/
AbstractJsonWebTokenTest.java
127 lines (101 loc) · 5.21 KB
/
AbstractJsonWebTokenTest.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
/*
* Copyright (c) 2017 Contributors to the Eclipse Foundation
*
* See the NOTICE file(s) distributed with this work for additional
* information regarding copyright ownership.
*
* This program and the accompanying materials are made available under the
* terms of the Eclipse Public License 2.0 which is available at
* http://www.eclipse.org/legal/epl-2.0
*
* SPDX-License-Identifier: EPL-2.0
*/
package org.eclipse.ditto.services.gateway.security.authentication.jwt;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatExceptionOfType;
import static org.eclipse.ditto.services.gateway.security.authentication.jwt.JwtTestConstants.EXPIRED_JWT_TOKEN;
import static org.eclipse.ditto.services.gateway.security.authentication.jwt.JwtTestConstants.ISSUER;
import static org.eclipse.ditto.services.gateway.security.authentication.jwt.JwtTestConstants.KEY_ID;
import static org.eclipse.ditto.services.gateway.security.authentication.jwt.JwtTestConstants.PUBLIC_KEY;
import static org.eclipse.ditto.services.gateway.security.authentication.jwt.JwtTestConstants.PUBLIC_KEY_2;
import static org.eclipse.ditto.services.gateway.security.authentication.jwt.JwtTestConstants.VALID_JWT_TOKEN;
import static org.mockito.Mockito.when;
import java.time.Instant;
import java.util.Base64;
import java.util.Collections;
import java.util.Date;
import java.util.List;
import java.util.Optional;
import java.util.concurrent.CompletableFuture;
import java.util.concurrent.ExecutionException;
import org.eclipse.ditto.signals.commands.base.exceptions.GatewayJwtInvalidException;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.mockito.Mock;
import org.mockito.junit.MockitoJUnitRunner;
import io.jsonwebtoken.security.SignatureException;
/**
* Unit test for {@link AbstractJsonWebToken}.
*/
@RunWith(MockitoJUnitRunner.class)
public final class AbstractJsonWebTokenTest {
@Mock
private PublicKeyProvider publicKeyProvider;
@Test
public void validate() throws ExecutionException, InterruptedException {
when(publicKeyProvider.getPublicKey(ISSUER, KEY_ID)).thenReturn(
CompletableFuture.completedFuture(Optional.of(PUBLIC_KEY)));
final AbstractJsonWebTokenTestImplementation underTest =
new AbstractJsonWebTokenTestImplementation("Bearer " + VALID_JWT_TOKEN);
final BinaryValidationResult jwtValidationResult = underTest.validate(publicKeyProvider).get();
assertThat(jwtValidationResult.isValid()).isTrue();
}
@Test
public void validateFails() throws ExecutionException, InterruptedException {
when(publicKeyProvider.getPublicKey(ISSUER, KEY_ID)).thenReturn(
CompletableFuture.completedFuture(Optional.of(PUBLIC_KEY_2)));
final AbstractJsonWebTokenTestImplementation underTest =
new AbstractJsonWebTokenTestImplementation("Bearer " + VALID_JWT_TOKEN);
final BinaryValidationResult jwtValidationResult = underTest.validate(publicKeyProvider).get();
assertThat(jwtValidationResult.isValid()).isFalse();
assertThat(jwtValidationResult.getReasonForInvalidity()).isInstanceOf(SignatureException.class);
}
@Test
public void constructorFailsIfJwtDoesNotConsistOfThreeParts() {
final String header = "{\"header\":\"value\"}";
final String payload = "{\"payload\":\"foo\"}";
final String authorizationHeader = "Bearer " + base64(header) + "." + base64(payload);
assertThatExceptionOfType(GatewayJwtInvalidException.class)
.isThrownBy(() -> new AbstractJsonWebTokenTestImplementation(authorizationHeader));
}
@Test
public void constructor() {
final String header = "{\"header\":\"value\"}";
final String payload = "{\"payload\":\"foo\"}";
final String signature = "{\"signature\":\"foo\"}";
final String authorizationHeader = "Bearer " + base64(header) + "." + base64(payload) + "." + base64(signature);
final AbstractJsonWebTokenTestImplementation abstractJsonWebTokenTestImplementation =
new AbstractJsonWebTokenTestImplementation(authorizationHeader);
assertThat(abstractJsonWebTokenTestImplementation.getHeader().toString()).isEqualTo(header);
assertThat(abstractJsonWebTokenTestImplementation.getBody().toString()).isEqualTo(payload);
assertThat(abstractJsonWebTokenTestImplementation.getSignature()).isEqualTo(base64(signature));
}
@Test
public void checkTokenExpiration() {
final AbstractJsonWebTokenTestImplementation expiredJsonWebToken =
new AbstractJsonWebTokenTestImplementation("Bearer " + EXPIRED_JWT_TOKEN);
assertThat(expiredJsonWebToken.hasExpired()).isEqualTo(true);
}
private static final class AbstractJsonWebTokenTestImplementation extends AbstractJsonWebToken {
private AbstractJsonWebTokenTestImplementation(final String authorizationString) {
super(authorizationString);
}
@Override
public List<String> getSubjects() {
return Collections.emptyList();
}
}
private static String base64(final String value) {
return new String(Base64.getEncoder().encode(value.getBytes()));
}
}