java source code of JsonWebSignatureTest

google-http-java-client-master
- .github
  - release-please.yml
  - PULL_REQUEST_TEMPLATE.md
  - trusted-contribution.yml
  - ISSUE_TEMPLATE
    - support_request.md
    - feature_request.md
    - bug_report.md
  - ISSUE_TEMPLATE.md
  - .release-please.yml
  - workflows
    - ci.yaml
  - CODEOWNERS
- google-http-client-assembly
  - properties
    - google-http-client-xml.jar.properties
    - gson.jar.properties
    - google-http-client.jar.properties
    - protobuf-java.jar.properties
    - google-http-client-android.jar.properties
    - google-http-client-gson.jar.properties
    - google-http-client-jackson2.jar.properties
    - google-http-client-protobuf.jar.properties
    - jackson-core.jar.properties
    - google-http-client-apache-v2.jar.properties
  - readme.html
  - pom.xml
  - licenses
    - CDDL-LICENSE.txt
    - BSD-LICENSE.txt
    - APACHE-LICENSE.txt
    - xpp3_LICENSE.txt
  - classpath-include
  - proguard-google-http-client.txt
  - LICENSE.txt
  - assembly.xml
- samples
  - pom.xml
  - snippets
    - src
      - main
        resources
        youtube-search.json
        java
        com
        example
        json
        YouTubeSample.java
      - test
        java
        com
        example
        json
        YouTubeSampleTest.java
    - pom.xml
  - dailymotion-simple-cmdline-sample
    - src
      - main
        java
        com
        google
        api
        services
        samples
        dailymotion
        cmdline
        simple
        DailyMotionSample.java
    - pom.xml
    - instructions.html
    - logging.properties
    - .settings
      - org.eclipse.jdt.ui.prefs
    - DailyMotionSample.launch
  - snapshot
    - pom.xml
  - install-without-bom
    - pom.xml
- synth.metadata
- synth.py
- google-http-client
  - src
    - main
      - resources
        google-http-client.properties
      - java
        com
        google
        api
        client
        util
        NullValue.java
        BackOffUtils.java
        Preconditions.java
        Data.java
        Sleeper.java
        ByteCountingOutputStream.java
        GenericData.java
        Base64.java
        Maps.java
        PemReader.java
        Sets.java
        BackOff.java
        LoggingOutputStream.java
        ObjectParser.java
        Charsets.java
        Types.java
        LoggingInputStream.java
        SecurityUtils.java
        ByteStreams.java
        ArrayMap.java
        store
        AbstractDataStore.java
        FileDataStoreFactory.java
        AbstractDataStoreFactory.java
        DataStoreFactory.java
        DataStoreUtils.java
        MemoryDataStoreFactory.java
        package-info.java
        DataStore.java
        AbstractMemoryDataStore.java
        ClassInfo.java
        ByteArrayStreamingContent.java
        LoggingByteArrayOutputStream.java
        NanoClock.java
        package-info.java
        LoggingStreamingContent.java
        SslUtils.java
        Lists.java
        Objects.java
        ExponentialBackOff.java
        DateTime.java
        Joiner.java
        Value.java
        Collections2.java
        IOUtils.java
        Key.java
        Strings.java
        DataMap.java
        Beta.java
        FieldInfo.java
        Clock.java
        StringUtils.java
        ArrayValueMap.java
        StreamingContent.java
        Throwables.java
        escape
        Escaper.java
        PercentEscaper.java
        CharEscapers.java
        Platform.java
        package-info.java
        UnicodeEscaper.java
        http
        HttpResponseException.java
        OpenCensusUtils.java
        HttpResponseInterceptor.java
        BasicAuthentication.java
        javanet
        NetHttpTransport.java
        NetHttpRequest.java
        package-info.java
        DefaultConnectionFactory.java
        ConnectionFactory.java
        NetHttpResponse.java
        HttpResponse.java
        UrlEncodedContent.java
        MultipartContent.java
        HttpBackOffIOExceptionHandler.java
        GenericUrl.java
        EmptyContent.java
        HttpIOExceptionHandler.java
        LowLevelHttpResponse.java
        HttpContent.java
        HttpRequest.java
        FileContent.java
        HttpEncoding.java
        HttpTransport.java
        HttpExecuteInterceptor.java
        HttpBackOffUnsuccessfulResponseHandler.java
        BackOffPolicy.java
        GZipEncoding.java
        HttpRequestInitializer.java
        apache
        SSLSocketFactoryExtension.java
        ContentEntity.java
        package-info.java
        ApacheHttpRequest.java
        ApacheHttpResponse.java
        ApacheHttpTransport.java
        HttpExtensionMethod.java
        HttpEncodingStreamingContent.java
        package-info.java
        AbstractHttpContent.java
        HttpRequestFactory.java
        ExponentialBackOffPolicy.java
        InputStreamContent.java
        LowLevelHttpRequest.java
        HttpUnsuccessfulResponseHandler.java
        json
        package-info.java
        JsonHttpContent.java
        HttpHeaders.java
        HttpMethods.java
        HttpMediaType.java
        UriTemplate.java
        HttpStatusCodes.java
        UrlEncodedParser.java
        AbstractInputStreamContent.java
        ByteArrayContent.java
        ConsumingInputStream.java
        json
        Json.java
        GenericJson.java
        JsonString.java
        JsonParser.java
        JsonToken.java
        webtoken
        DerEncoder.java
        JsonWebSignature.java
        package-info.java
        JsonWebToken.java
        JsonObjectParser.java
        JsonFactory.java
        package-info.java
        JsonGenerator.java
        rpc2
        JsonRpcRequest.java
        package-info.java
        CustomizeJsonParser.java
        JsonPolymorphicTypeMap.java
        testing
        util
        LogRecordingHandler.java
        TestableByteArrayInputStream.java
        TestableByteArrayOutputStream.java
        MockSleeper.java
        package-info.java
        MockBackOff.java
        SecurityTestUtils.java
        http
        FixedClock.java
        javanet
        MockHttpURLConnection.java
        package-info.java
        HttpTesting.java
        MockHttpTransport.java
        apache
        package-info.java
        MockHttpClient.java
        package-info.java
        MockHttpUnsuccessfulResponseHandler.java
        MockLowLevelHttpRequest.java
        MockLowLevelHttpResponse.java
        MockHttpContent.java
        json
        MockJsonFactory.java
        webtoken
        TestCertificates.java
        package-info.java
        package-info.java
        MockJsonGenerator.java
        MockJsonParser.java
    - test
      - resources
        file.txt
        com
        google
        api
        client
        util
        secret.pem
        secret.p12
      - java
        com
        google
        api
        client
        util
        BackOffUtilsTest.java
        PemReaderTest.java
        ExponentialBackOffTest.java
        DateTimeTest.java
        NanoClockTest.java
        StringUtilsTest.java
        SecurityUtilsTest.java
        Base64Test.java
        GenericDataTest.java
        ClassInfoTest.java
        DataTest.java
        ClockTest.java
        TypesTest.java
        BackOffTest.java
        FieldInfoTest.java
        ArrayMapTest.java
        ObjectsTest.java
        LoggingStreamingContentTest.java
        DataMapTest.java
        IOUtilsTest.java
        escape
        CharEscapersTest.java
        PercentEscaperTest.java
        http
        BasicAuthenticationTest.java
        javanet
        NetHttpRequestTest.java
        NetHttpResponseTest.java
        NetHttpTransportTest.java
        HttpBackOffIOExpcetionHandlerTest.java
        HttpRequestTest.java
        HttpResponseExceptionTest.java
        ExponentialBackOffPolicyTest.java
        HttpMediaTypeTest.java
        HttpBackOffUnsuccessfulResponseHandlerTest.java
        UrlEncodedContentTest.java
        GenericUrlTest.java
        HttpStatusCodesTest.java
        HttpEncodingStreamingContentTest.java
        HttpRequestTracingTest.java
