mirror of https://github.com/jwtk/jjwt.git
Merge branch 'master' into jwe
This commit is contained in:
commit
e984d7c8c2
|
@ -15,5 +15,5 @@ install: echo "No need to run mvn install -DskipTests then mvn install. Running
|
|||
script: mvn install
|
||||
|
||||
after_success:
|
||||
- test -z "$BUILD_COVERAGE" || mvn clean test jacoco:report coveralls:report
|
||||
- test -z "$BUILD_COVERAGE" || mvn clean test clover:check clover:clover coveralls:report
|
||||
|
||||
|
|
52
pom.xml
52
pom.xml
|
@ -52,6 +52,29 @@
|
|||
<url>https://travis-ci.org/jwtk/jjwt</url>
|
||||
</ciManagement>
|
||||
|
||||
<!-- temporary fix until official release of coverall-maven-plugin with clover support -->
|
||||
<repositories>
|
||||
<repository>
|
||||
<snapshots>
|
||||
<enabled>false</enabled>
|
||||
</snapshots>
|
||||
<id>bintray-jwtk-coveralls-maven-plugin</id>
|
||||
<name>bintray</name>
|
||||
<url>https://dl.bintray.com/jwtk/coveralls-maven-plugin</url>
|
||||
</repository>
|
||||
</repositories>
|
||||
<pluginRepositories>
|
||||
<pluginRepository>
|
||||
<snapshots>
|
||||
<enabled>false</enabled>
|
||||
</snapshots>
|
||||
<id>bintray-jwtk-coveralls-maven-plugin</id>
|
||||
<name>bintray-plugins</name>
|
||||
<url>https://dl.bintray.com/jwtk/coveralls-maven-plugin</url>
|
||||
</pluginRepository>
|
||||
</pluginRepositories>
|
||||
<!-- temporary fix until official release of coverall-maven-plugin with clover support -->
|
||||
|
||||
<properties>
|
||||
|
||||
<maven.jar.version>3.0.2</maven.jar.version>
|
||||
|
@ -73,6 +96,7 @@
|
|||
<junit.version>4.12</junit.version>
|
||||
<powermock.version>1.6.6</powermock.version>
|
||||
<failsafe.plugin.version>2.19.1</failsafe.plugin.version>
|
||||
<clover.version>4.2.0</clover.version>
|
||||
|
||||
</properties>
|
||||
|
||||
|
@ -151,7 +175,6 @@
|
|||
<version>4.12</version>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
|
||||
</dependencies>
|
||||
|
||||
<build>
|
||||
|
@ -270,19 +293,28 @@
|
|||
</executions>
|
||||
</plugin>
|
||||
<plugin>
|
||||
<groupId>org.jacoco</groupId>
|
||||
<artifactId>jacoco-maven-plugin</artifactId>
|
||||
<version>0.7.9</version>
|
||||
<groupId>org.openclover</groupId>
|
||||
<artifactId>clover-maven-plugin</artifactId>
|
||||
<version>${clover.version}</version>
|
||||
<configuration>
|
||||
<excludes>
|
||||
<exclude>**/io/jsonwebtoken/lang/*</exclude>
|
||||
<exclude>**/*Test*</exclude>
|
||||
<!-- leaving out lang as it mostly comes from other sources -->
|
||||
<exclude>io/jsonwebtoken/lang/*</exclude>
|
||||
</excludes>
|
||||
<methodPercentage>100%</methodPercentage>
|
||||
<statementPercentage>100%</statementPercentage>
|
||||
<conditionalPercentage>100%</conditionalPercentage>
|
||||
<targetPercentage>100%</targetPercentage>
|
||||
</configuration>
|
||||
<executions>
|
||||
<execution>
|
||||
<id>prepare-agent</id>
|
||||
<id>clover</id>
|
||||
<phase>test</phase>
|
||||
<goals>
|
||||
<goal>prepare-agent</goal>
|
||||
<goal>instrument</goal>
|
||||
<goal>check</goal>
|
||||
<goal>clover</goal>
|
||||
</goals>
|
||||
</execution>
|
||||
</executions>
|
||||
|
@ -331,11 +363,13 @@
|
|||
</instructions>
|
||||
</configuration>
|
||||
</plugin>
|
||||
<!-- Temporarily host coveralls SNAPSHOT with clover support locally -->
|
||||
<plugin>
|
||||
