mirror of https://github.com/jwtk/jjwt.git
Added expectIssuedAt convenience method.
This commit is contained in:
parent
8f49666a40
commit
0fab5504cd
|
@ -16,6 +16,7 @@
|
|||
package io.jsonwebtoken;
|
||||
|
||||
import java.security.Key;
|
||||
import java.util.Date;
|
||||
|
||||
/**
|
||||
* A parser for reading JWT strings, used to convert them into a {@link Jwt} object representing the expanded JWT.
|
||||
|
@ -26,6 +27,14 @@ public interface JwtParser {
|
|||
|
||||
public static final char SEPARATOR_CHAR = '.';
|
||||
|
||||
/**
|
||||
* Sets an expected value for the issuedAt claim.
|
||||
*
|
||||
* @param issuedAt
|
||||
* @return the parser for method chaining.
|
||||
*/
|
||||
JwtParser expectIssuedAt(Date issuedAt);
|
||||
|
||||
/**
|
||||
* Sets an expected value for any given claim name.
|
||||
*
|
||||
|
|
|
@ -46,7 +46,6 @@ import java.io.IOException;
|
|||
import java.security.Key;
|
||||
import java.text.SimpleDateFormat;
|
||||
import java.util.Date;
|
||||
import java.util.LinkedHashMap;
|
||||
import java.util.Map;
|
||||
|
||||
@SuppressWarnings("unchecked")
|
||||
|
@ -63,7 +62,16 @@ public class DefaultJwtParser implements JwtParser {
|
|||
|
||||
private SigningKeyResolver signingKeyResolver;
|
||||
|
||||
Map<String, Object> expectedClaims = new LinkedHashMap<String, Object>();
|
||||
Claims expectedClaims = new DefaultClaims();
|
||||
|
||||
@Override
|
||||
public JwtParser expectIssuedAt(Date issuedAt) {
|
||||
if (issuedAt != null) {
|
||||
expectedClaims.setIssuedAt(issuedAt);
|
||||
}
|
||||
|
||||
return this;
|
||||
}
|
||||
|
||||
@Override
|
||||
public JwtParser expect(String claimName, Object value) {
|
||||
|
@ -329,8 +337,16 @@ public class DefaultJwtParser implements JwtParser {
|
|||
|
||||
private void validateExpectedClaims(Header header, Claims claims) {
|
||||
for (String expectedClaimName : expectedClaims.keySet()) {
|
||||
Object expectedClaimValue = expectedClaims.get(expectedClaimName);
|
||||
Object actualClaimValue = claims.get(expectedClaimName);
|
||||
Object expectedClaimValue = null;
|
||||
Object actualClaimValue = null;
|
||||
if (Claims.ISSUED_AT.equals(expectedClaimName)) {
|
||||
expectedClaimValue = expectedClaims.getIssuedAt();
|
||||
actualClaimValue = claims.getIssuedAt();
|
||||
} else {
|
||||
expectedClaimValue = expectedClaims.get(expectedClaimName);
|
||||
actualClaimValue = claims.get(expectedClaimName);
|
||||
}
|
||||
|
||||
InvalidClaimException invalidClaimException = null;
|
||||
|
||||
if (actualClaimValue == null) {
|
||||
|
|
|
@ -22,6 +22,8 @@ import javax.crypto.spec.SecretKeySpec
|
|||
import java.security.SecureRandom
|
||||
|
||||
import static org.junit.Assert.*
|
||||
import static ClaimJwtException.INCORRECT_EXPECTED_CLAIM_MESSAGE_TEMPLATE
|
||||
import static ClaimJwtException.MISSING_EXPECTED_CLAIM_MESSAGE_TEMPLATE
|
||||
|
||||
class JwtParserTest {
|
||||
|
||||
|
@ -819,7 +821,7 @@ class JwtParserTest {
|
|||
fail()
|
||||
} catch (IncorrectClaimException e) {
|
||||
assertEquals(
|
||||
String.format(ClaimJwtException.INCORRECT_EXPECTED_CLAIM_MESSAGE_TEMPLATE, goodClaimName, goodClaimValue, badClaimValue),
|
||||
String.format(INCORRECT_EXPECTED_CLAIM_MESSAGE_TEMPLATE, goodClaimName, goodClaimValue, badClaimValue),
|
||||
e.getMessage()
|
||||
)
|
||||
}
|
||||
|
@ -843,7 +845,74 @@ class JwtParserTest {
|
|||
fail()
|
||||
} catch (MissingClaimException e) {
|
||||
assertEquals(
|
||||
String.format(ClaimJwtException.MISSING_EXPECTED_CLAIM_MESSAGE_TEMPLATE, claimName, claimValue),
|
||||
String.format(MISSING_EXPECTED_CLAIM_MESSAGE_TEMPLATE, claimName, claimValue),
|
||||
e.getMessage()
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
@Test
|
||||
void testParseExpectIssuedAt_Success() {
|
||||
def issuedAt = new Date(System.currentTimeMillis())
|
||||
|
||||
byte[] key = randomKey()
|
||||
|
||||
String compact = Jwts.builder().signWith(SignatureAlgorithm.HS256, key).
|
||||
setIssuedAt(issuedAt).
|
||||
compact()
|
||||
|
||||
Jwt<Header,Claims> jwt = Jwts.parser().setSigningKey(key).
|
||||
expectIssuedAt(issuedAt).
|
||||
parseClaimsJws(compact)
|
||||
|
||||
// system converts to seconds (lopping off millis precision), then returns millis
|
||||
def issuedAtMillis = ((long)issuedAt.getTime() / 1000) * 1000
|
||||
|
||||
assertEquals jwt.getBody().getIssuedAt().getTime(), issuedAtMillis
|
||||
}
|
||||
|
||||
@Test
|
||||
void testParseExpectIssuedAt_Incorrect_Fail() {
|
||||
def goodIssuedAt = new Date(System.currentTimeMillis())
|
||||
def badIssuedAt = new Date(System.currentTimeMillis() - 10000)
|
||||
|
||||
byte[] key = randomKey()
|
||||
|
||||
String compact = Jwts.builder().signWith(SignatureAlgorithm.HS256, key).
|
||||
setIssuedAt(badIssuedAt).
|
||||
compact()
|
||||
|
||||
try {
|
||||
Jwts.parser().setSigningKey(key).
|
||||
expectIssuedAt(goodIssuedAt).
|
||||
parseClaimsJws(compact)
|
||||
fail()
|
||||
} catch(IncorrectClaimException e) {
|
||||
assertEquals(
|
||||
String.format(INCORRECT_EXPECTED_CLAIM_MESSAGE_TEMPLATE, Claims.ISSUED_AT, goodIssuedAt, badIssuedAt),
|
||||
e.getMessage()
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
@Test
|
||||
void testParseExpectIssuedAt_Missing_Fail() {
|
||||
def issuedAt = new Date(System.currentTimeMillis() - 10000)
|
||||
|
||||
byte[] key = randomKey()
|
||||
|
||||
String compact = Jwts.builder().signWith(SignatureAlgorithm.HS256, key).
|
||||
setSubject("Dummy").
|
||||
compact()
|
||||
|
||||
try {
|
||||
Jwts.parser().setSigningKey(key).
|
||||
expectIssuedAt(issuedAt).
|
||||
parseClaimsJws(compact)
|
||||
fail()
|
||||
} catch(MissingClaimException e) {
|
||||
assertEquals(
|
||||
String.format(MISSING_EXPECTED_CLAIM_MESSAGE_TEMPLATE, Claims.ISSUED_AT, issuedAt),
|
||||
e.getMessage()
|
||||
)
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue