Example 26 with Algorithm
use of com.auth0.jwt.Algorithm in project supertokens-core by supertokens.
the class JWTCreateTest method testThatDecodedJWTUsesCustomIssuer.
/**
* Test that final JWT uses custom iss claim instead of jwks domain
*/
@Test
public void testThatDecodedJWTUsesCustomIssuer() throws Exception {
String[] args = { "../" };
TestingProcessManager.TestingProcess process = TestingProcessManager.start(args);
assertNotNull(process.checkOrWaitForEvent(ProcessState.PROCESS_STATE.STARTED));
String algorithm = "RS256";
JsonObject payload = new JsonObject();
payload.addProperty("iss", "http://customiss");
String jwksDomain = "http://localhost";
long validity = 3600;
String jwt = JWTSigningFunctions.createJWTToken(process.getProcess(), algorithm, payload, jwksDomain, validity);
DecodedJWT decodedJWT = JWT.decode(jwt);
String issuer = decodedJWT.getIssuer();
if (!issuer.equals("http://customiss")) {
throw new Exception("Decoded JWT does not contain 'iss' claim matching user defined value");
}
process.kill();
assertNotNull(process.checkOrWaitForEvent(ProcessState.PROCESS_STATE.STOPPED));
}
Also used :
TestingProcessManager(io.supertokens.test.TestingProcessManager)
JsonObject(com.google.gson.JsonObject)
DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT)
UnsupportedJWTSigningAlgorithmException(io.supertokens.jwt.exceptions.UnsupportedJWTSigningAlgorithmException)
Test(org.junit.Test)
Example 27 with Algorithm
use of com.auth0.jwt.Algorithm in project supertokens-core by supertokens.
the class JWTCreateTest method testThatDecodedJWTHasAValidHeader.
/**
* Verify that the JWT header has the required properties and that the values are valid
*/
@Test
public void testThatDecodedJWTHasAValidHeader() throws Exception {
String[] args = { "../" };
TestingProcessManager.TestingProcess process = TestingProcessManager.start(args);
assertNotNull(process.checkOrWaitForEvent(ProcessState.PROCESS_STATE.STARTED));
String algorithm = "RS256";
JsonObject payload = new JsonObject();
payload.addProperty("customClaim", "customValue");
String jwksDomain = "http://localhost";
long validity = 3600;
String jwt = JWTSigningFunctions.createJWTToken(process.getProcess(), algorithm, payload, jwksDomain, validity);
DecodedJWT decodedJWT = JWT.decode(jwt);
Claim headerAlg = decodedJWT.getHeaderClaim("alg");
Claim headerType = decodedJWT.getHeaderClaim("typ");
Claim headerKeyId = decodedJWT.getHeaderClaim("kid");
if (headerAlg.isNull() || headerType.isNull() || headerKeyId.isNull()) {
throw new Exception("JWT header is missing one or more required claim (alg, typ, kid)");
}
if (!headerAlg.asString().equals(algorithm)) {
throw new Exception("Algorithm in JWT header does not match algorithm passed to JWTSigningFunctions.createJWTToken");
}
if (!headerType.asString().equals("JWT")) {
throw new Exception("JWT header contains wrong type: Expected: JWT, Actual: " + headerType.asString());
}
if (headerKeyId.asString().isEmpty()) {
throw new Exception("Value for kid in JWT header is invalid");
}
process.kill();
assertNotNull(process.checkOrWaitForEvent(ProcessState.PROCESS_STATE.STOPPED));
}
Also used :
TestingProcessManager(io.supertokens.test.TestingProcessManager)
JsonObject(com.google.gson.JsonObject)
DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT)
Claim(com.auth0.jwt.interfaces.Claim)
UnsupportedJWTSigningAlgorithmException(io.supertokens.jwt.exceptions.UnsupportedJWTSigningAlgorithmException)
Test(org.junit.Test)
Example 28 with Algorithm
use of com.auth0.jwt.Algorithm in project supertokens-core by supertokens.
the class JWKSAPITest2_9 method testThatKeyFromResponseCanBeUsedForJWTVerification.
/**
* Test that the JWK with the same kid as the JWT header can be used to verify the JWT signature
*/
@Test
public void testThatKeyFromResponseCanBeUsedForJWTVerification() throws Exception {
String[] args = { "../" };
TestingProcessManager.TestingProcess process = TestingProcessManager.start(args);
assertNotNull(process.checkOrWaitForEvent(ProcessState.PROCESS_STATE.STARTED));
JsonObject requestBody = new JsonObject();
requestBody.addProperty("algorithm", "rs256");
requestBody.addProperty("jwksDomain", "http://localhost");
requestBody.add("payload", new JsonObject());
requestBody.addProperty("validity", 3600);
JsonObject jwtResponse = HttpRequestForTesting.sendJsonPOSTRequest(process.getProcess(), "", "http://localhost:3567/recipe/jwt", requestBody, 1000, 1000, null, Utils.getCdiVersion2_9ForTests(), "jwt");
String jwt = jwtResponse.get("jwt").getAsString();
DecodedJWT decodedJWT = JWT.decode(jwt);
String keyIdFromHeader = decodedJWT.getHeaderClaim("kid").asString();
JsonObject response = HttpRequestForTesting.sendGETRequest(process.getProcess(), "", "http://localhost:3567/recipe/jwt/jwks", null, 1000, 1000, null, Utils.getCdiVersion2_9ForTests(), "jwt");
JsonArray keys = response.getAsJsonArray("keys");
JsonObject keyToUse = null;
for (int i = 0; i < keys.size(); i++) {
JsonObject currentKey = keys.get(i).getAsJsonObject();
if (currentKey.get("kid").getAsString().equals(keyIdFromHeader)) {
keyToUse = currentKey;
break;
}
}
assert keyToUse != null;
String modulusString = keyToUse.get("n").getAsString();
String exponentString = keyToUse.get("e").getAsString();
BigInteger modulus = new BigInteger(1, Base64.getUrlDecoder().decode(modulusString));
BigInteger exponent = new BigInteger(1, Base64.getUrlDecoder().decode(exponentString));
RSAPublicKey publicKey = (RSAPublicKey) KeyFactory.getInstance("RSA").generatePublic(new RSAPublicKeySpec(modulus, exponent));
Algorithm verificationAlgorithm = Algorithm.RSA256(new RSAKeyProvider() {
@Override
public RSAPublicKey getPublicKeyById(String keyId) {
return publicKey;
}
@Override
public RSAPrivateKey getPrivateKey() {
return null;
}
@Override
public String getPrivateKeyId() {
return null;
}
});
JWTVerifier verifier = JWT.require(verificationAlgorithm).build();
verifier.verify(jwt);
process.kill();
assertNotNull(process.checkOrWaitForEvent(ProcessState.PROCESS_STATE.STOPPED));
}
Also used :
TestingProcessManager(io.supertokens.test.TestingProcessManager)
RSAKeyProvider(com.auth0.jwt.interfaces.RSAKeyProvider)
JsonObject(com.google.gson.JsonObject)
RSAPublicKeySpec(java.security.spec.RSAPublicKeySpec)
Algorithm(com.auth0.jwt.algorithms.Algorithm)
JsonArray(com.google.gson.JsonArray)
RSAPublicKey(java.security.interfaces.RSAPublicKey)
BigInteger(java.math.BigInteger)
DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT)
RSAPrivateKey(java.security.interfaces.RSAPrivateKey)
JWTVerifier(com.auth0.jwt.JWTVerifier)
Test(org.junit.Test)
Example 29 with Algorithm
use of com.auth0.jwt.Algorithm in project supertokens-core by supertokens.
the class JWKSAPITest2_9 method testThatKeysContainsMatchingKeyId.
