Merge pull request #45 from jwtk/digest-comparison

Fixes #35.  Also enhanced some test code coverage.

pom.xml

@@ -296,11 +296,6 @@
                                 <lineRate>96</lineRate>
                                 <branchRate>100</branchRate>
                             </regex>
-                            <regex>
-                                <pattern>io.jsonwebtoken.impl.Base64UrlCodec</pattern>
-                                <lineRate>100</lineRate>
-                                <branchRate>95</branchRate>
-                            </regex>
                             <regex>
                                 <pattern>io.jsonwebtoken.impl.DefaultJwtBuilder</pattern>
                                 <lineRate>91</lineRate>

src/main/java/io/jsonwebtoken/impl/crypto/MacValidator.java

@@ -18,6 +18,7 @@ package io.jsonwebtoken.impl.crypto;
 import io.jsonwebtoken.SignatureAlgorithm;
 
 import java.security.Key;
+import java.security.MessageDigest;
 import java.util.Arrays;
 
 public class MacValidator implements SignatureValidator {
@@ -31,6 +32,6 @@ public class MacValidator implements SignatureValidator {
     @Override
     public boolean isValid(byte[] data, byte[] signature) {
         byte[] computed = this.signer.sign(data);
-        return Arrays.equals(computed, signature);
+        return MessageDigest.isEqual(computed, signature);
     }
 }

src/test/groovy/io/jsonwebtoken/impl/Base64UrlCodecTest.groovy

@@ -0,0 +1,19 @@
+package io.jsonwebtoken.impl
+
+import org.junit.Test
+import static org.junit.Assert.*
+
+class Base64UrlCodecTest {
+
+    @Test
+    void testRemovePaddingWithEmptyByteArray() {
+
+        def codec = new Base64UrlCodec()
+
+        byte[] empty = new byte[0];
+
+        def result = codec.removePadding(empty)
+
+        assertSame empty, result
+    }
+}

src/test/groovy/io/jsonwebtoken/impl/DefaultJwtBuilderTest.groovy

@@ -119,6 +119,17 @@ class DefaultJwtBuilderTest {
         }
     }
 
+    @Test
+    void testCompactWithoutPayloadOrClaims() {
+        def b = new DefaultJwtBuilder()
+        try {
+            b.compact()
+            fail()
+        } catch (IllegalStateException ise) {
+            assertEquals ise.message, "Either 'payload' or 'claims' must be specified."
+        }
+    }
+
     @Test
     void testCompactWithBothPayloadAndClaims() {
         def b = new DefaultJwtBuilder()
@@ -197,4 +208,54 @@ class DefaultJwtBuilderTest {
         }
 
     }
+
+    @Test
+    void testSetHeaderParamsWithNullMap() {
+        def b = new DefaultJwtBuilder()
+        b.setHeaderParams(null)
+        assertNull b.header
+    }
+
+    @Test
+    void testSetHeaderParamsWithEmptyMap() {
+        def b = new DefaultJwtBuilder()
+        b.setHeaderParams([:])
+        assertNull b.header
+    }
+
+    @Test
+    void testSetIssuerWithNull() {
+        def b = new DefaultJwtBuilder()
+        b.setIssuer(null)
+        assertNull b.claims
+    }
+
+    @Test
+    void testSetSubjectWithNull() {
+        def b = new DefaultJwtBuilder()
+        b.setSubject(null)
+        assertNull b.claims
+    }
+
+    @Test
+    void testSetAudienceWithNull() {
+        def b = new DefaultJwtBuilder()
+        b.setAudience(null)
+        assertNull b.claims
+    }
+
+    @Test
+    void testSetIdWithNull() {
+        def b = new DefaultJwtBuilder()
+        b.setId(null)
+        assertNull b.claims
+    }
+
+    @Test
+    void testClaimNullValue() {
+        def b = new DefaultJwtBuilder()
+        b.claim('foo', null)
+        assertNull b.claims
+    }
+
 }