diff --git a/benchmark/Microsoft.IdentityModel.Benchmarks/Program.cs b/benchmark/Microsoft.IdentityModel.Benchmarks/Program.cs index 64344834e6..570a92b9af 100644 --- a/benchmark/Microsoft.IdentityModel.Benchmarks/Program.cs +++ b/benchmark/Microsoft.IdentityModel.Benchmarks/Program.cs @@ -48,8 +48,9 @@ private static void DebugThroughTests() ValidateTokenAsyncTests validateTokenAsyncTests = new ValidateTokenAsyncTests(); validateTokenAsyncTests.Setup(); - TokenValidationResult tokenValidationResult = validateTokenAsyncTests.JsonWebTokenHandler_ValidateTokenAsync().Result; - var claims = validateTokenAsyncTests.JsonWebTokenHandler_ValidateTokenAsync_CreateClaims(); + TokenValidationResult tokenValidationResult = validateTokenAsyncTests.JsonWebTokenHandler_ValidateTokenAsyncWithTVP().Result; + TokenValidationResult validationResult = validateTokenAsyncTests.JsonWebTokenHandler_ValidateTokenAsyncWithVP().Result; + var claims = validateTokenAsyncTests.JsonWebTokenHandler_ValidateTokenAsyncWithTVP_CreateClaims(); ValidateSignedHttpRequestAsyncTests validateSignedHttpRequestAsyncTests = new ValidateSignedHttpRequestAsyncTests(); validateSignedHttpRequestAsyncTests.Setup(); diff --git a/benchmark/Microsoft.IdentityModel.Benchmarks/ValidateTokenAsyncTests.cs b/benchmark/Microsoft.IdentityModel.Benchmarks/ValidateTokenAsyncTests.cs index 1bd6e9fedb..8724b49637 100644 --- a/benchmark/Microsoft.IdentityModel.Benchmarks/ValidateTokenAsyncTests.cs +++ b/benchmark/Microsoft.IdentityModel.Benchmarks/ValidateTokenAsyncTests.cs @@ -7,6 +7,7 @@ using System.Security.Claims; using System.Threading.Tasks; using BenchmarkDotNet.Attributes; +using BenchmarkDotNet.Configs; using Microsoft.IdentityModel.JsonWebTokens; using Microsoft.IdentityModel.Tokens; @@ -14,15 +15,20 @@ namespace Microsoft.IdentityModel.Benchmarks { // dotnet run -c release -f net8.0 --filter Microsoft.IdentityModel.Benchmarks.ValidateTokenAsyncTests* + [GroupBenchmarksBy(BenchmarkLogicalGroupRule.ByCategory)] public class ValidateTokenAsyncTests { + private CallContext _callContext; private JsonWebTokenHandler _jsonWebTokenHandler; private JwtSecurityTokenHandler _jwtSecurityTokenHandler; private SecurityTokenDescriptor _tokenDescriptor; private SecurityTokenDescriptor _tokenDescriptorExtendedClaims; private string _jws; private string _jwsExtendedClaims; - private TokenValidationParameters _validationParameters; + private TokenValidationParameters _tokenValidationParameters; + private TokenValidationParameters _invalidTokenValidationParameters; + private ValidationParameters _validationParameters; + private ValidationParameters _invalidValidationParameters; [GlobalSetup] public void Setup() @@ -46,29 +52,133 @@ public void Setup() _jwtSecurityTokenHandler = new JwtSecurityTokenHandler(); _jwtSecurityTokenHandler.SetDefaultTimesOnTokenCreation = false; - _validationParameters = new TokenValidationParameters() + _tokenValidationParameters = new TokenValidationParameters() { ValidAudience = BenchmarkUtils.Audience, ValidateLifetime = true, ValidIssuer = BenchmarkUtils.Issuer, IssuerSigningKey = BenchmarkUtils.SigningCredentialsRsaSha256.Key, }; + + _validationParameters = new ValidationParameters(); + _validationParameters.ValidAudiences.Add(BenchmarkUtils.Audience); + _validationParameters.ValidIssuers.Add(BenchmarkUtils.Issuer); + _validationParameters.IssuerSigningKeys.Add(BenchmarkUtils.SigningCredentialsRsaSha256.Key); + + _invalidTokenValidationParameters = new TokenValidationParameters() + { + ValidAudience = BenchmarkUtils.Audience, + ValidateLifetime = true, + ValidIssuer = BenchmarkUtils.Issuer, + ValidateIssuerSigningKey = true, + ValidateTokenReplay = true, + ValidateSignatureLast = true + }; + + _invalidValidationParameters = new ValidationParameters(); + _invalidValidationParameters.ValidAudiences.Add(BenchmarkUtils.Audience); + _invalidValidationParameters.ValidIssuers.Add(BenchmarkUtils.Issuer); + + _callContext = new CallContext(); + } + + [BenchmarkCategory("ValidateTokenAsyncWithTokenValidationParameters"), Benchmark] + public async Task JwtSecurityTokenHandler_ValidateTokenAsync() => await _jwtSecurityTokenHandler.ValidateTokenAsync(_jws, _tokenValidationParameters).ConfigureAwait(false); + + [BenchmarkCategory("ValidateTokenAsyncWithTokenValidationParameters"), Benchmark(Baseline = true)] + public async Task JsonWebTokenHandler_ValidateTokenAsyncWithTVP() => await _jsonWebTokenHandler.ValidateTokenAsync(_jws, _tokenValidationParameters).ConfigureAwait(false); + + [BenchmarkCategory("ValidateTokenAsyncWithTokenValidationParameters"), Benchmark] + public async Task JsonWebTokenHandler_ValidateTokenAsyncWithTVPUsingModifiedClone() + { + var tokenValidationParameters = _tokenValidationParameters.Clone(); + tokenValidationParameters.ValidIssuer = "different-issuer"; + tokenValidationParameters.ValidAudience = "different-audience"; + tokenValidationParameters.ValidateLifetime = false; + return await _jsonWebTokenHandler.ValidateTokenAsync(_jwsExtendedClaims, tokenValidationParameters).ConfigureAwait(false); + } + + [BenchmarkCategory("ValidateTokenAsyncWithTokenValidationParameters"), Benchmark] + public async Task JsonWebTokenHandler_ValidateTokenAsyncWithTVP_SucceedOnThirdAttempt() + { + TokenValidationResult result = await _jsonWebTokenHandler.ValidateTokenAsync(_jwsExtendedClaims, _invalidTokenValidationParameters).ConfigureAwait(false); + result = await _jsonWebTokenHandler.ValidateTokenAsync(_jwsExtendedClaims, _invalidTokenValidationParameters).ConfigureAwait(false); + result = await _jsonWebTokenHandler.ValidateTokenAsync(_jwsExtendedClaims, _tokenValidationParameters).ConfigureAwait(false); + + return result; + } + + [BenchmarkCategory("ValidateTokenAsyncWithTokenValidationParameters"), Benchmark] + public async Task JsonWebTokenHandler_ValidateTokenAsyncWithTVPUsingClone_SucceedOnThirdAttempt() + { + TokenValidationResult result = await _jsonWebTokenHandler.ValidateTokenAsync(_jwsExtendedClaims, _invalidTokenValidationParameters.Clone()).ConfigureAwait(false); + result = await _jsonWebTokenHandler.ValidateTokenAsync(_jwsExtendedClaims, _invalidTokenValidationParameters.Clone()).ConfigureAwait(false); + result = await _jsonWebTokenHandler.ValidateTokenAsync(_jwsExtendedClaims, _tokenValidationParameters.Clone()).ConfigureAwait(false); + + return result; } - [Benchmark] - public async Task> JsonWebTokenHandler_ValidateTokenAsync_CreateClaims() + [BenchmarkCategory("ValidateTokenAsyncWithTokenValidationParameters"), Benchmark] + public async Task JsonWebTokenHandler_ValidateTokenAsyncWithTVP_SucceedOnFifthAttempt() { - var result = await _jsonWebTokenHandler.ValidateTokenAsync(_jwsExtendedClaims, _validationParameters).ConfigureAwait(false); + TokenValidationResult result = await _jsonWebTokenHandler.ValidateTokenAsync(_jwsExtendedClaims, _invalidTokenValidationParameters).ConfigureAwait(false); + result = await _jsonWebTokenHandler.ValidateTokenAsync(_jwsExtendedClaims, _invalidTokenValidationParameters).ConfigureAwait(false); + result = await _jsonWebTokenHandler.ValidateTokenAsync(_jwsExtendedClaims, _invalidTokenValidationParameters).ConfigureAwait(false); + result = await _jsonWebTokenHandler.ValidateTokenAsync(_jwsExtendedClaims, _invalidTokenValidationParameters).ConfigureAwait(false); + result = await _jsonWebTokenHandler.ValidateTokenAsync(_jwsExtendedClaims, _tokenValidationParameters).ConfigureAwait(false); + + return result; + } + + [BenchmarkCategory("ValidateTokenAsyncWithTokenValidationParameters"), Benchmark] + public async Task JsonWebTokenHandler_ValidateTokenAsyncWithTVPUsingClone_SucceedOnFifthAttempt() + { + TokenValidationResult result = await _jsonWebTokenHandler.ValidateTokenAsync(_jwsExtendedClaims, _invalidTokenValidationParameters.Clone()).ConfigureAwait(false); + result = await _jsonWebTokenHandler.ValidateTokenAsync(_jwsExtendedClaims, _invalidTokenValidationParameters.Clone()).ConfigureAwait(false); + result = await _jsonWebTokenHandler.ValidateTokenAsync(_jwsExtendedClaims, _invalidTokenValidationParameters.Clone()).ConfigureAwait(false); + result = await _jsonWebTokenHandler.ValidateTokenAsync(_jwsExtendedClaims, _invalidTokenValidationParameters.Clone()).ConfigureAwait(false); + result = await _jsonWebTokenHandler.ValidateTokenAsync(_jwsExtendedClaims, _tokenValidationParameters.Clone()).ConfigureAwait(false); + + return result; + } + + [BenchmarkCategory("ValidateTokenAsyncWithValidationParameters"), Benchmark(Baseline = true)] + public async Task JsonWebTokenHandler_ValidateTokenAsyncWithVP() => await _jsonWebTokenHandler.ValidateTokenAsync(_jwsExtendedClaims, _validationParameters, _callContext, null).ConfigureAwait(false); + + [BenchmarkCategory("ValidateTokenAsyncWithValidationParameters"), Benchmark] + public async Task JsonWebTokenHandler_ValidateTokenAsyncWithVP_SucceedOnThirdAttempt() + { + var result = await _jsonWebTokenHandler.ValidateTokenAsync(_jwsExtendedClaims, _invalidValidationParameters, _callContext, null).ConfigureAwait(false); + result = await _jsonWebTokenHandler.ValidateTokenAsync(_jwsExtendedClaims, _invalidValidationParameters, _callContext, null).ConfigureAwait(false); + return await _jsonWebTokenHandler.ValidateTokenAsync(_jwsExtendedClaims, _validationParameters, _callContext, null).ConfigureAwait(false); + } + + [BenchmarkCategory("ValidateTokenAsyncWithValidationParameters"), Benchmark] + public async Task JsonWebTokenHandler_ValidateTokenAsyncWithVP_SucceedOnFifthAttempt() + { + var result = await _jsonWebTokenHandler.ValidateTokenAsync(_jwsExtendedClaims, _invalidValidationParameters, _callContext, null).ConfigureAwait(false); + result = await _jsonWebTokenHandler.ValidateTokenAsync(_jwsExtendedClaims, _invalidValidationParameters, _callContext, null).ConfigureAwait(false); + result = await _jsonWebTokenHandler.ValidateTokenAsync(_jwsExtendedClaims, _invalidValidationParameters, _callContext, null).ConfigureAwait(false); + result = await _jsonWebTokenHandler.ValidateTokenAsync(_jwsExtendedClaims, _invalidValidationParameters, _callContext, null).ConfigureAwait(false); + return await _jsonWebTokenHandler.ValidateTokenAsync(_jwsExtendedClaims, _validationParameters, _callContext, null).ConfigureAwait(false); + } + + [BenchmarkCategory("ValidateTokenAsyncClaimAccess"), Benchmark] + public async Task> JsonWebTokenHandler_ValidateTokenAsyncWithVP_CreateClaims() + { + var result = await _jsonWebTokenHandler.ValidateTokenAsync(_jwsExtendedClaims, _validationParameters, _callContext, null).ConfigureAwait(false); var claimsIdentity = result.ClaimsIdentity; var claims = claimsIdentity.Claims; return claims.ToList(); } - [Benchmark] - public async Task JsonWebTokenHandler_ValidateTokenAsync() => await _jsonWebTokenHandler.ValidateTokenAsync(_jws, _validationParameters).ConfigureAwait(false); - - [Benchmark] - public async Task JwtSecurityTokenHandler_ValidateTokenAsync() => await _jwtSecurityTokenHandler.ValidateTokenAsync(_jws, _validationParameters).ConfigureAwait(false); - + [BenchmarkCategory("ValidateTokenAsyncClaimAccess"), Benchmark] + public async Task> JsonWebTokenHandler_ValidateTokenAsyncWithTVP_CreateClaims() + { + var result = await _jsonWebTokenHandler.ValidateTokenAsync(_jwsExtendedClaims, _tokenValidationParameters).ConfigureAwait(false); + var claimsIdentity = result.ClaimsIdentity; + var claims = claimsIdentity.Claims; + return claims.ToList(); + } } } diff --git a/benchmark/Microsoft.IdentityModel.Benchmarks/ValidateTokenAsyncWithValidationParametersTests.cs b/benchmark/Microsoft.IdentityModel.Benchmarks/ValidateTokenAsyncWithValidationParametersTests.cs deleted file mode 100644 index 7bd5e999cf..0000000000 --- a/benchmark/Microsoft.IdentityModel.Benchmarks/ValidateTokenAsyncWithValidationParametersTests.cs +++ /dev/null @@ -1,96 +0,0 @@ -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. - -using System.Collections.Generic; -using System.Linq; -using System.Security.Claims; -using System.Threading.Tasks; -using BenchmarkDotNet.Attributes; -using Microsoft.IdentityModel.JsonWebTokens; -using Microsoft.IdentityModel.Tokens; - -namespace Microsoft.IdentityModel.Benchmarks -{ - // dotnet run -c release -f net8.0 --filter Microsoft.IdentityModel.Benchmarks.ValidateTokenAsyncWithValidationParametersTests* - - public class ValidateTokenAsyncWithValidationParametersTests - { - private CallContext _callContext; - private JsonWebTokenHandler _jsonWebTokenHandler; - private SecurityTokenDescriptor _tokenDescriptor; - private SecurityTokenDescriptor _tokenDescriptorExtendedClaims; - private string _jws; - private string _jwsExtendedClaims; - private TokenValidationParameters _tokenValidationParameters; - private ValidationParameters _validationParameters; - - [GlobalSetup] - public void Setup() - { - _tokenDescriptor = new SecurityTokenDescriptor - { - Claims = BenchmarkUtils.Claims, - SigningCredentials = BenchmarkUtils.SigningCredentialsRsaSha256, - }; - - _tokenDescriptorExtendedClaims = new SecurityTokenDescriptor - { - Claims = BenchmarkUtils.ClaimsExtendedExample, - SigningCredentials = BenchmarkUtils.SigningCredentialsRsaSha256, - }; - - _jsonWebTokenHandler = new JsonWebTokenHandler(); - _jws = _jsonWebTokenHandler.CreateToken(_tokenDescriptor); - _jwsExtendedClaims = _jsonWebTokenHandler.CreateToken(_tokenDescriptorExtendedClaims); - - _validationParameters = new ValidationParameters(); - _validationParameters.ValidAudiences.Add(BenchmarkUtils.Audience); - _validationParameters.ValidIssuers.Add(BenchmarkUtils.Issuer); - _validationParameters.IssuerSigningKeys.Add(BenchmarkUtils.SigningCredentialsRsaSha256.Key); - - _callContext = new CallContext(); - - _tokenValidationParameters = new TokenValidationParameters() - { - ValidAudience = BenchmarkUtils.Audience, - ValidateLifetime = true, - ValidIssuer = BenchmarkUtils.Issuer, - IssuerSigningKey = BenchmarkUtils.SigningCredentialsRsaSha256.Key, - }; - } - - [Benchmark] - public async Task> JsonWebTokenHandler_ValidateTokenAsyncWithValidationParameters_CreateClaims() - { - var result = await _jsonWebTokenHandler.ValidateTokenAsync(_jwsExtendedClaims, _validationParameters, _callContext, null).ConfigureAwait(false); - var claimsIdentity = result.ClaimsIdentity; - var claims = claimsIdentity.Claims; - return claims.ToList(); - } - - [Benchmark] - public async Task> JsonWebTokenHandler_ValidateTokenAsyncWithTokenValidationParameters_CreateClaims() - { - var result = await _jsonWebTokenHandler.ValidateTokenAsync(_jwsExtendedClaims, _tokenValidationParameters).ConfigureAwait(false); - var claimsIdentity = result.ClaimsIdentity; - var claims = claimsIdentity.Claims; - return claims.ToList(); - } - - [Benchmark] - public async Task JsonWebTokenHandler_ValidateTokenAsyncWithValidationParameters() => await _jsonWebTokenHandler.ValidateTokenAsync(_jwsExtendedClaims, _validationParameters, _callContext, null).ConfigureAwait(false); - - [Benchmark] - public async Task JsonWebTokenHandler_ValidateTokenAsyncWithTokenValidationParameters() => await _jsonWebTokenHandler.ValidateTokenAsync(_jwsExtendedClaims, _tokenValidationParameters).ConfigureAwait(false); - - [Benchmark] - public async Task JsonWebTokenHandler_ValidateTokenAsyncWithTokenValidationParametersUsingClone() - { - var tokenValidationParameters = _tokenValidationParameters.Clone(); - tokenValidationParameters.ValidIssuer = "different-issuer"; - tokenValidationParameters.ValidAudience = "different-audience"; - tokenValidationParameters.ValidateLifetime = false; - return await _jsonWebTokenHandler.ValidateTokenAsync(_jwsExtendedClaims, tokenValidationParameters).ConfigureAwait(false); - } - } -}