        AbstractHttpContentTest.java
        GZipEncodingTest.java
        EmptyContentTest.java
        UrlEncodedParserTest.java
        HttpResponseTest.java
        OpenCensusUtilsTest.java
        MultipartContentTest.java
        ByteArrayContentTest.java
        HttpHeadersTest.java
        ConsumingInputStreamTest.java
        UriTemplateTest.java
        json
        GenericJsonTest.java
        webtoken
        JsonWebSignatureTest.java
        JsonObjectParserTest.java
        JsonParserTest.java
        testing
        util
        MockBackOffTest.java
        http
        MockLowLevelHttpRequestTest.java
        javanet
        MockHttpUrlConnectionTest.java
        MockHttpTransportTest.java
        FixedClockTest.java
  - pom.xml
- checkstyle.xml
- google-http-client-findbugs
  - src
    - main
      - resources
        bugrank.txt
        messages.xml
        findbugs.xml
      - java
        com
        google
        api
        client
        findbugs
        BetaDetector.java
        package-info.java
  - pom.xml
  - google-http-client-findbugs-test
    - src
      - main
        java
        com
        google
        api
        client
        findbugs
        test
        ClassWithBetaMethod.java
        Test.java
        BetaClass.java
        BetaClass2.java
        ClassWithBetaField.java
    - pom.xml
    - .settings
      - org.eclipse.jdt.ui.prefs
      - org.eclipse.jdt.core.prefs
    - .project
    - .classpath
- pom.xml
- instructions.html
- google-http-client-apache-v2
  - src
    - main
      - java
        com
        google
        api
        client
        http
        apache
        v2
        ContentEntity.java
        package-info.java
        ApacheHttpRequest.java
        ApacheHttpResponse.java
        ApacheHttpTransport.java
        HttpExtensionMethod.java
    - test
      - java
        com
        google
        api
        client
        http
        apache
        v2
        ApacheHttpTransportTest.java
        ApacheHttpRequestTest.java
  - pom.xml
- google-http-client-gson
  - src
    - main
      - java
        com
        google
        api
        client
        json
        gson
        GsonParser.java
        package-info.java
        GsonFactory.java
        GsonGenerator.java
    - test
      - java
        com
        google
        api
        client
        json
        gson
        GsonFactoryTest.java
        GsonGeneratorTest.java
        GsonParserTest.java
  - pom.xml
- checkstyle-suppressions.xml
- google-http-client-bom
  - pom.xml
  - README.md
- LICENSE
- CONTRIBUTING.md
- google-http-client-android
  - src
    - main
      - java
        com
        google
        api
        client
        extensions
        android
        AndroidUtils.java
        util
        store
        FileDataStoreFactory.java
        package-info.java
        http
        package-info.java
        AndroidHttp.java
        json
        AndroidJsonGenerator.java
        AndroidJsonFactory.java
        package-info.java
        AndroidJsonParser.java
  - pom.xml
  - AndroidManifest.xml
  - project.properties
- codecov.yaml
- CHANGELOG.md
- google-http-client-android-test
  - src
    - main
      - java
        com
        google
        api
        client
        extensions
        android
        json
        FakeTest.java
        package-info.java
        AndroidJsonFactoryTest.java
  - pom.xml
  - AndroidManifest.xml
- google-http-client-xml
  - src
    - main
      - java
        com
        google
        api
        client
        xml
        atom
        Atom.java
        AbstractAtomFeedParser.java
        package-info.java
        package-info.java
        XmlNamespaceDictionary.java
        GenericXml.java
        Xml.java
        XmlObjectParser.java
        http
        xml
        atom
        AtomContent.java
        package-info.java
        AtomFeedParser.java
        XmlHttpContent.java
        package-info.java
        AbstractXmlHttpContent.java
    - test
      - resources
        sample-atom.xml
      - java
        com
