org.eclipse.microprofile.jwt.Claims Java Examples
The following examples show how to use
org.eclipse.microprofile.jwt.Claims.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: RequiredClaimsEndpoint.java From microprofile-jwt-auth with Apache License 2.0 | 6 votes |
|
@GET
@Path("/verifyUPN")
@Produces(MediaType.APPLICATION_JSON)
public JsonObject verifyUPN(@QueryParam("upn") String upn) {
boolean pass = false;
String msg;
// upn
String upnValue = rawTokenJson.getName();
if (upnValue == null || upnValue.length() == 0) {
msg = Claims.upn.name() + "value is null or empty, FAIL";
}
else if (upnValue.equals(upn)) {
msg = Claims.upn.name() + " PASS";
pass = true;
}
else {
msg = String.format("%s: %s != %s", Claims.upn.name(), upnValue, upn);
}
JsonObject result = Json.createObjectBuilder()
.add("pass", pass)
.add("msg", msg)
.build();
return result;
}
Example #2
| Source File: ClaimValueInjectionTest.java From microprofile-jwt-auth with Apache License 2.0 | 6 votes |
|
@RunAsClient
@Test(groups = TEST_GROUP_CDI,
description = "Verify that the injected raw token claim using @Claim(standard) is as expected")
public void verifyInjectedAuthTimeStandard() throws Exception {
Reporter.log("Begin verifyInjectedAuthTimeStandard\n");
String uri = baseURL.toExternalForm() + "endp/verifyInjectedAuthTimeStandard";
WebTarget echoEndpointTarget = ClientBuilder.newClient()
.target(uri)
.queryParam(Claims.auth_time.name(), authTimeClaim);
Response response = echoEndpointTarget.request(MediaType.APPLICATION_JSON).header(HttpHeaders.AUTHORIZATION, "Bearer " + token).get();
Assert.assertEquals(response.getStatus(), HttpURLConnection.HTTP_OK);
String replyString = response.readEntity(String.class);
JsonReader jsonReader = Json.createReader(new StringReader(replyString));
JsonObject reply = jsonReader.readObject();
Reporter.log(reply.toString());
Assert.assertTrue(reply.getBoolean("pass"), reply.getString("msg"));
}
Example #3
| Source File: RequiredClaimsEndpoint.java From microprofile-jwt-auth with Apache License 2.0 | 6 votes |
|
@GET
@Path("/verifyIssuer")
@Produces(MediaType.APPLICATION_JSON)
public JsonObject verifyIssuer(@QueryParam("iss") String iss) {
boolean pass = false;
String msg;
String issValue = rawTokenJson.getIssuer();
if (issValue == null || issValue.length() == 0) {
msg = Claims.iss.name() + "value is null or empty, FAIL";
}
else if (issValue.equals(iss)) {
msg = Claims.iss.name() + " PASS";
pass = true;
}
else {
msg = String.format("%s: %s != %s", Claims.iss.name(), issValue, iss);
}
JsonObject result = Json.createObjectBuilder()
.add("pass", pass)
.add("msg", msg)
.build();
return result;
}
Example #4
| Source File: PrimitiveInjectionEndpoint.java From microprofile-jwt-auth with Apache License 2.0 | 6 votes |
|
@GET
@Path("/verifyInjectedUPN")
@Produces(MediaType.APPLICATION_JSON)
public JsonObject verifyInjectedUPN(@QueryParam("upn") String upn) {
boolean pass = false;
String msg;
// uPN
String upnValue = this.upn;
if (upnValue == null || upnValue.length() == 0) {
msg = Claims.upn.name() + "value is null or empty, FAIL";
}
else if (upnValue.equals(upn)) {
msg = Claims.upn.name() + " PASS";
pass = true;
}
else {
msg = String.format("%s: %s != %s", Claims.upn.name(), upnValue, upn);
}
JsonObject result = Json.createObjectBuilder()
.add("pass", pass)
.add("msg", msg)
.build();
return result;
}
Example #5
| Source File: PrimitiveInjectionEndpoint.java From quarkus with Apache License 2.0 | 6 votes |
|
@GET
@Path("/verifyInjectedExpiration")
@Produces(MediaType.APPLICATION_JSON)
public JsonObject verifyInjectedExpiration(@QueryParam("exp") Long exp) {
boolean pass = false;
String msg;
// exp
Long expValue = this.expiration;
if (expValue == null || expValue.intValue() == 0) {
msg = Claims.exp.name() + "value is null or empty, FAIL";
} else if (expValue.equals(exp)) {
msg = Claims.exp.name() + " PASS";
pass = true;
} else {
msg = String.format("%s: %s != %s", Claims.exp.name(), expValue, exp);
}
JsonObject result = Json.createObjectBuilder()
.add("pass", pass)
.add("msg", msg)
.build();
return result;
}
Example #6
| Source File: PrimitiveInjectionTest.java From microprofile-jwt-auth with Apache License 2.0 | 6 votes |
|
@RunAsClient
@Test(groups = TEST_GROUP_CDI_PROVIDER,
description = "Verify that the injected customString claim is as expected")
public void verifyInjectedCustomString() throws Exception {
Reporter.log("Begin verifyInjectedCustomString\n");
String uri = baseURL.toExternalForm() + "endp/verifyInjectedCustomString";
WebTarget echoEndpointTarget = ClientBuilder.newClient()
.target(uri)
.queryParam("value", "customStringValue")
.queryParam(Claims.auth_time.name(), authTimeClaim);
Response response = echoEndpointTarget.request(MediaType.APPLICATION_JSON).header(HttpHeaders.AUTHORIZATION, "Bearer " + token).get();
Assert.assertEquals(response.getStatus(), HttpURLConnection.HTTP_OK);
String replyString = response.readEntity(String.class);
JsonReader jsonReader = Json.createReader(new StringReader(replyString));
JsonObject reply = jsonReader.readObject();
Reporter.log(reply.toString());
Assert.assertTrue(reply.getBoolean("pass"), reply.getString("msg"));
}
Example #7
| Source File: PrimitiveInjectionUnitTest.java From quarkus with Apache License 2.0 | 6 votes |
|
/**
* Verify that the injected raw token claim is as expected
*/
@Test()
public void verifyInjectedRawToken() {
io.restassured.response.Response response = RestAssured.given().auth()
.oauth2(token)
.when()
.queryParam(Claims.raw_token.name(), token)
.queryParam(Claims.auth_time.name(), authTimeClaim)
.get("/endp/verifyInjectedRawToken").andReturn();
Assertions.assertEquals(HttpURLConnection.HTTP_OK, response.getStatusCode());
String replyString = response.body().asString();
JsonReader jsonReader = Json.createReader(new StringReader(replyString));
JsonObject reply = jsonReader.readObject();
Assertions.assertTrue(reply.getBoolean("pass"), reply.getString("msg"));
}
Example #8
| Source File: JwtAuthUnitTest.java From quarkus with Apache License 2.0 | 6 votes |
|
/**
* Verify that the injected token issuer claim is as expected
*
*/
@Test()
public void verifyIssuerClaim() {
Response response = RestAssured.given().auth()
.oauth2(token)
.when()
.queryParam(Claims.iss.name(), "https://server.example.com")
.queryParam(Claims.auth_time.name(), authTimeClaim)
.get("/endp/verifyInjectedIssuer").andReturn();
Assertions.assertEquals(HttpURLConnection.HTTP_OK, response.getStatusCode());
String replyString = response.body().asString();
JsonReader jsonReader = Json.createReader(new StringReader(replyString));
JsonObject reply = jsonReader.readObject();
Assertions.assertTrue(reply.getBoolean("pass"), reply.getString("msg"));
}
Example #9
| Source File: PrimitiveInjectionUnitTest.java From quarkus with Apache License 2.0 | 6 votes |
|
/**
* Verify that the token upn claim is as expected
*/
@Test()
public void verifyInjectedUPN() {
io.restassured.response.Response response = RestAssured.given().auth()
.oauth2(token)
.when()
.queryParam(Claims.upn.name(), "[email protected]")
.queryParam(Claims.auth_time.name(), authTimeClaim)
.get("/endp/verifyInjectedUPN").andReturn();
Assertions.assertEquals(HttpURLConnection.HTTP_OK, response.getStatusCode());
String replyString = response.body().asString();
JsonReader jsonReader = Json.createReader(new StringReader(replyString));
JsonObject reply = jsonReader.readObject();
Assertions.assertTrue(reply.getBoolean("pass"), reply.getString("msg"));
}
Example #10
| Source File: PrimitiveInjectionUnitTest.java From quarkus with Apache License 2.0 | 6 votes |
|
/**
* Verify that the token aud claim is as expected
*/
@Test()
public void verifyInjectedAudience() {
io.restassured.response.Response response = RestAssured.given().auth()
.oauth2(token)
.when()
.queryParam(Claims.aud.name(), "s6BhdRkqt3")
.queryParam(Claims.auth_time.name(), authTimeClaim)
.get("/endp/verifyInjectedAudience").andReturn();
Assertions.assertEquals(HttpURLConnection.HTTP_OK, response.getStatusCode());
String replyString = response.body().asString();
JsonReader jsonReader = Json.createReader(new StringReader(replyString));
JsonObject reply = jsonReader.readObject();
Assertions.assertTrue(reply.getBoolean("pass"), reply.getString("msg"));
}
Example #11
| Source File: ProviderInjectionTest.java From microprofile-jwt-auth with Apache License 2.0 | 6 votes |
|
@RunAsClient
@Test(groups = TEST_GROUP_CDI_PROVIDER,
description = "Verify that the injected raw token claim is as expected")
public void verifyInjectedOptionalAuthTime() throws Exception {
Reporter.log("Begin verifyInjectedOptionalAuthTime\n");
String uri = baseURL.toExternalForm() + "endp/verifyInjectedOptionalAuthTime";
WebTarget echoEndpointTarget = ClientBuilder.newClient()
.target(uri)
.queryParam(Claims.auth_time.name(), authTimeClaim);
Response response = echoEndpointTarget.request(MediaType.APPLICATION_JSON).header(HttpHeaders.AUTHORIZATION, "Bearer " + token).get();
Assert.assertEquals(response.getStatus(), HttpURLConnection.HTTP_OK);
String replyString = response.readEntity(String.class);
JsonReader jsonReader = Json.createReader(new StringReader(replyString));
JsonObject reply = jsonReader.readObject();
Reporter.log(reply.toString());
Assert.assertTrue(reply.getBoolean("pass"), reply.getString("msg"));
}
Example #12
| Source File: PrimitiveInjectionEndpoint.java From quarkus with Apache License 2.0 | 6 votes |
|
@GET
@Path("/verifyInjectedAudience")
@Produces(MediaType.APPLICATION_JSON)
public JsonObject verifyInjectedAudience(@QueryParam("aud") String audience) {
boolean pass = false;
String msg;
// aud
Set<String> audValue = aud;
if (audValue == null || audValue.size() == 0) {
msg = Claims.aud.name() + "value is null or empty, FAIL";
} else if (audValue.contains(audience)) {
msg = Claims.aud.name() + " PASS";
pass = true;
} else {
msg = String.format("%s: %s != %s", Claims.aud.name(), audValue, audience);
}
JsonObject result = Json.createObjectBuilder()
.add("pass", pass)
.add("msg", msg)
.build();
return result;
}
Example #13
| Source File: PrimitiveInjectionTest.java From microprofile-jwt-auth with Apache License 2.0 | 6 votes |
|
@RunAsClient
@Test(groups = TEST_GROUP_CDI_PROVIDER,
description = "Verify that the injected token issuer claim is as expected")
public void verifyIssuerClaim() throws Exception {
Reporter.log("Begin verifyIssuerClaim");
String uri = baseURL.toExternalForm() + "endp/verifyInjectedIssuer";
WebTarget echoEndpointTarget = ClientBuilder.newClient()
.target(uri)
.queryParam(Claims.iss.name(), TCKConstants.TEST_ISSUER)
.queryParam(Claims.auth_time.name(), authTimeClaim);
Response response = echoEndpointTarget.request(MediaType.APPLICATION_JSON).header(HttpHeaders.AUTHORIZATION, "Bearer " + token).get();
Assert.assertEquals(response.getStatus(), HttpURLConnection.HTTP_OK);
String replyString = response.readEntity(String.class);
JsonReader jsonReader = Json.createReader(new StringReader(replyString));
JsonObject reply = jsonReader.readObject();
Reporter.log(reply.toString());
Assert.assertTrue(reply.getBoolean("pass"), reply.getString("msg"));
}
Example #14
| Source File: RequiredClaimsUnitTest.java From quarkus with Apache License 2.0 | 6 votes |
|
/**
* Verify that the token jti claim is as expected
*
*/
@Test()
public void verifyJTI() {
io.restassured.response.Response response = RestAssured.given().auth()
.oauth2(token)
.when()
.queryParam(Claims.jti.name(), "a-f2b2180c")
.queryParam(Claims.iss.name(), "https://server.example.com")
.queryParam(Claims.auth_time.name(), authTimeClaim)
.get("/endp/verifyJTI").andReturn();
Assertions.assertEquals(HttpURLConnection.HTTP_OK, response.getStatusCode());
String replyString = response.body().asString();
JsonReader jsonReader = Json.createReader(new StringReader(replyString));
JsonObject reply = jsonReader.readObject();
Assertions.assertTrue(reply.getBoolean("pass"), reply.getString("msg"));
}
Example #15
| Source File: ClaimValueInjectionTest.java From microprofile-jwt-auth with Apache License 2.0 | 6 votes |
|
@RunAsClient
@Test(groups = TEST_GROUP_CDI,
description = "Verify that the injected customInteger claim is as expected")
public void verifyInjectedCustomInteger() throws Exception {
Reporter.log("Begin verifyInjectedCustomInteger\n");
String uri = baseURL.toExternalForm() + "endp/verifyInjectedCustomInteger";
WebTarget echoEndpointTarget = ClientBuilder.newClient()
.target(uri)
.queryParam("value", 123456789)
.queryParam(Claims.auth_time.name(), authTimeClaim);
Response response = echoEndpointTarget.request(MediaType.APPLICATION_JSON).header(HttpHeaders.AUTHORIZATION, "Bearer " + token).get();
Assert.assertEquals(response.getStatus(), HttpURLConnection.HTTP_OK);
String replyString = response.readEntity(String.class);
JsonReader jsonReader = Json.createReader(new StringReader(replyString));
JsonObject reply = jsonReader.readObject();
Reporter.log(reply.toString());
Assert.assertTrue(reply.getBoolean("pass"), reply.getString("msg"));
}
Example #16
| Source File: RequiredClaimsUnitTest.java From quarkus with Apache License 2.0 | 6 votes |
|
/**
* Verify that the token aud claim is as expected
*
*/
@Test()
public void verifyAudience() {
io.restassured.response.Response response = RestAssured.given().auth()
.oauth2(token)
.when()
.queryParam(Claims.aud.name(), "")
.queryParam(Claims.iss.name(), "https://server.example.com")
.queryParam(Claims.auth_time.name(), authTimeClaim)
.get("/endp/verifyAudience").andReturn();
Assertions.assertEquals(HttpURLConnection.HTTP_OK, response.getStatusCode());
String replyString = response.body().asString();
JsonReader jsonReader = Json.createReader(new StringReader(replyString));
JsonObject reply = jsonReader.readObject();
Assertions.assertTrue(reply.getBoolean("pass"), reply.getString("msg"));
}
Example #17
| Source File: JsonValueInjectionTest.java From microprofile-jwt-auth with Apache License 2.0 | 6 votes |
|
@RunAsClient
@Test(groups = TEST_GROUP_CDI_JSON,
description = "Verify that the injected jti claim is as expected")
public void verifyInjectedJTI() throws Exception {
Reporter.log("Begin verifyInjectedJTI\n");
String uri = baseURL.toExternalForm() + "endp/verifyInjectedJTI";
WebTarget echoEndpointTarget = ClientBuilder.newClient()
.target(uri)
.queryParam(Claims.jti.name(), "a-123")
.queryParam(Claims.auth_time.name(), authTimeClaim);
Response response = echoEndpointTarget.request(MediaType.APPLICATION_JSON).header(HttpHeaders.AUTHORIZATION, "Bearer " + token).get();
Assert.assertEquals(response.getStatus(), HttpURLConnection.HTTP_OK);
String replyString = response.readEntity(String.class);
JsonReader jsonReader = Json.createReader(new StringReader(replyString));
JsonObject reply = jsonReader.readObject();
Reporter.log(reply.toString());
Assert.assertTrue(reply.getBoolean("pass"), reply.getString("msg"));
}
Example #18
| Source File: RequiredClaimsTest.java From microprofile-jwt-auth with Apache License 2.0 | 6 votes |
|
@RunAsClient
@Test(groups = TEST_GROUP_JWT,
description = "Verify that the exp claim is as expected")
public void verifyExpiration() throws Exception {
Reporter.log("Begin verifyExpiration\n");
String uri = baseURL.toExternalForm() + "endp/verifyExpiration";
WebTarget echoEndpointTarget = ClientBuilder.newClient()
.target(uri)
.queryParam(Claims.exp.name(), expClaim)
.queryParam(Claims.auth_time.name(), authTimeClaim);
Response response = echoEndpointTarget.request(MediaType.APPLICATION_JSON).header(HttpHeaders.AUTHORIZATION, "Bearer " + token).get();
Assert.assertEquals(response.getStatus(), HttpURLConnection.HTTP_OK);
String replyString = response.readEntity(String.class);
JsonReader jsonReader = Json.createReader(new StringReader(replyString));
JsonObject reply = jsonReader.readObject();
Reporter.log(reply.toString());
Assert.assertTrue(reply.getBoolean("pass"), reply.getString("msg"));
}
Example #19
| Source File: JsonValuejectionEndpoint.java From microprofile-jwt-auth with Apache License 2.0 | 6 votes |
|
@GET
@Path("/verifyInjectedAuthTime")
@Produces(MediaType.APPLICATION_JSON)
@RolesAllowed("Tester")
public JsonObject verifyInjectedAuthTime(@QueryParam("auth_time") Long authTime) {
boolean pass = false;
String msg;
// auth_time
Long authTimeValue = this.authTime.longValue();
if(authTimeValue == null) {
msg = Claims.auth_time.name()+" value is null or missing, FAIL";
}
else if(authTimeValue.equals(authTime)) {
msg = Claims.auth_time.name()+" PASS";
pass = true;
}
else {
msg = String.format("%s: %s != %s", Claims.auth_time.name(), authTimeValue, authTime);
}
JsonObject result = Json.createObjectBuilder()
.add("pass", pass)
.add("msg", msg)
.build();
return result;
}
Example #20
| Source File: RequiredClaimsEndpoint.java From quarkus with Apache License 2.0 | 6 votes |
|
@GET
@Path("/verifyOptionalAudience")
@Produces(MediaType.APPLICATION_JSON)
public JsonObject verifyAudience2(@QueryParam("aud") String audience) {
boolean pass = false;
String msg;
// aud
final Optional<Object> audValue = rawTokenJson.claim("aud");
if (audValue.isPresent()) {
msg = Claims.aud.name() + "value IS present, FAIL";
} else {
msg = Claims.aud.name() + " PASS";
pass = true;
}
JsonObject result = Json.createObjectBuilder()
.add("pass", pass)
.add("msg", msg)
.build();
return result;
}
Example #21
| Source File: ClaimValueInjectionEndpoint.java From microprofile-jwt-auth with Apache License 2.0 | 6 votes |
|
@GET
@Path("/verifyInjectedRawTokenStandard")
@Produces(MediaType.APPLICATION_JSON)
public JsonObject verifyInjectedRawTokenStandard(@QueryParam("raw_token") String rt) {
boolean pass = false;
String msg;
// raw_token
String rawTokenValue = rawTokenStandard.getValue();
if(rawTokenValue == null || rawTokenValue.length() == 0) {
msg = Claims.raw_token.name()+"value is null or empty, FAIL";
}
else if(rawTokenValue.equals(rt)) {
msg = Claims.raw_token.name()+" PASS";
pass = true;
}
else {
msg = String.format("%s: %s != %s", Claims.raw_token.name(), rawTokenValue, rt);
}
JsonObject result = Json.createObjectBuilder()
.add("pass", pass)
.add("msg", msg)
.build();
return result;
}
Example #22
| Source File: RequiredClaimsEndpoint.java From microprofile-jwt-auth with Apache License 2.0 | 6 votes |
|
@GET
@Path("/verifyIssuedAt")
@Produces(MediaType.APPLICATION_JSON)
public JsonObject verifyIssuedAt(@QueryParam("iat") Long iat) {
boolean pass = false;
String msg;
// iat
Long iatValue = rawTokenJson.getIssuedAtTime();
if (iatValue == null || iatValue.intValue() == 0) {
msg = Claims.iat.name() + "value is null or empty, FAIL";
}
else if (iatValue.equals(iat)) {
msg = Claims.iat.name() + " PASS";
pass = true;
}
else {
msg = String.format("%s: %s != %s", Claims.iat.name(), iatValue, iat);
}
JsonObject result = Json.createObjectBuilder()
.add("pass", pass)
.add("msg", msg)
.build();
return result;
}
Example #23
| Source File: PrimitiveInjectionTest.java From microprofile-jwt-auth with Apache License 2.0 | 6 votes |
|
@RunAsClient
@Test(groups = TEST_GROUP_CDI_PROVIDER,
description = "Verify that the injected sub claim is as expected")
public void verifyInjectedSUB() throws Exception {
Reporter.log("Begin verifyInjectedSUB\n");
String uri = baseURL.toExternalForm() + "endp/verifyInjectedSUB";
WebTarget echoEndpointTarget = ClientBuilder.newClient()
.target(uri)
.queryParam(Claims.sub.name(), "24400320")
.queryParam(Claims.auth_time.name(), authTimeClaim);
Response response = echoEndpointTarget.request(MediaType.APPLICATION_JSON).header(HttpHeaders.AUTHORIZATION, "Bearer " + token).get();
Assert.assertEquals(response.getStatus(), HttpURLConnection.HTTP_OK);
String replyString = response.readEntity(String.class);
JsonReader jsonReader = Json.createReader(new StringReader(replyString));
JsonObject reply = jsonReader.readObject();
Reporter.log(reply.toString());
Assert.assertTrue(reply.getBoolean("pass"), reply.getString("msg"));
}
Example #24
| Source File: PrimitiveInjectionTest.java From microprofile-jwt-auth with Apache License 2.0 | 6 votes |
|
@RunAsClient
@Test(groups = TEST_GROUP_CDI_PROVIDER,
description = "Verify that the injected groups claim is as expected")
public void verifyInjectedGroups() throws Exception {
Reporter.log("Begin verifyInjectedGroups\n");
String uri = baseURL.toExternalForm() + "endp/verifyInjectedGroups";
WebTarget echoEndpointTarget = ClientBuilder.newClient()
.target(uri)
.queryParam(Claims.groups.name(), new String[]{
"Echoer", "Tester", "group1", "group2"})
.queryParam(Claims.auth_time.name(), authTimeClaim);
Response response = echoEndpointTarget.request(MediaType.APPLICATION_JSON).header(HttpHeaders.AUTHORIZATION, "Bearer " + token).get();
Assert.assertEquals(response.getStatus(), HttpURLConnection.HTTP_OK);
String replyString = response.readEntity(String.class);
JsonReader jsonReader = Json.createReader(new StringReader(replyString));
JsonObject reply = jsonReader.readObject();
Reporter.log(reply.toString());
Assert.assertTrue(reply.getBoolean("pass"), reply.getString("msg"));
}
Example #25
| Source File: RequiredClaimsEndpoint.java From quarkus with Apache License 2.0 | 6 votes |
|
@GET
@Path("/verifyIssuer")
@Produces(MediaType.APPLICATION_JSON)
public JsonObject verifyIssuer(@QueryParam("iss") String iss) {
boolean pass = false;
String msg;
String issValue = rawTokenJson.getIssuer();
if (issValue == null || issValue.length() == 0) {
msg = Claims.iss.name() + "value is null or empty, FAIL";
} else if (issValue.equals(iss)) {
msg = Claims.iss.name() + " PASS";
pass = true;
} else {
msg = String.format("%s: %s != %s", Claims.iss.name(), issValue, iss);
}
JsonObject result = Json.createObjectBuilder()
.add("pass", pass)
.add("msg", msg)
.build();
return result;
}
Example #26
| Source File: KeycloakJWTCallerPrincipal.java From thorntail with Apache License 2.0 | 6 votes |
|
private static Map<String, Object> getAllClaimsFromToken(AccessToken at) {
Map<String, Object> map = new HashMap<>();
map.put(Claims.jti.name(), at.getId());
map.put(Claims.iat.name(), Long.valueOf(at.getIssuedAt()));
map.put(Claims.exp.name(), Long.valueOf(at.getExpiration()));
map.put(Claims.nbf.name(), Long.valueOf(at.getNotBefore()));
map.put(Claims.auth_time.name(), Long.valueOf(at.getAuthTime()));
map.put(Claims.updated_at.name(), at.getUpdatedAt());
map.put(Claims.iss.name(), at.getIssuer());
map.put(Claims.azp.name(), at.getIssuedFor());
map.put(Claims.acr.name(), at.getAcr());
map.put(Claims.aud.name(), at.getAudience());
map.put(Claims.sub.name(), at.getSubject());
map.put(Claims.groups.name(), at.getRealmAccess().getRoles());
map.put(Claims.preferred_username.name(), at.getPreferredUsername());
map.put(Claims.family_name.name(), at.getFamilyName());
map.put(Claims.nickname.name(), at.getNickName());
map.putAll(at.getOtherClaims());
return map;
}
Example #27
| Source File: ClaimValueInjectionEndpoint.java From microprofile-jwt-auth with Apache License 2.0 | 6 votes |
|
@GET
@Path("/verifyInjectedIssuer")
@Produces(MediaType.APPLICATION_JSON)
public JsonObject verifyInjectedIssuer(@QueryParam("iss") String iss) {
boolean pass = false;
String msg;
String issValue = issuer.getValue();
if(issValue == null || issValue.length() == 0) {
msg = Claims.iss.name()+"value is null or empty, FAIL";
}
else if(issValue.equals(iss)) {
msg = Claims.iss.name()+" PASS";
pass = true;
}
else {
msg = String.format("%s: %s != %s", Claims.iss.name(), issValue, iss);
}
JsonObject result = Json.createObjectBuilder()
.add("pass", pass)
.add("msg", msg)
.build();
return result;
}
Example #28
| Source File: PrimitiveInjectionTest.java From microprofile-jwt-auth with Apache License 2.0 | 6 votes |
|
@RunAsClient
@Test(groups = TEST_GROUP_CDI_PROVIDER,
description = "Verify that the injected jti claim is as expected")
public void verifyInjectedJTI() throws Exception {
Reporter.log("Begin verifyInjectedJTI\n");
String uri = baseURL.toExternalForm() + "endp/verifyInjectedJTI";
WebTarget echoEndpointTarget = ClientBuilder.newClient()
.target(uri)
.queryParam(Claims.jti.name(), "a-123")
.queryParam(Claims.auth_time.name(), authTimeClaim);
Response response = echoEndpointTarget.request(MediaType.APPLICATION_JSON).header(HttpHeaders.AUTHORIZATION, "Bearer " + token).get();
Assert.assertEquals(response.getStatus(), HttpURLConnection.HTTP_OK);
String replyString = response.readEntity(String.class);
JsonReader jsonReader = Json.createReader(new StringReader(replyString));
JsonObject reply = jsonReader.readObject();
Reporter.log(reply.toString());
Assert.assertTrue(reply.getBoolean("pass"), reply.getString("msg"));
}
Example #29
| Source File: JsonValueInjectionTest.java From microprofile-jwt-auth with Apache License 2.0 | 6 votes |
|
@RunAsClient
@Test(groups = TEST_GROUP_CDI_JSON,
description = "Verify that the injected customStringArray claim is as expected")
public void verifyInjectedCustomStringArray() throws Exception {
Reporter.log("Begin verifyInjectedCustomStringArray\n");
String uri = baseURL.toExternalForm() + "endp/verifyInjectedCustomStringArray";
WebTarget echoEndpointTarget = ClientBuilder.newClient()
.target(uri)
.queryParam("value", "value0", "value1", "value2")
.queryParam(Claims.auth_time.name(), authTimeClaim);
Response response = echoEndpointTarget.request(MediaType.APPLICATION_JSON).header(HttpHeaders.AUTHORIZATION, "Bearer " + token).get();
Assert.assertEquals(response.getStatus(), HttpURLConnection.HTTP_OK);
String replyString = response.readEntity(String.class);
JsonReader jsonReader = Json.createReader(new StringReader(replyString));
JsonObject reply = jsonReader.readObject();
Reporter.log(reply.toString());
Assert.assertTrue(reply.getBoolean("pass"), reply.getString("msg"));
}
Example #30
| Source File: PrimitiveInjectionUnitTest.java From quarkus with Apache License 2.0 | 6 votes |
|
/**
* Verify that the token customString claim is as expected
*
*/
@Test()
public void verifyInjectedCustomDouble() {
io.restassured.response.Response response = RestAssured.given().auth()
.oauth2(token)
.when()
.queryParam("value", 3.141592653589793d)
.queryParam(Claims.auth_time.name(), authTimeClaim)
.get("/endp/verifyInjectedCustomDouble").andReturn();
Assertions.assertEquals(HttpURLConnection.HTTP_OK, response.getStatusCode());
String replyString = response.body().asString();
JsonReader jsonReader = Json.createReader(new StringReader(replyString));
JsonObject reply = jsonReader.readObject();
Assertions.assertTrue(reply.getBoolean("pass"), reply.getString("msg"));
}
