Example 41 with JSONObject
use of com.nimbusds.jose.shaded.json.JSONObject in project kf-key-management by kids-first.
the class DynamicProxyTests method testProxyWithBothTokenWithoutExpiration.
@Test
void testProxyWithBothTokenWithoutExpiration() {
val userIdAndToken = createUserAndSecretAndObtainAccessToken("fence_gen3_access", "this_is_access_token");
createSecret("fence_gen3_refresh", userIdAndToken.getUserId(), "this_is_refresh_token");
JSONObject content = new JSONObject();
content.put("user_id", "119");
content.put("username", "DoeJ");
gen3VM.stubFor(get("/user/user").willReturn(ok(content.toJSONString()).withHeader("Content-Type", MediaType.APPLICATION_JSON_VALUE)));
webClient.get().uri("/gen3/user/user").accept(MediaType.APPLICATION_JSON).header("Authorization", "Bearer " + userIdAndToken.getAccessToken()).exchange().expectStatus().isUnauthorized();
}
Also used :
lombok.val(lombok.val)
JSONObject(com.nimbusds.jose.shaded.json.JSONObject)
Test(org.junit.jupiter.api.Test)
Example 42 with JSONObject
use of com.nimbusds.jose.shaded.json.JSONObject in project kf-key-management by kids-first.
the class DynamicProxyTests method testProxyWithBothTokenExpired.
@Test
void testProxyWithBothTokenExpired() {
val expiration = now().minus(10, ChronoUnit.SECONDS).getEpochSecond();
val userIdAndToken = createUserAndSecretAndObtainAccessToken("fence_gen3_access", "this_is_access_token", expiration);
createSecret("fence_gen3_refresh", userIdAndToken.getUserId(), "this_is_refresh_token", expiration);
JSONObject content = new JSONObject();
content.put("user_id", "119");
content.put("username", "DoeJ");
gen3VM.stubFor(get("/user/user").willReturn(ok(content.toJSONString()).withHeader("Content-Type", MediaType.APPLICATION_JSON_VALUE)));
webClient.get().uri("/gen3/user/user").accept(MediaType.APPLICATION_JSON).header("Authorization", "Bearer " + userIdAndToken.getAccessToken()).exchange().expectStatus().isUnauthorized();
}
Also used :
lombok.val(lombok.val)
JSONObject(com.nimbusds.jose.shaded.json.JSONObject)
Test(org.junit.jupiter.api.Test)
Example 43 with JSONObject
use of com.nimbusds.jose.shaded.json.JSONObject in project kf-key-management by kids-first.
the class FenceDeprecatedTests method testFenceRefreshPOST.
@Test
void testFenceRefreshPOST() throws Exception {
val expirationRefresh = now().plus(10, ChronoUnit.SECONDS).getEpochSecond();
val userIdAndToken = createUserAndSecretAndObtainAccessToken("fence_gen3_refresh", "secret", expirationRefresh);
JSONObject content = new JSONObject();
content.put("access_token", "this_is_access_token");
content.put("refresh_token", "this_is_a_fresh_refresh_token");
content.put("token_type", "BEARER");
gen3VM.stubFor(post("/").willReturn(ok(content.toJSONString()).withHeader("Content-Type", MediaType.APPLICATION_JSON_VALUE)));
webClient.post().uri(uriBuilder -> uriBuilder.path(fenceRefreshUri).queryParam("fence", "gen3").build()).accept(MediaType.APPLICATION_JSON).contentType(MediaType.APPLICATION_JSON).header("Authorization", "Bearer " + userIdAndToken.getAccessToken()).exchange().expectStatus().isOk().expectBody().jsonPath("$.access_token").value(o -> assertThat(o).isEqualTo("this_is_access_token")).jsonPath("$.refresh_token").value(o -> assertThat(o).isEqualTo("this_is_a_fresh_refresh_token"));
