Search in sources :

Example 6 with Claim

use of com.auth0.android.jwt.Claim in project sda-dropwizard-commons by SDA-SE.

the class AuthBuilderTest method shouldAddIntArrayClaim.

@Test
public void shouldAddIntArrayClaim() {
    String token = authBuilder.addClaim("testKey", new Integer[] { 1, 2 }).buildToken();
    Claim claim = JWT.decode(token).getClaim("testKey");
    assertThat(claim.asList(Integer.class)).containsExactly(1, 2);
}
Also used : Claim(com.auth0.jwt.interfaces.Claim) Test(org.junit.Test)

Example 7 with Claim

use of com.auth0.android.jwt.Claim in project sda-dropwizard-commons by SDA-SE.

the class SecureEndPoint method returnClaims.

@GET
@Produces(APPLICATION_JSON)
public Response returnClaims() {
    JwtPrincipal jwtPrincipal = (JwtPrincipal) securityContext.getUserPrincipal();
    Map<String, Claim> claims = jwtPrincipal.getClaims();
    Map<String, String> claimsAsString = claims.entrySet().stream().collect(toMap(Map.Entry::getKey, e -> e.getValue().asString()));
    return Response.ok(claimsAsString).build();
}
Also used : Context(javax.ws.rs.core.Context) Collectors.toMap(java.util.stream.Collectors.toMap) Produces(javax.ws.rs.Produces) Response(javax.ws.rs.core.Response) PermitAll(javax.annotation.security.PermitAll) GET(javax.ws.rs.GET) Map(java.util.Map) JwtPrincipal(org.sdase.commons.server.auth.JwtPrincipal) Path(javax.ws.rs.Path) SecurityContext(javax.ws.rs.core.SecurityContext) APPLICATION_JSON(javax.ws.rs.core.MediaType.APPLICATION_JSON) Claim(com.auth0.jwt.interfaces.Claim) JwtPrincipal(org.sdase.commons.server.auth.JwtPrincipal) Collectors.toMap(java.util.stream.Collectors.toMap) Map(java.util.Map) Claim(com.auth0.jwt.interfaces.Claim) Produces(javax.ws.rs.Produces) GET(javax.ws.rs.GET)

Example 8 with Claim

use of com.auth0.android.jwt.Claim in project sda-dropwizard-commons by SDA-SE.

the class AuthRSA256ServiceTest method validTokenWithKeyIdAndNoIssuerButConfiguredRequiredIssuer.

@Test
void validTokenWithKeyIdAndNoIssuerButConfiguredRequiredIssuer() {
    final Pair<RSAPrivateKey, RSAPublicKey> keyPair = createKeyPair(RSA_PRIVATE_KEY);
    String token = createToken(keyPair, null, KEY_ID, 0, 30);
    keyLoader.addKeySource(new JwksTestKeySource(ISSUER, keyPair.getRight(), null, KEY_ID));
    final Map<String, Claim> claims = this.service.auth(token);
    assertThat(claims.get(CLAIM_ISSUER)).isNull();
    assertThat(claims.get(CLAIM_NOT_BEFORE).asLong() * 1000L).isLessThan(new Date().getTime());
    assertThat(claims.get(CLAIM_EXPIRE).asLong() * 1000L).isGreaterThan(new Date().getTime());
}
Also used : JwksTestKeySource(org.sdase.commons.server.auth.service.testsources.JwksTestKeySource) RSAPublicKey(java.security.interfaces.RSAPublicKey) RSAPrivateKey(java.security.interfaces.RSAPrivateKey) Claim(com.auth0.jwt.interfaces.Claim) Date(java.util.Date) Test(org.junit.jupiter.api.Test)

Example 9 with Claim

use of com.auth0.android.jwt.Claim in project sda-dropwizard-commons by SDA-SE.

the class AuthRSA256ServiceTest method validTokenWithKeyIdAndIssuerAndAndFutureNotBeforeFailed.

