mirror of https://github.com/jwtk/jjwt.git
CLEAN BUILD WITH TESTS! YAY!
This commit is contained in:
parent
f77697cef1
commit
0bb95d535c
|
@ -42,12 +42,12 @@ public class JwtHandlerAdapter<T> implements JwtHandler<T> {
|
|||
|
||||
@Override
|
||||
public T onPlaintextJws(Jws<String> jws) {
|
||||
throw new UnsupportedJwtException("Signed plaintext JWSs are not supported.");
|
||||
throw new UnsupportedJwtException("Signed plaintext JWTs are not supported.");
|
||||
}
|
||||
|
||||
@Override
|
||||
public T onClaimsJws(Jws<Claims> jws) {
|
||||
throw new UnsupportedJwtException("Signed Claims JWSs are not supported.");
|
||||
throw new UnsupportedJwtException("Signed Claims JWTs are not supported.");
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
@ -16,7 +16,9 @@
|
|||
package io.jsonwebtoken
|
||||
|
||||
import org.junit.Test
|
||||
import static org.junit.Assert.*
|
||||
|
||||
import static org.junit.Assert.assertEquals
|
||||
import static org.junit.Assert.fail
|
||||
|
||||
class JwtHandlerAdapterTest {
|
||||
|
||||
|
@ -49,7 +51,7 @@ class JwtHandlerAdapterTest {
|
|||
handler.onPlaintextJws(null)
|
||||
fail()
|
||||
} catch (UnsupportedJwtException e) {
|
||||
assertEquals e.getMessage(), 'Signed plaintext JWSs are not supported.'
|
||||
assertEquals e.getMessage(), 'Signed plaintext JWTs are not supported.'
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -60,7 +62,7 @@ class JwtHandlerAdapterTest {
|
|||
handler.onClaimsJws(null)
|
||||
fail()
|
||||
} catch (UnsupportedJwtException e) {
|
||||
assertEquals e.getMessage(), 'Signed Claims JWSs are not supported.'
|
||||
assertEquals e.getMessage(), 'Signed Claims JWTs are not supported.'
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -29,7 +29,7 @@ class ArraysTest {
|
|||
|
||||
@Test
|
||||
void testByteArrayLengthWithNull() {
|
||||
assertEquals 0, Arrays.length(null)
|
||||
assertEquals 0, Arrays.length((byte[])null)
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
|
@ -376,11 +376,17 @@ public class DefaultJwtParser implements JwtParser {
|
|||
//
|
||||
final String alg = Strings.clean(header.getAlgorithm());
|
||||
if (!Strings.hasText(alg)) {
|
||||
String msg = "Compact JWT strings MUST always have an 'alg' (Algorithm) header value per " +
|
||||
"https://tools.ietf.org/html/rfc7515#section-4.1.1 and " +
|
||||
"https://tools.ietf.org/html/rfc7516#section-4.1.1. Also see " +
|
||||
"https://tools.ietf.org/html/rfc7515#section-10.7 for more information.";
|
||||
String msg = tokenized instanceof TokenizedJwe ? MISSING_JWE_ALG_MSG : MISSING_JWS_ALG_MSG;
|
||||
throw new MalformedJwtException(msg);
|
||||
} else {
|
||||
if (!SignatureAlgorithms.NONE.getId().equals(alg) && !Strings.hasText(tokenized.getDigest())) {
|
||||
String type = tokenized instanceof TokenizedJwe ? "JWE" : "JWS";
|
||||
String algType = tokenized instanceof TokenizedJwe ? "key management" : "signature";
|
||||
String digestType = tokenized instanceof TokenizedJwe ? "an AAD authentication tag" : "a signature";
|
||||
String msg = "The " + type + " header references " + algType + " algorithm '" + alg + "' but the " +
|
||||
"compact " + type + " string does not have " + digestType + " token.";
|
||||
throw new MalformedJwtException(msg);
|
||||
}
|
||||
}
|
||||
|
||||
// =============== Body =================
|
||||
|
@ -452,8 +458,7 @@ public class DefaultJwtParser implements JwtParser {
|
|||
|
||||
final Key key = ((Function<JweHeader, Key>) this.keyLocator).apply(jweHeader);
|
||||
if (key == null) {
|
||||
String msg = "No key found for use with JWE key algorithm '" + keyAlg.getId() +
|
||||
"'. Unable to decrypt JWE payload.";
|
||||
String msg = "Cannot decrypt JWE payload: unable to locate key for JWE with header: " + jweHeader;
|
||||
throw new UnsupportedJwtException(msg);
|
||||
}
|
||||
|
||||
|
@ -500,9 +505,16 @@ public class DefaultJwtParser implements JwtParser {
|
|||
|
||||
final JwsHeader jwsHeader = jws.getHeader();
|
||||
|
||||
SignatureAlgorithm<?, Key> algorithm = (SignatureAlgorithm<?, Key>) signatureAlgorithmLocator.apply(jwsHeader);
|
||||
SignatureAlgorithm<?, Key> algorithm;
|
||||
try {
|
||||
algorithm = (SignatureAlgorithm<?, Key>) signatureAlgorithmLocator.apply(jwsHeader);
|
||||
} catch (UnsupportedJwtException e) {
|
||||
//For backwards compatibility. TODO: remove this try/catch block for 1.0 and let UnsupportedJwtException propagate
|
||||
String msg = "Unsupported signature algorithm '" + alg + "'";
|
||||
throw new SignatureException(msg, e);
|
||||
}
|
||||
if (algorithm == null) {
|
||||
String msg = "Unrecognized JWS algorithm identifier: " + alg;
|
||||
String msg = "Unrecognized JWS signature algorithm '" + alg + "'.";
|
||||
throw new UnsupportedJwtException(msg);
|
||||
}
|
||||
|
||||
|
@ -526,7 +538,10 @@ public class DefaultJwtParser implements JwtParser {
|
|||
} else {
|
||||
key = signingKeyResolver.resolveSigningKey(jwsHeader, payload);
|
||||
}
|
||||
Assert.notNull(key, "A signature verification key is required if the specified JWT is digitally signed.");
|
||||
if (key == null) {
|
||||
String msg = "Cannot verify JWS signature: unable to locate signature verification key for JWS with header: " + jwsHeader;
|
||||
throw new UnsupportedJwtException(msg);
|
||||
}
|
||||
|
||||
//re-create the jwt part without the signature. This is what is needed for signature verification:
|
||||
String jwtWithoutSignature = tokenized.getProtected() + SEPARATOR_CHAR + tokenized.getBody();
|
||||
|
@ -711,30 +726,22 @@ public class DefaultJwtParser implements JwtParser {
|
|||
|
||||
@Override
|
||||
public Jwt<?, Claims> parseClaimsJwt(String claimsJwt) {
|
||||
try {
|
||||
return parse(claimsJwt, new JwtHandlerAdapter<Jwt<?, Claims>>() {
|
||||
@Override
|
||||
public Jwt<?, Claims> onClaimsJwt(Jwt<?, Claims> jwt) {
|
||||
return jwt;
|
||||
}
|
||||
});
|
||||
} catch (IllegalArgumentException iae) {
|
||||
throw new UnsupportedJwtException("Signed JWSs are not supported.", iae);
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public Jws<String> parsePlaintextJws(String plaintextJws) {
|
||||
try {
|
||||
return parse(plaintextJws, new JwtHandlerAdapter<Jws<String>>() {
|
||||
@Override
|
||||
public Jws<String> onPlaintextJws(Jws<String> jws) {
|
||||
return jws;
|
||||
}
|
||||
});
|
||||
} catch (IllegalArgumentException iae) {
|
||||
throw new UnsupportedJwtException("Signed JWSs are not supported.", iae);
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
@ -68,6 +68,7 @@ public class DefaultJwtParserBuilder implements JwtParserBuilder {
|
|||
|
||||
@SuppressWarnings({"rawtypes"})
|
||||
private Function<Header, Key> keyLocator = ConstantFunction.forNull();
|
||||
|
||||
@SuppressWarnings("deprecation") //TODO: remove for 1.0
|
||||
private SigningKeyResolver signingKeyResolver = new ConstantKeyLocator<>(null , null);
|
||||
|
||||
|
@ -89,6 +90,9 @@ public class DefaultJwtParserBuilder implements JwtParserBuilder {
|
|||
|
||||
private long allowedClockSkewMillis = 0;
|
||||
|
||||
private Key signatureVerificationKey;
|
||||
private Key decryptionKey;
|
||||
|
||||
@Override
|
||||
public JwtParserBuilder setProvider(Provider provider) {
|
||||
this.provider = provider;
|
||||
|
@ -186,31 +190,15 @@ public class DefaultJwtParserBuilder implements JwtParserBuilder {
|
|||
return setSigningKey(bytes);
|
||||
}
|
||||
|
||||
@SuppressWarnings("rawtypes")
|
||||
@Override
|
||||
public JwtParserBuilder setSigningKey(final Key key) {
|
||||
Assert.notNull(key, "signing key cannot be null.");
|
||||
final Function<Header, Key> existing = this.keyLocator;
|
||||
this.keyLocator = new Function<Header, Key>() {
|
||||
@Override
|
||||
public Key apply(Header header) {
|
||||
return header instanceof JwsHeader ? key : existing.apply(header);
|
||||
}
|
||||
};
|
||||
this.signatureVerificationKey = Assert.notNull(key, "signing key cannot be null.");
|
||||
return setSigningKeyResolver(new ConstantKeyLocator<>(key, null));
|
||||
}
|
||||
|
||||
@SuppressWarnings("rawtypes")
|
||||
@Override
|
||||
public JwtParserBuilder decryptWith(final Key key) {
|
||||
Assert.notNull(key, "decryption key cannot be null.");
|
||||
final Function<Header, Key> existing = this.keyLocator;
|
||||
this.keyLocator = new Function<Header, Key>() {
|
||||
@Override
|
||||
public Key apply(Header header) {
|
||||
return header instanceof JweHeader ? key : existing.apply(header);
|
||||
}
|
||||
};
|
||||
this.decryptionKey = Assert.notNull(key, "decryption key cannot be null.");
|
||||
return this;
|
||||
}
|
||||
|
||||
|
@ -262,6 +250,7 @@ public class DefaultJwtParserBuilder implements JwtParserBuilder {
|
|||
return this;
|
||||
}
|
||||
|
||||
@SuppressWarnings("rawtypes")
|
||||
@Override
|
||||
public JwtParser build() {
|
||||
|
||||
|
@ -273,6 +262,25 @@ public class DefaultJwtParserBuilder implements JwtParserBuilder {
|
|||
this.deserializer = Services.loadFirst(Deserializer.class);
|
||||
}
|
||||
|
||||
final Function<Header,Key> existing1 = this.keyLocator;
|
||||
if (this.signatureVerificationKey != null) {
|
||||
this.keyLocator = new Function<Header, Key>() {
|
||||
@Override
|
||||
public Key apply(Header header) {
|
||||
return header instanceof JwsHeader ? signatureVerificationKey : existing1.apply(header);
|
||||
}
|
||||
};
|
||||
}
|
||||
final Function<Header,Key> existing2 = this.keyLocator;
|
||||
if (this.decryptionKey != null) {
|
||||
this.keyLocator = new Function<Header, Key>() {
|
||||
@Override
|
||||
public Key apply(Header header) {
|
||||
return header instanceof JweHeader ? decryptionKey : existing2.apply(header);
|
||||
}
|
||||
};
|
||||
}
|
||||
|
||||
// Invariants. If these are ever violated, it's an error in this class implementation
|
||||
// (we default to non-null instances, and the setters should never allow null):
|
||||
assert this.keyLocator != null : "Key locator should never be null.";
|
||||
|
|
|
@ -86,6 +86,10 @@ public final class Bytes {
|
|||
return output;
|
||||
}
|
||||
|
||||
public static int byteLength(byte[] bytes) {
|
||||
return bytes == null ? 0 : bytes.length;
|
||||
}
|
||||
|
||||
public static long bitLength(byte[] bytes) {
|
||||
return bytes == null ? 0 : bytes.length * (long) Byte.SIZE;
|
||||
}
|
||||
|
|
|
@ -23,7 +23,6 @@ import io.jsonwebtoken.lang.Strings
|
|||
import io.jsonwebtoken.security.SignatureException
|
||||
import org.junit.Test
|
||||
|
||||
import javax.crypto.spec.SecretKeySpec
|
||||
import java.security.SecureRandom
|
||||
|
||||
import static ClaimJwtException.INCORRECT_EXPECTED_CLAIM_MESSAGE_TEMPLATE
|
||||
|
@ -276,13 +275,10 @@ class DeprecatedJwtParserTest {
|
|||
String compact = Jwts.builder().setPayload(payload).signWith(SignatureAlgorithm.HS256, randomKey()).compact()
|
||||
|
||||
try {
|
||||
Jwts.parser().parsePlaintextJws(compact)
|
||||
Jwts.parser().parsePlaintextJwt(compact)
|
||||
fail()
|
||||
} catch (UnsupportedJwtException e) {
|
||||
String expected = 'Signed JWTs are not supported: the JwtParser has not been configured with a signature ' +
|
||||
'verification key or a KeyResolver. Consider configuring the JwtParserBuilder with one of these ' +
|
||||
'to ensure it can use the necessary key to verify JWS signatures.'
|
||||
assertEquals expected, e.getMessage()
|
||||
assertEquals 'Cannot verify JWS signature: unable to locate signature verification key for JWS with header: {alg=HS256}', e.getMessage()
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -292,13 +288,10 @@ class DeprecatedJwtParserTest {
|
|||
String compact = Jwts.builder().setSubject('Joe').signWith(SignatureAlgorithm.HS256, randomKey()).compact()
|
||||
|
||||
try {
|
||||
Jwts.parser().parsePlaintextJws(compact)
|
||||
Jwts.parser().parsePlaintextJwt(compact)
|
||||
fail()
|
||||
} catch (UnsupportedJwtException e) {
|
||||
String expected = 'Signed JWTs are not supported: the JwtParser has not been configured with a signature ' +
|
||||
'verification key or a KeyResolver. Consider configuring the JwtParserBuilder with one of these ' +
|
||||
'to ensure it can use the necessary key to verify JWS signatures.'
|
||||
assertEquals expected, e.getMessage()
|
||||
assertEquals 'Cannot verify JWS signature: unable to locate signature verification key for JWS with header: {alg=HS256}', e.getMessage()
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -329,7 +322,7 @@ class DeprecatedJwtParserTest {
|
|||
Jwts.parser().parseClaimsJwt(compact)
|
||||
fail()
|
||||
} catch (UnsupportedJwtException e) {
|
||||
assertEquals e.getMessage(), 'Unsigned plaintext JWTs are not supported.'
|
||||
assertEquals 'Unsigned plaintext JWTs are not supported.', e.getMessage()
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -344,10 +337,7 @@ class DeprecatedJwtParserTest {
|
|||
Jwts.parser().parseClaimsJwt(compact)
|
||||
fail()
|
||||
} catch (UnsupportedJwtException e) {
|
||||
String expected = 'Signed JWTs are not supported: the JwtParser has not been configured with a signature ' +
|
||||
'verification key or a KeyResolver. Consider configuring the JwtParserBuilder with one of these ' +
|
||||
'to ensure it can use the necessary key to verify JWS signatures.'
|
||||
assertEquals expected, e.getMessage()
|
||||
assertEquals 'Cannot verify JWS signature: unable to locate signature verification key for JWS with header: {alg=HS256}', e.getMessage()
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -360,10 +350,7 @@ class DeprecatedJwtParserTest {
|
|||
Jwts.parser().parseClaimsJwt(compact)
|
||||
fail()
|
||||
} catch (UnsupportedJwtException e) {
|
||||
String expected = 'Signed JWTs are not supported: the JwtParser has not been configured with a signature ' +
|
||||
'verification key or a KeyResolver. Consider configuring the JwtParserBuilder with one of these ' +
|
||||
'to ensure it can use the necessary key to verify JWS signatures.'
|
||||
assertEquals expected, e.getMessage()
|
||||
assertEquals 'Cannot verify JWS signature: unable to locate signature verification key for JWS with header: {alg=HS256}', e.getMessage()
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -430,7 +417,7 @@ class DeprecatedJwtParserTest {
|
|||
Jwts.parser().setSigningKey(key).parsePlaintextJws(compact)
|
||||
fail()
|
||||
} catch (UnsupportedJwtException e) {
|
||||
assertEquals e.getMessage(), 'Unsigned plaintext JWTs are not supported.'
|
||||
assertEquals 'Unsigned plaintext JWTs are not supported.', e.getMessage()
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -447,7 +434,7 @@ class DeprecatedJwtParserTest {
|
|||
Jwts.parser().setSigningKey(key).parsePlaintextJws(compact)
|
||||
fail()
|
||||
} catch (UnsupportedJwtException e) {
|
||||
assertEquals e.getMessage(), 'Unsigned Claims JWTs are not supported.'
|
||||
assertEquals 'Unsigned Claims JWTs are not supported.', e.getMessage()
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -464,7 +451,7 @@ class DeprecatedJwtParserTest {
|
|||
Jwts.parser().setSigningKey(key).parsePlaintextJws(compact)
|
||||
fail()
|
||||
} catch (UnsupportedJwtException e) {
|
||||
assertEquals e.getMessage(), 'Signed Claims JWSs are not supported.'
|
||||
assertEquals 'Signed Claims JWTs are not supported.', e.getMessage()
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -543,7 +530,7 @@ class DeprecatedJwtParserTest {
|
|||
Jwts.parser().setSigningKey(key).parseClaimsJws(compact)
|
||||
fail()
|
||||
} catch (UnsupportedJwtException e) {
|
||||
assertEquals e.getMessage(), 'Unsigned plaintext JWTs are not supported.'
|
||||
assertEquals 'Unsigned plaintext JWTs are not supported.', e.getMessage()
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -560,24 +547,24 @@ class DeprecatedJwtParserTest {
|
|||
Jwts.parser().setSigningKey(key).parseClaimsJws(compact)
|
||||
fail()
|
||||
} catch (UnsupportedJwtException e) {
|
||||
assertEquals e.getMessage(), 'Unsigned Claims JWTs are not supported.'
|
||||
assertEquals 'Unsigned Claims JWTs are not supported.', e.getMessage()
|
||||
}
|
||||
}
|
||||
|
||||
@Test
|
||||
void testParseClaimsJwsWithPlaintextJws() {
|
||||
|
||||
String subject = 'Joe'
|
||||
String payload = 'Hello world'
|
||||
|
||||
byte[] key = randomKey()
|
||||
|
||||
String compact = Jwts.builder().setSubject(subject).signWith(SignatureAlgorithm.HS256, key).compact()
|
||||
String compact = Jwts.builder().setPayload(payload).signWith(SignatureAlgorithm.HS256, key).compact()
|
||||
|
||||
try {
|
||||
Jwts.parser().setSigningKey(key).parsePlaintextJws(compact)
|
||||
Jwts.parser().setSigningKey(key).parseClaimsJws(compact)
|
||||
fail()
|
||||
} catch (UnsupportedJwtException e) {
|
||||
assertEquals e.getMessage(), 'Signed Claims JWSs are not supported.'