val accessSecret = secretTable.getItem(new Secret(userIdAndToken.getUserId(), "fence_gen3_access", null, null)).get();
assertThat(accessSecret).isNotNull();
assertThat(accessSecret.getSecret()).isEqualTo("encrypted_this_is_access_token");
val refreshSecret = secretTable.getItem(new Secret(userIdAndToken.getUserId(), "fence_gen3_refresh", null, null)).get();
assertThat(refreshSecret).isNotNull();
assertThat(refreshSecret.getSecret()).isEqualTo("encrypted_this_is_a_fresh_refresh_token");
assertThat(refreshSecret.getExpiration()).isEqualTo(expirationRefresh);
}
Also used :
lombok.val(lombok.val)
Instant.now(java.time.Instant.now)
JSONObject(com.nimbusds.jose.shaded.json.JSONObject)
DynamicPropertySource(org.springframework.test.context.DynamicPropertySource)
MediaType(org.springframework.http.MediaType)
lombok.val(lombok.val)
DynamicPropertyRegistry(org.springframework.test.context.DynamicPropertyRegistry)
WireMock.ok(com.github.tomakehurst.wiremock.client.WireMock.ok)
WireMockExtension(com.github.tomakehurst.wiremock.junit5.WireMockExtension)
Test(org.junit.jupiter.api.Test)
ExecutionException(java.util.concurrent.ExecutionException)
Secret(io.kidsfirst.core.model.Secret)
Slf4j(lombok.extern.slf4j.Slf4j)
ChronoUnit(java.time.temporal.ChronoUnit)
WireMockConfiguration.wireMockConfig(com.github.tomakehurst.wiremock.core.WireMockConfiguration.wireMockConfig)
BeforeAll(org.junit.jupiter.api.BeforeAll)
RegisterExtension(org.junit.jupiter.api.extension.RegisterExtension)
WireMock.post(com.github.tomakehurst.wiremock.client.WireMock.post)
AssertionsForClassTypes.assertThat(org.assertj.core.api.AssertionsForClassTypes.assertThat)
Secret(io.kidsfirst.core.model.Secret)
JSONObject(com.nimbusds.jose.shaded.json.JSONObject)
Test(org.junit.jupiter.api.Test)
Example 44 with JSONObject
use of com.nimbusds.jose.shaded.json.JSONObject in project kf-key-management by kids-first.
the class KeyStoreTests method testKeyStoreDELETE.
@Test
void testKeyStoreDELETE() throws ExecutionException, InterruptedException {
val userIdAndToken = createUserAndSecretAndObtainAccessToken("cavatica", "my_secret");
JSONObject body = new JSONObject();
body.put("service", "cavatica");
webClient.method(HttpMethod.DELETE).uri(keyStoreUri).accept(MediaType.APPLICATION_JSON).contentType(MediaType.APPLICATION_JSON).header("Authorization", "Bearer " + userIdAndToken.getAccessToken()).bodyValue(body.toJSONString()).exchange().expectStatus().isOk();
val secret = secretTable.getItem(new Secret(userIdAndToken.getUserId(), "cavatica", null, null)).get();
assertThat(secret).isNull();
}
Also used :
lombok.val(lombok.val)
Secret(io.kidsfirst.core.model.Secret)
JSONObject(com.nimbusds.jose.shaded.json.JSONObject)
Test(org.junit.jupiter.api.Test)
Example 45 with JSONObject
use of com.nimbusds.jose.shaded.json.JSONObject in project ProxyPass by CloudburstMC.
the class UpstreamPacketHandler method handle.
@Override
public boolean handle(LoginPacket packet) {
int protocolVersion = packet.getProtocolVersion();
if (protocolVersion != ProxyPass.PROTOCOL_VERSION) {
PlayStatusPacket status = new PlayStatusPacket();
if (protocolVersion > ProxyPass.PROTOCOL_VERSION) {
status.setStatus(PlayStatusPacket.Status.LOGIN_FAILED_SERVER_OLD);
} else {
status.setStatus(PlayStatusPacket.Status.LOGIN_FAILED_CLIENT_OLD);
}
}
session.setPacketCodec(ProxyPass.CODEC);
JsonNode certData;
try {
certData = ProxyPass.JSON_MAPPER.readTree(packet.getChainData().toByteArray());
} catch (IOException e) {
throw new RuntimeException("Certificate JSON can not be read.");
}
JsonNode certChainData = certData.get("chain");
if (certChainData.getNodeType() != JsonNodeType.ARRAY) {
throw new RuntimeException("Certificate data is not valid");
}
chainData = (ArrayNode) certChainData;
boolean validChain;
try {
validChain = validateChainData(certChainData);
log.debug("Is player data valid? {}", validChain);
JWSObject jwt = JWSObject.parse(certChainData.get(certChainData.size() - 1).asText());
JsonNode payload = ProxyPass.JSON_MAPPER.readTree(jwt.getPayload().toBytes());
if (payload.get("extraData").getNodeType() != JsonNodeType.OBJECT) {
throw new RuntimeException("AuthData was not found!");
}
extraData = (JSONObject) jwt.getPayload().toJSONObject().get("extraData");
this.authData = new AuthData(extraData.getAsString("displayName"), UUID.fromString(extraData.getAsString("identity")), extraData.getAsString("XUID"));
if (payload.get("identityPublicKey").getNodeType() != JsonNodeType.STRING) {
throw new RuntimeException("Identity Public Key was not found!");
}
ECPublicKey identityPublicKey = EncryptionUtils.generateKey(payload.get("identityPublicKey").textValue());
JWSObject clientJwt = JWSObject.parse(packet.getSkinData().toString());
verifyJwt(clientJwt, identityPublicKey);
skinData = new JSONObject(clientJwt.getPayload().toJSONObject());
initializeProxySession();
} catch (Exception e) {
session.disconnect("disconnectionScreen.internalError.cantConnect");
throw new RuntimeException("Unable to complete login", e);
}
return true;
}
Also used :
PlayStatusPacket(com.nukkitx.protocol.bedrock.packet.PlayStatusPacket)
ECPublicKey(java.security.interfaces.ECPublicKey)
JSONObject(com.nimbusds.jose.shaded.json.JSONObject)
JsonNode(com.fasterxml.jackson.databind.JsonNode)
IOException(java.io.IOException)
JWSObject(com.nimbusds.jose.JWSObject)
JOSEException(com.nimbusds.jose.JOSEException)
JsonProcessingException(com.fasterxml.jackson.core.JsonProcessingException)
IOException(java.io.IOException)
Aggregations
JSONObject (com.nimbusds.jose.shaded.json.JSONObject)52
lombok.val (lombok.val)22
Test (org.junit.jupiter.api.Test)21
Secret (io.kidsfirst.core.model.Secret)10
JSONArray (com.nimbusds.jose.shaded.json.JSONArray)9
Map (java.util.Map)5
Slf4j (lombok.extern.slf4j.Slf4j)5
JWSObject (com.nimbusds.jose.JWSObject)4
FenceService (io.kidsfirst.core.service.FenceService)4
SecretService (io.kidsfirst.core.service.SecretService)4
ResponseEntity (org.springframework.http.ResponseEntity)4
JwtAuthenticationToken (org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken)4
org.springframework.web.bind.annotation (org.springframework.web.bind.annotation)4
IOException (java.io.IOException)3
ECPublicKey (java.security.interfaces.ECPublicKey)3
Flux (reactor.core.publisher.Flux)3
Mono (reactor.core.publisher.Mono)3
JsonNode (com.fasterxml.jackson.databind.JsonNode)2
JWTClaimsSet (com.nimbusds.jwt.JWTClaimsSet)2
URI (java.net.URI)2
