Search in sources :

Example 16 with SignedJWT

use of com.nimbusds.jwt.SignedJWT in project knox by apache.

the class AbstractJWTFilterTest method testNoAudienceConfigured.

@Test
public void testNoAudienceConfigured() throws Exception {
    try {
        Properties props = getProperties();
        handler.init(new TestFilterConfig(props));
        SignedJWT jwt = getJWT(AbstractJWTFilter.JWT_DEFAULT_ISSUER, "alice", null, new Date(new Date().getTime() + 5000), new Date(), privateKey, "RS256");
        HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
        setTokenOnRequest(request, jwt);
        EasyMock.expect(request.getRequestURL()).andReturn(new StringBuffer(SERVICE_URL)).anyTimes();
        EasyMock.expect(request.getQueryString()).andReturn(null);
        HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
        EasyMock.expect(response.encodeRedirectURL(SERVICE_URL)).andReturn(SERVICE_URL);
        EasyMock.replay(request);
        TestFilterChain chain = new TestFilterChain();
        handler.doFilter(request, response, chain);
        Assert.assertTrue("doFilterCalled should not be false.", chain.doFilterCalled);
        Set<PrimaryPrincipal> principals = chain.subject.getPrincipals(PrimaryPrincipal.class);
        Assert.assertTrue("No PrimaryPrincipal", !principals.isEmpty());
        Assert.assertEquals("Not the expected principal", "alice", ((Principal) principals.toArray()[0]).getName());
    } catch (ServletException se) {
        fail("Should NOT have thrown a ServletException.");
    }
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) ServletException(javax.servlet.ServletException) PrimaryPrincipal(org.apache.knox.gateway.security.PrimaryPrincipal) HttpServletResponse(javax.servlet.http.HttpServletResponse) SignedJWT(com.nimbusds.jwt.SignedJWT) Properties(java.util.Properties) Date(java.util.Date) Test(org.junit.Test)

Example 17 with SignedJWT

use of com.nimbusds.jwt.SignedJWT in project knox by apache.

the class AbstractJWTFilterTest method testRS512SignatureAlgorithm.

@Test
public void testRS512SignatureAlgorithm() throws Exception {
    try {
        Properties props = getProperties();
        props.put(AbstractJWTFilter.JWT_EXPECTED_SIGALG, "RS512");
        handler.init(new TestFilterConfig(props));
        SignedJWT jwt = getJWT(AbstractJWTFilter.JWT_DEFAULT_ISSUER, "alice", new Date(new Date().getTime() + 5000), new Date(), privateKey, JWSAlgorithm.RS512.getName());
        HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
        setTokenOnRequest(request, jwt);
        EasyMock.expect(request.getRequestURL()).andReturn(new StringBuffer(SERVICE_URL)).anyTimes();
        EasyMock.expect(request.getQueryString()).andReturn(null);
        HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
        EasyMock.expect(response.encodeRedirectURL(SERVICE_URL)).andReturn(SERVICE_URL);
        EasyMock.replay(request);
        TestFilterChain chain = new TestFilterChain();
        handler.doFilter(request, response, chain);
        Assert.assertTrue("doFilterCalled should not be false.", chain.doFilterCalled);
        Set<PrimaryPrincipal> principals = chain.subject.getPrincipals(PrimaryPrincipal.class);
        Assert.assertTrue("No PrimaryPrincipal", !principals.isEmpty());
        Assert.assertEquals("Not the expected principal", "alice", ((Principal) principals.toArray()[0]).getName());
    } catch (ServletException se) {
        fail("Should NOT have thrown a ServletException.");
    }
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) ServletException(javax.servlet.ServletException) PrimaryPrincipal(org.apache.knox.gateway.security.PrimaryPrincipal) HttpServletResponse(javax.servlet.http.HttpServletResponse) SignedJWT(com.nimbusds.jwt.SignedJWT) Properties(java.util.Properties) Date(java.util.Date) Test(org.junit.Test)

Example 18 with SignedJWT

use of com.nimbusds.jwt.SignedJWT in project knox by apache.

the class AbstractJWTFilterTest method testValidIssuerViaConfig.

@Test
public void testValidIssuerViaConfig() throws Exception {
    try {
        Properties props = getProperties();
        props.setProperty(AbstractJWTFilter.JWT_EXPECTED_ISSUER, "new-issuer");
        handler.init(new TestFilterConfig(props));
        SignedJWT jwt = getJWT("new-issuer", "alice", new Date(new Date().getTime() + 5000), privateKey);
        HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
        setTokenOnRequest(request, jwt);
        EasyMock.expect(request.getRequestURL()).andReturn(new StringBuffer(SERVICE_URL)).anyTimes();
        EasyMock.expect(request.getQueryString()).andReturn(null);
        HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
        EasyMock.expect(response.encodeRedirectURL(SERVICE_URL)).andReturn(SERVICE_URL);
        EasyMock.replay(request);
        TestFilterChain chain = new TestFilterChain();
        handler.doFilter(request, response, chain);
        Assert.assertTrue("doFilterCalled should not be false.", chain.doFilterCalled);
        Set<PrimaryPrincipal> principals = chain.subject.getPrincipals(PrimaryPrincipal.class);
        Assert.assertTrue("No PrimaryPrincipal", principals.size() > 0);
        Assert.assertEquals("Not the expected principal", "alice", ((Principal) principals.toArray()[0]).getName());
    } catch (ServletException se) {
        fail("Should NOT have thrown a ServletException.");
    }
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) ServletException(javax.servlet.ServletException) PrimaryPrincipal(org.apache.knox.gateway.security.PrimaryPrincipal) HttpServletResponse(javax.servlet.http.HttpServletResponse) SignedJWT(com.nimbusds.jwt.SignedJWT) Properties(java.util.Properties) Date(java.util.Date) Test(org.junit.Test)

Example 19 with SignedJWT

use of com.nimbusds.jwt.SignedJWT in project knox by apache.

the class AbstractJWTFilterTest method testUnableToParseJWT.