|
||||
assertEquals 'Signed plaintext JWTs are not supported.', e.getMessage()
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -317,29 +317,24 @@ class JwtParserTest {
|
|||
String compact = Jwts.builder().setPayload(payload).signWith(SignatureAlgorithm.HS256, randomKey()).compact()
|
||||
|
||||
try {
|
||||
Jwts.parserBuilder().build().parsePlaintextJws(compact)
|
||||
Jwts.parserBuilder().build().parsePlaintextJwt(compact)
|
||||
fail()
|
||||
} catch (UnsupportedJwtException e) {
|
||||
String msg = 'Signed JWTs are not supported: the JwtParser has not been configured with a signature ' +
|
||||
'verification key or a KeyResolver. Consider configuring the JwtParserBuilder with one of ' +
|
||||
'these to ensure it can use the necessary key to verify JWS signatures.'
|
||||
assertEquals msg, e.getMessage()
|
||||
assertEquals 'Cannot verify JWS signature: unable to locate signature verification key for JWS with header: {alg=HS256}', e.getMessage()
|
||||
}
|
||||
}
|
||||
|
||||
@Test
|
||||
void testParsePlaintextJwtWithClaimsJws() {
|
||||
|
||||
String compact = Jwts.builder().setSubject('Joe').signWith(SignatureAlgorithm.HS256, randomKey()).compact()
|
||||
def key = randomKey()
|
||||
String compact = Jwts.builder().setSubject('Joe').signWith(SignatureAlgorithm.HS256, key).compact()
|
||||
|
||||
try {
|
||||
Jwts.parserBuilder().build().parsePlaintextJws(compact)
|
||||
Jwts.parserBuilder().setSigningKey(key).build().parsePlaintextJws(compact)
|
||||
fail()
|
||||
} catch (UnsupportedJwtException e) {
|
||||
String msg = 'Signed JWTs are not supported: the JwtParser has not been configured with a signature ' +
|
||||
'verification key or a KeyResolver. Consider configuring the JwtParserBuilder with one of ' +
|
||||
'these to ensure it can use the necessary key to verify JWS signatures.'
|
||||
assertEquals msg, e.getMessage()
|
||||
assertEquals 'Signed Claims JWTs are not supported.', e.getMessage()
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -370,7 +365,7 @@ class JwtParserTest {
|
|||
Jwts.parserBuilder().build().parseClaimsJwt(compact)
|
||||
fail()
|
||||
} catch (UnsupportedJwtException e) {
|
||||
assertEquals e.getMessage(), 'Unsigned plaintext JWTs are not supported.'
|
||||
assertEquals 'Unsigned plaintext JWTs are not supported.', e.getMessage()
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -385,26 +380,21 @@ class JwtParserTest {
|
|||
Jwts.parserBuilder().build().parseClaimsJwt(compact)
|
||||
fail()
|
||||
} catch (UnsupportedJwtException e) {
|
||||
String msg = 'Signed JWTs are not supported: the JwtParser has not been configured with a signature ' +
|
||||
'verification key or a KeyResolver. Consider configuring the JwtParserBuilder with one of ' +
|
||||
'these to ensure it can use the necessary key to verify JWS signatures.'
|
||||
assertEquals msg, e.getMessage()
|
||||
assertEquals 'Cannot verify JWS signature: unable to locate signature verification key for JWS with header: {alg=HS256}', e.getMessage()
|
||||
}
|
||||
}
|
||||
|
||||
@Test
|
||||
void testParseClaimsJwtWithClaimsJws() {
|
||||
|
||||
String compact = Jwts.builder().setSubject('Joe').signWith(SignatureAlgorithm.HS256, randomKey()).compact()
|
||||
def key = randomKey()
|
||||
String compact = Jwts.builder().setSubject('Joe').signWith(SignatureAlgorithm.HS256, key).compact()
|
||||
|
||||
try {
|
||||
Jwts.parserBuilder().build().parseClaimsJwt(compact)
|
||||
Jwts.parserBuilder().setSigningKey(key).build().parseClaimsJwt(compact)
|
||||
fail()
|
||||
} catch (UnsupportedJwtException e) {
|
||||
String msg = 'Signed JWTs are not supported: the JwtParser has not been configured with a signature ' +
|
||||
'verification key or a KeyResolver. Consider configuring the JwtParserBuilder with one of ' +
|
||||
'these to ensure it can use the necessary key to verify JWS signatures.'
