use of io.apiman.test.policies.Configuration in project apiman-plugins by apiman.
the class JWTPolicyTest method signedValidTokenStripAuth.
@Test
@Configuration("{\n" + " \"requireJWT\": true,\n" + " \"requireSigned\": true,\n" + " \"requireTransportSecurity\": true,\n" + " \"stripTokens\": true,\n" + " \"signingKeyString\": \"" + PUBLIC_KEY_PEM + "\",\n" + " \"allowedClockSkew\": 0,\n" + " \"requiredClaims\": [{ \"claimName\": \"sub\", \"claimValue\": \"france frichot\" }]\n" + "}")
public void signedValidTokenStripAuth() throws Throwable {
PolicyTestRequest request = PolicyTestRequest.build(PolicyTestRequestType.GET, "/amirante").header(AUTHORIZATION, "Bearer " + signedToken(PRIVATE_KEY_PEM));
PolicyTestResponse response = send(request);
EchoResponse echo = response.entity(EchoResponse.class);
Assert.assertNotNull(echo);
Assert.assertNull(echo.getHeaders().get(AUTHORIZATION));
}
use of io.apiman.test.policies.Configuration in project apiman-plugins by apiman.
the class JWTPolicyTest method shouldFailWithNoTls.
@Test
@Configuration("{\n" + " \"requireJWT\": true,\n" + " \"requireSigned\": false,\n" + " \"requireTransportSecurity\": true,\n" + " \"stripTokens\": true,\n" + " \"signingKeyString\": \"" + PUBLIC_KEY_PEM + "\",\n" + " \"allowedClockSkew\": 0,\n" + " \"requiredClaims\": [{ \"claimName\": \"sub\", \"claimValue\": \"will_not_match\" }]\n" + "}")
public void shouldFailWithNoTls() throws Throwable {
PolicyFailure failure = null;
PolicyTestRequest request = PolicyTestRequest.build(PolicyTestRequestType.GET, "/amirante").header("Authorization", "Bearer " + Jwts.builder().claim("x", "x").compact());
try {
send(request);
} catch (PolicyFailureError pfe) {
failure = pfe.getFailure();
}
Assert.assertNotNull(failure);
Assert.assertEquals(401, failure.getResponseCode());
Assert.assertEquals(12009, failure.getFailureCode());
Assert.assertEquals(PolicyFailureType.Authentication, failure.getType());
}
use of io.apiman.test.policies.Configuration in project apiman-plugins by apiman.
the class JWTPolicyTest method shouldFailWithUnexpectedClaimValue.
@Test
@Configuration("{\n" + " \"requireJWT\": true,\n" + " \"requireSigned\": false,\n" + " \"requireTransportSecurity\": true,\n" + " \"stripTokens\": true,\n" + " \"signingKeyString\": \"" + PUBLIC_KEY_PEM + "\",\n" + " \"allowedClockSkew\": 0,\n" + " \"requiredClaims\": [{ \"claimName\": \"sub\", \"claimValue\": \"will_not_match\" }]\n" + "}")
public void shouldFailWithUnexpectedClaimValue() throws Throwable {
PolicyFailure failure = null;
PolicyTestRequest request = PolicyTestRequest.build(PolicyTestRequestType.GET, "/amirante").header("Authorization", "Bearer " + unsignedToken());
try {
send(request);
} catch (PolicyFailureError pfe) {
failure = pfe.getFailure();
}
Assert.assertNotNull(failure);
Assert.assertEquals(401, failure.getResponseCode());
Assert.assertEquals(12009, failure.getFailureCode());
Assert.assertEquals(PolicyFailureType.Authentication, failure.getType());
}
use of io.apiman.test.policies.Configuration in project apiman-plugins by apiman.
the class JWTPolicyTest method unsignedValidTokenHeader.
@Test
@Configuration("{\n" + " \"requireJWT\": true,\n" + " \"requireSigned\": false,\n" + " \"requireTransportSecurity\": true,\n" + " \"stripTokens\": true,\n" + " \"signingKeyString\": \"" + PUBLIC_KEY_PEM + "\",\n" + " \"allowedClockSkew\": 0,\n" + " \"requiredClaims\": [{ \"claimName\": \"sub\", \"claimValue\": \"france frichot\" }]\n" + "}")
public void unsignedValidTokenHeader() throws Throwable {
PolicyTestRequest request = PolicyTestRequest.build(PolicyTestRequestType.GET, "/amirante").header(AUTHORIZATION, "Bearer " + unsignedToken());
PolicyTestResponse response = send(request);
EchoResponse echo = response.entity(EchoResponse.class);
Assert.assertNotNull(echo);
}
use of io.apiman.test.policies.Configuration in project apiman-plugins by apiman.
the class JWTPolicyTest method shouldForwardAccessTokenAsHeader.
@Test
@Configuration("{\n" + " \"requireJWT\": true,\n" + " \"requireSigned\": false,\n" + " \"requireTransportSecurity\": true,\n" + " \"stripTokens\": true,\n" + " \"signingKeyString\": \"" + PUBLIC_KEY_PEM + "\",\n" + " \"allowedClockSkew\": 0,\n" + " \"requiredClaims\": [{ \"claimName\": \"sub\", \"claimValue\": \"france frichot\" }],\n" + " \"forwardAuthInfo\": [{ \"header\": \"X-Foo\", \"field\": \"access_token\" }]\n" + "}")
public void shouldForwardAccessTokenAsHeader() throws Throwable {
String token = unsignedToken();
PolicyTestRequest request = PolicyTestRequest.build(PolicyTestRequestType.GET, "/amirante").header(AUTHORIZATION, "Bearer " + token);
PolicyTestResponse response = send(request);
EchoResponse echo = response.entity(EchoResponse.class);
Assert.assertNotNull(echo);
Assert.assertEquals(token, echo.getHeaders().get("X-Foo"));
}
Aggregations