Example 11 with NimbusJwtDecoder
use of org.springframework.security.oauth2.jwt.NimbusJwtDecoder in project spring-security by spring-projects.
the class NimbusJwtDecoderTests method withSecretKeyWhenUsingCustomTypeHeaderThenSuccessfullyDecodes.
// gh-8730
@Test
public void withSecretKeyWhenUsingCustomTypeHeaderThenSuccessfullyDecodes() throws Exception {
SecretKey secretKey = TestKeys.DEFAULT_SECRET_KEY;
// @formatter:off
JWSHeader header = new JWSHeader.Builder(JWSAlgorithm.HS256).type(new JOSEObjectType("JWS")).build();
JWTClaimsSet claimsSet = new JWTClaimsSet.Builder().expirationTime(Date.from(Instant.now().plusSeconds(60))).build();
// @formatter:on
SignedJWT signedJwt = signedJwt(secretKey, header, claimsSet);
// @formatter:off
NimbusJwtDecoder decoder = NimbusJwtDecoder.withSecretKey(secretKey).macAlgorithm(MacAlgorithm.HS256).jwtProcessorCustomizer((p) -> p.setJWSTypeVerifier(new DefaultJOSEObjectTypeVerifier<>(new JOSEObjectType("JWS")))).build();
// @formatter:on
assertThat(decoder.decode(signedJwt.serialize()).hasClaim(JwtClaimNames.EXP)).isNotNull();
}
Also used :
JOSEObjectType(com.nimbusds.jose.JOSEObjectType)
Arrays(java.util.Arrays)
EncodedKeySpec(java.security.spec.EncodedKeySpec)
Date(java.util.Date)
ArgumentMatchers.eq(org.mockito.ArgumentMatchers.eq)
Assertions.assertThat(org.assertj.core.api.Assertions.assertThat)
OAuth2TokenValidator(org.springframework.security.oauth2.core.OAuth2TokenValidator)
Mockito.verifyNoInteractions(org.mockito.Mockito.verifyNoInteractions)
MacAlgorithm(org.springframework.security.oauth2.jose.jws.MacAlgorithm)
RSAPublicKey(java.security.interfaces.RSAPublicKey)
BeforeAll(org.junit.jupiter.api.BeforeAll)
BDDMockito.given(org.mockito.BDDMockito.given)
Mockito.verifyNoMoreInteractions(org.mockito.Mockito.verifyNoMoreInteractions)
Map(java.util.Map)
MockWebServer(okhttp3.mockwebserver.MockWebServer)
ParseException(java.text.ParseException)
RestClientException(org.springframework.web.client.RestClientException)
JWKSource(com.nimbusds.jose.jwk.source.JWKSource)
MediaType(org.springframework.http.MediaType)
RSAPrivateKey(java.security.interfaces.RSAPrivateKey)
JWSAlgorithm(com.nimbusds.jose.JWSAlgorithm)
Instant(java.time.Instant)
X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec)
JWSHeader(com.nimbusds.jose.JWSHeader)
SignedJWT(com.nimbusds.jwt.SignedJWT)
KeyFactory(java.security.KeyFactory)
Test(org.junit.jupiter.api.Test)
Base64(java.util.Base64)
List(java.util.List)
RSASSASigner(com.nimbusds.jose.crypto.RSASSASigner)
JWSVerificationKeySelector(com.nimbusds.jose.proc.JWSVerificationKeySelector)
JWSSigner(com.nimbusds.jose.JWSSigner)
ConcurrentMapCache(org.springframework.cache.concurrent.ConcurrentMapCache)
PrivateKey(java.security.PrivateKey)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
JOSEObjectType(com.nimbusds.jose.JOSEObjectType)
SecretKey(javax.crypto.SecretKey)
OAuth2TokenValidatorResult(org.springframework.security.oauth2.core.OAuth2TokenValidatorResult)
Mockito.mock(org.mockito.Mockito.mock)
ArgumentMatchers.any(org.mockito.ArgumentMatchers.any)
SecurityContext(com.nimbusds.jose.proc.SecurityContext)
JWSKeySelector(com.nimbusds.jose.proc.JWSKeySelector)
Cache(org.springframework.cache.Cache)
InvalidKeySpecException(java.security.spec.InvalidKeySpecException)
JWTClaimsSet(com.nimbusds.jwt.JWTClaimsSet)
Callable(java.util.concurrent.Callable)
JWTProcessor(com.nimbusds.jwt.proc.JWTProcessor)
ArgumentCaptor(org.mockito.ArgumentCaptor)
Assertions.assertThatExceptionOfType(org.assertj.core.api.Assertions.assertThatExceptionOfType)
BadJWTException(com.nimbusds.jwt.proc.BadJWTException)
DefaultJWTProcessor(com.nimbusds.jwt.proc.DefaultJWTProcessor)
MACSigner(com.nimbusds.jose.crypto.MACSigner)
Converter(org.springframework.core.convert.converter.Converter)
RequestEntity(org.springframework.http.RequestEntity)
Assertions.assertThatIllegalStateException(org.assertj.core.api.Assertions.assertThatIllegalStateException)
TestKeys(org.springframework.security.oauth2.jose.TestKeys)
RestOperations(org.springframework.web.client.RestOperations)
Mockito.verify(org.mockito.Mockito.verify)
HttpStatus(org.springframework.http.HttpStatus)
DefaultJOSEObjectTypeVerifier(com.nimbusds.jose.proc.DefaultJOSEObjectTypeVerifier)
SignatureAlgorithm(org.springframework.security.oauth2.jose.jws.SignatureAlgorithm)
BadJOSEException(com.nimbusds.jose.proc.BadJOSEException)
Assertions.assertThatIllegalArgumentException(org.assertj.core.api.Assertions.assertThatIllegalArgumentException)
OAuth2Error(org.springframework.security.oauth2.core.OAuth2Error)
ResponseEntity(org.springframework.http.ResponseEntity)
Collections(java.util.Collections)
SecretKey(javax.crypto.SecretKey)
JWTClaimsSet(com.nimbusds.jwt.JWTClaimsSet)
SignedJWT(com.nimbusds.jwt.SignedJWT)
JWSHeader(com.nimbusds.jose.JWSHeader)
Test(org.junit.jupiter.api.Test)
Aggregations
Test (org.junit.jupiter.api.Test)8
JWTClaimsSet (com.nimbusds.jwt.JWTClaimsSet)5
SignedJWT (com.nimbusds.jwt.SignedJWT)5
MacAlgorithm (org.springframework.security.oauth2.jose.jws.MacAlgorithm)5
SecurityContext (com.nimbusds.jose.proc.SecurityContext)4
DefaultJWTProcessor (com.nimbusds.jwt.proc.DefaultJWTProcessor)4
SecretKey (javax.crypto.SecretKey)4
NimbusJwtDecoder (org.springframework.security.oauth2.jwt.NimbusJwtDecoder)4
JOSEObjectType (com.nimbusds.jose.JOSEObjectType)3
JWSAlgorithm (com.nimbusds.jose.JWSAlgorithm)3
JWSHeader (com.nimbusds.jose.JWSHeader)3
JWSSigner (com.nimbusds.jose.JWSSigner)3
MACSigner (com.nimbusds.jose.crypto.MACSigner)3
RSASSASigner (com.nimbusds.jose.crypto.RSASSASigner)3
JWKSource (com.nimbusds.jose.jwk.source.JWKSource)3
BadJOSEException (com.nimbusds.jose.proc.BadJOSEException)3
DefaultJOSEObjectTypeVerifier (com.nimbusds.jose.proc.DefaultJOSEObjectTypeVerifier)3
JWSKeySelector (com.nimbusds.jose.proc.JWSKeySelector)3
JWSVerificationKeySelector (com.nimbusds.jose.proc.JWSVerificationKeySelector)3
BadJWTException (com.nimbusds.jwt.proc.BadJWTException)3
