use of com.nimbusds.jwt.SignedJWT in project knox by apache.
the class AbstractJWTFilterTest method testNoAudienceConfigured.
@Test
public void testNoAudienceConfigured() throws Exception {
try {
Properties props = getProperties();
handler.init(new TestFilterConfig(props));
SignedJWT jwt = getJWT(AbstractJWTFilter.JWT_DEFAULT_ISSUER, "alice", null, new Date(new Date().getTime() + 5000), new Date(), privateKey, "RS256");
HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
setTokenOnRequest(request, jwt);
EasyMock.expect(request.getRequestURL()).andReturn(new StringBuffer(SERVICE_URL)).anyTimes();
EasyMock.expect(request.getQueryString()).andReturn(null);
HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
EasyMock.expect(response.encodeRedirectURL(SERVICE_URL)).andReturn(SERVICE_URL);
EasyMock.replay(request);
TestFilterChain chain = new TestFilterChain();
handler.doFilter(request, response, chain);
Assert.assertTrue("doFilterCalled should not be false.", chain.doFilterCalled);
Set<PrimaryPrincipal> principals = chain.subject.getPrincipals(PrimaryPrincipal.class);
Assert.assertTrue("No PrimaryPrincipal", !principals.isEmpty());
Assert.assertEquals("Not the expected principal", "alice", ((Principal) principals.toArray()[0]).getName());
} catch (ServletException se) {
fail("Should NOT have thrown a ServletException.");
}
}
use of com.nimbusds.jwt.SignedJWT in project knox by apache.
the class AbstractJWTFilterTest method testRS512SignatureAlgorithm.
@Test
public void testRS512SignatureAlgorithm() throws Exception {
try {
Properties props = getProperties();
props.put(AbstractJWTFilter.JWT_EXPECTED_SIGALG, "RS512");
handler.init(new TestFilterConfig(props));
SignedJWT jwt = getJWT(AbstractJWTFilter.JWT_DEFAULT_ISSUER, "alice", new Date(new Date().getTime() + 5000), new Date(), privateKey, JWSAlgorithm.RS512.getName());
HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
setTokenOnRequest(request, jwt);
EasyMock.expect(request.getRequestURL()).andReturn(new StringBuffer(SERVICE_URL)).anyTimes();
EasyMock.expect(request.getQueryString()).andReturn(null);
HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
EasyMock.expect(response.encodeRedirectURL(SERVICE_URL)).andReturn(SERVICE_URL);
EasyMock.replay(request);
TestFilterChain chain = new TestFilterChain();
handler.doFilter(request, response, chain);
Assert.assertTrue("doFilterCalled should not be false.", chain.doFilterCalled);
Set<PrimaryPrincipal> principals = chain.subject.getPrincipals(PrimaryPrincipal.class);
Assert.assertTrue("No PrimaryPrincipal", !principals.isEmpty());
Assert.assertEquals("Not the expected principal", "alice", ((Principal) principals.toArray()[0]).getName());
} catch (ServletException se) {
fail("Should NOT have thrown a ServletException.");
}
}
use of com.nimbusds.jwt.SignedJWT in project knox by apache.
the class AbstractJWTFilterTest method testValidIssuerViaConfig.
@Test
public void testValidIssuerViaConfig() throws Exception {
try {
Properties props = getProperties();
props.setProperty(AbstractJWTFilter.JWT_EXPECTED_ISSUER, "new-issuer");
handler.init(new TestFilterConfig(props));
SignedJWT jwt = getJWT("new-issuer", "alice", new Date(new Date().getTime() + 5000), privateKey);
HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
setTokenOnRequest(request, jwt);
EasyMock.expect(request.getRequestURL()).andReturn(new StringBuffer(SERVICE_URL)).anyTimes();
EasyMock.expect(request.getQueryString()).andReturn(null);
HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
EasyMock.expect(response.encodeRedirectURL(SERVICE_URL)).andReturn(SERVICE_URL);
EasyMock.replay(request);
TestFilterChain chain = new TestFilterChain();
handler.doFilter(request, response, chain);
Assert.assertTrue("doFilterCalled should not be false.", chain.doFilterCalled);
Set<PrimaryPrincipal> principals = chain.subject.getPrincipals(PrimaryPrincipal.class);
Assert.assertTrue("No PrimaryPrincipal", principals.size() > 0);
Assert.assertEquals("Not the expected principal", "alice", ((Principal) principals.toArray()[0]).getName());
} catch (ServletException se) {
fail("Should NOT have thrown a ServletException.");
}
}
use of com.nimbusds.jwt.SignedJWT in project knox by apache.
the class AbstractJWTFilterTest method testUnableToParseJWT.
@Test
public void testUnableToParseJWT() throws Exception {
try {
Properties props = getProperties();
handler.init(new TestFilterConfig(props));
SignedJWT jwt = getJWT(AbstractJWTFilter.JWT_DEFAULT_ISSUER, "bob", new Date(new Date().getTime() + 5000), privateKey);
HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
setGarbledTokenOnRequest(request, jwt);
EasyMock.expect(request.getRequestURL()).andReturn(new StringBuffer(SERVICE_URL)).anyTimes();
EasyMock.expect(request.getQueryString()).andReturn(null);
HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
EasyMock.expect(response.encodeRedirectURL(SERVICE_URL)).andReturn(SERVICE_URL).anyTimes();
EasyMock.replay(request);
TestFilterChain chain = new TestFilterChain();
handler.doFilter(request, response, chain);
Assert.assertTrue("doFilterCalled should not be true.", !chain.doFilterCalled);
Assert.assertTrue("No Subject should be returned.", chain.subject == null);
} catch (ServletException se) {
fail("Should NOT have thrown a ServletException.");
}
}
use of com.nimbusds.jwt.SignedJWT in project knox by apache.
the class SSOCookieProviderTest method testCustomCookieNameJWT.
@Test
public void testCustomCookieNameJWT() throws Exception {
try {
Properties props = getProperties();
props.put("sso.cookie.name", "jowt");
handler.init(new TestFilterConfig(props));
SignedJWT jwt = getJWT(AbstractJWTFilter.JWT_DEFAULT_ISSUER, "alice", new Date(new Date().getTime() + 5000), privateKey);
Cookie cookie = new Cookie("jowt", jwt.serialize());
HttpServletRequest request = EasyMock.createNiceMock(HttpServletRequest.class);
EasyMock.expect(request.getCookies()).andReturn(new Cookie[] { cookie });
EasyMock.expect(request.getRequestURL()).andReturn(new StringBuffer(SERVICE_URL)).anyTimes();
EasyMock.expect(request.getQueryString()).andReturn(null);
HttpServletResponse response = EasyMock.createNiceMock(HttpServletResponse.class);
EasyMock.expect(response.encodeRedirectURL(SERVICE_URL)).andReturn(SERVICE_URL);
EasyMock.replay(request);
TestFilterChain chain = new TestFilterChain();
handler.doFilter(request, response, chain);
Assert.assertTrue("doFilterCalled should not be false.", chain.doFilterCalled);
Set<PrimaryPrincipal> principals = chain.subject.getPrincipals(PrimaryPrincipal.class);
Assert.assertTrue("No PrimaryPrincipal returned.", !principals.isEmpty());
Assert.assertEquals("Not the expected principal", "alice", ((Principal) principals.toArray()[0]).getName());
} catch (ServletException se) {
fail("Should NOT have thrown a ServletException.");
}
}
Aggregations