Example 6 with SecretEncryptionConfiguration
use of org.pac4j.jwt.config.encryption.SecretEncryptionConfiguration in project pac4j by pac4j.
the class JwtTests method testGenerateAuthenticateClaims.
@Test
public void testGenerateAuthenticateClaims() {
final JwtGenerator<JwtProfile> generator = new JwtGenerator<>(new SecretSignatureConfiguration(MAC_SECRET), new SecretEncryptionConfiguration(MAC_SECRET));
final Map<String, Object> claims = new HashMap<>();
claims.put(JwtClaims.SUBJECT, VALUE);
final Date tomorrow = tomorrow();
claims.put(JwtClaims.EXPIRATION_TIME, tomorrow);
final String token = generator.generate(claims);
final JwtAuthenticator jwtAuthenticator = new JwtAuthenticator(new SecretSignatureConfiguration(MAC_SECRET), new SecretEncryptionConfiguration(MAC_SECRET));
final JwtProfile profile = (JwtProfile) jwtAuthenticator.validateToken(token);
assertEquals(VALUE, profile.getSubject());
assertEquals(tomorrow.getTime() / 1000, profile.getExpirationDate().getTime() / 1000);
final Map<String, Object> claims2 = jwtAuthenticator.validateTokenAndGetClaims(token);
assertEquals(VALUE, claims2.get(JwtClaims.SUBJECT));
assertEquals(tomorrow.getTime() / 1000, ((Date) claims2.get(JwtClaims.EXPIRATION_TIME)).getTime() / 1000);
}
Also used :
JwtGenerator(org.pac4j.jwt.profile.JwtGenerator)
JwtAuthenticator(org.pac4j.jwt.credentials.authenticator.JwtAuthenticator)
SecretEncryptionConfiguration(org.pac4j.jwt.config.encryption.SecretEncryptionConfiguration)
JwtProfile(org.pac4j.jwt.profile.JwtProfile)
SecretSignatureConfiguration(org.pac4j.jwt.config.signature.SecretSignatureConfiguration)
Test(org.junit.Test)
Example 7 with SecretEncryptionConfiguration
use of org.pac4j.jwt.config.encryption.SecretEncryptionConfiguration in project cas by apereo.
the class TokenAuthenticationHandlerTests method verifyKeysAreSane.
@Test
public void verifyKeysAreSane() throws Exception {
val g = new JwtGenerator();
g.setSignatureConfiguration(new SecretSignatureConfiguration(SIGNING_SECRET, JWSAlgorithm.HS256));
g.setEncryptionConfiguration(new SecretEncryptionConfiguration(ENCRYPTION_SECRET, JWEAlgorithm.DIR, EncryptionMethod.A192CBC_HS384));
val profile = new CommonProfile();
profile.setId("casuser");
val token = g.generate(profile);
val c = new TokenCredential(token, RegisteredServiceTestUtils.getService());
val result = this.tokenAuthenticationHandler.authenticate(c);
assertNotNull(result);
assertEquals(result.getPrincipal().getId(), profile.getId());
}
Also used :
lombok.val(lombok.val)
JwtGenerator(org.pac4j.jwt.profile.JwtGenerator)
CommonProfile(org.pac4j.core.profile.CommonProfile)
SecretEncryptionConfiguration(org.pac4j.jwt.config.encryption.SecretEncryptionConfiguration)
SecretSignatureConfiguration(org.pac4j.jwt.config.signature.SecretSignatureConfiguration)
Test(org.junit.jupiter.api.Test)
SpringBootTest(org.springframework.boot.test.context.SpringBootTest)
Example 8 with SecretEncryptionConfiguration
use of org.pac4j.jwt.config.encryption.SecretEncryptionConfiguration in project pac4j by pac4j.
the class JwtTests method testJwtGenerationA256GCM.
@Test
public void testJwtGenerationA256GCM() {
final JwtGenerator<CommonProfile> g = new JwtGenerator<>(new SecretSignatureConfiguration(MAC_SECRET + MAC_SECRET + MAC_SECRET + MAC_SECRET + MAC_SECRET + MAC_SECRET + MAC_SECRET + MAC_SECRET), new SecretEncryptionConfiguration(MAC_SECRET));
((SecretEncryptionConfiguration) g.getEncryptionConfiguration()).setMethod(EncryptionMethod.A256GCM);
final String g1 = g.generate(new CommonProfile());
assertNotNull(g1);
}
Also used :
JwtGenerator(org.pac4j.jwt.profile.JwtGenerator)
CommonProfile(org.pac4j.core.profile.CommonProfile)
SecretEncryptionConfiguration(org.pac4j.jwt.config.encryption.SecretEncryptionConfiguration)
SecretSignatureConfiguration(org.pac4j.jwt.config.signature.SecretSignatureConfiguration)
Test(org.junit.Test)
Example 9 with SecretEncryptionConfiguration
use of org.pac4j.jwt.config.encryption.SecretEncryptionConfiguration in project pac4j by pac4j.
the class JwtTests method testDoubleGenerateAuthenticate.
@Test
public void testDoubleGenerateAuthenticate() {
final JwtGenerator<FacebookProfile> generator = new JwtGenerator<>(new SecretSignatureConfiguration(MAC_SECRET), new SecretEncryptionConfiguration(MAC_SECRET));
final FacebookProfile profile = createProfile();
final String token = generator.generate(profile);
final JwtAuthenticator authenticator = new JwtAuthenticator(new SecretSignatureConfiguration(MAC_SECRET), new SecretEncryptionConfiguration(MAC_SECRET));
final TokenCredentials credentials = new TokenCredentials(token);
authenticator.validate(credentials, null);
final FacebookProfile profile2 = (FacebookProfile) credentials.getUserProfile();
generator.generate(profile2);
}
Also used :
JwtGenerator(org.pac4j.jwt.profile.JwtGenerator)
JwtAuthenticator(org.pac4j.jwt.credentials.authenticator.JwtAuthenticator)
SecretEncryptionConfiguration(org.pac4j.jwt.config.encryption.SecretEncryptionConfiguration)
FacebookProfile(org.pac4j.oauth.profile.facebook.FacebookProfile)
SecretSignatureConfiguration(org.pac4j.jwt.config.signature.SecretSignatureConfiguration)
TokenCredentials(org.pac4j.core.credentials.TokenCredentials)
Test(org.junit.Test)
Example 10 with SecretEncryptionConfiguration
use of org.pac4j.jwt.config.encryption.SecretEncryptionConfiguration in project pac4j by pac4j.
the class JwtTests method testGenerateAuthenticateDifferentEncryptionConfiguration.
@Test
public void testGenerateAuthenticateDifferentEncryptionConfiguration() {
final JwtGenerator<FacebookProfile> generator = new JwtGenerator<>();
generator.setEncryptionConfiguration(new SecretEncryptionConfiguration(KEY2));
final FacebookProfile profile = createProfile();
final String token = generator.generate(profile);
final JwtAuthenticator jwtAuthenticator = new JwtAuthenticator();
jwtAuthenticator.addEncryptionConfiguration(new SecretEncryptionConfiguration(MAC_SECRET));
final Exception e = TestsHelper.expectException(() -> assertToken(profile, token, jwtAuthenticator));
assertTrue(e.getMessage().startsWith("No encryption algorithm found for JWT:"));
}
Also used :
JwtGenerator(org.pac4j.jwt.profile.JwtGenerator)
JwtAuthenticator(org.pac4j.jwt.credentials.authenticator.JwtAuthenticator)
SecretEncryptionConfiguration(org.pac4j.jwt.config.encryption.SecretEncryptionConfiguration)
FacebookProfile(org.pac4j.oauth.profile.facebook.FacebookProfile)
TechnicalException(org.pac4j.core.exception.TechnicalException)
CredentialsException(org.pac4j.core.exception.CredentialsException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
Test(org.junit.Test)
Aggregations
SecretEncryptionConfiguration (org.pac4j.jwt.config.encryption.SecretEncryptionConfiguration)16
Test (org.junit.Test)11
SecretSignatureConfiguration (org.pac4j.jwt.config.signature.SecretSignatureConfiguration)11
JwtGenerator (org.pac4j.jwt.profile.JwtGenerator)11
JwtAuthenticator (org.pac4j.jwt.credentials.authenticator.JwtAuthenticator)7
FacebookProfile (org.pac4j.oauth.profile.facebook.FacebookProfile)6
lombok.val (lombok.val)4
CommonProfile (org.pac4j.core.profile.CommonProfile)4
TokenCredentials (org.pac4j.core.credentials.TokenCredentials)3
EncryptionMethod (com.nimbusds.jose.EncryptionMethod)2
JWEAlgorithm (com.nimbusds.jose.JWEAlgorithm)2
Test (org.junit.jupiter.api.Test)2
EncryptionConfiguration (org.pac4j.jwt.config.encryption.EncryptionConfiguration)2
ECSignatureConfiguration (org.pac4j.jwt.config.signature.ECSignatureConfiguration)2
SignatureConfiguration (org.pac4j.jwt.config.signature.SignatureConfiguration)2
SpringBootTest (org.springframework.boot.test.context.SpringBootTest)2
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1
HashSet (java.util.HashSet)1
CredentialsException (org.pac4j.core.exception.CredentialsException)1
TechnicalException (org.pac4j.core.exception.TechnicalException)1
