Examples with JwtsSigningKeyResolver com.yahoo.athenz.auth.token.jwts.JwtsSigningKeyResolver used on opensource projects

Search in sources :

Example 1 with JwtsSigningKeyResolver

use of com.yahoo.athenz.auth.token.jwts.JwtsSigningKeyResolver in project athenz by yahoo.

the class ZTSClientTest method testGetAccessTokenFromFile.

@Test
public void testGetAccessTokenFromFile() {
    File ecPublicKey = new File("./src/test/resources/ec_public.key");
    JwtsSigningKeyResolver resolver = new JwtsSigningKeyResolver(null, null);
    PublicKey publicKey = Crypto.loadPublicKey(ecPublicKey);
    resolver.addPublicKey("eckey1", publicKey);
    Path path = Paths.get("./src/test/resources/");
    System.setProperty(ZTSAccessTokenFileLoader.ACCESS_TOKEN_PATH_PROPERTY, path.toString());
    setupTokenFile();
    setupInvalidTokenFile();
    Principal principal = SimplePrincipal.create("user_domain", "user", "auth_creds", PRINCIPAL_AUTHORITY);
    ZTSRDLClientMock ztsClientMock = new ZTSRDLClientMock();
    ZTSClient client = new ZTSClient("http://localhost:4080", principal);
    client.setZTSRDLGeneratedClient(ztsClientMock);
    ZTSClient.setAccessTokenSignKeyResolver(resolver);
    ZTSClient.initZTSAccessTokenFileLoader();
    AccessTokenResponse accessTokenResponse = client.getAccessToken("test.domain", Collections.singletonList("admin"), 3600);
    assertNotNull(accessTokenResponse);
    assertEquals(accessTokenResponse.getScope(), "admin");
    assertEquals((int) accessTokenResponse.getExpires_in(), 28800);
}
Also used : Path(java.nio.file.Path) PublicKey(java.security.PublicKey) JwtsSigningKeyResolver(com.yahoo.athenz.auth.token.jwts.JwtsSigningKeyResolver) AccessTokenTestFileHelper.setupInvalidTokenFile(com.yahoo.athenz.zts.AccessTokenTestFileHelper.setupInvalidTokenFile) AccessTokenTestFileHelper.setupTokenFile(com.yahoo.athenz.zts.AccessTokenTestFileHelper.setupTokenFile) SimplePrincipal(com.yahoo.athenz.auth.impl.SimplePrincipal) Principal(com.yahoo.athenz.auth.Principal) Test(org.testng.annotations.Test)

Example 2 with JwtsSigningKeyResolver

use of com.yahoo.athenz.auth.token.jwts.JwtsSigningKeyResolver in project athenz by yahoo.

the class AccessTokenTest method testConfirmX509CertInvalidProxyPrincipal.

@Test
public void testConfirmX509CertInvalidProxyPrincipal() throws IOException {
    long now = System.currentTimeMillis() / 1000;
    AccessToken accessToken = createAccessToken(now);
    accessToken.setConfirmProxyPrincipalSpiffeUris(Collections.singletonList("spiffe://athenz/sports/service1"));
    // now get the signed token
    PrivateKey privateKey = Crypto.loadPrivateKey(ecPrivateKey);
    String accessJws = accessToken.getSignedToken(privateKey, "eckey1", SignatureAlgorithm.ES256);
    assertNotNull(accessJws);
    // now verify our signed token
    JwtsSigningKeyResolver resolver = new JwtsSigningKeyResolver(null, null);
    resolver.addPublicKey("eckey1", Crypto.loadPublicKey(ecPublicKey));
    Path path = Paths.get("src/test/resources/x509_altnames_singleuri.cert");
    String certStr = new String(Files.readAllBytes(path));
    X509Certificate cert = Crypto.loadX509Certificate(certStr);
    try {
        new AccessToken(accessJws, resolver, cert);
        fail();
    } catch (CryptoException ex) {
        assertTrue(ex.getMessage().contains("Confirmation failure"));
    }
}
Also used : Path(java.nio.file.Path) PrivateKey(java.security.PrivateKey) MockJwtsSigningKeyResolver(com.yahoo.athenz.auth.token.jwts.MockJwtsSigningKeyResolver) JwtsSigningKeyResolver(com.yahoo.athenz.auth.token.jwts.JwtsSigningKeyResolver) CryptoException(com.yahoo.athenz.auth.util.CryptoException) X509Certificate(java.security.cert.X509Certificate) Test(org.testng.annotations.Test)

Example 3 with JwtsSigningKeyResolver

use of com.yahoo.athenz.auth.token.jwts.JwtsSigningKeyResolver in project athenz by yahoo.

the class AccessTokenTest method testConfirmX509CertProxyPrincipal.

@Test
public void testConfirmX509CertProxyPrincipal() throws IOException {
    long now = System.currentTimeMillis() / 1000;
    AccessToken accessToken = createAccessToken(now);
    accessToken.setConfirmProxyPrincipalSpiffeUris(Collections.singletonList("spiffe://athenz/domain1/service1"));
    // now get the signed token
    PrivateKey privateKey = Crypto.loadPrivateKey(ecPrivateKey);
    String accessJws = accessToken.getSignedToken(privateKey, "eckey1", SignatureAlgorithm.ES256);
    assertNotNull(accessJws);
    // now verify our signed token
    JwtsSigningKeyResolver resolver = new JwtsSigningKeyResolver(null, null);
    resolver.addPublicKey("eckey1", Crypto.loadPublicKey(ecPublicKey));
    Path path = Paths.get("src/test/resources/x509_altnames_singleuri.cert");
    String certStr = new String(Files.readAllBytes(path));
    X509Certificate cert = Crypto.loadX509Certificate(certStr);
    AccessToken checkToken = new AccessToken(accessJws, resolver, cert);
    assertNotNull(checkToken);
    List<String> spiffeUris = checkToken.getConfirmProxyPrincpalSpiffeUris();
    assertEquals(spiffeUris.size(), 1);
    assertEquals(spiffeUris.get(0), "spiffe://athenz/domain1/service1");
}
Also used : Path(java.nio.file.Path) PrivateKey(java.security.PrivateKey) MockJwtsSigningKeyResolver(com.yahoo.athenz.auth.token.jwts.MockJwtsSigningKeyResolver) JwtsSigningKeyResolver(com.yahoo.athenz.auth.token.jwts.JwtsSigningKeyResolver) X509Certificate(java.security.cert.X509Certificate) Test(org.testng.annotations.Test)

Example 4 with JwtsSigningKeyResolver

use of com.yahoo.athenz.auth.token.jwts.JwtsSigningKeyResolver in project athenz by yahoo.

the class AccessTokenTest method testConfirmX509CertMultipleProxyPrincipal.

@Test
public void testConfirmX509CertMultipleProxyPrincipal() throws IOException {
    long now = System.currentTimeMillis() / 1000;
    AccessToken accessToken = createAccessToken(now);
    List<String> proxyPrincipalUris = new ArrayList<>();
    proxyPrincipalUris.add("spiffe://athenz/domain1/service2");
    proxyPrincipalUris.add("spiffe://athenz/domain1/service1");
    accessToken.setConfirmProxyPrincipalSpiffeUris(proxyPrincipalUris);
    // now get the signed token
    PrivateKey privateKey = Crypto.loadPrivateKey(ecPrivateKey);
    String accessJws = accessToken.getSignedToken(privateKey, "eckey1", SignatureAlgorithm.ES256);
    assertNotNull(accessJws);
    // now verify our signed token
    JwtsSigningKeyResolver resolver = new JwtsSigningKeyResolver(null, null);
    resolver.addPublicKey("eckey1", Crypto.loadPublicKey(ecPublicKey));
    Path path = Paths.get("src/test/resources/x509_altnames_singleuri.cert");
    String certStr = new String(Files.readAllBytes(path));
    X509Certificate cert = Crypto.loadX509Certificate(certStr);
    AccessToken checkToken = new AccessToken(accessJws, resolver, cert);
    assertNotNull(checkToken);
}
Also used : Path(java.nio.file.Path) PrivateKey(java.security.PrivateKey) MockJwtsSigningKeyResolver(com.yahoo.athenz.auth.token.jwts.MockJwtsSigningKeyResolver) JwtsSigningKeyResolver(com.yahoo.athenz.auth.token.jwts.JwtsSigningKeyResolver) X509Certificate(java.security.cert.X509Certificate) Test(org.testng.annotations.Test)

Example 5 with JwtsSigningKeyResolver

use of com.yahoo.athenz.auth.token.jwts.JwtsSigningKeyResolver in project athenz by yahoo.

the class AccessTokenTest method testAccessTokenSignedToken.

@Test
public void testAccessTokenSignedToken() {
    long now = System.currentTimeMillis() / 1000;
    AccessToken accessToken = createAccessToken(now);
    // now get the signed token
    PrivateKey privateKey = Crypto.loadPrivateKey(ecPrivateKey);
    String accessJws = accessToken.getSignedToken(privateKey, "eckey1", SignatureAlgorithm.ES256);
    assertNotNull(accessJws);
    // now verify our signed token
    JwtsSigningKeyResolver resolver = new JwtsSigningKeyResolver(null, null);
    resolver.addPublicKey("eckey1", Crypto.loadPublicKey(ecPublicKey));
    AccessToken checkToken = new AccessToken(accessJws, resolver);
    validateAccessToken(checkToken, now);
}
Also used : PrivateKey(java.security.PrivateKey) MockJwtsSigningKeyResolver(com.yahoo.athenz.auth.token.jwts.MockJwtsSigningKeyResolver) JwtsSigningKeyResolver(com.yahoo.athenz.auth.token.jwts.JwtsSigningKeyResolver) Test(org.testng.annotations.Test)

Aggregations

JwtsSigningKeyResolver (com.yahoo.athenz.auth.token.jwts.JwtsSigningKeyResolver)25 Test (org.testng.annotations.Test)18 PrivateKey (java.security.PrivateKey)17 MockJwtsSigningKeyResolver (com.yahoo.athenz.auth.token.jwts.MockJwtsSigningKeyResolver)14 Path (java.nio.file.Path)10 CryptoException (com.yahoo.athenz.auth.util.CryptoException)9 X509Certificate (java.security.cert.X509Certificate)9 IOException (java.io.IOException)4 PublicKey (java.security.PublicKey)3 CertificateEncodingException (java.security.cert.CertificateEncodingException)3 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)1 Principal (com.yahoo.athenz.auth.Principal)1 SimplePrincipal (com.yahoo.athenz.auth.impl.SimplePrincipal)1 AccessToken (com.yahoo.athenz.auth.token.AccessToken)1 IdToken (com.yahoo.athenz.auth.token.IdToken)1 JwtsHelper (com.yahoo.athenz.auth.token.jwts.JwtsHelper)1 ResourceException (com.yahoo.athenz.instance.provider.ResourceException)1 AccessTokenTestFileHelper.setupInvalidTokenFile (com.yahoo.athenz.zts.AccessTokenTestFileHelper.setupInvalidTokenFile)1 AccessTokenTestFileHelper.setupTokenFile (com.yahoo.athenz.zts.AccessTokenTestFileHelper.setupTokenFile)1 BeforeMethod (org.testng.annotations.BeforeMethod)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial