Examples with HmacJwsSignatureVerifier - org.apache.cxf.rs.security.jose.jws.HmacJwsSignatureVerifier

Example 1 with HmacJwsSignatureVerifier

use of org.apache.cxf.rs.security.jose.jws.HmacJwsSignatureVerifier in project syncope by apache.

the class JWTITCase method getJWTToken.

@Test
public void getJWTToken() throws ParseException {
    // Get the token
    SyncopeClient localClient = clientFactory.create(ADMIN_UNAME, ADMIN_PWD);
    AccessTokenService accessTokenService = localClient.getService(AccessTokenService.class);
    Response response = accessTokenService.login();
    String token = response.getHeaderString(RESTHeaders.TOKEN);
    assertNotNull(token);
    String expiry = response.getHeaderString(RESTHeaders.TOKEN_EXPIRE);
    assertNotNull(expiry);
    // Validate the signature
    JwsJwtCompactConsumer consumer = new JwsJwtCompactConsumer(token);
    JwsSignatureVerifier jwsSignatureVerifier = new HmacJwsSignatureVerifier(JWS_KEY.getBytes(), SignatureAlgorithm.HS512);
    assertTrue(consumer.verifySignatureWith(jwsSignatureVerifier));
    Date now = new Date();
    // Verify the expiry header matches that of the token
    Long expiryTime = consumer.getJwtClaims().getExpiryTime();
    assertNotNull(expiryTime);
    SimpleDateFormat dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ssXXX");
    Date tokenDate = dateFormat.parse(dateFormat.format(new Date(expiryTime * 1000L)));
    Date parsedDate = dateFormat.parse(expiry);
    assertEquals(tokenDate, parsedDate);
    assertTrue(parsedDate.after(now));
    // Verify issuedAt
    Long issuedAt = consumer.getJwtClaims().getIssuedAt();
    assertNotNull(issuedAt);
    assertTrue(new Date(issuedAt).before(now));
    // Validate subject + issuer
    assertEquals(ADMIN_UNAME, consumer.getJwtClaims().getSubject());
    assertEquals(JWT_ISSUER, consumer.getJwtClaims().getIssuer());
    // Verify NotBefore
    Long notBefore = consumer.getJwtClaims().getNotBefore();
    assertNotNull(notBefore);
    assertTrue(new Date(notBefore).before(now));
}

Also used : Response(javax.ws.rs.core.Response) HmacJwsSignatureVerifier(org.apache.cxf.rs.security.jose.jws.HmacJwsSignatureVerifier) JwsSignatureVerifier(org.apache.cxf.rs.security.jose.jws.JwsSignatureVerifier) AccessTokenService(org.apache.syncope.common.rest.api.service.AccessTokenService) HmacJwsSignatureVerifier(org.apache.cxf.rs.security.jose.jws.HmacJwsSignatureVerifier) JwsJwtCompactConsumer(org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer) SimpleDateFormat(java.text.SimpleDateFormat) SyncopeClient(org.apache.syncope.client.lib.SyncopeClient) Date(java.util.Date) Test(org.junit.jupiter.api.Test)

Aggregations

SimpleDateFormat (java.text.SimpleDateFormat)1 Date (java.util.Date)1 Response (javax.ws.rs.core.Response)1 HmacJwsSignatureVerifier (org.apache.cxf.rs.security.jose.jws.HmacJwsSignatureVerifier)1 JwsJwtCompactConsumer (org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer)1 JwsSignatureVerifier (org.apache.cxf.rs.security.jose.jws.JwsSignatureVerifier)1 SyncopeClient (org.apache.syncope.client.lib.SyncopeClient)1 AccessTokenService (org.apache.syncope.common.rest.api.service.AccessTokenService)1 Test (org.junit.jupiter.api.Test)1