@Test
void validTokenWithKeyIdAndIssuerAndAndFutureNotBeforeFailed() throws InterruptedException {
    final Pair<RSAPrivateKey, RSAPublicKey> keyPair = createKeyPair(RSA_PRIVATE_KEY);
    String token = createToken(keyPair, ISSUER, KEY_ID, 2, 30);
    keyLoader.addKeySource(new JwksTestKeySource(ISSUER, keyPair.getRight(), ISSUER, KEY_ID));
    assertThatThrownBy(() -> this.service.auth(token)).isInstanceOf(JwtAuthException.class);
    TimeUnit.SECONDS.sleep(2);
    final Map<String, Claim> claims = this.service.auth(token);
    assertThat(claims.get(CLAIM_ISSUER).asString()).isEqualTo(ISSUER);
    assertThat(claims.get(CLAIM_NOT_BEFORE).asLong() * 1000L).isLessThan(new Date().getTime());
    assertThat(claims.get(CLAIM_EXPIRE).asLong() * 1000L).isGreaterThan(new Date().getTime());
}
Also used : JwksTestKeySource(org.sdase.commons.server.auth.service.testsources.JwksTestKeySource) RSAPublicKey(java.security.interfaces.RSAPublicKey) RSAPrivateKey(java.security.interfaces.RSAPrivateKey) Claim(com.auth0.jwt.interfaces.Claim) Date(java.util.Date) Test(org.junit.jupiter.api.Test)

Example 10 with Claim

use of com.auth0.android.jwt.Claim in project sda-dropwizard-commons by SDA-SE.

the class AuthRSA256ServiceTest method validTokenWithKeyIdAndNoIssuerAndRequiredIssuerButJwks.

@Test
void validTokenWithKeyIdAndNoIssuerAndRequiredIssuerButJwks() {
    final Pair<RSAPrivateKey, RSAPublicKey> keyPair = createKeyPair(RSA_PRIVATE_KEY);
    String token = createToken(keyPair, ISSUER, KEY_ID, 0, 30);
    keyLoader.addKeySource(new JwksTestKeySource(null, keyPair.getRight(), ISSUER, KEY_ID));
    final Map<String, Claim> claims = this.service.auth(token);
    assertThat(claims.get(CLAIM_ISSUER).asString()).isEqualTo(ISSUER);
    assertThat(claims.get(CLAIM_NOT_BEFORE).asLong() * 1000L).isLessThan(new Date().getTime());
    assertThat(claims.get(CLAIM_EXPIRE).asLong() * 1000L).isGreaterThan(new Date().getTime());
}
Also used : JwksTestKeySource(org.sdase.commons.server.auth.service.testsources.JwksTestKeySource) RSAPublicKey(java.security.interfaces.RSAPublicKey) RSAPrivateKey(java.security.interfaces.RSAPrivateKey) Claim(com.auth0.jwt.interfaces.Claim) Date(java.util.Date) Test(org.junit.jupiter.api.Test)

Aggregations

Claim (com.auth0.jwt.interfaces.Claim)110 Test (org.junit.Test)67 DecodedJWT (com.auth0.jwt.interfaces.DecodedJWT)62 JsonNode (com.fasterxml.jackson.databind.JsonNode)42 Algorithm (com.auth0.jwt.algorithms.Algorithm)24 Date (java.util.Date)24 JWTVerificationException (com.auth0.jwt.exceptions.JWTVerificationException)21 RSAPublicKey (java.security.interfaces.RSAPublicKey)21 Test (org.junit.jupiter.api.Test)18 RSAPrivateKey (java.security.interfaces.RSAPrivateKey)17 JWTVerifier (com.auth0.jwt.JWTVerifier)15 JwksTestKeySource (org.sdase.commons.server.auth.service.testsources.JwksTestKeySource)14 JsonObject (com.google.gson.JsonObject)10 HashMap (java.util.HashMap)9 UserPojo (com.auth0.jwt.UserPojo)8 IOException (java.io.IOException)8 Map (java.util.Map)8 TestingProcessManager (io.supertokens.test.TestingProcessManager)7 NullClaim (com.auth0.jwt.impl.NullClaim)5 JWT (com.auth0.jwt.JWT)4