@Test
public void testUnableToParseJWT() throws Exception {
    try {
        Properties props = getProperties();
        handler.init(new TestFilterConfig(props));
        SignedJWT jwt = getJWT(AbstractJWTFilter.JWT_DEFAULT_ISSUER, "bob", new Date(new Date().getTime() + 5000), privateKey);
        HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
        setGarbledTokenOnRequest(request, jwt);
        EasyMock.expect(request.getRequestURL()).andReturn(new StringBuffer(SERVICE_URL)).anyTimes();
        EasyMock.expect(request.getQueryString()).andReturn(null);
        HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
        EasyMock.expect(response.encodeRedirectURL(SERVICE_URL)).andReturn(SERVICE_URL).anyTimes();
        EasyMock.replay(request);
        TestFilterChain chain = new TestFilterChain();
        handler.doFilter(request, response, chain);
        Assert.assertTrue("doFilterCalled should not be true.", !chain.doFilterCalled);
        Assert.assertTrue("No Subject should be returned.", chain.subject == null);
    } catch (ServletException se) {
        fail("Should NOT have thrown a ServletException.");
    }
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) ServletException(javax.servlet.ServletException) HttpServletResponse(javax.servlet.http.HttpServletResponse) SignedJWT(com.nimbusds.jwt.SignedJWT) Properties(java.util.Properties) Date(java.util.Date) Test(org.junit.Test)

Example 20 with SignedJWT

use of com.nimbusds.jwt.SignedJWT in project knox by apache.

the class SSOCookieProviderTest method testCustomCookieNameJWT.

@Test
public void testCustomCookieNameJWT() throws Exception {
    try {
        Properties props = getProperties();
        props.put("sso.cookie.name", "jowt");
        handler.init(new TestFilterConfig(props));
        SignedJWT jwt = getJWT(AbstractJWTFilter.JWT_DEFAULT_ISSUER, "alice", new Date(new Date().getTime() + 5000), privateKey);
        Cookie cookie = new Cookie("jowt", jwt.serialize());
        HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
        EasyMock.expect(request.getCookies()).andReturn(new Cookie[] { cookie });
        EasyMock.expect(request.getRequestURL()).andReturn(new StringBuffer(SERVICE_URL)).anyTimes();
        EasyMock.expect(request.getQueryString()).andReturn(null);
        HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
        EasyMock.expect(response.encodeRedirectURL(SERVICE_URL)).andReturn(SERVICE_URL);
        EasyMock.replay(request);
        TestFilterChain chain = new TestFilterChain();
        handler.doFilter(request, response, chain);
        Assert.assertTrue("doFilterCalled should not be false.", chain.doFilterCalled);
        Set<PrimaryPrincipal> principals = chain.subject.getPrincipals(PrimaryPrincipal.class);
        Assert.assertTrue("No PrimaryPrincipal returned.", !principals.isEmpty());
        Assert.assertEquals("Not the expected principal", "alice", ((Principal) principals.toArray()[0]).getName());
    } catch (ServletException se) {
        fail("Should NOT have thrown a ServletException.");
    }
}
Also used : Cookie(javax.servlet.http.Cookie) HttpServletRequest(javax.servlet.http.HttpServletRequest) ServletException(javax.servlet.ServletException) PrimaryPrincipal(org.apache.knox.gateway.security.PrimaryPrincipal) HttpServletResponse(javax.servlet.http.HttpServletResponse) SignedJWT(com.nimbusds.jwt.SignedJWT) Properties(java.util.Properties) Date(java.util.Date) Test(org.junit.Test)

Aggregations

SignedJWT (com.nimbusds.jwt.SignedJWT)137 Date (java.util.Date)51 Test (org.junit.Test)50 HttpServletRequest (javax.servlet.http.HttpServletRequest)47 JWTClaimsSet (com.nimbusds.jwt.JWTClaimsSet)45 HttpServletResponse (javax.servlet.http.HttpServletResponse)44 Properties (java.util.Properties)39 ServletException (javax.servlet.ServletException)39 JWSHeader (com.nimbusds.jose.JWSHeader)30 RSASSASigner (com.nimbusds.jose.crypto.RSASSASigner)24 Cookie (javax.servlet.http.Cookie)21 ParseException (java.text.ParseException)20 JOSEException (com.nimbusds.jose.JOSEException)19 JWSSigner (com.nimbusds.jose.JWSSigner)14 Test (org.junit.jupiter.api.Test)12 AuthenticationException (com.hortonworks.registries.auth.client.AuthenticationException)10 RSASSAVerifier (com.nimbusds.jose.crypto.RSASSAVerifier)10 AuthenticationException (org.apache.hadoop.security.authentication.client.AuthenticationException)10 PrimaryPrincipal (org.apache.knox.gateway.security.PrimaryPrincipal)10 JWSVerifier (com.nimbusds.jose.JWSVerifier)9