Examples with BearerToken org.apache.shiro.authc.BearerToken used on opensource projects

Search in sources :

Example 1 with BearerToken

use of org.apache.shiro.authc.BearerToken in project conquery by bakdata.

the class JwtPkceVerifyingRealmTest method falsifyTokenOutdated.

@Test
void falsifyTokenOutdated() {
    // Setup the expected user id
    UserId expected = new UserId("Test");
    Date issueDate = new Date();
    Date expDate = DateUtils.addMinutes(issueDate, -2);
    String token = JWT.create().withIssuer(HTTP_REALM_URL).withSubject(expected.getName()).withClaim("groups", "conquery").withIssuedAt(issueDate).withExpiresAt(expDate).sign(Algorithm.RSA256(PUBLIC_KEY, PRIVATE_KEY));
    BearerToken accessToken = new BearerToken(token);
    assertThatCode(() -> REALM.doGetAuthenticationInfo(accessToken)).hasCauseInstanceOf(VerificationException.class);
}
Also used : UserId(com.bakdata.conquery.models.identifiable.ids.specific.UserId) BearerToken(org.apache.shiro.authc.BearerToken) Date(java.util.Date) Test(org.junit.jupiter.api.Test)

Example 2 with BearerToken

use of org.apache.shiro.authc.BearerToken in project conquery by bakdata.

the class JwtPkceVerifyingRealmTest method verifyTokenInLeeway.

@Test
void verifyTokenInLeeway() {
    // Setup the expected user id
    User expected = new User("Test", "Test", STORAGE);
    Date issueDate = new Date();
    Date expDate = DateUtils.addMinutes(issueDate, -1);
    String token = JWT.create().withIssuer(HTTP_REALM_URL).withAudience(AUDIENCE).withSubject(expected.getName()).withIssuedAt(issueDate).withExpiresAt(expDate).withClaim("groups", "conquery").withIssuedAt(issueDate).withExpiresAt(expDate).sign(Algorithm.RSA256(PUBLIC_KEY, PRIVATE_KEY));
    BearerToken accessToken = new BearerToken(token);
    assertThat(REALM.doGetAuthenticationInfo(accessToken).getPrincipals().getPrimaryPrincipal()).isEqualTo(expected);
}
Also used : User(com.bakdata.conquery.models.auth.entities.User) BearerToken(org.apache.shiro.authc.BearerToken) Date(java.util.Date) Test(org.junit.jupiter.api.Test)

Example 3 with BearerToken

use of org.apache.shiro.authc.BearerToken in project conquery by bakdata.

the class JwtPkceVerifyingRealmTest method verifyTokenAlternativeId.

@Test
void verifyTokenAlternativeId() {
    // Setup the expected user id
    User expected = new User("Test", "Test", STORAGE);
    STORAGE.updateUser(expected);
    Date issueDate = new Date();
    Date expDate = DateUtils.addMinutes(issueDate, 1);
    final String primId = UUID.randomUUID().toString();
    String token = JWT.create().withIssuer(HTTP_REALM_URL).withAudience(AUDIENCE).withSubject(primId).withClaim("groups", "conquery").withIssuedAt(issueDate).withExpiresAt(expDate).withClaim(ALTERNATIVE_ID_CLAIM, expected.getName()).sign(Algorithm.RSA256(PUBLIC_KEY, PRIVATE_KEY));
    BearerToken accessToken = new BearerToken(token);
    assertThat(REALM.doGetAuthenticationInfo(accessToken).getPrincipals().getPrimaryPrincipal()).isEqualTo(expected);
}
Also used : User(com.bakdata.conquery.models.auth.entities.User) BearerToken(org.apache.shiro.authc.BearerToken) Date(java.util.Date) Test(org.junit.jupiter.api.Test)

Example 4 with BearerToken

use of org.apache.shiro.authc.BearerToken in project conquery by bakdata.

the class JwtPkceVerifyingRealmTest method falsifyTokenWrongIssuer.

@Test
void falsifyTokenWrongIssuer() {
    // Setup the expected user id
    UserId expected = new UserId("Test");
    Date issueDate = new Date();
    Date expDate = DateUtils.addMinutes(issueDate, 1);
    String token = JWT.create().withIssuer("wrong_iss").withAudience(AUDIENCE).withSubject(expected.getName()).withIssuedAt(issueDate).withExpiresAt(expDate).withClaim("groups", "conquery").withIssuedAt(issueDate).withExpiresAt(expDate).sign(Algorithm.RSA256(PUBLIC_KEY, PRIVATE_KEY));
    BearerToken accessToken = new BearerToken(token);
    assertThatCode(() -> REALM.doGetAuthenticationInfo(accessToken)).hasCauseInstanceOf(VerificationException.class);
}
Also used : UserId(com.bakdata.conquery.models.identifiable.ids.specific.UserId) BearerToken(org.apache.shiro.authc.BearerToken) Date(java.util.Date) Test(org.junit.jupiter.api.Test)

Example 5 with BearerToken

use of org.apache.shiro.authc.BearerToken in project conquery by bakdata.

the class JwtPkceVerifyingRealmTest method falsifyTokenWrongAudience.

@Test
void falsifyTokenWrongAudience() {
    // Setup the expected user id
    UserId expected = new UserId("Test");
    Date issueDate = new Date();
    Date expDate = DateUtils.addMinutes(issueDate, 1);
    String token = JWT.create().withIssuer(HTTP_REALM_URL).withAudience("wrong_aud").withSubject(expected.getName()).withClaim("groups", "conquery").withIssuedAt(issueDate).withExpiresAt(expDate).sign(Algorithm.RSA256(PUBLIC_KEY, PRIVATE_KEY));
    BearerToken accessToken = new BearerToken(token);
    assertThatCode(() -> REALM.doGetAuthenticationInfo(accessToken)).hasCauseInstanceOf(VerificationException.class);
}
Also used : UserId(com.bakdata.conquery.models.identifiable.ids.specific.UserId) BearerToken(org.apache.shiro.authc.BearerToken) Date(java.util.Date) Test(org.junit.jupiter.api.Test)

Aggregations

BearerToken (org.apache.shiro.authc.BearerToken)8 Test (org.junit.jupiter.api.Test)8 Date (java.util.Date)7 UserId (com.bakdata.conquery.models.identifiable.ids.specific.UserId)4 User (com.bakdata.conquery.models.auth.entities.User)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial