Java Code Examples for org.eclipse.microprofile.jwt.tck.util.TokenUtils#generateTokenString()
The following examples show how to use
org.eclipse.microprofile.jwt.tck.util.TokenUtils#generateTokenString() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: PublicKeyAsJWKLocationURLTest.java From tomee with Apache License 2.0 | 6 votes |
|
@RunAsClient
@OperateOnDeployment("testApp")
@Test(groups = TEST_GROUP_CONFIG, dependsOnMethods = { "validateLocationUrlContents" },
description = "Validate specifying the mp.jwt.verify.publickey.location as remote URL to a JWKS key")
public void testKeyAsLocationUrl() throws Exception {
Reporter.log("testKeyAsLocationUrl, expect HTTP_OK");
PrivateKey privateKey = TokenUtils.readPrivateKey("/privateKey4k.pem");
String kid = "publicKey4k";
HashMap<String, Long> timeClaims = new HashMap<>();
String token = TokenUtils.generateTokenString(privateKey, kid, "/Token1.json", null, timeClaims);
String uri = baseURL.toExternalForm() + "jwks/endp/verifyKeyLocationAsJWKSUrl";
WebTarget echoEndpointTarget = ClientBuilder.newClient()
.target(uri)
.queryParam("kid", kid)
;
Response response = echoEndpointTarget.request(APPLICATION_JSON).header(HttpHeaders.AUTHORIZATION, "Bearer "+token).get();
Assert.assertEquals(response.getStatus(), HttpURLConnection.HTTP_OK);
String replyString = response.readEntity(String.class);
JsonReader jsonReader = Json.createReader(new StringReader(replyString));
JsonObject reply = jsonReader.readObject();
Reporter.log(reply.toString());
Assert.assertTrue(reply.getBoolean("pass"), reply.getString("msg"));
}
Example 2
| Source File: JsonValueInjectionTest.java From microprofile-jwt-auth with Apache License 2.0 | 6 votes |
|
@RunAsClient
@Test(groups = TEST_GROUP_CDI_JSON,
description = "Verify that the injected customString claim is as expected from Token2")
public void verifyInjectedCustomString2() throws Exception {
Reporter.log("Begin verifyInjectedCustomString2\n");
String token2 = TokenUtils.generateTokenString("/Token2.json");
String uri = baseURL.toExternalForm() + "endp/verifyInjectedCustomString";
WebTarget echoEndpointTarget = ClientBuilder.newClient()
.target(uri)
.queryParam("value", "customStringValue2")
.queryParam(Claims.auth_time.name(), authTimeClaim);
Response response = echoEndpointTarget.request(MediaType.APPLICATION_JSON).header(HttpHeaders.AUTHORIZATION, "Bearer " + token2).get();
Assert.assertEquals(response.getStatus(), HttpURLConnection.HTTP_OK);
String replyString = response.readEntity(String.class);
JsonReader jsonReader = Json.createReader(new StringReader(replyString));
JsonObject reply = jsonReader.readObject();
Reporter.log(reply.toString());
Assert.assertTrue(reply.getBoolean("pass"), reply.getString("msg"));
}
Example 3
| Source File: JsonValueInjectionTest.java From microprofile-jwt-auth with Apache License 2.0 | 6 votes |
|
@RunAsClient
@Test(groups = TEST_GROUP_CDI_JSON,
description = "Verify that the injected customInteger claim is as expected from Token2")
public void verifyInjectedCustomInteger2() throws Exception {
Reporter.log("Begin verifyInjectedCustomInteger2\n");
String token2 = TokenUtils.generateTokenString("/Token2.json");
String uri = baseURL.toExternalForm() + "endp/verifyInjectedCustomInteger";
WebTarget echoEndpointTarget = ClientBuilder.newClient()
.target(uri)
.queryParam("value", 1234567892)
.queryParam(Claims.auth_time.name(), authTimeClaim);
Response response = echoEndpointTarget.request(MediaType.APPLICATION_JSON).header(HttpHeaders.AUTHORIZATION, "Bearer " + token2).get();
Assert.assertEquals(response.getStatus(), HttpURLConnection.HTTP_OK);
String replyString = response.readEntity(String.class);
JsonReader jsonReader = Json.createReader(new StringReader(replyString));
JsonObject reply = jsonReader.readObject();
Reporter.log(reply.toString());
Assert.assertTrue(reply.getBoolean("pass"), reply.getString("msg"));
}
Example 4
| Source File: TokenAsCookieTest.java From microprofile-jwt-auth with Apache License 2.0 | 6 votes |
|
@RunAsClient
@Test(groups = TEST_GROUP_JAXRS,
description = "Validate a request with a valid JWT in a Cookie with default name")
public void validJwt() throws Exception {
String token = TokenUtils.generateTokenString("/Token1.json");
String uri = baseURL.toExternalForm() + "endp/echo";
WebTarget echoEndpointTarget = ClientBuilder.newClient()
.target(uri)
.queryParam("input", "hello");
Response response = echoEndpointTarget
.request(TEXT_PLAIN)
.cookie("Bearer", token)
.get();
Assert.assertEquals(response.getStatus(), HttpURLConnection.HTTP_OK);
String reply = response.readEntity(String.class);
Assert.assertEquals(reply, "hello, [email protected]");
}
Example 5
| Source File: JsonValueInjectionTest.java From microprofile-jwt-auth with Apache License 2.0 | 6 votes |
|
@RunAsClient
@Test(groups = TEST_GROUP_CDI_JSON,
description = "Verify that the injected aud claim is as expected from Token2")
public void verifyInjectedAudience2() throws Exception {
Reporter.log("Begin verifyInjectedAudience2\n");
String token2 = TokenUtils.generateTokenString("/Token2.json");
String uri = baseURL.toExternalForm() + "endp/verifyInjectedAudience";
WebTarget echoEndpointTarget = ClientBuilder.newClient()
.target(uri)
.queryParam(Claims.aud.name(), "s6BhdRkqt3.2")
.queryParam(Claims.auth_time.name(), authTimeClaim);
Response response = echoEndpointTarget.request(MediaType.APPLICATION_JSON).header(HttpHeaders.AUTHORIZATION, "Bearer " + token2).get();
Assert.assertEquals(response.getStatus(), HttpURLConnection.HTTP_OK);
String replyString = response.readEntity(String.class);
JsonReader jsonReader = Json.createReader(new StringReader(replyString));
JsonObject reply = jsonReader.readObject();
Reporter.log(reply.toString());
Assert.assertTrue(reply.getBoolean("pass"), reply.getString("msg"));
}
Example 6
| Source File: CookieTokenTest.java From microprofile-jwt-auth with Apache License 2.0 | 6 votes |
|
@RunAsClient
@Test(groups = TEST_GROUP_JAXRS,
description = "Validate a request with a different Cookie name from the one configured fais with " +
"HTTP_UNAUTHORIZED")
public void wrongCookieName() throws Exception {
String token = TokenUtils.generateTokenString("/Token1.json");
String uri = baseURL.toExternalForm() + "endp/echo";
WebTarget echoEndpointTarget = ClientBuilder.newClient()
.target(uri)
.queryParam("input", "hello");
Response response = echoEndpointTarget
.request(TEXT_PLAIN)
.cookie("Bearer", token)
.get();
Assert.assertEquals(response.getStatus(), HttpURLConnection.HTTP_UNAUTHORIZED);
}
Example 7
| Source File: TestJsonWebToken.java From smallrye-jwt with Apache License 2.0 | 5 votes |
|
@Test(expectedExceptions = { ParseException.class }, description = "Illustrate validation of exp")
public void testNimbusFailExpired() throws Exception {
HashMap<String, Long> timeClaims = new HashMap<>();
HashSet<TokenUtils.InvalidClaims> invalidFields = new HashSet<>();
invalidFields.add(TokenUtils.InvalidClaims.EXP);
String token = TokenUtils.generateTokenString("/Token1.json", invalidFields, timeClaims);
RSAPublicKey publicKey = (RSAPublicKey) TokenUtils.readPublicKey("/publicKey.pem");
JWTAuthContextInfo contextInfo = new JWTAuthContextInfo(publicKey, "https://server.example.com");
contextInfo.setExpGracePeriodSecs(60);
JsonWebToken jwt = validateToken(token, contextInfo);
}
Example 8
| Source File: IssValidationTest.java From microprofile-jwt-auth with Apache License 2.0 | 5 votes |
|
/**
* Create a CDI aware base web application archive that includes an embedded PEM public key
* that is included as the mp.jwt.verify.publickey property.
* The root url is /
* @return the base base web application archive
* @throws Exception - on resource failure
*/
@Deployment()
public static WebArchive createDeployment() throws Exception {
URL publicKey = IssValidationTest.class.getResource("/publicKey4k.pem");
PrivateKey privateKey = TokenUtils.readPrivateKey("/privateKey4k.pem");
String kid = "publicKey4k";
HashMap<String, Long> timeClaims = new HashMap<>();
token = TokenUtils.generateTokenString(privateKey, kid, "/RequiredClaims.json", null, timeClaims);
// Setup the microprofile-config.properties content
Properties configProps = new Properties();
// Location points to the PEM bundled in the deployment
configProps.setProperty(Names.VERIFIER_PUBLIC_KEY_LOCATION, "/publicKey4k.pem");
//configProps.setProperty(Names.REQUIRE_ISS, "true");
configProps.setProperty(Names.ISSUER, TCKConstants.TEST_ISSUER);
StringWriter configSW = new StringWriter();
configProps.store(configSW, "IssValidationTest microprofile-config.properties");
StringAsset configAsset = new StringAsset(configSW.toString());
WebArchive webArchive = ShrinkWrap
.create(WebArchive.class, "IssValidationTest.war")
.addAsManifestResource(new StringAsset(MpJwtTestVersion.MPJWT_V_1_1.name()), MpJwtTestVersion.MANIFEST_NAME)
.addAsResource(publicKey, "/publicKey.pem")
.addAsResource(publicKey, "/publicKey4k.pem")
// Include the token for inspection by ApplicationArchiveProcessor
.add(new StringAsset(token), "MP-JWT")
.addClass(PublicKeyEndpoint.class)
.addClass(TCKApplication.class)
.addClass(SimpleTokenUtils.class)
.addAsWebInfResource("beans.xml", "beans.xml")
.addAsManifestResource(configAsset, "microprofile-config.properties")
;
System.out.printf("WebArchive: %s\n", webArchive.toString(true));
return webArchive;
}
Example 9
| Source File: ProviderInjectionTest.java From microprofile-jwt-auth with Apache License 2.0 | 5 votes |
|
@BeforeClass(alwaysRun=true)
public static void generateToken() throws Exception {
HashMap<String, Long> timeClaims = new HashMap<>();
token = TokenUtils.generateTokenString("/Token1.json", null, timeClaims);
iatClaim = timeClaims.get(Claims.iat.name());
authTimeClaim = timeClaims.get(Claims.auth_time.name());
}
Example 10
| Source File: TestJsonWebToken.java From smallrye-jwt with Apache License 2.0 | 5 votes |
|
@Test
public void testValidation() throws Exception {
String token = TokenUtils.generateTokenString("/Token1.json");
RSAPublicKey publicKey = (RSAPublicKey) TokenUtils.readPublicKey("/publicKey.pem");
JWTAuthContextInfo contextInfo = new JWTAuthContextInfo(publicKey, "https://server.example.com");
contextInfo.setExpGracePeriodSecs(60);
JsonWebToken jwt = validateToken(token, contextInfo);
}
Example 11
| Source File: AudValidationMissingAudTest.java From microprofile-jwt-auth with Apache License 2.0 | 5 votes |
|
/**
* Create a CDI aware base web application archive that includes an embedded PEM public key
* that is included as the mp.jwt.verify.publickey property.
* The root url is /
* @return the base base web application archive
* @throws Exception - on resource failure
*/
@Deployment()
public static WebArchive createDeployment() throws Exception {
URL publicKey = AudValidationMissingAudTest.class.getResource("/publicKey4k.pem");
PrivateKey privateKey = TokenUtils.readPrivateKey("/privateKey4k.pem");
String kid = "publicKey4k";
Map<String, Long> timeClaims = new HashMap<>();
token = TokenUtils.generateTokenString(privateKey, kid, "/Token2.json", null, timeClaims);
// Setup the microprofile-config.properties content
Properties configProps = new Properties();
// Location points to the PEM bundled in the deployment
configProps.setProperty(Names.VERIFIER_PUBLIC_KEY_LOCATION, "/publicKey4k.pem");
configProps.setProperty(Names.ISSUER, TCKConstants.TEST_ISSUER);
configProps.setProperty(Names.AUDIENCES, "aud2"); // no audience claim in json, should fail
StringWriter configSW = new StringWriter();
configProps.store(configSW, "AudValidationMissingAudTest microprofile-config.properties");
StringAsset configAsset = new StringAsset(configSW.toString());
WebArchive webArchive = ShrinkWrap
.create(WebArchive.class, "AudValidationMissingAudTest.war")
.addAsManifestResource(new StringAsset(MpJwtTestVersion.MPJWT_V_1_2.name()), MpJwtTestVersion.MANIFEST_NAME)
.addAsResource(publicKey, "/publicKey.pem")
.addAsResource(publicKey, "/publicKey4k.pem")
// Include the token for inspection by ApplicationArchiveProcessor
.add(new StringAsset(token), "MP-JWT")
.addClass(AudienceValidationEndpoint.class)
.addClass(TCKApplication.class)
.addClass(SimpleTokenUtils.class)
.addAsWebInfResource("beans.xml", "beans.xml")
.addAsManifestResource(configAsset, "microprofile-config.properties");
System.out.printf("WebArchive: %s\n", webArchive.toString(true));
return webArchive;
}
Example 12
| Source File: AbstractVerifierTest.java From microprofile-jwt-auth with Apache License 2.0 | 5 votes |
|
@Test(description = "Illustrate validation of exp that is in grace period")
public void testExpGrace() throws Exception {
HashMap<String, Long> timeClaims = new HashMap<>();
// Set exp to 45 seconds in past
long exp = TokenUtils.currentTimeInSecs() - 45;
timeClaims.put(Claims.exp.name(), exp);
String token = TokenUtils.generateTokenString("/Token1.json", null, timeClaims);
RSAPublicKey publicKey = (RSAPublicKey) TokenUtils.readPublicKey("/publicKey.pem");
int expGracePeriodSecs = 60;
validateToken(token, publicKey, TEST_ISSUER, expGracePeriodSecs);
}
Example 13
| Source File: RequiredClaimsTest.java From microprofile-jwt-auth with Apache License 2.0 | 5 votes |
|
@BeforeClass(alwaysRun = true)
public static void generateToken() throws Exception {
HashMap<String, Long> timeClaims = new HashMap<>();
token = TokenUtils.generateTokenString("/RequiredClaims.json", null, timeClaims);
iatClaim = timeClaims.get(Claims.iat.name());
authTimeClaim = timeClaims.get(Claims.auth_time.name());
expClaim = timeClaims.get(Claims.exp.name());
}
Example 14
| Source File: IssNoValidationBadIssTest.java From microprofile-jwt-auth with Apache License 2.0 | 5 votes |
|
/**
* Create a CDI aware base web application archive that includes an embedded PEM public key
* that is included as the mp.jwt.verify.publickey property.
* The root url is /
* @return the base base web application archive
* @throws Exception - on resource failure
*/
@Deployment()
public static WebArchive createDeployment() throws Exception {
URL publicKey = IssNoValidationBadIssTest.class.getResource("/publicKey4k.pem");
PrivateKey privateKey = TokenUtils.readPrivateKey("/privateKey4k.pem");
String kid = "publicKey4k";
HashMap<String, Long> timeClaims = new HashMap<>();
token = TokenUtils.generateTokenString(privateKey, kid, "/TokenBadIss.json", null, timeClaims);
// Setup the microprofile-config.properties content
Properties configProps = new Properties();
// Location points to the PEM bundled in the deployment
configProps.setProperty(Names.VERIFIER_PUBLIC_KEY_LOCATION, "/publicKey4k.pem");
// Don't require validation of iss claim
//configProps.setProperty(Names.REQUIRE_ISS, "false");
// The issuer config value should be ignored
configProps.setProperty(Names.ISSUER, "https://ignore-me");
StringWriter configSW = new StringWriter();
configProps.store(configSW, "IssNoValidationBadIssTest microprofile-config.properties");
StringAsset configAsset = new StringAsset(configSW.toString());
WebArchive webArchive = ShrinkWrap
.create(WebArchive.class, "IssNoValidationBadIssTest.war")
.addAsManifestResource(new StringAsset(MpJwtTestVersion.MPJWT_V_1_1.name()), MpJwtTestVersion.MANIFEST_NAME)
.addAsResource(publicKey, "/publicKey.pem")
.addAsResource(publicKey, "/publicKey4k.pem")
// Include the token for inspection by ApplicationArchiveProcessor
.add(new StringAsset(token), "MP-JWT")
.addClass(PublicKeyEndpoint.class)
.addClass(TCKApplication.class)
.addClass(SimpleTokenUtils.class)
.addAsWebInfResource("beans.xml", "beans.xml")
.addAsManifestResource(configAsset, "microprofile-config.properties")
;
System.out.printf("WebArchive: %s\n", webArchive.toString(true));
return webArchive;
}
Example 15
| Source File: TestTokenRequireSub.java From smallrye-jwt with Apache License 2.0 | 5 votes |
|
@Test(groups = TEST_GROUP_JWT, description = "validate sub fail", expectedExceptions = ParseException.class)
public void defaultSubNotAvailable() throws Exception {
HashMap<String, Long> timeClaims = new HashMap<>();
String token = TokenUtils.generateTokenString("/TokenSubPath.json", null, timeClaims);
PublicKey publicKey = TokenUtils.readPublicKey("/publicKey.pem");
if (publicKey == null) {
throw new IllegalStateException("Failed to load /publicKey.pem resource");
}
JWTAuthContextInfo contextInfo = new JWTAuthContextInfo((RSAPublicKey) publicKey, TEST_ISSUER);
JWTCallerPrincipalFactory factory = JWTCallerPrincipalFactory.instance();
factory.parse(token, contextInfo);
}
Example 16
| Source File: TestTokenRequiredClaims.java From smallrye-jwt with Apache License 2.0 | 5 votes |
|
@Test
public void base() throws Exception {
String token = TokenUtils.generateTokenString("/Token1.json");
PublicKey publicKey = TokenUtils.readPublicKey("/publicKey.pem");
JWTAuthContextInfo contextInfo = new JWTAuthContextInfo((RSAPublicKey) publicKey, TEST_ISSUER);
JWTCallerPrincipalFactory factory = JWTCallerPrincipalFactory.instance();
factory.parse(token, contextInfo);
}
Example 17
| Source File: TestTokenWithSubPath.java From smallrye-jwt with Apache License 2.0 | 5 votes |
|
@BeforeClass(alwaysRun = true)
public static void generateToken() throws Exception {
HashMap<String, Long> timeClaims = new HashMap<>();
token = TokenUtils.generateTokenString("/TokenSubPath.json", null, timeClaims);
publicKey = TokenUtils.readPublicKey("/publicKey.pem");
if (publicKey == null) {
throw new IllegalStateException("Failed to load /publicKey.pem resource");
}
}
Example 18
| Source File: AudArrayValidationTest.java From microprofile-jwt-auth with Apache License 2.0 | 5 votes |
|
/**
* Create a CDI aware base web application archive that includes an embedded PEM public key
* that is included as the mp.jwt.verify.publickey property.
