Search in sources :

Example 1 with JWTGenerator

use of org.mockserver.authentication.jwt.JWTGenerator in project mockserver by mock-server.

the class AuthenticatedControlPlaneUsingJWTClientMockingIntegrationTest method startServer.

@BeforeClass
public static void startServer() {
    // save original value
    originalControlPlaneJWTAuthenticationJWKSource = controlPlaneJWTAuthenticationJWKSource();
    originalControlPlaneJWTAuthenticationRequired = controlPlaneJWTAuthenticationRequired();
    // set new certificate authority values
    AsymmetricKeyPair asymmetricKeyPair = AsymmetricKeyGenerator.createAsymmetricKeyPairSynchronously(AsymmetricKeyPair.KeyPairAlgorithm.RS256);
    String jwkFile = TempFileWriter.write(new JWKGenerator().generateJWK(asymmetricKeyPair));
    String jwt = new JWTGenerator(asymmetricKeyPair).generateJWT();
    controlPlaneJWTAuthenticationJWKSource(jwkFile);
    controlPlaneJWTAuthenticationRequired(true);
    authorisationHeader = header(AUTHORIZATION.toString(), "Bearer " + jwt);
    Main.main("-serverPort", "" + severHttpPort);
    mockServerClient = new MockServerClient("localhost", severHttpPort).setRequestOverride(request().withHeader(authorisationHeader)).withSecure(true);
}
Also used : AsymmetricKeyPair(org.mockserver.authentication.jwt.AsymmetricKeyPair) JWTGenerator(org.mockserver.authentication.jwt.JWTGenerator) JWKGenerator(org.mockserver.authentication.jwt.JWKGenerator) MockServerClient(org.mockserver.client.MockServerClient) BeforeClass(org.junit.BeforeClass)

Example 2 with JWTGenerator

use of org.mockserver.authentication.jwt.JWTGenerator in project mockserver by mock-server.

the class AuthenticatedControlPlaneUsingJWTClientNotAuthenticatedIntegrationTest method shouldAuthenticateNonMatchingFirstClaimForExpectationCreationViaJavaClient.

@Test
public void shouldAuthenticateNonMatchingFirstClaimForExpectationCreationViaJavaClient() {
    // given
    String jwt = new JWTGenerator(asymmetricKeyPair).signJWT(ImmutableMap.of("exp", Clock.systemUTC().instant().plus(Duration.ofHours(1)).getEpochSecond(), "iat", Clock.systemUTC().instant().minus(Duration.ofHours(2)).getEpochSecond(), "iss", RandomStringUtils.randomAlphanumeric(20), "nbf", Clock.systemUTC().instant().minus(Duration.ofHours(2)).getEpochSecond(), "scope", "internal public", "name", "John Smith", "admin", "true", "aud", "https://mock-server.com"));
    // when
    AuthenticationException authenticationException = assertThrows(AuthenticationException.class, () -> mockServerClient.withControlPlaneJWT(() -> jwt).when(request()).respond(response().withBody("some_body")));
    // then
    assertThat(authenticationException.getMessage(), equalTo("Unauthorized for control plane - JWT name claim has value John Smith, must be John Doe"));
}
Also used : JWTGenerator(org.mockserver.authentication.jwt.JWTGenerator) AuthenticationException(org.mockserver.authentication.AuthenticationException) Test(org.junit.Test)

Example 3 with JWTGenerator

use of org.mockserver.authentication.jwt.JWTGenerator in project mockserver by mock-server.

the class AuthenticatedControlPlaneUsingJWTClientNotAuthenticatedIntegrationTest method shouldAuthenticateValidJWTForExpectationCreationViaJavaClient.

@Test
public void shouldAuthenticateValidJWTForExpectationCreationViaJavaClient() {
    // given
    String jwt = new JWTGenerator(asymmetricKeyPair).signJWT(ImmutableMap.of("exp", Clock.systemUTC().instant().plus(Duration.ofHours(1)).getEpochSecond(), "iat", Clock.systemUTC().instant().minus(Duration.ofHours(2)).getEpochSecond(), "iss", RandomStringUtils.randomAlphanumeric(20), "nbf", Clock.systemUTC().instant().minus(Duration.ofHours(2)).getEpochSecond(), "scope", "internal public", "name", "John Doe", "admin", "true", "aud", "https://mock-server.com"));
    // when
    mockServerClient.withControlPlaneJWT(() -> jwt).when(request()).respond(response().withBody("some_body"));
// then no exception thrown
}
Also used : JWTGenerator(org.mockserver.authentication.jwt.JWTGenerator) Test(org.junit.Test)

Example 4 with JWTGenerator

use of org.mockserver.authentication.jwt.JWTGenerator in project mockserver by mock-server.

the class AuthenticatedControlPlaneUsingJWTViaOverrideClientMockingIntegrationTest method startServer.

@BeforeClass
public static void startServer() {
    // save original value
    originalControlPlaneJWTAuthenticationJWKSource = controlPlaneJWTAuthenticationJWKSource();
    originalControlPlaneJWTAuthenticationRequired = controlPlaneJWTAuthenticationRequired();
    // set new certificate authority values
    AsymmetricKeyPair asymmetricKeyPair = AsymmetricKeyGenerator.createAsymmetricKeyPair(AsymmetricKeyPairAlgorithm.RSA2048_SHA256);
    String jwkFile = TempFileWriter.write(new JWKGenerator().generateJWK(asymmetricKeyPair));
    String jwt = new JWTGenerator(asymmetricKeyPair).generateJWT();
    controlPlaneJWTAuthenticationJWKSource(jwkFile);
    controlPlaneJWTAuthenticationRequired(true);
    authorisationHeader = header(AUTHORIZATION.toString(), "Bearer " + jwt);
    mockServerClient = ClientAndServer.startClientAndServer().withRequestOverride(request().withHeader(authorisationHeader)).withSecure(true);
}
Also used : AsymmetricKeyPair(org.mockserver.keys.AsymmetricKeyPair) JWTGenerator(org.mockserver.authentication.jwt.JWTGenerator) JWKGenerator(org.mockserver.authentication.jwt.JWKGenerator) BeforeClass(org.junit.BeforeClass)

Example 5 with JWTGenerator

use of org.mockserver.authentication.jwt.JWTGenerator in project mockserver by mock-server.

the class AuthenticatedControlPlaneUsingJWTViaSupplierClientMockingIntegrationTest method startServer.

@BeforeClass
public static void startServer() {
    // save original value
    originalControlPlaneJWTAuthenticationJWKSource = controlPlaneJWTAuthenticationJWKSource();
    originalControlPlaneJWTAuthenticationRequired = controlPlaneJWTAuthenticationRequired();
    // set new certificate authority values
    AsymmetricKeyPair asymmetricKeyPair = AsymmetricKeyGenerator.createAsymmetricKeyPair(AsymmetricKeyPairAlgorithm.RSA2048_SHA256);
    String jwkFile = TempFileWriter.write(new JWKGenerator().generateJWK(asymmetricKeyPair));
    String jwt = new JWTGenerator(asymmetricKeyPair).generateJWT();
    controlPlaneJWTAuthenticationJWKSource(jwkFile);
    controlPlaneJWTAuthenticationRequired(true);
    controlPlaneJWTSupplier = () -> jwt;
    mockServerClient = ClientAndServer.startClientAndServer().withControlPlaneJWT(controlPlaneJWTSupplier).withSecure(true);
}
Also used : AsymmetricKeyPair(org.mockserver.keys.AsymmetricKeyPair) JWTGenerator(org.mockserver.authentication.jwt.JWTGenerator) JWKGenerator(org.mockserver.authentication.jwt.JWKGenerator) BeforeClass(org.junit.BeforeClass)

Aggregations

JWTGenerator (org.mockserver.authentication.jwt.JWTGenerator)10 Test (org.junit.Test)6 AuthenticationException (org.mockserver.authentication.AuthenticationException)5 BeforeClass (org.junit.BeforeClass)3 JWKGenerator (org.mockserver.authentication.jwt.JWKGenerator)3 AsymmetricKeyPair (org.mockserver.keys.AsymmetricKeyPair)3 AsymmetricKeyPair (org.mockserver.authentication.jwt.AsymmetricKeyPair)1 MockServerClient (org.mockserver.client.MockServerClient)1