|
||||
assertEquals msg, e.getMessage()
|
||||
assertEquals 'Signed Claims JWTs are not supported.', e.getMessage()
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -476,7 +466,7 @@ class JwtParserTest {
|
|||
Jwts.parserBuilder().setSigningKey(key).build().parsePlaintextJws(compact)
|
||||
fail()
|
||||
} catch (UnsupportedJwtException e) {
|
||||
assertEquals e.getMessage(), 'Unsigned plaintext JWTs are not supported.'
|
||||
assertEquals 'Unsigned plaintext JWTs are not supported.', e.getMessage()
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -493,7 +483,7 @@ class JwtParserTest {
|
|||
Jwts.parserBuilder().setSigningKey(key).build().parsePlaintextJws(compact)
|
||||
fail()
|
||||
} catch (UnsupportedJwtException e) {
|
||||
assertEquals e.getMessage(), 'Unsigned Claims JWTs are not supported.'
|
||||
assertEquals 'Unsigned Claims JWTs are not supported.', e.getMessage()
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -510,7 +500,7 @@ class JwtParserTest {
|
|||
Jwts.parserBuilder().setSigningKey(key).build().parsePlaintextJws(compact)
|
||||
fail()
|
||||
} catch (UnsupportedJwtException e) {
|
||||
assertEquals e.getMessage(), 'Signed Claims JWSs are not supported.'
|
||||
assertEquals 'Signed Claims JWTs are not supported.', e.getMessage()
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -589,7 +579,7 @@ class JwtParserTest {
|
|||
Jwts.parserBuilder().setSigningKey(key).build().parseClaimsJws(compact)
|
||||
fail()
|
||||
} catch (UnsupportedJwtException e) {
|
||||
assertEquals e.getMessage(), 'Unsigned plaintext JWTs are not supported.'
|
||||
assertEquals 'Unsigned plaintext JWTs are not supported.', e.getMessage()
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -608,7 +598,7 @@ class JwtParserTest {
|
|||
parseClaimsJws(compact)
|
||||
fail()
|
||||
} catch (UnsupportedJwtException e) {
|
||||
assertEquals e.getMessage(), 'Unsigned Claims JWTs are not supported.'
|
||||
assertEquals 'Unsigned Claims JWTs are not supported.', e.getMessage()
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -625,7 +615,7 @@ class JwtParserTest {
|
|||
Jwts.parserBuilder().setSigningKey(key).build().parsePlaintextJws(compact)
|
||||
fail()
|
||||
} catch (UnsupportedJwtException e) {
|
||||
assertEquals e.getMessage(), 'Signed Claims JWSs are not supported.'
|
||||
assertEquals 'Signed Claims JWTs are not supported.', e.getMessage()
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -674,7 +664,7 @@ class JwtParserTest {
|
|||
Jwts.parserBuilder().setSigningKeyResolver(signingKeyResolver).build().parseClaimsJws(compact)
|
||||
fail()
|
||||
} catch (SignatureException se) {
|
||||
assertEquals se.getMessage(), 'JWT signature does not match locally computed signature. JWT validity cannot be asserted and should not be trusted.'
|
||||
assertEquals 'JWT signature does not match locally computed signature. JWT validity cannot be asserted and should not be trusted.', se.getMessage()
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -691,7 +681,7 @@ class JwtParserTest {
|
|||
Jwts.parserBuilder().setSigningKeyResolver(null).build().parseClaimsJws(compact)
|
||||
fail()
|
||||
} catch (IllegalArgumentException iae) {
|
||||
assertEquals iae.getMessage(), 'SigningKeyResolver cannot be null.'
|
||||
assertEquals 'SigningKeyResolver cannot be null.', iae.getMessage()
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -710,9 +700,9 @@ class JwtParserTest {
|
|||
Jwts.parserBuilder().setSigningKeyResolver(signingKeyResolver).build().parseClaimsJws(compact)
|
||||
fail()
|
||||
} catch (UnsupportedJwtException ex) {
|
||||
assertEquals ex.getMessage(), 'The specified SigningKeyResolver implementation does not support ' +
|
||||
assertEquals 'The specified SigningKeyResolver implementation does not support ' +
|
||||
'Claims JWS signing key resolution. Consider overriding either the resolveSigningKey(JwsHeader, Claims) method ' +
|
||||
'or, for HMAC algorithms, the resolveSigningKeyBytes(JwsHeader, Claims) method.'
|
||||
'or, for HMAC algorithms, the resolveSigningKeyBytes(JwsHeader, Claims) method.', ex.getMessage()
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -791,7 +781,7 @@ class JwtParserTest {
|
|||
Jwts.parserBuilder().setSigningKeyResolver(signingKeyResolver).build().parsePlaintextJws(compact)
|
||||
fail()
|
||||
} catch (SignatureException se) {
|
||||
assertEquals se.getMessage(), 'JWT signature does not match locally computed signature. JWT validity cannot be asserted and should not be trusted.'
|
||||
assertEquals 'JWT signature does not match locally computed signature. JWT validity cannot be asserted and should not be trusted.', se.getMessage()
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -153,6 +153,9 @@ class JwksTest {
|
|||
PublicJwk privPubJwk = privJwk.toPublicJwk()
|
||||
assertEquals pubJwk, privPubJwk
|
||||
assertEquals pub, pubJwk.toKey()
|
||||
def jwkPair = privJwk.toKeyPair()
|
||||
assertEquals pub, jwkPair.getPublic()
|
||||
assertEquals priv, jwkPair.getPrivate()
|
||||
|
||||
// test pair
|
||||
privJwk = pub instanceof ECKey ?
|
||||
|
@ -162,6 +165,9 @@ class JwksTest {
|
|||
privPubJwk = privJwk.toPublicJwk()
|
||||
assertEquals pubJwk, privPubJwk
|
||||
assertEquals pub, pubJwk.toKey()
|
||||
jwkPair = privJwk.toKeyPair()
|
||||
assertEquals pub, jwkPair.getPublic()
|
||||
assertEquals priv, jwkPair.getPrivate()
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -19,14 +19,20 @@ class KeyAlgorithmsTest {
|
|||
|
||||
@Test
|
||||
void testValues() {
|
||||
assertEquals 7, KeyAlgorithms.values().size()
|
||||
assertEquals 13, KeyAlgorithms.values().size()
|
||||
assertTrue(contains(KeyAlgorithms.DIRECT) &&
|
||||
contains(KeyAlgorithms.A128KW) &&
|
||||
contains(KeyAlgorithms.A192KW) &&
|
||||
contains(KeyAlgorithms.A256KW) &&
|
||||
contains(KeyAlgorithms.A128GCMKW) &&
|
||||
contains(KeyAlgorithms.A192GCMKW) &&
|
||||
contains(KeyAlgorithms.A256GCMKW)
|
||||
contains(KeyAlgorithms.A256GCMKW) &&
|
||||
contains(KeyAlgorithms.PBES2_HS256_A128KW) &&
|
||||
contains(KeyAlgorithms.PBES2_HS384_A192KW) &&
|
||||
contains(KeyAlgorithms.PBES2_HS512_A256KW) &&
|
||||
contains(KeyAlgorithms.RSA1_5) &&
|
||||
contains(KeyAlgorithms.RSA_OAEP) &&
|
||||
contains(KeyAlgorithms.RSA_OAEP_256)
|
||||
)
|
||||
}
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ class SignatureAlgorithmsTest {
|
|||
|
||||
@Test
|
||||
void testForNameCaseInsensitive() {
|
||||
for(SignatureAlgorithm alg : SignatureAlgorithms.STANDARD_ALGORITHMS.values()) {
|
||||
for(SignatureAlgorithm alg : SignatureAlgorithms.values()) {
|
||||
assertSame alg, SignatureAlgorithms.forId(alg.getId().toLowerCase())
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue