Examples with OAuthJwtAccessToken com.yahoo.athenz.auth.oauth.token.OAuthJwtAccessToken used on opensource projects

Search in sources :

Example 6 with OAuthJwtAccessToken

use of com.yahoo.athenz.auth.oauth.token.OAuthJwtAccessToken in project athenz by yahoo.

the class DefaultOAuthJwtAccessTokenValidatorTest method testValidateVerifyScopes.

@Test
public void testValidateVerifyScopes() {
    final DefaultOAuthJwtAccessTokenValidator validator = this.baseValidator;
    final OAuthJwtAccessToken mock = Mockito.spy(baseJwt);
    Mockito.doReturn(this.trustedIssuer).when(mock).getIssuer();
    Mockito.doReturn(new ArrayList<>(this.requiredAudiences)).when(mock).getAudiences();
    Mockito.doReturn(1L).when(mock).getExpiration();
    // null JWT issuer
    Mockito.doReturn(null).when(mock).getScope();
    assertThrowable.accept(new ThrowingRunnable() {

        public void run() throws Throwable {
            validator.validate(mock);
        }
    }, "required scope not found: got=null");
    // empty
    Mockito.doReturn("").when(mock).getScope();
    assertThrowable.accept(new ThrowingRunnable() {

        public void run() throws Throwable {
            validator.validate(mock);
        }
    }, "required scope not found: got=");
    // not match
    Mockito.doReturn("scope_1 unknown_scope").when(mock).getScope();
    assertThrowable.accept(new ThrowingRunnable() {

        public void run() throws Throwable {
            validator.validate(mock);
        }
    }, "required scope not found: got=scope_1 unknown_scope");
    // match
    Mockito.doReturn("scope_3 scope_2 scope_1").when(mock).getScope();
    assertDoesNotThrow.accept(new ThrowingRunnable() {

        public void run() throws Throwable {
            validator.validate(mock);
        }
    });
}
Also used : OAuthJwtAccessToken(com.yahoo.athenz.auth.oauth.token.OAuthJwtAccessToken) ThrowingRunnable(org.testng.Assert.ThrowingRunnable) Test(org.testng.annotations.Test)

Example 7 with OAuthJwtAccessToken

use of com.yahoo.athenz.auth.oauth.token.OAuthJwtAccessToken in project athenz by yahoo.

the class DefaultOAuthJwtAccessTokenParser method parse.

@Override
public OAuthJwtAccessToken parse(String jwtString) throws OAuthJwtAccessTokenException {
    OAuthJwtAccessToken accessToken = null;
    try {
        Jws<Claims> jws = this.parser.parseClaimsJws(jwtString);
        accessToken = new DefaultOAuthJwtAccessToken(jws);
    } catch (Exception ex) {
        throw new OAuthJwtAccessTokenException(ex);
    }
    return accessToken;
}
Also used : Claims(io.jsonwebtoken.Claims) DefaultOAuthJwtAccessToken(com.yahoo.athenz.auth.oauth.token.DefaultOAuthJwtAccessToken) OAuthJwtAccessToken(com.yahoo.athenz.auth.oauth.token.OAuthJwtAccessToken) DefaultOAuthJwtAccessToken(com.yahoo.athenz.auth.oauth.token.DefaultOAuthJwtAccessToken) OAuthJwtAccessTokenException(com.yahoo.athenz.auth.oauth.token.OAuthJwtAccessTokenException) OAuthJwtAccessTokenException(com.yahoo.athenz.auth.oauth.token.OAuthJwtAccessTokenException)

Example 8 with OAuthJwtAccessToken

use of com.yahoo.athenz.auth.oauth.token.OAuthJwtAccessToken in project athenz by yahoo.

the class DefaultOAuthJwtAccessTokenParserFactoryTest method testCreate.

