Examples with Verification org.jboss.resteasy.security.doseta.Verification used on opensource projects

Search in sources :

Example 21 with Verification

use of org.jboss.resteasy.security.doseta.Verification in project resteasy by resteasy.

the class SigningTest method testManualWithHeader.

@Test
public void testManualWithHeader() throws Exception {
    Verifier verifier = new Verifier();
    Verification verification = verifier.addNew();
    verification.setRepository(repository);
    // ResteasyClientImpl client = new ResteasyClientImpl();
    WebTarget target = client.target(TestPortProvider.generateURL("/signed/header"));
    Invocation.Builder request = target.request();
    request.property(Verifier.class.getName(), verifier);
    Response response = request.get();
    // System.out.println(response.getHeaderString(DKIMSignature.DKIM_SIGNATURE));
    Assert.assertNotNull(response.getHeaderString(DKIMSignature.DKIM_SIGNATURE));
    Assert.assertEquals(200, response.getStatus());
    String output = response.readEntity(String.class);
    Assert.assertEquals("hello world", output);
    response.close();
}
Also used : Response(jakarta.ws.rs.core.Response) Invocation(jakarta.ws.rs.client.Invocation) Verification(org.jboss.resteasy.security.doseta.Verification) WebTarget(jakarta.ws.rs.client.WebTarget) ResteasyWebTarget(org.jboss.resteasy.client.jaxrs.ResteasyWebTarget) Verifier(org.jboss.resteasy.security.doseta.Verifier) Test(org.junit.Test)

Example 22 with Verification

use of org.jboss.resteasy.security.doseta.Verification in project resteasy by resteasy.

the class SigningTest method testRequestOnly.

@Test
public void testRequestOnly() throws Exception {
    // ResteasyClientImpl client = new ResteasyClientImpl();
    WebTarget target = client.target(TestPortProvider.generateURL("/signed/request-only"));
    DKIMSignature contentSignature = new DKIMSignature();
    contentSignature.setDomain("samplezone.org");
    contentSignature.setSelector("test");
    contentSignature.setPrivateKey(keys.getPrivate());
    contentSignature.setBodyHashRequired(false);
    contentSignature.setAttribute("method", "GET");
    contentSignature.setAttribute("uri", "/signed/request-only");
    contentSignature.setAttribute("token", "1122");
    Response response = target.request().header(DKIMSignature.DKIM_SIGNATURE, contentSignature).delete();
    Assert.assertEquals(200, response.getStatus());
    String signatureHeader = (String) response.getHeaderString(DKIMSignature.DKIM_SIGNATURE);
    contentSignature = new DKIMSignature(signatureHeader);
    Verification verification = new Verification(keys.getPublic());
    verification.setBodyHashRequired(false);
    verification.getRequiredAttributes().put("token", "1122");
    verification.verify(contentSignature, response.getStringHeaders(), null, keys.getPublic());
    response.close();
}
Also used : Response(jakarta.ws.rs.core.Response) Verification(org.jboss.resteasy.security.doseta.Verification) WebTarget(jakarta.ws.rs.client.WebTarget) ResteasyWebTarget(org.jboss.resteasy.client.jaxrs.ResteasyWebTarget) DKIMSignature(org.jboss.resteasy.security.doseta.DKIMSignature) Test(org.junit.Test)

Example 23 with Verification

use of org.jboss.resteasy.security.doseta.Verification in project resteasy by resteasy.

the class SigningTest method testTimestamp.

@Test
public void testTimestamp() throws Exception {
    Verifier verifier = new Verifier();
    Verification verification = verifier.addNew();
    verification.setRepository(repository);
    verification.setStaleCheck(true);
    verification.setStaleSeconds(100);
    // ResteasyClientImpl client = new ResteasyClientImpl();
    WebTarget target = client.target(TestPortProvider.generateURL("/signed/stamped"));
    Invocation.Builder request = target.request();
    request.property(Verifier.class.getName(), verifier);
    Response response = request.get();
    // System.out.println(response.getHeaderString(DKIMSignature.DKIM_SIGNATURE));
    Assert.assertEquals(200, response.getStatus());
    try {
        String output = response.readEntity(String.class);
    } catch (Exception e) {
        throw e;
    }
    response.close();
}
Also used : Response(jakarta.ws.rs.core.Response) Invocation(jakarta.ws.rs.client.Invocation) Verification(org.jboss.resteasy.security.doseta.Verification) WebTarget(jakarta.ws.rs.client.WebTarget) ResteasyWebTarget(org.jboss.resteasy.client.jaxrs.ResteasyWebTarget) Verifier(org.jboss.resteasy.security.doseta.Verifier) ProcessingException(jakarta.ws.rs.ProcessingException) SignatureException(java.security.SignatureException) ResponseProcessingException(jakarta.ws.rs.client.ResponseProcessingException) UnauthorizedSignatureException(org.jboss.resteasy.security.doseta.UnauthorizedSignatureException) Test(org.junit.Test)

Example 24 with Verification

use of org.jboss.resteasy.security.doseta.Verification in project resteasy by resteasy.

the class SigningTest method testStaleTimestamp.

/**
 * @tpTestDetails Stale timestamp test
 * @tpSince RESTEasy 3.0.16
 */
@Test
public void testStaleTimestamp() throws Exception {
    Verifier verifier = new Verifier();
    Verification verification = verifier.addNew();
    verification.setRepository(repository);
    verification.setStaleCheck(true);
    verification.setStaleSeconds(1);
    WebTarget target = client.target(generateURL("/signed/stamped"));
    Invocation.Builder request = target.request();
    request.property(Verifier.class.getName(), verifier);
    Response response = request.get();
    logger.info(response.getHeaderString(DKIMSignature.DKIM_SIGNATURE));
    Assert.assertEquals(HttpResponseCodes.SC_OK, response.getStatus());
    Thread.sleep(1500);
    try {
        response.readEntity(String.class);
        Assert.fail("Validation error excepted.");
    } catch (ProcessingException pe) {
        UnauthorizedSignatureException e = (UnauthorizedSignatureException) pe.getCause();
        MatcherAssert.assertThat("Unexcepted error", e.getMessage(), containsString("Failed to verify signatures:\r\n"));
        MatcherAssert.assertThat("Unexcepted error", e.getMessage(), containsString("Signature is stale"));
    }
    response.close();
}
Also used : Response(jakarta.ws.rs.core.Response) UnauthorizedSignatureException(org.jboss.resteasy.security.doseta.UnauthorizedSignatureException) Invocation(jakarta.ws.rs.client.Invocation) Verification(org.jboss.resteasy.security.doseta.Verification) ResteasyWebTarget(org.jboss.resteasy.client.jaxrs.ResteasyWebTarget) WebTarget(jakarta.ws.rs.client.WebTarget) Verifier(org.jboss.resteasy.security.doseta.Verifier) ResponseProcessingException(jakarta.ws.rs.client.ResponseProcessingException) ProcessingException(jakarta.ws.rs.ProcessingException) Test(org.junit.Test)

Example 25 with Verification

use of org.jboss.resteasy.security.doseta.Verification in project resteasy by resteasy.

the class SigningTest method testExpiresYears.

/**
 * @tpTestDetails Year expiration test (expires attribute in Signed annotation in REST end-point is used).
 * @tpSince RESTEasy 3.0.16
 */
@Test
public void testExpiresYears() throws Exception {
    Verifier verifier = new Verifier();
    Verification verification = verifier.addNew();
    verification.setRepository(repository);
    WebTarget target = client.target(generateURL("/signed/expires-year"));
    Invocation.Builder request = target.request();
    request.property(Verifier.class.getName(), verifier);
    Response response = request.get();
    logger.info(response.getHeaderString(DKIMSignature.DKIM_SIGNATURE));
    Assert.assertEquals(HttpResponseCodes.SC_OK, response.getStatus());
    response.readEntity(String.class);
    response.close();
}
Also used : Response(jakarta.ws.rs.core.Response) Invocation(jakarta.ws.rs.client.Invocation) Verification(org.jboss.resteasy.security.doseta.Verification) ResteasyWebTarget(org.jboss.resteasy.client.jaxrs.ResteasyWebTarget) WebTarget(jakarta.ws.rs.client.WebTarget) Verifier(org.jboss.resteasy.security.doseta.Verifier) Test(org.junit.Test)

Aggregations

Verification (org.jboss.resteasy.security.doseta.Verification)27 Test (org.junit.Test)26 WebTarget (jakarta.ws.rs.client.WebTarget)24 Response (jakarta.ws.rs.core.Response)24 ResteasyWebTarget (org.jboss.resteasy.client.jaxrs.ResteasyWebTarget)24 Invocation (jakarta.ws.rs.client.Invocation)22 Verifier (org.jboss.resteasy.security.doseta.Verifier)22 ProcessingException (jakarta.ws.rs.ProcessingException)8 ResponseProcessingException (jakarta.ws.rs.client.ResponseProcessingException)8 SignatureException (java.security.SignatureException)8 UnauthorizedSignatureException (org.jboss.resteasy.security.doseta.UnauthorizedSignatureException)8 DKIMSignature (org.jboss.resteasy.security.doseta.DKIMSignature)5 CoreMatchers.containsString (org.hamcrest.CoreMatchers.containsString)3 KeyPair (java.security.KeyPair)2 KeyPairGenerator (java.security.KeyPairGenerator)2 HashMap (java.util.HashMap)2 MultivaluedMapImpl (org.jboss.resteasy.specimpl.MultivaluedMapImpl)2 DELETE (jakarta.ws.rs.DELETE)1 Path (jakarta.ws.rs.Path)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial