Example 71 with JWTVerifier
use of com.auth0.jwt.JWTVerifier in project java-jwt by auth0.
the class ECDSAAlgorithmTest method invalidECDSA256SignatureShouldFailTokenVerification.
@Test
public void invalidECDSA256SignatureShouldFailTokenVerification() throws Exception {
exception.expect(SignatureVerificationException.class);
exception.expectCause(isA(SignatureException.class));
String jwtWithInvalidSig = "eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWUsImlhdCI6MTUxNjIzOTAyMn0._____wAAAAD__________7zm-q2nF56E87nKwvxjJVH_____AAAAAP__________vOb6racXnoTzucrC_GMlUQ";
ECKey key256 = (ECKey) readPublicKeyFromFile(PUBLIC_KEY_FILE_256, "EC");
ECKey key384 = (ECKey) readPublicKeyFromFile(PUBLIC_KEY_FILE_384, "EC");
ECKey key512 = (ECKey) readPublicKeyFromFile(PUBLIC_KEY_FILE_512, "EC");
JWTVerifier verifier256 = JWT.require(Algorithm.ECDSA256(key256)).build();
JWTVerifier verifier384 = JWT.require(Algorithm.ECDSA256(key384)).build();
JWTVerifier verifier512 = JWT.require(Algorithm.ECDSA256(key512)).build();
verifier256.verify(jwtWithInvalidSig);
verifier384.verify(jwtWithInvalidSig);
verifier512.verify(jwtWithInvalidSig);
}
Also used :
ECKey(java.security.interfaces.ECKey)
ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString)
JWTVerifier(com.auth0.jwt.interfaces.JWTVerifier)
Test(org.junit.Test)
Example 72 with JWTVerifier
use of com.auth0.jwt.JWTVerifier in project java-jwt by auth0.
the class JWTVerifierTest method shouldOverrideDefaultNotBeforeLeeway.
@Test
public void shouldOverrideDefaultNotBeforeLeeway() {
Algorithm algorithm = mock(Algorithm.class);
JWTVerifier.BaseVerification verification = (JWTVerifier.BaseVerification) JWTVerifier.init(algorithm);
JWTVerifier verifier = verification.acceptLeeway(1234L).acceptNotBefore(9999L).build();
assertThat(verifier.expectedChecks, is(notNullValue()));
assertThat(verification.getLeewayFor(RegisteredClaims.ISSUED_AT), is(1234L));
assertThat(verification.getLeewayFor(RegisteredClaims.EXPIRES_AT), is(1234L));
assertThat(verification.getLeewayFor(RegisteredClaims.NOT_BEFORE), is(9999L));
}Example 73 with JWTVerifier
use of com.auth0.jwt.JWTVerifier in project java-jwt by auth0.
the class JWTVerifierTest method shouldVerifyBooleanClaimPresence.
@Test
public void shouldVerifyBooleanClaimPresence() {
String jwt = JWTCreator.init().withClaim("custom", true).sign(Algorithm.HMAC256("secret"));
JWTVerifier verifier = JWTVerifier.init(Algorithm.HMAC256("secret")).withClaimPresence("custom").build();
DecodedJWT decodedJWT = verifier.verify(jwt);
assertThat(decodedJWT, is(notNullValue()));
}
Also used :
DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT)
Test(org.junit.Test)
Example 74 with JWTVerifier
use of com.auth0.jwt.JWTVerifier in project java-jwt by auth0.
the class JWTVerifierTest method shouldSuccessfullyVerifyClaimWithPredicate.
@Test
public void shouldSuccessfullyVerifyClaimWithPredicate() {
String jwt = JWTCreator.init().withClaim("claimName", "claimValue").sign(Algorithm.HMAC256("secret"));
JWTVerifier verifier = JWTVerifier.init(Algorithm.HMAC256("secret")).withClaim("claimName", (claim, decodedJWT) -> "claimValue".equals(claim.asString())).build();
DecodedJWT decodedJWT = verifier.verify(jwt);
assertThat(decodedJWT, is(notNullValue()));
}
Also used :
Verification(com.auth0.jwt.interfaces.Verification)
com.auth0.jwt.exceptions(com.auth0.jwt.exceptions)
DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT)
Date(java.util.Date)
Assert.assertThrows(org.junit.Assert.assertThrows)
Matchers(org.hamcrest.Matchers)
Test(org.junit.Test)
Instant(java.time.Instant)
ZoneId(java.time.ZoneId)
BiPredicate(java.util.function.BiPredicate)
Algorithm(com.auth0.jwt.algorithms.Algorithm)
Rule(org.junit.Rule)
Duration(java.time.Duration)
Clock(java.time.Clock)
MatcherAssert.assertThat(org.hamcrest.MatcherAssert.assertThat)
Claim(com.auth0.jwt.interfaces.Claim)
ExpectedException(org.junit.rules.ExpectedException)
Collections(java.util.Collections)
Mockito.mock(org.mockito.Mockito.mock)
DecodedJWT(com.auth0.jwt.interfaces.DecodedJWT)
Test(org.junit.Test)
Example 75 with JWTVerifier
use of com.auth0.jwt.JWTVerifier in project java-jwt by auth0.
the class JWTVerifierTest method shouldOverrideDefaultExpiresAtLeeway.
@Test
public void shouldOverrideDefaultExpiresAtLeeway() {
Algorithm algorithm = mock(Algorithm.class);
JWTVerifier.BaseVerification verification = (JWTVerifier.BaseVerification) JWTVerifier.init(algorithm);
JWTVerifier verifier = verification.acceptLeeway(1234L).acceptExpiresAt(9999L).build();
assertThat(verifier.expectedChecks, is(notNullValue()));
assertThat(verification.getLeewayFor(RegisteredClaims.ISSUED_AT), is(1234L));
assertThat(verification.getLeewayFor(RegisteredClaims.EXPIRES_AT), is(9999L));
assertThat(verification.getLeewayFor(RegisteredClaims.NOT_BEFORE), is(1234L));
}Aggregations
JWTVerifier (com.auth0.jwt.JWTVerifier)115
Algorithm (com.auth0.jwt.algorithms.Algorithm)104
DecodedJWT (com.auth0.jwt.interfaces.DecodedJWT)100
Test (org.junit.Test)42
JWTVerificationException (com.auth0.jwt.exceptions.JWTVerificationException)30
IOException (java.io.IOException)23
JWTVerifier (com.auth0.jwt.interfaces.JWTVerifier)18
RSAPublicKey (java.security.interfaces.RSAPublicKey)15
JWTDecodeException (com.auth0.jwt.exceptions.JWTDecodeException)14
Claim (com.auth0.jwt.interfaces.Claim)10
Date (java.util.Date)9
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)8
HashMap (java.util.HashMap)8
ECKey (java.security.interfaces.ECKey)7
ServletException (javax.servlet.ServletException)7
UnsupportedEncodingException (java.io.UnsupportedEncodingException)6
TokenExpiredException (com.auth0.jwt.exceptions.TokenExpiredException)5
RSAKeyProvider (com.auth0.jwt.interfaces.RSAKeyProvider)5
URL (java.net.URL)5
KeyFactory (java.security.KeyFactory)5
