Working Java test of JWT support.

Cimpress-MCP · Sep 28, 2015 · 0aabf85 · 0aabf85
1 parent 88a0bb0
commit 0aabf85
Show file tree

Hide file tree

Showing 4 changed files with 23 additions and 14 deletions.
diff --git a/lib/logger.js b/lib/logger.js
@@ -7,7 +7,7 @@ var bunyan = require('bunyan');
 var default_config = {
   name: 'oauth_reverse_proxy',
   streams: [{
-    level: process.env.OAUTH_REVERSE_PROXY_LOG_LEVEL || "trace",
+    level: process.env.OAUTH_REVERSE_PROXY_LOG_LEVEL || "warn",
     stream: process.stdout
   }]
 };

diff --git a/lib/proxy/validators/json_web_token_validator.js b/lib/proxy/validators/json_web_token_validator.js
@@ -1,3 +1,5 @@
+var util = require('util');
+
 var jwt = require('express-jwt');
 
 var unauthorized = require('../messages/unauthorized.js');
@@ -19,7 +21,9 @@ module.exports = function(proxy) {
     var issuer = undefined;
     var jwt_validator = jwt({
       secret: function(req, payload, done) {
-        // TODO: We need to validate that this was set already
+
+        proxy.logger.trace("payload:\n%s", util.inspect(payload));
+
         issuer = payload.iss;
         if (issuer === undefined) return unauthorized(proxy.logger, req, res, "No issuer specified");
         if (keys[issuer] === undefined) return unauthorized(proxy.logger, req, res, "Invalid issuer specified");

diff --git a/test/client_library_test.js b/test/client_library_test.js
@@ -20,7 +20,7 @@ var create_client_test = function(verb, cmd, cwd, key) {
     exec(cmd, {cwd: cwd}, function(err, stdout, stderr) {
       if (err) return cb(err);
       stderr.should.equal('');
-      stdout.trim().should.equal('{"status":"ok"}');
+      stdout.trim().should.endWith('{"status":"ok"}');
       cb();
     });
   };
@@ -32,23 +32,24 @@ describe('An OAuth-compliant reverse proxy', function() {
 
   // TODO: Refactor these tests so they auto-detect if they can be run on the host system.  This would simplify
   // the platform-specific logic in here and allow for successful tests with less lengthy setup on CI.
-/**
+
   it ('should support requests from Ruby clients', function(done) {
     var rubyTest = create_client_test('GET', 'ruby client.rb', 'test/clients/ruby', 'ruby-test-key')
     rubyTest(done);
   });
-**/
+
   it ('should support requests from Java clients', function(done) {
     var javaTest = create_client_test('POST',
       'java -cp target/JWTClient-1.0-SNAPSHOT-jar-with-dependencies.jar com.cimpress.mcp.jwt.JWTClient',
       'test/clients/java/JWTClient', 'java-test-key')
-    javaTest(done);
-  });
-/**
-    var javaTest = create_client_test('POST',
-      'java -cp target/OAuthClient-1.0-SNAPSHOT-jar-with-dependencies.jar com.cimpress.mcp.oauth.OAuthClient',
-      'test/clients/java/OAuthClient', 'java-test-key')
-    javaTest(done);
+    javaTest(function(err) {
+      if (err) return done(err);
+
+      var javaTest = create_client_test('POST',
+        'java -cp target/OAuthClient-1.0-SNAPSHOT-jar-with-dependencies.jar com.cimpress.mcp.oauth.OAuthClient',
+        'test/clients/java/OAuthClient', 'java-test-key')
+      javaTest(done);
+    });
   });
 
   it ('should support requests from Node.js clients', function(done) {
@@ -62,7 +63,7 @@ describe('An OAuth-compliant reverse proxy', function() {
     var perlTest = create_client_test('GET', 'perl client.pl', 'test/clients/perl', 'perl-test-key')
     perlTest(done);
   });
-**
+**/
 
   // Mac-specific client tests
   if(os.platform() === "darwin") {
@@ -131,6 +132,6 @@ describe('An OAuth-compliant reverse proxy', function() {
       var pythonTest = create_client_test('GET', 'python client.py', 'test/clients/python', 'python-test-key')
       pythonTest(done);
     });
-  }**/
+  }
 
 });
diff --git a/test/clients/java/JWTClient/src/main/java/com/cimpress/mcp/jwt/JWTClient.java b/test/clients/java/JWTClient/src/main/java/com/cimpress/mcp/jwt/JWTClient.java
@@ -45,6 +45,9 @@ public static void main(String[] args) throws Exception {
 		JwtClaims claims = new JwtClaims();
 	    claims.setIssuer("java-test-key");
 	    claims.setGeneratedJwtId();
+	    claims.setExpirationTimeMinutesInTheFuture(1);
+	    claims.setNotBeforeMinutesInThePast(1);
+	    claims.setIssuedAtToNow();
 
 	    // A JWT is a JWS and/or a JWE with JSON claims as the payload.
 	    // In this example it is a JWS so we create a JsonWebSignature object.
@@ -57,6 +60,7 @@ public static void main(String[] args) throws Exception {
 	    String jwkJson = "{\"kty\":\"oct\",\"k\":\""+ secret +"\"}";
 	    JsonWebKey key = JsonWebKey.Factory.newJwk(jwkJson);
 	    jws.setKey(key.getKey());
+	    jws.setKeyIdHeaderValue(key.getKeyId());
 	    jws.setAlgorithmHeaderValue(AlgorithmIdentifiers.HMAC_SHA256);
 
 	    String jwt = jws.getCompactSerialization();