        google
        api
        client
        xml
        XmlTest.java
        XmlListTest.java
        GenericXmlListTest.java
        GenericXmlTest.java
        XmlNamespaceDictionaryTest.java
        AtomTest.java
        XmlEnumTest.java
  - pom.xml
- google-http-client-appengine
  - src
    - main
      - java
        com
        google
        api
        client
        extensions
        appengine
        datastore
        package-info.java
        AppEngineDataStoreFactory.java
        http
        UrlFetchResponse.java
        package-info.java
        UrlFetchTransport.java
        UrlFetchRequest.java
    - test
      - java
        com
        google
        api
        client
        extensions
        appengine
        datastore
        AppEngineNoMemcacheDataStoreFactoryTest.java
        AppEngineDataStoreFactoryTest.java
        http
        UrlFetchTransportTest.java
  - pom.xml
- google-http-client-test
  - src
    - main
      - java
        com
        google
        api
        client
        test
        util
        store
        AbstractDataStoreFactoryTest.java
        package-info.java
        json
        AbstractJsonFactoryTest.java
        package-info.java
        AbstractJsonGeneratorTest.java
        AbstractJsonParserTest.java
    - test
      - java
        com
        google
        api
        client
        test
        util
        store
        FileDataStoreFactoryTest.java
        MemoryDataStoreFactoryTest.java
  - pom.xml
- renovate.json
- .travis.yml
- README.md
- google-http-client-jackson2
  - src
    - main
      - java
        com
        google
        api
        client
        json
        jackson2
        package-info.java
        JacksonFactory.java
        JacksonParser.java
        JacksonGenerator.java
    - test
      - java
        com
        google
        api
        client
        json
        jackson2
        JacksonFactoryTest.java
        JacksonGeneratorTest.java
        JacksonParserTest.java
  - pom.xml
- .kokoro
  - nightly
    - integration.cfg
    - samples.cfg
    - lint.cfg
    - java8-win.cfg
    - java11.cfg
    - java7.cfg
    - java8-osx.cfg
    - java8.cfg
    - dependencies.cfg
    - common.cfg
  - common.sh
  - dependencies.sh
  - populate-secrets.sh
  - trampoline.sh
  - build.bat
  - continuous
    - propose_release.cfg
    - integration.cfg
    - samples.cfg
    - lint.cfg
    - java8-win.cfg
    - java11.cfg
    - java7.cfg
    - propose_release.sh
    - java10.cfg
    - java8-osx.cfg
    - java8.cfg
    - dependencies.cfg
    - common.cfg
  - release
    - bump_snapshot.cfg
    - common.sh
    - stage.cfg
    - publish_javadoc.cfg
    - promote.cfg
    - snapshot.sh
    - snapshot.cfg
    - drop.cfg
    - publish_javadoc.sh
    - bump_snapshot.sh
    - promote.sh
    - drop.sh
    - stage.sh
    - common.cfg
  - presubmit
    - integration.cfg
    - samples.cfg
    - lint.cfg
    - java8-win.cfg
    - linkage-monitor.cfg
    - java11.cfg
    - java7.cfg
    - clirr.cfg
    - java10.cfg
    - java8-osx.cfg
    - java8.cfg
    - dependencies.cfg
    - common.cfg
  - coerce_logs.sh
  - build.sh
  - linkage-monitor.sh
  - common.cfg
- .repo-metadata.json
- CODE_OF_CONDUCT.md
- google-http-client-protobuf
  - src
    - main
      - java
        com
        google
        api
        client
        protobuf
        ProtocolBuffers.java
        package-info.java
        ProtoObjectParser.java
        http
        protobuf
        ProtoHttpContent.java
        package-info.java
    - test
      - proto
        simple_proto.proto
      - java
        com
        google
        api
        client
        protobuf
        ProtocolBuffersTest.java
  - pom.xml
- versions.txt
- clirr-ignored-differences.xml
- .gitignore
- docs
  - _config.yml
  - exponential-backoff.md
  - _data
    - navigation.yml
  - component-modules.md
  - index.md
  - _layouts
    - default.html
  - unit-testing.md
  - setup.md
  - json.md
  - http-transport.md
  - android.md
  - support.md
  - google-app-engine.md
- findbugs-exclude.xml

/*
 * Copyright (c) 2012 Google Inc.
 *
 * Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
 * in compliance with the License. You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software distributed under the License
 * is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
 * or implied. See the License for the specific language governing permissions and limitations under
 * the License.
 */

package com.google.api.client.json.webtoken;

import com.google.api.client.testing.json.MockJsonFactory;
import com.google.api.client.testing.json.webtoken.TestCertificates;
import com.google.api.client.testing.util.SecurityTestUtils;
import com.google.api.client.util.Base64;
import com.google.api.client.util.StringUtils;
import java.io.IOException;
import java.math.BigInteger;
import java.security.AlgorithmParameters;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPrivateKey;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.ECParameterSpec;
import java.security.spec.ECPoint;
import java.security.spec.ECPublicKeySpec;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.InvalidParameterSpecException;
import java.util.ArrayList;
import java.util.List;
import javax.net.ssl.X509TrustManager;
import org.junit.Assert;
import org.junit.Test;

/**
 * Tests {@link JsonWebSignature}.
 *
 * @author Yaniv Inbar
 */
public class JsonWebSignatureTest {

  @Test
  public void testSign() throws Exception {
    JsonWebSignature.Header header = new JsonWebSignature.Header();
    header.setAlgorithm("RS256");
    header.setType("JWT");
    JsonWebToken.Payload payload = new JsonWebToken.Payload();
    payload
        .setIssuer("issuer")
        .setAudience("audience")
        .setIssuedAtTimeSeconds(0L)
        .setExpirationTimeSeconds(3600L);
    RSAPrivateKey privateKey = SecurityTestUtils.newRsaPrivateKey();
    Assert.assertEquals(
        "..kDmKaHNYByLmqAi9ROeLcFmZM7W_emsceKvDZiEGAo-ineCunC6_Nb0HEpAuzIidV-LYTMHS3BvI49KFz9gi6hI3"
            + "ZndDL5EzplpFJo1ZclVk1_hLn94P2OTAkZ4ydsTfus6Bl98EbCkInpF_2t5Fr8OaHxCZCDdDU7W5DSnOsx4",
        JsonWebSignature.signUsingRsaSha256(privateKey, new MockJsonFactory(), header, payload));
  }

  private X509Certificate verifyX509WithCaCert(TestCertificates.CertData caCert)
      throws IOException, GeneralSecurityException {
    JsonWebSignature signature = TestCertificates.getJsonWebSignature();
    X509TrustManager trustManager = caCert.getTrustManager();
    return signature.verifySignature(trustManager);
  }

  @Test
  public void testImmutableSignatureBytes() throws IOException {
    JsonWebSignature signature = TestCertificates.getJsonWebSignature();
    byte[] bytes = signature.getSignatureBytes();
    bytes[0] = (byte) (bytes[0] + 1);
    byte[] bytes2 = signature.getSignatureBytes();
    Assert.assertNotEquals(bytes2[0], bytes[0]);
  }

  @Test
  public void testImmutableSignedContentBytes() throws IOException {
    JsonWebSignature signature = TestCertificates.getJsonWebSignature();
    byte[] bytes = signature.getSignedContentBytes();
    bytes[0] = (byte) (bytes[0] + 1);
    byte[] bytes2 = signature.getSignedContentBytes();
    Assert.assertNotEquals(bytes2[0], bytes[0]);
  }

  @Test
  public void testImmutableCertificates() throws IOException {
    JsonWebSignature signature = TestCertificates.getJsonWebSignature();
    List<String> certificates = signature.getHeader().getX509Certificates();
    certificates.set(0, "foo");
    Assert.assertNotEquals("foo", signature.getHeader().getX509Certificates().get(0));
  }

  @Test
  public void testImmutableCritical() throws IOException {
    JsonWebSignature signature = TestCertificates.getJsonWebSignature();
    List<String> critical = new ArrayList<>();
    signature.getHeader().setCritical(critical);
    critical.add("bar");
    Assert.assertNull(signature.getHeader().getCritical());
  }

  @Test
  public void testCriticalNullForNone() throws IOException {
    JsonWebSignature signature = TestCertificates.getJsonWebSignature();
    Assert.assertNull(signature.getHeader().getCritical());
  }

  @Test
  public void testVerifyX509() throws Exception {
    X509Certificate signatureCert = verifyX509WithCaCert(TestCertificates.CA_CERT);
    Assert.assertNotNull(signatureCert);
    Assert.assertTrue(signatureCert.getSubjectDN().getName().startsWith("CN=foo.bar.com"));
  }

  @Test
  public void testVerifyX509WrongCa() throws Exception {
    Assert.assertNull(verifyX509WithCaCert(TestCertificates.BOGUS_CA_CERT));
  }

  private static final String ES256_CONTENT =
      "eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6Im1wZjBEQSJ9.eyJhdWQiOiIvcHJvamVjdHMvNjUyNTYyNzc2Nzk4L2FwcHMvY2xvdWQtc2FtcGxlcy10ZXN0cy1waHAtaWFwIiwiZW1haWwiOiJjaGluZ29yQGdvb2dsZS5jb20iLCJleHAiOjE1ODQwNDc2MTcsImdvb2dsZSI6eyJhY2Nlc3NfbGV2ZWxzIjpbImFjY2Vzc1BvbGljaWVzLzUxODU1MTI4MDkyNC9hY2Nlc3NMZXZlbHMvcmVjZW50U2VjdXJlQ29ubmVjdERhdGEiLCJhY2Nlc3NQb2xpY2llcy81MTg1NTEyODA5MjQvYWNjZXNzTGV2ZWxzL3Rlc3ROb09wIiwiYWNjZXNzUG9saWNpZXMvNTE4NTUxMjgwOTI0L2FjY2Vzc0xldmVscy9ldmFwb3JhdGlvblFhRGF0YUZ1bGx5VHJ1c3RlZCJdfSwiaGQiOiJnb29nbGUuY29tIiwiaWF0IjoxNTg0MDQ3MDE3LCJpc3MiOiJodHRwczovL2Nsb3VkLmdvb2dsZS5jb20vaWFwIiwic3ViIjoiYWNjb3VudHMuZ29vZ2xlLmNvbToxMTIxODE3MTI3NzEyMDE5NzI4OTEifQ";
  private static final String ES256_SIGNATURE =
      "yKNtdFY5EKkRboYNexBdfugzLhC3VuGyFcuFYA8kgpxMqfyxa41zkML68hYKrWu2kOBTUW95UnbGpsIi_u1fiA";

  // x, y values for keyId "mpf0DA" from https://www.gstatic.com/iap/verify/public_key-jwk
  private static final String GOOGLE_ES256_X = "fHEdeT3a6KaC1kbwov73ZwB_SiUHEyKQwUUtMCEn0aI";
  private static final String GOOGLE_ES256_Y = "QWOjwPhInNuPlqjxLQyhveXpWqOFcQPhZ3t-koMNbZI";

  private PublicKey buildEs256PublicKey(String x, String y)
      throws NoSuchAlgorithmException, InvalidParameterSpecException, InvalidKeySpecException {
    AlgorithmParameters parameters = AlgorithmParameters.getInstance("EC");
    parameters.init(new ECGenParameterSpec("secp256r1"));
    ECPublicKeySpec ecPublicKeySpec =
        new ECPublicKeySpec(
            new ECPoint(
                new BigInteger(1, Base64.decodeBase64(x)),
                new BigInteger(1, Base64.decodeBase64(y))),
            parameters.getParameterSpec(ECParameterSpec.class));
    KeyFactory keyFactory = KeyFactory.getInstance("EC");
    return keyFactory.generatePublic(ecPublicKeySpec);
  }

  @Test
  public void testVerifyES256() throws Exception {
    PublicKey publicKey = buildEs256PublicKey(GOOGLE_ES256_X, GOOGLE_ES256_Y);
    JsonWebSignature.Header header = new JsonWebSignature.Header();
    header.setAlgorithm("ES256");
    JsonWebSignature.Payload payload = new JsonWebToken.Payload();
    byte[] signatureBytes = Base64.decodeBase64(ES256_SIGNATURE);
    byte[] signedContentBytes = StringUtils.getBytesUtf8(ES256_CONTENT);
    JsonWebSignature jsonWebSignature =
        new JsonWebSignature(header, payload, signatureBytes, signedContentBytes);
    Assert.assertTrue(jsonWebSignature.verifySignature(publicKey));
  }
}