* The root url is /
* @return the base base web application archive
* @throws Exception - on resource failure
*/
@Deployment()
public static WebArchive createDeployment() throws Exception {
URL publicKey = AudArrayValidationTest.class.getResource("/publicKey4k.pem");
PrivateKey privateKey = TokenUtils.readPrivateKey("/privateKey4k.pem");
String kid = "publicKey4k";
HashMap<String, Long> timeClaims = new HashMap<>();
token = TokenUtils.generateTokenString(privateKey, kid, "/TokenAudiences.json", null, timeClaims);
// Setup the microprofile-config.properties content
Properties configProps = new Properties();
// Location points to the PEM bundled in the deployment
configProps.setProperty(Names.VERIFIER_PUBLIC_KEY_LOCATION, "/publicKey4k.pem");
configProps.setProperty(Names.ISSUER, TCKConstants.TEST_ISSUER);
configProps.setProperty(Names.AUDIENCES, "aud3,badAud,aud1"); // matches json, should pass
StringWriter configSW = new StringWriter();
configProps.store(configSW, "AudValidationTest microprofile-config.properties");
StringAsset configAsset = new StringAsset(configSW.toString());
WebArchive webArchive = ShrinkWrap
.create(WebArchive.class, "AudArrayValidationTest.war")
.addAsManifestResource(new StringAsset(MpJwtTestVersion.MPJWT_V_1_2.name()), MpJwtTestVersion.MANIFEST_NAME)
.addAsResource(publicKey, "/publicKey.pem")
.addAsResource(publicKey, "/publicKey4k.pem")
// Include the token for inspection by ApplicationArchiveProcessor
.add(new StringAsset(token), "MP-JWT")
.addClass(AudienceValidationEndpoint.class)
.addClass(TCKApplication.class)
.addClass(SimpleTokenUtils.class)
.addAsWebInfResource("beans.xml", "beans.xml")
.addAsManifestResource(configAsset, "microprofile-config.properties");
System.out.printf("WebArchive: %s\n", webArchive.toString(true));
return webArchive;
}
Example 19
| Source File: ServletTest.java From microprofile-jwt-auth with Apache License 2.0 | 4 votes |
|
@BeforeClass(alwaysRun = true)
public static void generateToken() throws Exception {
token = TokenUtils.generateTokenString("/Token1.json");
}
Example 20
| Source File: PublicKeyAsJWKSTest.java From tomee with Apache License 2.0 | 4 votes |
|
@Test
public void validateJWKS() throws Exception {
System.setProperty(Names.VERIFIER_PUBLIC_KEY, "");
System.setProperty(Names.VERIFIER_PUBLIC_KEY_LOCATION, "file://" +
Paths.get("").toAbsolutePath().toString() +
"/src/test/resources/signer-keyset4k.jwk");
System.setProperty(Names.ISSUER, TCKConstants.TEST_ISSUER);
final PrivateKey privateKey = TokenUtils.readPrivateKey("/privateKey4k.pem");
final String kid = "publicKey4k";
final String token = TokenUtils.generateTokenString(privateKey, kid, "/Token1.json", null, new HashMap<>());
System.out.println("token = " + token);
final JWTAuthConfigurationProperties JWTAuthConfigurationProperties = new JWTAuthConfigurationProperties();
JWTAuthConfigurationProperties.init(null);
final JWTAuthConfiguration jwtAuthConfiguration =
JWTAuthConfigurationProperties.getJWTAuthConfiguration().orElseThrow(IllegalArgumentException::new);
final JwtConsumerBuilder jwtConsumerBuilder = new JwtConsumerBuilder()
.setRequireExpirationTime()
.setRequireSubject()
.setSkipDefaultAudienceValidation()
.setExpectedIssuer(jwtAuthConfiguration.getIssuer())
.setJwsAlgorithmConstraints(new AlgorithmConstraints(WHITELIST, RSA_USING_SHA256))
.setSkipDefaultAudienceValidation()
.setVerificationKey(jwtAuthConfiguration.getPublicKey());
if (jwtAuthConfiguration.getExpGracePeriodSecs() > 0) {
jwtConsumerBuilder.setAllowedClockSkewInSeconds(jwtAuthConfiguration.getExpGracePeriodSecs());
} else {
jwtConsumerBuilder.setEvaluationTime(NumericDate.fromSeconds(0));
}
if (jwtAuthConfiguration.isSingleKey()) {
jwtConsumerBuilder.setVerificationKey(jwtAuthConfiguration.getPublicKey());
} else {
jwtConsumerBuilder.setVerificationKeyResolver(new JwksVerificationKeyResolver(jwtAuthConfiguration.getPublicKeys()));
}
final JwtConsumer jwtConsumer = jwtConsumerBuilder.build();
final JwtContext jwtContext = jwtConsumer.process(token);
Assert.assertEquals(jwtContext.getJwtClaims().getStringClaimValue("upn"), "[email protected]");
}
