Search in sources :

Example 1 with Verifier

use of org.jboss.resteasy.security.doseta.Verifier in project resteasy by resteasy.

the class SigningTest method testExpiresHour.

@Test
public void testExpiresHour() throws Exception {
    Verifier verifier = new Verifier();
    Verification verification = verifier.addNew();
    verification.setRepository(repository);
    // ResteasyClientImpl client = new ResteasyClientImpl();
    WebTarget target = client.target(TestPortProvider.generateURL("/signed/expires-hour"));
    Invocation.Builder request = target.request();
    request.property(Verifier.class.getName(), verifier);
    Response response = request.get();
    // System.out.println(response.getHeaderString(DKIMSignature.DKIM_SIGNATURE));
    Assert.assertEquals(200, response.getStatus());
    String output = response.readEntity(String.class);
    response.close();
}
Also used : Response(jakarta.ws.rs.core.Response) Invocation(jakarta.ws.rs.client.Invocation) Verification(org.jboss.resteasy.security.doseta.Verification) WebTarget(jakarta.ws.rs.client.WebTarget) ResteasyWebTarget(org.jboss.resteasy.client.jaxrs.ResteasyWebTarget) Verifier(org.jboss.resteasy.security.doseta.Verifier) Test(org.junit.Test)

Example 2 with Verifier

use of org.jboss.resteasy.security.doseta.Verifier in project resteasy by resteasy.

the class SigningTest method testManual.

@Test
public void testManual() throws Exception {
    Verifier verifier = new Verifier();
    Verification verification = verifier.addNew();
    verification.setRepository(repository);
    // ResteasyClientImpl client = new ResteasyClientImpl();
    WebTarget target = client.target(TestPortProvider.generateURL("/signed/manual"));
    Invocation.Builder request = target.request();
    request.property(Verifier.class.getName(), verifier);
    Response response = request.get();
    // System.out.println(response.getHeaderString(DKIMSignature.DKIM_SIGNATURE));
    Assert.assertNotNull(response.getHeaderString(DKIMSignature.DKIM_SIGNATURE));
    Assert.assertEquals(200, response.getStatus());
    String output = response.readEntity(String.class);
    Assert.assertEquals("hello", output);
    response.close();
}
Also used : Response(jakarta.ws.rs.core.Response) Invocation(jakarta.ws.rs.client.Invocation) Verification(org.jboss.resteasy.security.doseta.Verification) WebTarget(jakarta.ws.rs.client.WebTarget) ResteasyWebTarget(org.jboss.resteasy.client.jaxrs.ResteasyWebTarget) Verifier(org.jboss.resteasy.security.doseta.Verifier) Test(org.junit.Test)

Example 3 with Verifier

use of org.jboss.resteasy.security.doseta.Verifier in project resteasy by resteasy.

the class SigningTest method testExpiresMinutes.

@Test
public void testExpiresMinutes() throws Exception {
    Verifier verifier = new Verifier();
    Verification verification = verifier.addNew();
    verification.setRepository(repository);
    // ResteasyClientImpl client = new ResteasyClientImpl();
    WebTarget target = client.target(TestPortProvider.generateURL("/signed/expires-minute"));
    Invocation.Builder request = target.request();
    request.property(Verifier.class.getName(), verifier);
    Response response = request.get();
    // System.out.println(response.getHeaderString(DKIMSignature.DKIM_SIGNATURE));
    Assert.assertEquals(200, response.getStatus());
    String output = response.readEntity(String.class);
    response.close();
}
Also used : Response(jakarta.ws.rs.core.Response) Invocation(jakarta.ws.rs.client.Invocation) Verification(org.jboss.resteasy.security.doseta.Verification) WebTarget(jakarta.ws.rs.client.WebTarget) ResteasyWebTarget(org.jboss.resteasy.client.jaxrs.ResteasyWebTarget) Verifier(org.jboss.resteasy.security.doseta.Verifier) Test(org.junit.Test)

Example 4 with Verifier

use of org.jboss.resteasy.security.doseta.Verifier in project resteasy by resteasy.

the class SigningTest method testStaleTimestamp.

@Test
public void testStaleTimestamp() throws Exception {
    Verifier verifier = new Verifier();
    Verification verification = verifier.addNew();
    verification.setRepository(repository);
    verification.setStaleCheck(true);
    verification.setStaleSeconds(1);
    // ResteasyClientImpl client = new ResteasyClientImpl();
    WebTarget target = client.target(TestPortProvider.generateURL("/signed/stamped"));
    Invocation.Builder request = target.request();
    request.property(Verifier.class.getName(), verifier);
    Response response = request.get();
    // System.out.println(response.getHeaderString(DKIMSignature.DKIM_SIGNATURE));
    Assert.assertEquals(200, response.getStatus());
    Thread.sleep(1500);
    try {
        String output = response.readEntity(String.class);
        Assert.fail();
    } catch (ProcessingException pe) {
        UnauthorizedSignatureException e = (UnauthorizedSignatureException) pe.getCause();
        // System.out.println("here");
        // Assert.assertEquals("Failed to verify signatures:\r\n Signature is stale", e.getMessage());
        Assert.assertTrue(e.getMessage().indexOf("Failed to verify signatures:\r\n") >= 0);
        Assert.assertTrue(e.getMessage().indexOf("Signature is stale") >= 0);
    }
    response.close();
}
Also used : Response(jakarta.ws.rs.core.Response) UnauthorizedSignatureException(org.jboss.resteasy.security.doseta.UnauthorizedSignatureException) Invocation(jakarta.ws.rs.client.Invocation) Verification(org.jboss.resteasy.security.doseta.Verification) WebTarget(jakarta.ws.rs.client.WebTarget) ResteasyWebTarget(org.jboss.resteasy.client.jaxrs.ResteasyWebTarget) Verifier(org.jboss.resteasy.security.doseta.Verifier) ProcessingException(jakarta.ws.rs.ProcessingException) ResponseProcessingException(jakarta.ws.rs.client.ResponseProcessingException) Test(org.junit.Test)

Example 5 with Verifier

use of org.jboss.resteasy.security.doseta.Verifier in project resteasy by resteasy.

the class SigningTest method testManualFail.

@Test
public void testManualFail() throws Exception {
    KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
    kpg.initialize(1024);
    KeyPair keyPair = kpg.genKeyPair();
    Verifier verifier = new Verifier();
    Verification verification = verifier.addNew();
    verification.setKey(keyPair.getPublic());
    // ResteasyClientImpl client = new ResteasyClientImpl();
    WebTarget target = client.target(TestPortProvider.generateURL("/signed/manual"));
    Invocation.Builder request = target.request();
    request.property(Verifier.class.getName(), verifier);
    Response response = request.get();
    // System.out.println(response.getHeaderString(DKIMSignature.DKIM_SIGNATURE));
    Assert.assertNotNull(response.getHeaderString(DKIMSignature.DKIM_SIGNATURE));
    Assert.assertEquals(200, response.getStatus());
    try {
        String output = response.readEntity(String.class);
        throw new Exception("unreachable!");
    } catch (ProcessingException pe) {
        UnauthorizedSignatureException e = (UnauthorizedSignatureException) pe.getCause();
        // System.out.println("*************" + e.getMessage());
        // Assert.assertEquals("Failed to verify signatures:\r\n Failed to verify signature.", e.getMessage());
        Assert.assertTrue(e.getMessage().indexOf("Failed to verify signatures:\r\n") >= 0);
        Assert.assertTrue(e.getMessage().indexOf("Failed to verify signature.") >= 0);
    }
    response.close();
}
Also used : Response(jakarta.ws.rs.core.Response) KeyPair(java.security.KeyPair) UnauthorizedSignatureException(org.jboss.resteasy.security.doseta.UnauthorizedSignatureException) Invocation(jakarta.ws.rs.client.Invocation) Verification(org.jboss.resteasy.security.doseta.Verification) KeyPairGenerator(java.security.KeyPairGenerator) WebTarget(jakarta.ws.rs.client.WebTarget) ResteasyWebTarget(org.jboss.resteasy.client.jaxrs.ResteasyWebTarget) Verifier(org.jboss.resteasy.security.doseta.Verifier) ProcessingException(jakarta.ws.rs.ProcessingException) SignatureException(java.security.SignatureException) ResponseProcessingException(jakarta.ws.rs.client.ResponseProcessingException) UnauthorizedSignatureException(org.jboss.resteasy.security.doseta.UnauthorizedSignatureException) ProcessingException(jakarta.ws.rs.ProcessingException) ResponseProcessingException(jakarta.ws.rs.client.ResponseProcessingException) Test(org.junit.Test)

Aggregations

Invocation (jakarta.ws.rs.client.Invocation)22 WebTarget (jakarta.ws.rs.client.WebTarget)22 Response (jakarta.ws.rs.core.Response)22 ResteasyWebTarget (org.jboss.resteasy.client.jaxrs.ResteasyWebTarget)22 Verification (org.jboss.resteasy.security.doseta.Verification)22 Verifier (org.jboss.resteasy.security.doseta.Verifier)22 Test (org.junit.Test)22 ProcessingException (jakarta.ws.rs.ProcessingException)8 ResponseProcessingException (jakarta.ws.rs.client.ResponseProcessingException)8 UnauthorizedSignatureException (org.jboss.resteasy.security.doseta.UnauthorizedSignatureException)8 SignatureException (java.security.SignatureException)6 KeyPair (java.security.KeyPair)2 KeyPairGenerator (java.security.KeyPairGenerator)2 CoreMatchers.containsString (org.hamcrest.CoreMatchers.containsString)2