Examples with Token - org.springframework.boot.actuate.autoconfigure.cloudfoundry.Token

Example 1 with Token

use of org.springframework.boot.actuate.autoconfigure.cloudfoundry.Token in project spring-boot by spring-projects.

the class ReactiveTokenValidatorTests method validateTokenWhenCacheIsEmptyShouldFetchTokenKeys.

@Test
void validateTokenWhenCacheIsEmptyShouldFetchTokenKeys() throws Exception {
    PublisherProbe<Map<String, String>> fetchTokenKeys = PublisherProbe.of(Mono.just(VALID_KEYS));
    given(this.securityService.fetchTokenKeys()).willReturn(fetchTokenKeys.mono());
    given(this.securityService.getUaaUrl()).willReturn(Mono.just("http://localhost:8080/uaa"));
    String header = "{\"alg\": \"RS256\",  \"kid\": \"valid-key\",\"typ\": \"JWT\"}";
    String claims = "{\"exp\": 2147483647, \"iss\": \"http://localhost:8080/uaa/oauth/token\", \"scope\": [\"actuator.read\"]}";
    StepVerifier.create(this.tokenValidator.validate(new Token(getSignedToken(header.getBytes(), claims.getBytes())))).verifyComplete();
    assertThat(this.tokenValidator).hasFieldOrPropertyWithValue("cachedTokenKeys", VALID_KEYS);
    fetchTokenKeys.assertWasSubscribed();
}

Also used : Token(org.springframework.boot.actuate.autoconfigure.cloudfoundry.Token) Map(java.util.Map) ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap) Test(org.junit.jupiter.api.Test)

Example 2 with Token

use of org.springframework.boot.actuate.autoconfigure.cloudfoundry.Token in project spring-boot by spring-projects.

the class TokenValidatorTests method validateTokenWhenIssuerIsNotValidShouldThrowException.

@Test
void validateTokenWhenIssuerIsNotValidShouldThrowException() {
    given(this.securityService.fetchTokenKeys()).willReturn(VALID_KEYS);
    given(this.securityService.getUaaUrl()).willReturn("https://other-uaa.com");
    String header = "{ \"alg\": \"RS256\",  \"kid\": \"valid-key\", \"typ\": \"JWT\", \"scope\": [\"actuator.read\"]}";
    String claims = "{ \"exp\": 2147483647, \"iss\": \"http://localhost:8080/uaa/oauth/token\"}";
    assertThatExceptionOfType(CloudFoundryAuthorizationException.class).isThrownBy(() -> this.tokenValidator.validate(new Token(getSignedToken(header.getBytes(), claims.getBytes())))).satisfies(reasonRequirement(Reason.INVALID_ISSUER));
}

Also used : Token(org.springframework.boot.actuate.autoconfigure.cloudfoundry.Token) Test(org.junit.jupiter.api.Test)

Example 3 with Token

use of org.springframework.boot.actuate.autoconfigure.cloudfoundry.Token in project spring-boot by spring-projects.

the class TokenValidatorTests method validateTokenWhenTokenAlgorithmIsNotRS256ShouldThrowException.

@Test
void validateTokenWhenTokenAlgorithmIsNotRS256ShouldThrowException() {
    String header = "{ \"alg\": \"HS256\",  \"typ\": \"JWT\"}";
    String claims = "{ \"exp\": 2147483647, \"iss\": \"http://localhost:8080/uaa/oauth/token\", \"scope\": [\"actuator.read\"]}";
    assertThatExceptionOfType(CloudFoundryAuthorizationException.class).isThrownBy(() -> this.tokenValidator.validate(new Token(getSignedToken(header.getBytes(), claims.getBytes())))).satisfies(reasonRequirement(Reason.UNSUPPORTED_TOKEN_SIGNING_ALGORITHM));
}

Also used : Token(org.springframework.boot.actuate.autoconfigure.cloudfoundry.Token) Test(org.junit.jupiter.api.Test)

Example 4 with Token

use of org.springframework.boot.actuate.autoconfigure.cloudfoundry.Token in project spring-boot by spring-projects.

the class TokenValidatorTests method validateTokenWhenSignatureInvalidShouldThrowException.

@Test
void validateTokenWhenSignatureInvalidShouldThrowException() {
    ReflectionTestUtils.setField(this.tokenValidator, "tokenKeys", Collections.singletonMap("valid-key", INVALID_KEY));
    String header = "{ \"alg\": \"RS256\",  \"kid\": \"valid-key\",\"typ\": \"JWT\"}";
    String claims = "{ \"exp\": 2147483647, \"iss\": \"http://localhost:8080/uaa/oauth/token\", \"scope\": [\"actuator.read\"]}";
    assertThatExceptionOfType(CloudFoundryAuthorizationException.class).isThrownBy(() -> this.tokenValidator.validate(new Token(getSignedToken(header.getBytes(), claims.getBytes())))).satisfies(reasonRequirement(Reason.INVALID_SIGNATURE));
}

Also used : Token(org.springframework.boot.actuate.autoconfigure.cloudfoundry.Token) Test(org.junit.jupiter.api.Test)

Example 5 with Token

use of org.springframework.boot.actuate.autoconfigure.cloudfoundry.Token in project spring-boot by spring-projects.

the class TokenValidatorTests method validateTokenWhenAudienceIsNotValidShouldThrowException.

@Test
void validateTokenWhenAudienceIsNotValidShouldThrowException() {
    given(this.securityService.fetchTokenKeys()).willReturn(VALID_KEYS);
    given(this.securityService.getUaaUrl()).willReturn("http://localhost:8080/uaa");
    String header = "{ \"alg\": \"RS256\",  \"kid\": \"valid-key\", \"typ\": \"JWT\"}";
    String claims = "{ \"exp\": 2147483647, \"iss\": \"http://localhost:8080/uaa/oauth/token\", \"scope\": [\"foo.bar\"]}";
    assertThatExceptionOfType(CloudFoundryAuthorizationException.class).isThrownBy(() -> this.tokenValidator.validate(new Token(getSignedToken(header.getBytes(), claims.getBytes())))).satisfies(reasonRequirement(Reason.INVALID_AUDIENCE));
}

Also used : Token(org.springframework.boot.actuate.autoconfigure.cloudfoundry.Token) Test(org.junit.jupiter.api.Test)

Aggregations

Token (org.springframework.boot.actuate.autoconfigure.cloudfoundry.Token)15 Test (org.junit.jupiter.api.Test)14 Map (java.util.Map)3 ConcurrentHashMap (java.util.concurrent.ConcurrentHashMap)3 SecurityResponse (org.springframework.boot.actuate.autoconfigure.cloudfoundry.SecurityResponse)2 AccessLevel (org.springframework.boot.actuate.autoconfigure.cloudfoundry.AccessLevel)1 CloudFoundryAuthorizationException (org.springframework.boot.actuate.autoconfigure.cloudfoundry.CloudFoundryAuthorizationException)1