/**
* Test that after creating a JWT the returned list of JWKs has a JWK with the same key id as the JWT header
*/
@Test
public void testThatKeysContainsMatchingKeyId() throws Exception {
String[] args = { "../" };
TestingProcessManager.TestingProcess process = TestingProcessManager.start(args);
assertNotNull(process.checkOrWaitForEvent(ProcessState.PROCESS_STATE.STARTED));
JsonObject requestBody = new JsonObject();
requestBody.addProperty("algorithm", "rs256");
requestBody.addProperty("jwksDomain", "http://localhost");
requestBody.add("payload", new JsonObject());
requestBody.addProperty("validity", 3600);
JsonObject jwtResponse = HttpRequestForTesting.sendJsonPOSTRequest(process.getProcess(), "", "http://localhost:3567/recipe/jwt", requestBody, 1000, 1000, null, Utils.getCdiVersion2_9ForTests(), "jwt");
String jwt = jwtResponse.get("jwt").getAsString();
DecodedJWT decodedJWT = JWT.decode(jwt);
String keyIdFromHeader = decodedJWT.getHeaderClaim("kid").asString();
JsonObject response = HttpRequestForTesting.sendGETRequest(process.getProcess(), "", "http://localhost:3567/recipe/jwt/jwks", null, 1000, 1000, null, Utils.getCdiVersion2_9ForTests(), "jwt");
JsonArray keys = response.getAsJsonArray("keys");
boolean didFindKey = false;
for (int i = 0; i < keys.size(); i++) {
JsonObject currentKey = keys.get(i).getAsJsonObject();
if (currentKey.get("kid").getAsString().equals(keyIdFromHeader)) {
didFindKey = true;
break;
}
}
assert didFindKey;
process.kill();
assertNotNull(process.checkOrWaitForEvent(ProcessState.PROCESS_STATE.STOPPED));
}
Also used :
JsonArray(com.google.gson.JsonArray)
TestingProcessManager(io.supertokens.test.TestingProcessManager)
JsonObject(com.google.gson.JsonObject)
DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT)
Test(org.junit.Test)
Example 30 with Algorithm
use of com.auth0.jwt.Algorithm in project supertokens-core by supertokens.
the class JWTSigningAPITest2_9 method testThatDecodedJWTHasCustomPayload.
/**
* Test that the returned JWT payload contains provided custom payload properties
*/
@Test
public void testThatDecodedJWTHasCustomPayload() throws Exception {
String[] args = { "../" };
TestingProcessManager.TestingProcess process = TestingProcessManager.start(args);
assertNotNull(process.checkOrWaitForEvent(ProcessState.PROCESS_STATE.STARTED));
JsonObject requestBody = new JsonObject();
requestBody.addProperty("algorithm", "rs256");
requestBody.addProperty("jwksDomain", "http://localhost");
JsonObject customPayload = new JsonObject();
customPayload.addProperty("customClaim", "customValue");
requestBody.add("payload", customPayload);
requestBody.addProperty("validity", 3600);
JsonObject response = HttpRequestForTesting.sendJsonPOSTRequest(process.getProcess(), "", "http://localhost:3567/recipe/jwt", requestBody, 1000, 1000, null, Utils.getCdiVersion2_9ForTests(), "jwt");
String jwt = response.get("jwt").getAsString();
DecodedJWT decodedJWT = JWT.decode(jwt);
Claim customClaim = decodedJWT.getClaim("customClaim");
assertTrue(!customClaim.isNull() && customClaim.asString().equals("customValue"));
process.kill();
assertNotNull(process.checkOrWaitForEvent(ProcessState.PROCESS_STATE.STOPPED));
}
Also used :
TestingProcessManager(io.supertokens.test.TestingProcessManager)
JsonObject(com.google.gson.JsonObject)
DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT)
Claim(com.auth0.jwt.interfaces.Claim)
Test(org.junit.Test)
Aggregations
Algorithm (com.auth0.jwt.algorithms.Algorithm)206
Test (org.junit.Test)160
DecodedJWT (com.auth0.jwt.interfaces.DecodedJWT)90
JWTVerifier (com.auth0.jwt.JWTVerifier)79
ArgumentMatchers.anyString (org.mockito.ArgumentMatchers.anyString)79
ECDSAAlgorithmTest (com.auth0.jwt.algorithms.ECDSAAlgorithmTest)61
Date (java.util.Date)57
ECDSAKeyProvider (com.auth0.jwt.interfaces.ECDSAKeyProvider)51
RSAPublicKey (java.security.interfaces.RSAPublicKey)36
ECPublicKey (java.security.interfaces.ECPublicKey)34
RSAKeyProvider (com.auth0.jwt.interfaces.RSAKeyProvider)31
IOException (java.io.IOException)30
JWTCreator (com.auth0.jwt.JWTCreator)28
JWTVerificationException (com.auth0.jwt.exceptions.JWTVerificationException)25
ECPrivateKey (java.security.interfaces.ECPrivateKey)23
RSAPrivateKey (java.security.interfaces.RSAPrivateKey)21
HashMap (java.util.HashMap)17
UnsupportedEncodingException (java.io.UnsupportedEncodingException)16
ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)15
JsonObject (com.google.gson.JsonObject)15