<groupId>org.eluder.coveralls</groupId>
|
||||
<groupId>org.jwtk.coveralls</groupId>
|
||||
<artifactId>coveralls-maven-plugin</artifactId>
|
||||
<version>4.3.0</version>
|
||||
<version>4.4.0</version>
|
||||
</plugin>
|
||||
<!-- Temporarily host coveralls SNAPSHOT with clover support locally -->
|
||||
</plugins>
|
||||
</build>
|
||||
<profiles>
|
||||
|
|
|
@ -50,9 +50,10 @@ public class GzipCompressionCodec extends AbstractCompressionCodec implements Co
|
|||
inputStream = new ByteArrayInputStream(compressed);
|
||||
gzipInputStream = new GZIPInputStream(inputStream);
|
||||
outputStream = new ByteArrayOutputStream();
|
||||
int read;
|
||||
while ((read = gzipInputStream.read(buffer)) != -1) {
|
||||
int read = gzipInputStream.read(buffer);
|
||||
while (read != -1) {
|
||||
outputStream.write(buffer, 0, read);
|
||||
read = gzipInputStream.read(buffer);
|
||||
}
|
||||
return outputStream.toByteArray();
|
||||
} finally {
|
||||
|
|
|
@ -1518,4 +1518,76 @@ class JwtParserTest {
|
|||
assertTrue e.getMessage().startsWith('JWT expired at ')
|
||||
}
|
||||
}
|
||||
|
||||
@Test
|
||||
void testParseMalformedJwt() {
|
||||
|
||||
String header = '{"alg":"none"}'
|
||||
|
||||
String payload = '{"subject":"Joe"}'
|
||||
|
||||
String badSig = ";aklsjdf;kajsd;fkjas;dklfj"
|
||||
|
||||
String bogus = 'bogus'
|
||||
|
||||
String bad = TextCodec.BASE64.encode(header) + '.' +
|
||||
TextCodec.BASE64.encode(payload) + '.' +
|
||||
TextCodec.BASE64.encode(badSig) + '.' +
|
||||
TextCodec.BASE64.encode(bogus)
|
||||
|
||||
|
||||
try {
|
||||
Jwts.parser().setSigningKey(randomKey()).parse(bad)
|
||||
fail()
|
||||
} catch (MalformedJwtException se) {
|
||||
assertEquals 'JWT strings must contain exactly 2 period characters. Found: 3', se.message
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@Test
|
||||
void testNoHeaderNoSig() {
|
||||
String payload = '{"subject":"Joe"}'
|
||||
|
||||
String jwtStr = '.' + TextCodec.BASE64.encode(payload) + '.'
|
||||
|
||||
Jwt jwt = Jwts.parser().parse(jwtStr)
|
||||
|
||||
assertTrue jwt.header == null
|
||||
assertEquals 'Joe', jwt.body.get('subject')
|
||||
}
|
||||
|
||||
@Test
|
||||
void testNoHeaderSig() {
|
||||
String payload = '{"subject":"Joe"}'
|
||||
|
||||
String sig = ";aklsjdf;kajsd;fkjas;dklfj"
|
||||
|
||||
String jwtStr = '.' + TextCodec.BASE64.encode(payload) + '.' + TextCodec.BASE64.encode(sig)
|
||||
|
||||
try {
|
||||
Jwt jwt = Jwts.parser().parse(jwtStr)
|
||||
fail()
|
||||
} catch (MalformedJwtException se) {
|
||||
assertEquals 'JWT string has a digest/signature, but the header does not reference a valid signature algorithm.', se.message
|
||||
}
|
||||
}
|
||||
|
||||
@Test
|
||||
void testBadHeaderSig() {
|
||||
String header = '{"alg":"none"}'
|
||||
|
||||
String payload = '{"subject":"Joe"}'
|
||||
|
||||
String sig = ";aklsjdf;kajsd;fkjas;dklfj"
|
||||
|
||||
String jwtStr = TextCodec.BASE64.encode(payload) + '.' + TextCodec.BASE64.encode(payload) + '.' + TextCodec.BASE64.encode(sig)
|
||||
|
||||
try {
|
||||
Jwt jwt = Jwts.parser().parse(jwtStr)
|
||||
fail()
|
||||
} catch (MalformedJwtException se) {
|
||||
assertEquals 'JWT string has a digest/signature, but the header does not reference a valid signature algorithm.', se.message
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue