Search in sources :

Example 1 with Verification

use of org.jboss.resteasy.security.doseta.Verification in project resteasy by resteasy.

the class LocalTest method testBadAttributes.

@Test
public void testBadAttributes() throws Exception {
    DKIMSignature signed = new DKIMSignature();
    signed.setAttribute("path", "/hello/world");
    signed.setTimestamp();
    signed.addHeader("Visa");
    signed.addHeader("Visa");
    MultivaluedMapImpl<String, String> headers = new MultivaluedMapImpl<String, String>();
    headers.add("Visa", "v1");
    headers.add("Visa", "v2");
    headers.add("Visa", "v3");
    signed.sign(headers, null, keys.getPrivate());
    String signedHeader = signed.toString();
    logger.info(signedHeader);
    DKIMSignature verified = new DKIMSignature(signedHeader);
    HashMap<String, String> requiredAttributes = new HashMap<String, String>();
    requiredAttributes.put("path", "/hello/world");
    Verification verification = new Verification();
    verification.getRequiredAttributes().put("path", "/hello");
    try {
        verification.verify(verified, headers, null, keys.getPublic());
        Assert.fail("Verification was successful, but it shoudn't be");
    } catch (SignatureException e) {
    }
}
Also used : HashMap(java.util.HashMap) MultivaluedMapImpl(org.jboss.resteasy.specimpl.MultivaluedMapImpl) Verification(org.jboss.resteasy.security.doseta.Verification) DKIMSignature(org.jboss.resteasy.security.doseta.DKIMSignature) SignatureException(java.security.SignatureException) Test(org.junit.Test)

Example 2 with Verification

use of org.jboss.resteasy.security.doseta.Verification in project resteasy by resteasy.

the class LocalTest method testAttributes.

@Test
public void testAttributes() throws Exception {
    DKIMSignature signed = new DKIMSignature();
    signed.setAttribute("path", "/hello/world");
    signed.setTimestamp();
    signed.addHeader("Visa");
    signed.addHeader("Visa");
    MultivaluedMapImpl<String, String> headers = new MultivaluedMapImpl<String, String>();
    headers.add("Visa", "v1");
    headers.add("Visa", "v2");
    headers.add("Visa", "v3");
    signed.sign(headers, null, keys.getPrivate());
    String signedHeader = signed.toString();
    logger.info(signedHeader);
    DKIMSignature verified = new DKIMSignature(signedHeader);
    HashMap<String, String> requiredAttributes = new HashMap<String, String>();
    requiredAttributes.put("path", "/hello/world");
    Verification verification = new Verification();
    verification.getRequiredAttributes().put("path", "/hello/world");
    MultivaluedMap<String, String> verifiedHeaders = verification.verify(verified, headers, null, keys.getPublic());
    Assert.assertEquals(verifiedHeaders.size(), 1);
    List<String> visas = verifiedHeaders.get("Visa");
    Assert.assertNotNull(ERROR_MSG, visas);
    Assert.assertEquals(ERROR_MSG, visas.size(), 2);
    logger.info(visas);
    Assert.assertEquals(ERROR_MSG, visas.get(0), "v3");
    Assert.assertEquals(ERROR_MSG, visas.get(1), "v2");
}
Also used : HashMap(java.util.HashMap) MultivaluedMapImpl(org.jboss.resteasy.specimpl.MultivaluedMapImpl) Verification(org.jboss.resteasy.security.doseta.Verification) DKIMSignature(org.jboss.resteasy.security.doseta.DKIMSignature) Test(org.junit.Test)

Example 3 with Verification

use of org.jboss.resteasy.security.doseta.Verification in project resteasy by resteasy.

the class SigningTest method testExpiresHour.

@Test
public void testExpiresHour() throws Exception {
    Verifier verifier = new Verifier();
    Verification verification = verifier.addNew();
    verification.setRepository(repository);
    // ResteasyClientImpl client = new ResteasyClientImpl();
    WebTarget target = client.target(TestPortProvider.generateURL("/signed/expires-hour"));
    Invocation.Builder request = target.request();
    request.property(Verifier.class.getName(), verifier);
    Response response = request.get();
    // System.out.println(response.getHeaderString(DKIMSignature.DKIM_SIGNATURE));
    Assert.assertEquals(200, response.getStatus());
    String output = response.readEntity(String.class);
    response.close();
}
Also used : Response(jakarta.ws.rs.core.Response) Invocation(jakarta.ws.rs.client.Invocation) Verification(org.jboss.resteasy.security.doseta.Verification) WebTarget(jakarta.ws.rs.client.WebTarget) ResteasyWebTarget(org.jboss.resteasy.client.jaxrs.ResteasyWebTarget) Verifier(org.jboss.resteasy.security.doseta.Verifier) Test(org.junit.Test)

Example 4 with Verification

use of org.jboss.resteasy.security.doseta.Verification in project resteasy by resteasy.

the class SigningTest method testManual.

@Test
public void testManual() throws Exception {
    Verifier verifier = new Verifier();
    Verification verification = verifier.addNew();
    verification.setRepository(repository);
    // ResteasyClientImpl client = new ResteasyClientImpl();
    WebTarget target = client.target(TestPortProvider.generateURL("/signed/manual"));
    Invocation.Builder request = target.request();
    request.property(Verifier.class.getName(), verifier);
    Response response = request.get();
    // System.out.println(response.getHeaderString(DKIMSignature.DKIM_SIGNATURE));
    Assert.assertNotNull(response.getHeaderString(DKIMSignature.DKIM_SIGNATURE));
    Assert.assertEquals(200, response.getStatus());
    String output = response.readEntity(String.class);
    Assert.assertEquals("hello", output);
    response.close();
}
Also used : Response(jakarta.ws.rs.core.Response) Invocation(jakarta.ws.rs.client.Invocation) Verification(org.jboss.resteasy.security.doseta.Verification) WebTarget(jakarta.ws.rs.client.WebTarget) ResteasyWebTarget(org.jboss.resteasy.client.jaxrs.ResteasyWebTarget) Verifier(org.jboss.resteasy.security.doseta.Verifier) Test(org.junit.Test)

Example 5 with Verification

use of org.jboss.resteasy.security.doseta.Verification in project resteasy by resteasy.

the class SigningTest method testExpiresMinutes.

@Test
public void testExpiresMinutes() throws Exception {
    Verifier verifier = new Verifier();
    Verification verification = verifier.addNew();
    verification.setRepository(repository);
    // ResteasyClientImpl client = new ResteasyClientImpl();
    WebTarget target = client.target(TestPortProvider.generateURL("/signed/expires-minute"));
    Invocation.Builder request = target.request();
    request.property(Verifier.class.getName(), verifier);
    Response response = request.get();
    // System.out.println(response.getHeaderString(DKIMSignature.DKIM_SIGNATURE));
    Assert.assertEquals(200, response.getStatus());
    String output = response.readEntity(String.class);
    response.close();
}
Also used : Response(jakarta.ws.rs.core.Response) Invocation(jakarta.ws.rs.client.Invocation) Verification(org.jboss.resteasy.security.doseta.Verification) WebTarget(jakarta.ws.rs.client.WebTarget) ResteasyWebTarget(org.jboss.resteasy.client.jaxrs.ResteasyWebTarget) Verifier(org.jboss.resteasy.security.doseta.Verifier) Test(org.junit.Test)

Aggregations

Verification (org.jboss.resteasy.security.doseta.Verification)27 Test (org.junit.Test)26 WebTarget (jakarta.ws.rs.client.WebTarget)24 Response (jakarta.ws.rs.core.Response)24 ResteasyWebTarget (org.jboss.resteasy.client.jaxrs.ResteasyWebTarget)24 Invocation (jakarta.ws.rs.client.Invocation)22 Verifier (org.jboss.resteasy.security.doseta.Verifier)22 ProcessingException (jakarta.ws.rs.ProcessingException)8 ResponseProcessingException (jakarta.ws.rs.client.ResponseProcessingException)8 SignatureException (java.security.SignatureException)8 UnauthorizedSignatureException (org.jboss.resteasy.security.doseta.UnauthorizedSignatureException)8 DKIMSignature (org.jboss.resteasy.security.doseta.DKIMSignature)5 CoreMatchers.containsString (org.hamcrest.CoreMatchers.containsString)3 KeyPair (java.security.KeyPair)2 KeyPairGenerator (java.security.KeyPairGenerator)2 HashMap (java.util.HashMap)2 MultivaluedMapImpl (org.jboss.resteasy.specimpl.MultivaluedMapImpl)2 DELETE (jakarta.ws.rs.DELETE)1 Path (jakarta.ws.rs.Path)1