Examples with JWTOptions io.vertx.ext.auth.JWTOptions used on opensource projects

Example 6 with JWTOptions

use of io.vertx.ext.auth.JWTOptions in project vertx-web by vert-x3.

the class JWTAuthHandlerTest method testLogin.

@Test
public void testLogin() throws Exception {
    Handler<RoutingContext> handler = rc -> {
        assertNotNull(rc.user());
        assertEquals("paulo", rc.user().attributes().getJsonObject("accessToken").getString("sub"));
        rc.response().end("Welcome to the protected resource!");
    };
    router.route("/protected/*").handler(JWTAuthHandler.create(authProvider));
    router.route("/protected/somepage").handler(handler);
    testRequest(HttpMethod.GET, "/protected/somepage", null, resp -> {
    }, 401, "Unauthorized", null);
    // Now try again with credentials
    testRequest(HttpMethod.GET, "/protected/somepage", req -> req.putHeader("Authorization", "Bearer " + authProvider.generateToken(new JsonObject().put("sub", "paulo"), new JWTOptions())), 200, "OK", "Welcome to the protected resource!");
}

Example 7 with JWTOptions

use of io.vertx.ext.auth.JWTOptions in project vertx-web by vert-x3.

the class JWTAuthHandlerTest method testLoginFail.

@Test
public void testLoginFail() throws Exception {
    Handler<RoutingContext> handler = rc -> {
        fail("should not get here");
        rc.response().end("Welcome to the protected resource!");
    };
    router.route("/protected/*").handler(JWTAuthHandler.create(authProvider));
    router.route("/protected/somepage").handler(handler);
    testRequest(HttpMethod.GET, "/protected/somepage", null, 401, "Unauthorized", null);
    // Now try again with bad token
    final String token = authProvider.generateToken(new JsonObject().put("sub", "paulo"), new JWTOptions());
    testRequest(HttpMethod.GET, "/protected/somepage", req -> req.putHeader("Authorization", "Bearer x" + token), 401, "Unauthorized", null);
    testRequest(HttpMethod.GET, "/protected/somepage", req -> req.putHeader("Authorization", "Basic " + token), 401, "Unauthorized", null);
}

Example 8 with JWTOptions

use of io.vertx.ext.auth.JWTOptions in project vertx-web by vert-x3.

the class ChainAuthMixHandlerTest method test2JWTIssuers.

@Test
public void test2JWTIssuers() throws Exception {
    JsonObject key = new JsonObject().put("kty", "oct").put("use", "sig").put("k", "wuSPxS64NYh4ohDpZWOMNtawhBLHVn8dhKuIxnsLLd-dfKzIb5FL7r-vXTJ3MjtqnBlh_piKjn6qvb8os00MXNEyJWhgbPsnZEfqj6wMsJiH3uDcEgDuBMVbsuMlVbyX3x0Cd6qn0qvF8JZaLxSR6JNEEOGnbkUXqF9ghcI2y8rooN6ivQJ0-SiCqtQSkVrSO4H65lHagUus0XjTErL4GypbcO6PBIZMtHBW4UZHVcl86IhDxj5v0xf3WSuDGxkrbw5rpM_eVUR1eu71XPoTXD4WgDRtq4CoQcIFeSpqJuKZvzDJ47zV3wgnqKZ6G-RkiSKLBUj5_4Ur_YWHw2h-CQ").put("alg", "HS256");
    JWTAuth me = JWTAuth.create(vertx, new JWTAuthOptions().addJwk(key).setJWTOptions(new JWTOptions().setIssuer("me")));
    JWTAuth you = JWTAuth.create(vertx, new JWTAuthOptions().addJwk(key).setJWTOptions(new JWTOptions().setIssuer("you")));
    ChainAuthHandler chain = ChainAuthHandler.any().add(JWTAuthHandler.create(me)).add(JWTAuthHandler.create(you));
    router.route().handler(chain);
    router.route().handler(ctx -> ctx.response().end());
    // Payload with right issuer
    final JsonObject payloadA = new JsonObject().put("sub", "Paulo").put("iss", "me");
    testRequest(HttpMethod.GET, "/", req -> req.putHeader("Authorization", "Bearer " + me.generateToken(payloadA)), 200, "OK", null);
    // Payload with right issuer
    final JsonObject payloadB = new JsonObject().put("sub", "Paulo").put("iss", "you");
    testRequest(HttpMethod.GET, "/", req -> req.putHeader("Authorization", "Bearer " + you.generateToken(payloadB)), 200, "OK", null);
}

Example 9 with JWTOptions

use of io.vertx.ext.auth.JWTOptions in project vertx-web by vert-x3.

the class MultiAuthorizationHandlerTest method testJWTAuthenticationNoAuthorization.

@Test
public void testJWTAuthenticationNoAuthorization() throws Exception {
    // we are testing the following:
    // authentication via jwt
    // no authorization provider is registered
    // no authorization is required on the path
    // => the test should succeed
    router.route("/protected/*").handler(JWTAuthHandler.create(authProvider));
    router.route("/protected/page1").handler(rc -> {
        assertNotNull(rc.user());
        assertEquals("paulo", rc.user().attributes().getJsonObject("accessToken").getString("sub"));
        rc.response().end("Welcome");
    });
    // login with correct credentials
    testRequest(HttpMethod.GET, "/protected/page1", req -> req.putHeader("Authorization", "Bearer " + authProvider.generateToken(new JsonObject().put("sub", "paulo"), new JWTOptions())), 200, "OK", "Welcome");
}

Example 10 with JWTOptions

use of io.vertx.ext.auth.JWTOptions in project vertx-web by vert-x3.

the class MultiAuthorizationHandlerTest method testJWTAuthenticationWithAuthorization2.

@Test
public void testJWTAuthenticationWithAuthorization2() throws Exception {
    // we are testing the following:
    // authentication via jwt
    // one authorization provider is registered
    // an authorization is required on the path
    // => the test should succeed
    router.route("/protected/*").handler(JWTAuthHandler.create(authProvider));
    router.route("/protected/*").handler(AuthorizationHandler.create(RoleBasedAuthorization.create("role1")).addAuthorizationProvider(createProvider("authzProvider1", RoleBasedAuthorization.create("role1"))));
    router.route("/protected/page1").handler(rc -> {
        assertNotNull(rc.user());
        assertEquals("paulo", rc.user().attributes().getJsonObject("accessToken").getString("sub"));
        rc.response().end("Welcome");
    });
    // login with correct credentials
    testRequest(HttpMethod.GET, "/protected/page1", req -> req.putHeader("Authorization", "Bearer " + authProvider.generateToken(new JsonObject().put("sub", "paulo"), new JWTOptions())), 200, "OK", "Welcome");
}