@Test
public void testCreate() throws OAuthJwtAccessTokenException {
    OAuthJwtAccessTokenParser parser = null;
    DefaultOAuthJwtAccessTokenParserFactory factory = new DefaultOAuthJwtAccessTokenParserFactory();
    // check internal
    assertThrows(IllegalArgumentException.class, () -> factory.create(null));
    // check default
    parser = factory.create(baseKeyStore);
    assertNotNull(parser);
    // check custom property
    String jwtString = "eyJraWQiOiJjOTk4NmVlMy03YjJhLTRkMjAtYjg2YS0wODM5ODU2ZjI1NDEiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJEZWZhdWx0T0F1dGhKd3RBY2Nlc3NUb2tlblBhcnNlckZhY3RvcnlUZXN0In0.UalqjyBTDNnEqA0NaOeOhTn_H96vFo9TsCTq58r1YT2p5Hf3xjZLn25puWjcoGZOp1N2xBrvKwmcysHtib5Gq70ulBV7zQXHVzoLB56Ey2LDJJ3QH5sejPCXuapu2i21hSp4PEVvqndULdMipcFYngN97uISrwj-cki8XVgEQDs3OiuHNpyLPYHbCOrbncU9cy29K7l1wYS9gG_OYUB_gy0vdQDhbdbtWs6iwYWQZ3UWJcLp_j1hZyeRhmrSeAmHEBUa8mZs8EuySd3cxUYtV5qje_GPQ47BP2sFWSM6an4Gw6llSWp395O9zJPHRwcqSeIop_wV9Lb7C7v1pRDQDGDsSXH4UbxvEw-Yb0fg4jos3z2cLtk8NR4qzLCVnzHt1uD9QpzB3dXNB22nn8coZ0ay78lMahje6xw162pyjWZUD2YrRpPxUgngdsVJEN-DBQzKQyieHWTWMEgZ2uUsXtPKTKYcW9XfHSXE7gEQwNP9Qz03oP4bz9oP1aLpeQIMQ790NsMfSOv3yRpH5RswZ5rd9NJZgH-n57AlS8Oqz1-wIwTehGdnRlEveU0xoVfuQOonooPHACXA0DR2pV-zo6VT4BOLUMmhU8-TDvP05VXC-maNljjjtL4H7pX6ob9eLTAbj96RqHOkey89WwgKlS1a6LnoMRxcuVJPPmcerdY";
    System.setProperty("athenz.auth.oauth.jwt.parser.jwks_url", this.classLoader.getResource("jwt_jwks.json").toString());
    parser = factory.create(baseKeyStore);
    System.clearProperty("athenz.auth.oauth.jwt.parser.jwks_url");
    OAuthJwtAccessToken token = parser.parse(jwtString);
    assertEquals(token.getIssuer(), "DefaultOAuthJwtAccessTokenParserFactoryTest");
}
Also used : OAuthJwtAccessToken(com.yahoo.athenz.auth.oauth.token.OAuthJwtAccessToken) Test(org.testng.annotations.Test)

Example 9 with OAuthJwtAccessToken

use of com.yahoo.athenz.auth.oauth.token.OAuthJwtAccessToken in project athenz by yahoo.

the class DefaultOAuthJwtAccessTokenValidatorTest method testValidateVerifyIssuer.

@Test
public void testValidateVerifyIssuer() {
    final DefaultOAuthJwtAccessTokenValidator validator = this.baseValidator;
    final OAuthJwtAccessToken mock = Mockito.spy(baseJwt);
    Mockito.doReturn(new ArrayList<>(this.requiredAudiences)).when(mock).getAudiences();
    Mockito.doReturn(new ArrayList<>(this.requiredScopes)).when(mock).getScopes();
    Mockito.doReturn(1L).when(mock).getExpiration();
    // null JWT issuer
    Mockito.doReturn(null).when(mock).getIssuer();
    assertThrowable.accept(new ThrowingRunnable() {

        public void run() throws Throwable {
            validator.validate(mock);
        }
    }, "iss not trusted: got=null");
    // empty
    Mockito.doReturn("").when(mock).getIssuer();
    assertThrowable.accept(new ThrowingRunnable() {

