Search in sources :

Example 1 with AsymmetricKeyPair

use of org.mockserver.keys.AsymmetricKeyPair in project mockserver by mock-server.

the class JWTAuthenticationHandlerTest method shouldNotValidateNoAuthorizationHeader.

@Test
public void shouldNotValidateNoAuthorizationHeader() {
    // given
    AsymmetricKeyPair asymmetricKeyPair = AsymmetricKeyGenerator.createAsymmetricKeyPair(AsymmetricKeyPairAlgorithm.RSA2048_SHA256);
    String jwkFile = TempFileWriter.write(new JWKGenerator().generateJWK(asymmetricKeyPair));
    AuthenticationHandler authenticationHandler = new JWTAuthenticationHandler(mockServerLogger, jwkFile);
    HttpRequest request = request();
    // when
    AuthenticationException authenticationException = assertThrows(AuthenticationException.class, () -> authenticationHandler.controlPlaneRequestAuthenticated(request));
    assertThat(authenticationException.getMessage(), equalTo("no authorization header found"));
}
Also used : AsymmetricKeyPair(org.mockserver.keys.AsymmetricKeyPair) HttpRequest(org.mockserver.model.HttpRequest) AuthenticationException(org.mockserver.authentication.AuthenticationException) AuthenticationHandler(org.mockserver.authentication.AuthenticationHandler) Test(org.junit.Test)

Example 2 with AsymmetricKeyPair

use of org.mockserver.keys.AsymmetricKeyPair in project mockserver by mock-server.

the class JWTAuthenticationHandlerTest method shouldNotValidateMissingRequiredClaims.

@Test
public void shouldNotValidateMissingRequiredClaims() {
    // given
    AsymmetricKeyPair asymmetricKeyPair = AsymmetricKeyGenerator.createAsymmetricKeyPair(AsymmetricKeyPairAlgorithm.RSA2048_SHA256);
    String jwkFile = TempFileWriter.write(new JWKGenerator().generateJWK(asymmetricKeyPair));
    String jwt = new JWTGenerator(asymmetricKeyPair).signJWT(ImmutableMap.of("exp", Clock.systemUTC().instant().plus(Duration.ofHours(1)).getEpochSecond(), "iat", Clock.systemUTC().instant().minus(Duration.ofHours(2)).getEpochSecond(), "iss", RandomStringUtils.randomAlphanumeric(20), "nbf", Clock.systemUTC().instant().minus(Duration.ofHours(2)).getEpochSecond(), "scope", "internal public", "sub", "wrong_subject", "aud", "wrong_audience"));
    AuthenticationHandler authenticationHandler = new JWTAuthenticationHandler(mockServerLogger, jwkFile).withRequiredClaims(new HashSet<>(Arrays.asList("jti", "scopes")));
    HttpRequest request = request().withHeader(AUTHORIZATION.toString(), "Bearer " + jwt);
    // when
    AuthenticationException authenticationException = assertThrows(AuthenticationException.class, () -> authenticationHandler.controlPlaneRequestAuthenticated(request));
    assertThat(authenticationException.getMessage(), equalTo("JWT missing required claims: [jti, scopes]"));
}
Also used : AsymmetricKeyPair(org.mockserver.keys.AsymmetricKeyPair) HttpRequest(org.mockserver.model.HttpRequest) AuthenticationException(org.mockserver.authentication.AuthenticationException) AuthenticationHandler(org.mockserver.authentication.AuthenticationHandler) Test(org.junit.Test)

Example 3 with AsymmetricKeyPair

use of org.mockserver.keys.AsymmetricKeyPair in project mockserver by mock-server.

the class JWTAuthenticationHandlerTest method shouldNotValidateIncorrectSchemeForAuthorizationHeader.

@Test
public void shouldNotValidateIncorrectSchemeForAuthorizationHeader() {
    // given
    AsymmetricKeyPair asymmetricKeyPair = AsymmetricKeyGenerator.createAsymmetricKeyPair(AsymmetricKeyPairAlgorithm.RSA2048_SHA256);
    String jwkFile = TempFileWriter.write(new JWKGenerator().generateJWK(asymmetricKeyPair));
    String jwt = new JWTGenerator(asymmetricKeyPair).generateJWT();
    AuthenticationHandler authenticationHandler = new JWTAuthenticationHandler(mockServerLogger, jwkFile);
    HttpRequest request = request().withHeader(AUTHORIZATION.toString(), "JWT " + jwt);
    // when
    AuthenticationException authenticationException = assertThrows(AuthenticationException.class, () -> authenticationHandler.controlPlaneRequestAuthenticated(request));
    assertThat(authenticationException.getMessage(), equalTo("only \"Bearer\" supported for authorization header"));
}
Also used : AsymmetricKeyPair(org.mockserver.keys.AsymmetricKeyPair) HttpRequest(org.mockserver.model.HttpRequest) AuthenticationException(org.mockserver.authentication.AuthenticationException) AuthenticationHandler(org.mockserver.authentication.AuthenticationHandler) Test(org.junit.Test)

Example 4 with AsymmetricKeyPair

use of org.mockserver.keys.AsymmetricKeyPair in project mockserver by mock-server.

the class JWTAuthenticationHandlerTest method shouldValidateWithMatchingClaimsAndRequiredClaimsAndAudience.

@Test
public void shouldValidateWithMatchingClaimsAndRequiredClaimsAndAudience() {
    // given
    AsymmetricKeyPair asymmetricKeyPair = AsymmetricKeyGenerator.createAsymmetricKeyPair(AsymmetricKeyPairAlgorithm.RSA2048_SHA256);
    String jwkFile = TempFileWriter.write(new JWKGenerator().generateJWK(asymmetricKeyPair));
    String jwt = new JWTGenerator(asymmetricKeyPair).signJWT(ImmutableMap.of("exp", Clock.systemUTC().instant().plus(Duration.ofHours(1)).getEpochSecond(), "iat", Clock.systemUTC().instant().minus(Duration.ofHours(2)).getEpochSecond(), "iss", RandomStringUtils.randomAlphanumeric(20), "nbf", Clock.systemUTC().instant().minus(Duration.ofHours(2)).getEpochSecond(), "scope", "internal public", "sub", "some_subject", "aud", "some_audience"));
    AuthenticationHandler authenticationHandler = new JWTAuthenticationHandler(mockServerLogger, jwkFile).withExpectedAudience("some_audience").withRequiredClaims(new HashSet<>(Arrays.asList("nbf", "scope"))).withMatchingClaims(ImmutableMap.of("sub", "some_subject"));
    HttpRequest request = request().withHeader(AUTHORIZATION.toString(), "Bearer " + jwt);
    // when
    assertThat(authenticationHandler.controlPlaneRequestAuthenticated(request), equalTo(true));
}
Also used : AsymmetricKeyPair(org.mockserver.keys.AsymmetricKeyPair) HttpRequest(org.mockserver.model.HttpRequest) AuthenticationHandler(org.mockserver.authentication.AuthenticationHandler) HashSet(java.util.HashSet) Test(org.junit.Test)

Example 5 with AsymmetricKeyPair

use of org.mockserver.keys.AsymmetricKeyPair in project mockserver by mock-server.

the class JWTAuthenticationHandlerTest method shouldValidateJWT.

@Test
public void shouldValidateJWT() {
    // given
    AsymmetricKeyPair asymmetricKeyPair = AsymmetricKeyGenerator.createAsymmetricKeyPair(AsymmetricKeyPairAlgorithm.RSA2048_SHA256);
    String jwkFile = TempFileWriter.write(new JWKGenerator().generateJWK(asymmetricKeyPair));
    String jwt = new JWTGenerator(asymmetricKeyPair).generateJWT();
    AuthenticationHandler authenticationHandler = new JWTAuthenticationHandler(mockServerLogger, jwkFile);
    HttpRequest request = request().withHeader(AUTHORIZATION.toString(), "Bearer " + jwt);
    // when
    assertThat(authenticationHandler.controlPlaneRequestAuthenticated(request), equalTo(true));
}
Also used : AsymmetricKeyPair(org.mockserver.keys.AsymmetricKeyPair) HttpRequest(org.mockserver.model.HttpRequest) AuthenticationHandler(org.mockserver.authentication.AuthenticationHandler) Test(org.junit.Test)

Aggregations

AsymmetricKeyPair (org.mockserver.keys.AsymmetricKeyPair)19 Test (org.junit.Test)16 HttpRequest (org.mockserver.model.HttpRequest)16 AuthenticationHandler (org.mockserver.authentication.AuthenticationHandler)11 AuthenticationException (org.mockserver.authentication.AuthenticationException)8 X509Certificate (java.security.cert.X509Certificate)5 MTLSAuthenticationHandler (org.mockserver.authentication.mtls.MTLSAuthenticationHandler)5 JDKCertificateToMockServerX509Certificate (org.mockserver.mappers.JDKCertificateToMockServerX509Certificate)5 JWTGenerator (org.mockserver.authentication.jwt.JWTGenerator)3 HashSet (java.util.HashSet)2 BeforeClass (org.junit.BeforeClass)2 JWKGenerator (org.mockserver.authentication.jwt.JWKGenerator)2