use of com.nimbusds.jose.shaded.json.JSONObject in project kf-key-management by kids-first.
the class DynamicProxyTests method testProxyWithBothTokenWithoutExpiration.
@Test
void testProxyWithBothTokenWithoutExpiration() {
val userIdAndToken = createUserAndSecretAndObtainAccessToken("fence_gen3_access", "this_is_access_token");
createSecret("fence_gen3_refresh", userIdAndToken.getUserId(), "this_is_refresh_token");
JSONObject content = new JSONObject();
content.put("user_id", "119");
content.put("username", "DoeJ");
gen3VM.stubFor(get("/user/user").willReturn(ok(content.toJSONString()).withHeader("Content-Type", MediaType.APPLICATION_JSON_VALUE)));
webClient.get().uri("/gen3/user/user").accept(MediaType.APPLICATION_JSON).header("Authorization", "Bearer " + userIdAndToken.getAccessToken()).exchange().expectStatus().isUnauthorized();
}
use of com.nimbusds.jose.shaded.json.JSONObject in project kf-key-management by kids-first.
the class DynamicProxyTests method testProxyWithBothTokenExpired.
@Test
void testProxyWithBothTokenExpired() {
val expiration = now().minus(10, ChronoUnit.SECONDS).getEpochSecond();
val userIdAndToken = createUserAndSecretAndObtainAccessToken("fence_gen3_access", "this_is_access_token", expiration);
createSecret("fence_gen3_refresh", userIdAndToken.getUserId(), "this_is_refresh_token", expiration);
JSONObject content = new JSONObject();
content.put("user_id", "119");
content.put("username", "DoeJ");
gen3VM.stubFor(get("/user/user").willReturn(ok(content.toJSONString()).withHeader("Content-Type", MediaType.APPLICATION_JSON_VALUE)));
webClient.get().uri("/gen3/user/user").accept(MediaType.APPLICATION_JSON).header("Authorization", "Bearer " + userIdAndToken.getAccessToken()).exchange().expectStatus().isUnauthorized();
}
use of com.nimbusds.jose.shaded.json.JSONObject in project kf-key-management by kids-first.
the class FenceDeprecatedTests method testFenceRefreshPOST.
@Test
void testFenceRefreshPOST() throws Exception {
val expirationRefresh = now().plus(10, ChronoUnit.SECONDS).getEpochSecond();
val userIdAndToken = createUserAndSecretAndObtainAccessToken("fence_gen3_refresh", "secret", expirationRefresh);
JSONObject content = new JSONObject();
content.put("access_token", "this_is_access_token");
content.put("refresh_token", "this_is_a_fresh_refresh_token");
content.put("token_type", "BEARER");
gen3VM.stubFor(post("/").willReturn(ok(content.toJSONString()).withHeader("Content-Type", MediaType.APPLICATION_JSON_VALUE)));
webClient.post().uri(uriBuilder -> uriBuilder.path(fenceRefreshUri).queryParam("fence", "gen3").build()).accept(MediaType.APPLICATION_JSON).contentType(MediaType.APPLICATION_JSON).header("Authorization", "Bearer " + userIdAndToken.getAccessToken()).exchange().expectStatus().isOk().expectBody().jsonPath("$.access_token").value(o -> assertThat(o).isEqualTo("this_is_access_token")).jsonPath("$.refresh_token").value(o -> assertThat(o).isEqualTo("this_is_a_fresh_refresh_token"));
val accessSecret = secretTable.getItem(new Secret(userIdAndToken.getUserId(), "fence_gen3_access", null, null)).get();
assertThat(accessSecret).isNotNull();
assertThat(accessSecret.getSecret()).isEqualTo("encrypted_this_is_access_token");
val refreshSecret = secretTable.getItem(new Secret(userIdAndToken.getUserId(), "fence_gen3_refresh", null, null)).get();
assertThat(refreshSecret).isNotNull();
assertThat(refreshSecret.getSecret()).isEqualTo("encrypted_this_is_a_fresh_refresh_token");
assertThat(refreshSecret.getExpiration()).isEqualTo(expirationRefresh);
}
use of com.nimbusds.jose.shaded.json.JSONObject in project kf-key-management by kids-first.
the class KeyStoreTests method testKeyStoreDELETE.
@Test
void testKeyStoreDELETE() throws ExecutionException, InterruptedException {
val userIdAndToken = createUserAndSecretAndObtainAccessToken("cavatica", "my_secret");
JSONObject body = new JSONObject();
body.put("service", "cavatica");
webClient.method(HttpMethod.DELETE).uri(keyStoreUri).accept(MediaType.APPLICATION_JSON).contentType(MediaType.APPLICATION_JSON).header("Authorization", "Bearer " + userIdAndToken.getAccessToken()).bodyValue(body.toJSONString()).exchange().expectStatus().isOk();
val secret = secretTable.getItem(new Secret(userIdAndToken.getUserId(), "cavatica", null, null)).get();
assertThat(secret).isNull();
}
use of com.nimbusds.jose.shaded.json.JSONObject in project ProxyPass by CloudburstMC.
the class UpstreamPacketHandler method handle.
@Override
public boolean handle(LoginPacket packet) {
int protocolVersion = packet.getProtocolVersion();
if (protocolVersion != ProxyPass.PROTOCOL_VERSION) {
PlayStatusPacket status = new PlayStatusPacket();
if (protocolVersion > ProxyPass.PROTOCOL_VERSION) {
status.setStatus(PlayStatusPacket.Status.LOGIN_FAILED_SERVER_OLD);
} else {
status.setStatus(PlayStatusPacket.Status.LOGIN_FAILED_CLIENT_OLD);
}
}
session.setPacketCodec(ProxyPass.CODEC);
JsonNode certData;
try {
certData = ProxyPass.JSON_MAPPER.readTree(packet.getChainData().toByteArray());
} catch (IOException e) {
throw new RuntimeException("Certificate JSON can not be read.");
}
JsonNode certChainData = certData.get("chain");
if (certChainData.getNodeType() != JsonNodeType.ARRAY) {
throw new RuntimeException("Certificate data is not valid");
}
chainData = (ArrayNode) certChainData;
boolean validChain;
try {
validChain = validateChainData(certChainData);
log.debug("Is player data valid? {}", validChain);
JWSObject jwt = JWSObject.parse(certChainData.get(certChainData.size() - 1).asText());
JsonNode payload = ProxyPass.JSON_MAPPER.readTree(jwt.getPayload().toBytes());
if (payload.get("extraData").getNodeType() != JsonNodeType.OBJECT) {
throw new RuntimeException("AuthData was not found!");
}
extraData = (JSONObject) jwt.getPayload().toJSONObject().get("extraData");
this.authData = new AuthData(extraData.getAsString("displayName"), UUID.fromString(extraData.getAsString("identity")), extraData.getAsString("XUID"));
if (payload.get("identityPublicKey").getNodeType() != JsonNodeType.STRING) {
throw new RuntimeException("Identity Public Key was not found!");
}
ECPublicKey identityPublicKey = EncryptionUtils.generateKey(payload.get("identityPublicKey").textValue());
JWSObject clientJwt = JWSObject.parse(packet.getSkinData().toString());
verifyJwt(clientJwt, identityPublicKey);
skinData = new JSONObject(clientJwt.getPayload().toJSONObject());
initializeProxySession();
} catch (Exception e) {
session.disconnect("disconnectionScreen.internalError.cantConnect");
throw new RuntimeException("Unable to complete login", e);
}
return true;
}
Aggregations