public string? TokenIssuer { get; set; }
+        }
+
+        private static string CreateTokenWithIssuer(string? issuer)
+        {
+            JsonWebTokenHandler jsonWebTokenHandler = new JsonWebTokenHandler();
+
+            SecurityTokenDescriptor securityTokenDescriptor = new SecurityTokenDescriptor
+            {
+                Subject = Default.ClaimsIdentity,
+                SigningCredentials = Default.AsymmetricSigningCredentials,
+                Audience = Default.Audience,
+                Issuer = issuer,
+            };
+
+            return jsonWebTokenHandler.CreateToken(securityTokenDescriptor);
+        }
+    }
+}
+#nullable restore
diff --git a/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.Lifetime.cs b/test/Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandler.ValidateTokenAsyncTests.Lifetime.cs
@@ -17,7 +17,7 @@ public async Task ValidateTokenAsync_Lifetime(ValidateTokenAsyncLifetimeTheoryDa
         {
             var context = TestUtilities.WriteHeader($"{this}.ValidateTokenAsync_Lifetime", theoryData);
 
-            string jwtString = CreateToken(theoryData.IssuedAt, theoryData.NotBefore, theoryData.Expires);
+            string jwtString = CreateTokenWithLifetime(theoryData.IssuedAt, theoryData.NotBefore, theoryData.Expires);
 
             await ValidateAndCompareResults(jwtString, theoryData, context);
 
@@ -155,7 +155,7 @@ public ValidateTokenAsyncLifetimeTheoryData(string testId) : base(testId) { }
             public DateTime? Expires { get; set; }
         }
 
-        private static string CreateToken(DateTime? issuedAt, DateTime? notBefore, DateTime? expires)
+        private static string CreateTokenWithLifetime(DateTime? issuedAt, DateTime? notBefore, DateTime? expires)
         {
             JsonWebTokenHandler jsonWebTokenHandler = new JsonWebTokenHandler();
             jsonWebTokenHandler.SetDefaultTimesOnTokenCreation = false; // Allow for null values to be passed in to validate.

Original file line number	Diff line number	Diff line change
`@@ -61,11 +61,11 @@ internal static async Task<ValidationResult<ValidatedIssuer>> ValidateIssuerAsyn`
`61`	`61`	`{`
`62`	`62`	`if (string.IsNullOrWhiteSpace(issuer))`
`63`	`63`	`{`
`64`		`- return new ValidationError(`
	`64`	`+ return new IssuerValidationError(`
`65`	`65`	`new MessageDetail(LogMessages.IDX10211),`
`66`		`- ValidationFailureType.IssuerValidationFailed,`
`67`	`66`	`typeof(SecurityTokenInvalidIssuerException),`
`68`		`- new StackFrame(true));`
	`67`	`+ new StackFrame(true),`
	`68`	`+ issuer);`
`69`	`69`	`}`
`70`	`70`
`71`	`71`	`if (validationParameters == null)`
`@@ -84,11 +84,11 @@ internal static async Task<ValidationResult<ValidatedIssuer>> ValidateIssuerAsyn`
`84`	`84`
`85`	`85`	`// Return failed IssuerValidationResult if all possible places to validate against are null or empty.`
`86`	`86`	`if (validationParameters.ValidIssuers.Count == 0 && string.IsNullOrWhiteSpace(configuration?.Issuer))`
`87`		`- return new ValidationError(`
	`87`	`+ return new IssuerValidationError(`
`88`	`88`	`new MessageDetail(LogMessages.IDX10211),`
`89`		`- ValidationFailureType.IssuerValidationFailed,`
`90`	`89`	`typeof(SecurityTokenInvalidIssuerException),`
`91`		`- new StackFrame(true));`
	`90`	`+ new StackFrame(true),`
	`91`	`+ issuer);`
`92`	`92`
`93`	`93`	`if (configuration != null)`
`94`	`94`	`{`
`@@ -130,15 +130,15 @@ internal static async Task<ValidationResult<ValidatedIssuer>> ValidateIssuerAsyn`
`130`	`130`	`}`
`131`	`131`	`}`
`132`	`132`
`133`		`- return new ValidationError(`
	`133`	`+ return new IssuerValidationError(`
`134`	`134`	`new MessageDetail(`
`135`	`135`	`LogMessages.IDX10212,`
`136`	`136`	`LogHelper.MarkAsNonPII(issuer),`
`137`	`137`	`LogHelper.MarkAsNonPII(Utility.SerializeAsSingleCommaDelimitedString(validationParameters.ValidIssuers)),`
`138`	`138`	`LogHelper.MarkAsNonPII(configuration?.Issuer)),`
`139`		`- ValidationFailureType.IssuerValidationFailed,`
`140`	`139`	`typeof(SecurityTokenInvalidIssuerException),`
`141`		`- new StackFrame(true));`
	`140`	`+ new StackFrame(true),`
	`141`	`+ issuer);`
`142`	`142`	`}`
`143`	`143`	`}`
`144`	`144`	`}`
Original file line number	Diff line number	Diff line change
`@@ -17,7 +17,7 @@ public async Task ValidateTokenAsync_Audience(ValidateTokenAsyncAudienceTheoryDa`
`17`	`17`	`{`
`18`	`18`	`var context = TestUtilities.WriteHeader($"{this}.ValidateTokenAsync_Audience", theoryData);`
`19`	`19`
`20`		`- string jwtString = CreateToken(theoryData.Audience);`
	`20`	`+ string jwtString = CreateTokenWithAudience(theoryData.Audience);`
`21`	`21`
`22`	`22`	`await ValidateAndCompareResults(jwtString, theoryData, context);`
`23`	`23`
`@@ -155,7 +155,7 @@ public ValidateTokenAsyncAudienceTheoryData(string testId) : base(testId) { }`
`155`	`155`	`public string? Audience { get; internal set; } = Default.Audience;`
`156`	`156`	`}`
`157`	`157`
`158`		`- private static string CreateToken(string? audience)`
	`158`	`+ private static string CreateTokenWithAudience(string? audience)`
`159`	`159`	`{`
`160`	`160`	`JsonWebTokenHandler jsonWebTokenHandler = new JsonWebTokenHandler();`
`161`	`161`