        public void run() throws Throwable {
            validator.validate(mock);
        }
    }, "iss not trusted: got=");
    // not match
    Mockito.doReturn("untrusty_issuer").when(mock).getIssuer();
    assertThrowable.accept(new ThrowingRunnable() {

        public void run() throws Throwable {
            validator.validate(mock);
        }
    }, "iss not trusted: got=untrusty_issuer");
    // match
    Mockito.doReturn("trustedIssuer").when(mock).getIssuer();
    assertDoesNotThrow.accept(new ThrowingRunnable() {

        public void run() throws Throwable {
            validator.validate(mock);
        }
    });
}
Also used : OAuthJwtAccessToken(com.yahoo.athenz.auth.oauth.token.OAuthJwtAccessToken) ThrowingRunnable(org.testng.Assert.ThrowingRunnable) Test(org.testng.annotations.Test)

Example 10 with OAuthJwtAccessToken

use of com.yahoo.athenz.auth.oauth.token.OAuthJwtAccessToken in project athenz by yahoo.

the class DefaultOAuthJwtAccessTokenValidatorTest method testValidateExpiration.

@Test
public void testValidateExpiration() {
    final DefaultOAuthJwtAccessTokenValidator validator = new DefaultOAuthJwtAccessTokenValidator(this.trustedIssuer, this.requiredAudiences, this.requiredScopes, this.authorizedClientIds);
    final OAuthJwtAccessToken mock = Mockito.spy(baseJwt);
    Mockito.doReturn("trustedIssuer").when(mock).getIssuer();
    Mockito.doReturn(Arrays.asList("aud_1", "aud_2")).when(mock).getAudiences();
    Mockito.doReturn(Arrays.asList("scope_1", "scope_2")).when(mock).getScopes();
    // zero exp
    Mockito.doReturn(0L).when(mock).getExpiration();
    assertThrowable.accept(new ThrowingRunnable() {

        public void run() throws Throwable {
            validator.validate(mock);
        }
    }, "exp is empty");
    // -ve exp
    Mockito.doReturn(-1L).when(mock).getExpiration();
    assertThrowable.accept(new ThrowingRunnable() {

        public void run() throws Throwable {
            validator.validate(mock);
        }
    }, "exp is empty");
    // +ve exp
    Mockito.doReturn(1L).when(mock).getExpiration();
    assertDoesNotThrow.accept(new ThrowingRunnable() {

        public void run() throws Throwable {
            validator.validate(mock);
        }
    });
}
Also used : OAuthJwtAccessToken(com.yahoo.athenz.auth.oauth.token.OAuthJwtAccessToken) ThrowingRunnable(org.testng.Assert.ThrowingRunnable) Test(org.testng.annotations.Test)

Aggregations

OAuthJwtAccessToken (com.yahoo.athenz.auth.oauth.token.OAuthJwtAccessToken)11 Test (org.testng.annotations.Test)9 ThrowingRunnable (org.testng.Assert.ThrowingRunnable)6 DefaultOAuthJwtAccessToken (com.yahoo.athenz.auth.oauth.token.DefaultOAuthJwtAccessToken)2 OAuthJwtAccessTokenException (com.yahoo.athenz.auth.oauth.token.OAuthJwtAccessTokenException)2 CryptoException (com.yahoo.athenz.auth.util.CryptoException)2 Claims (io.jsonwebtoken.Claims)2 CertificateEncodingException (java.security.cert.CertificateEncodingException)2 X509Certificate (java.security.cert.X509Certificate)2 CertificateIdentity (com.yahoo.athenz.auth.impl.CertificateIdentity)1 CertificateIdentityException (com.yahoo.athenz.auth.impl.CertificateIdentityException)1 SimplePrincipal (com.yahoo.athenz.auth.impl.SimplePrincipal)1 Jws (io.jsonwebtoken.Jws)1 JwtParser (io.jsonwebtoken.JwtParser)1 Field (java.lang.reflect.Field)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial