use of org.mockserver.keys.AsymmetricKeyPair in project mockserver by mock-server.
the class JWTAuthenticationHandlerTest method shouldNotValidateNoAuthorizationHeader.
@Test
public void shouldNotValidateNoAuthorizationHeader() {
// given
AsymmetricKeyPair asymmetricKeyPair = AsymmetricKeyGenerator.createAsymmetricKeyPair(AsymmetricKeyPairAlgorithm.RSA2048_SHA256);
String jwkFile = TempFileWriter.write(new JWKGenerator().generateJWK(asymmetricKeyPair));
AuthenticationHandler authenticationHandler = new JWTAuthenticationHandler(mockServerLogger, jwkFile);
HttpRequest request = request();
// when
AuthenticationException authenticationException = assertThrows(AuthenticationException.class, () -> authenticationHandler.controlPlaneRequestAuthenticated(request));
assertThat(authenticationException.getMessage(), equalTo("no authorization header found"));
}
use of org.mockserver.keys.AsymmetricKeyPair in project mockserver by mock-server.
the class JWTAuthenticationHandlerTest method shouldNotValidateMissingRequiredClaims.
@Test
public void shouldNotValidateMissingRequiredClaims() {
// given
AsymmetricKeyPair asymmetricKeyPair = AsymmetricKeyGenerator.createAsymmetricKeyPair(AsymmetricKeyPairAlgorithm.RSA2048_SHA256);
String jwkFile = TempFileWriter.write(new JWKGenerator().generateJWK(asymmetricKeyPair));
String jwt = new JWTGenerator(asymmetricKeyPair).signJWT(ImmutableMap.of("exp", Clock.systemUTC().instant().plus(Duration.ofHours(1)).getEpochSecond(), "iat", Clock.systemUTC().instant().minus(Duration.ofHours(2)).getEpochSecond(), "iss", RandomStringUtils.randomAlphanumeric(20), "nbf", Clock.systemUTC().instant().minus(Duration.ofHours(2)).getEpochSecond(), "scope", "internal public", "sub", "wrong_subject", "aud", "wrong_audience"));
AuthenticationHandler authenticationHandler = new JWTAuthenticationHandler(mockServerLogger, jwkFile).withRequiredClaims(new HashSet<>(Arrays.asList("jti", "scopes")));
HttpRequest request = request().withHeader(AUTHORIZATION.toString(), "Bearer " + jwt);
// when
AuthenticationException authenticationException = assertThrows(AuthenticationException.class, () -> authenticationHandler.controlPlaneRequestAuthenticated(request));
assertThat(authenticationException.getMessage(), equalTo("JWT missing required claims: [jti, scopes]"));
}
use of org.mockserver.keys.AsymmetricKeyPair in project mockserver by mock-server.
the class JWTAuthenticationHandlerTest method shouldNotValidateIncorrectSchemeForAuthorizationHeader.
@Test
public void shouldNotValidateIncorrectSchemeForAuthorizationHeader() {
// given
AsymmetricKeyPair asymmetricKeyPair = AsymmetricKeyGenerator.createAsymmetricKeyPair(AsymmetricKeyPairAlgorithm.RSA2048_SHA256);
String jwkFile = TempFileWriter.write(new JWKGenerator().generateJWK(asymmetricKeyPair));
String jwt = new JWTGenerator(asymmetricKeyPair).generateJWT();
AuthenticationHandler authenticationHandler = new JWTAuthenticationHandler(mockServerLogger, jwkFile);
HttpRequest request = request().withHeader(AUTHORIZATION.toString(), "JWT " + jwt);
// when
AuthenticationException authenticationException = assertThrows(AuthenticationException.class, () -> authenticationHandler.controlPlaneRequestAuthenticated(request));
assertThat(authenticationException.getMessage(), equalTo("only \"Bearer\" supported for authorization header"));
}
use of org.mockserver.keys.AsymmetricKeyPair in project mockserver by mock-server.
the class JWTAuthenticationHandlerTest method shouldValidateWithMatchingClaimsAndRequiredClaimsAndAudience.
@Test
public void shouldValidateWithMatchingClaimsAndRequiredClaimsAndAudience() {
// given
AsymmetricKeyPair asymmetricKeyPair = AsymmetricKeyGenerator.createAsymmetricKeyPair(AsymmetricKeyPairAlgorithm.RSA2048_SHA256);
String jwkFile = TempFileWriter.write(new JWKGenerator().generateJWK(asymmetricKeyPair));
String jwt = new JWTGenerator(asymmetricKeyPair).signJWT(ImmutableMap.of("exp", Clock.systemUTC().instant().plus(Duration.ofHours(1)).getEpochSecond(), "iat", Clock.systemUTC().instant().minus(Duration.ofHours(2)).getEpochSecond(), "iss", RandomStringUtils.randomAlphanumeric(20), "nbf", Clock.systemUTC().instant().minus(Duration.ofHours(2)).getEpochSecond(), "scope", "internal public", "sub", "some_subject", "aud", "some_audience"));
AuthenticationHandler authenticationHandler = new JWTAuthenticationHandler(mockServerLogger, jwkFile).withExpectedAudience("some_audience").withRequiredClaims(new HashSet<>(Arrays.asList("nbf", "scope"))).withMatchingClaims(ImmutableMap.of("sub", "some_subject"));
HttpRequest request = request().withHeader(AUTHORIZATION.toString(), "Bearer " + jwt);
// when
assertThat(authenticationHandler.controlPlaneRequestAuthenticated(request), equalTo(true));
}
use of org.mockserver.keys.AsymmetricKeyPair in project mockserver by mock-server.
the class JWTAuthenticationHandlerTest method shouldValidateJWT.
@Test
public void shouldValidateJWT() {
// given
AsymmetricKeyPair asymmetricKeyPair = AsymmetricKeyGenerator.createAsymmetricKeyPair(AsymmetricKeyPairAlgorithm.RSA2048_SHA256);
String jwkFile = TempFileWriter.write(new JWKGenerator().generateJWK(asymmetricKeyPair));
String jwt = new JWTGenerator(asymmetricKeyPair).generateJWT();
AuthenticationHandler authenticationHandler = new JWTAuthenticationHandler(mockServerLogger, jwkFile);
HttpRequest request = request().withHeader(AUTHORIZATION.toString(), "Bearer " + jwt);
// when
assertThat(authenticationHandler.controlPlaneRequestAuthenticated(request), equalTo(true));
}
Aggregations