io.jsonwebtoken.impl.crypto.RsaProvider Java Examples
The following examples show how to use
io.jsonwebtoken.impl.crypto.RsaProvider.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: ApigeeSSO2ProviderIT.java From usergrid with Apache License 2.0 | 6 votes |
@Test public void testBasicOperation() throws Exception { // create keypair KeyPair kp = RsaProvider.generateKeyPair(1024); PublicKey publicKey = kp.getPublic(); PrivateKey privateKey = kp.getPrivate(); // create provider with private key ApigeeSSO2Provider provider = new MockApigeeSSO2Provider(); provider.setManagement( setup.getMgmtSvc() ); provider.setPublicKey( publicKey ); // create user, claims and a token for those things User user = createUser(); long exp = System.currentTimeMillis() + 10000; Map<String, Object> claims = createClaims( user.getUsername(), user.getEmail(), exp ); String token = Jwts.builder().setClaims(claims).signWith( SignatureAlgorithm.RS256, privateKey).compact(); // test that provider can validate the token, get user, return token info TokenInfo tokenInfo = provider.validateAndReturnTokenInfo( token, 86400L ); Assert.assertNotNull( tokenInfo ); }
Example #2
Source File: ApigeeSSO2ProviderIT.java From usergrid with Apache License 2.0 | 6 votes |
@Test public void testMalformedToken() throws Exception { // create keypair KeyPair kp = RsaProvider.generateKeyPair(1024); PublicKey publicKey = kp.getPublic(); // create provider with private key ApigeeSSO2Provider provider = new MockApigeeSSO2Provider(); provider.setManagement( setup.getMgmtSvc() ); provider.setPublicKey( publicKey ); // test that token is malformed try { provider.getClaims( "{;aklsjd;fkajsd;fkjasd;lfkj}" ); Assert.fail("Should have failed due to malformed token"); } catch ( BadTokenException e ) { Assert.assertTrue( e.getCause() instanceof MalformedJwtException ); } }
Example #3
Source File: JwtAuthenticatorTest.java From trellis with Apache License 2.0 | 5 votes |
@Test void testAuthenticateRSA() { final KeyPair keypair = RsaProvider.generateKeyPair(); final String token = Jwts.builder().setSubject("https://people.apache.org/~acoburn/#i") .signWith(keypair.getPrivate(), SignatureAlgorithm.RS256).compact(); final Authenticator authenticator = new JwtAuthenticator(keypair.getPublic()); final Principal p = authenticator.authenticate(token); assertNotNull(p, "Missing principal!"); assertEquals("https://people.apache.org/~acoburn/#i", p.getName(), "Incorrect webid!"); }
Example #4
Source File: ApigeeSSO2ProviderIT.java From usergrid with Apache License 2.0 | 5 votes |
@Test public void testExpiredToken() throws Exception { // create keypair KeyPair kp = RsaProvider.generateKeyPair(1024); PublicKey publicKey = kp.getPublic(); PrivateKey privateKey = kp.getPrivate(); // create provider with private key ApigeeSSO2Provider provider = new MockApigeeSSO2Provider(); provider.setManagement( setup.getMgmtSvc() ); provider.setPublicKey( publicKey ); // create user, claims and a token for those things User user = createUser(); long exp = System.currentTimeMillis() - 1500; Map<String, Object> claims = createClaims( user.getUsername(), user.getEmail(), exp ); String token = Jwts.builder() .setClaims(claims) .setExpiration( new Date() ) .signWith( SignatureAlgorithm.RS256, privateKey) .compact(); Thread.sleep(500); // wait for claims to timeout // test that token is expired try { provider.validateAndReturnTokenInfo( token, 86400L ); Assert.fail("Should have failed due to expired token"); } catch ( BadTokenException e ) { Assert.assertTrue( e.getCause() instanceof ExpiredJwtException ); } }
Example #5
Source File: ApigeeSSO2ProviderIT.java From usergrid with Apache License 2.0 | 5 votes |
@Test public void testBadSignature() throws Exception { // create old keypair KeyPair kp = RsaProvider.generateKeyPair(1024); PublicKey publicKey = kp.getPublic(); PrivateKey privateKey = kp.getPrivate(); // create new keypair KeyPair kpNew = RsaProvider.generateKeyPair(1024); PrivateKey privateKeyNew = kpNew.getPrivate(); // create mock provider with old public key ApigeeSSO2Provider provider = new MockApigeeSSO2ProviderNewKey( publicKey, publicKey ); provider.setManagement( setup.getMgmtSvc() ); // create user, claims and a token for those things. Sign with new public key User user = createUser(); long exp = System.currentTimeMillis() + 10000; Map<String, Object> claims = createClaims( user.getUsername(), user.getEmail(), exp ); String token = Jwts.builder().setClaims(claims).signWith( SignatureAlgorithm.RS256, privateKeyNew).compact(); // test that signature exception thrown try { provider.validateAndReturnTokenInfo( token, 86400L ); Assert.fail("Should have failed due to bad signature"); } catch ( BadTokenException e ) { Assert.assertTrue( e.getCause() instanceof SignatureException ); } }
Example #6
Source File: ApigeeSSO2ProviderIT.java From usergrid with Apache License 2.0 | 4 votes |
@Test public void testNewPublicKeyFetch() throws Exception { // create old keypair KeyPair kp = RsaProvider.generateKeyPair(1024); PublicKey publicKey = kp.getPublic(); PrivateKey privateKey = kp.getPrivate(); // create new keypair KeyPair kpNew = RsaProvider.generateKeyPair(1024); PublicKey publicKeyNew = kpNew.getPublic(); PrivateKey privateKeyNew = kpNew.getPrivate(); // create mock provider with old and old key MockApigeeSSO2ProviderNewKey provider = new MockApigeeSSO2ProviderNewKey( publicKey, publicKeyNew ); provider.setManagement( setup.getMgmtSvc() ); // create user, claims and a token for those things. Sign with new public key User user = createUser(); long exp = System.currentTimeMillis() + 10000; Map<String, Object> claims = createClaims( user.getUsername(), user.getEmail(), exp ); String token = Jwts.builder().setClaims(claims).signWith( SignatureAlgorithm.RS256, privateKeyNew).compact(); // test that provider can validate the token, get user, return token info TokenInfo tokenInfo = provider.validateAndReturnTokenInfo( token, 86400L ); Assert.assertNotNull( tokenInfo ); // assert that provider called for new key Assert.assertTrue( provider.isGetPublicKeyCalled() ); // try it again, but this time it should fail due to freshness value provider.setPublicKey( publicKey ); // set old key // test that signature exception thrown try { provider.validateAndReturnTokenInfo( token, 86400L ); Assert.fail("Should have failed due to bad signature"); } catch ( BadTokenException e ) { Assert.assertTrue( e.getCause() instanceof SignatureException ); } }
Example #7
Source File: ExternalSSOEnabledIT.java From usergrid with Apache License 2.0 | 4 votes |
private void generateKey() { KeyPair kp = RsaProvider.generateKeyPair(1024); publicKey = kp.getPublic(); privateKey = kp.getPrivate(); }