fix tests

DeagleGross · DeagleGross · commit f5191314f261 · 2025-05-19T13:17:49.000+02:00
diff --git a/src/Antiforgery/src/Internal/DefaultAntiforgeryTokenGenerator.cs b/src/Antiforgery/src/Internal/DefaultAntiforgeryTokenGenerator.cs
@@ -151,7 +151,8 @@ public bool TryValidateTokenSet(
                     currentUsername = authenticatedIdentity.Name ?? string.Empty;
                 }
 
-                if (requestToken.ClaimUid?.Equals(claimUidBytes.AsSpan(0, bytesWritten)) != true)
+                if (!(requestToken.ClaimUid is null && bytesWritten == 0) // both are not defined
+                    && requestToken.ClaimUid?.Equals(claimUidBytes.AsSpan(0, bytesWritten)) != true)
                 {
                     message = Resources.AntiforgeryToken_ClaimUidMismatch;
                     return false;
diff --git a/src/Antiforgery/test/DefaultAntiforgeryTokenGeneratorTest.cs b/src/Antiforgery/test/DefaultAntiforgeryTokenGeneratorTest.cs
@@ -548,7 +548,6 @@ public void TryValidateTokenSet_Success_AuthenticatedUserWithUsername()
         var cookieToken = new AntiforgeryToken() { IsCookieToken = true };
         var fieldtoken = new AntiforgeryToken()
         {
-            ClaimUid = new BinaryBlob(32),
             SecurityToken = cookieToken.SecurityToken,
             Username = "THE-USER",
             IsCookieToken = false,
@@ -558,9 +557,7 @@ public void TryValidateTokenSet_Success_AuthenticatedUserWithUsername()
         var mockClaimUidExtractor = new MockClaimUidExtractor(
             (claimsPrincipal, bytes) =>
             {
-                var data = fieldtoken.ClaimUid.GetData();
-                data.CopyTo(bytes);
-                return data.Length;
+                return 0;
             });
 
         var mockAdditionalDataProvider = new Mock<IAntiforgeryAdditionalDataProvider>();
@@ -596,12 +593,16 @@ public void TryValidateTokenSet_Success_ClaimsBasedUser()
             ClaimUid = new BinaryBlob(256)
         };
 
-        var mockClaimUidExtractor = new Mock<IClaimUidExtractor>();
-        mockClaimUidExtractor.Setup(o => o.ExtractClaimUid(It.Is<ClaimsPrincipal>(c => c.Identity == identity)))
-                             .Returns(Convert.ToBase64String(fieldtoken.ClaimUid.GetData()));
+        var mockClaimUidExtractor = new MockClaimUidExtractor(
+            (claimsPrincipal, bytes) =>
+            {
+                var data = fieldtoken.ClaimUid.GetData();
+                data.CopyTo(bytes);
+                return data.Length;
+            });
 
         var tokenProvider = new DefaultAntiforgeryTokenGenerator(
-            claimUidExtractor: mockClaimUidExtractor.Object,
+            claimUidExtractor: mockClaimUidExtractor,
             additionalDataProvider: null);
 
         // Act

Original file line number	Diff line number	Diff line change
`@@ -151,7 +151,8 @@ public bool TryValidateTokenSet(`
`151`	`151`	`currentUsername = authenticatedIdentity.Name ?? string.Empty;`
`152`	`152`	`}`
`153`	`153`
`154`		`- if (requestToken.ClaimUid?.Equals(claimUidBytes.AsSpan(0, bytesWritten)) != true)`
	`154`	`+ if (!(requestToken.ClaimUid is null && bytesWritten == 0) // both are not defined`
	`155`	`+ && requestToken.ClaimUid?.Equals(claimUidBytes.AsSpan(0, bytesWritten)) != true)`
`155`	`156`	`{`
`156`	`157`	`message = Resources.AntiforgeryToken_ClaimUidMismatch;`
`157`	`158`	`return false;`