Java Code Examples for org.eclipse.microprofile.jwt.tck.util.TokenUtils#InvalidClaims

The following examples show how to use org.eclipse.microprofile.jwt.tck.util.TokenUtils#InvalidClaims . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: CookieTokenTest.java    From microprofile-jwt-auth with Apache License 2.0 6 votes vote down vote up 
@RunAsClient
@Test(groups = TEST_GROUP_JAXRS,
      description = "Validate a request with expired token in a Cookie fails with HTTP_UNAUTHORIZED")
public void expiredCookie() throws Exception {
    HashSet<TokenUtils.InvalidClaims> invalidFields = new HashSet<>();
    invalidFields.add(TokenUtils.InvalidClaims.EXP);
    String token = TokenUtils.generateTokenString("/Token1.json", invalidFields);

    String uri = baseURL.toExternalForm() + "endp/echo";
    WebTarget echoEndpointTarget = ClientBuilder.newClient()
                                                .target(uri)
                                                .queryParam("input", "hello")
        ;
    Response response = echoEndpointTarget
        .request(TEXT_PLAIN)
        .cookie("jwt", token)
        .get();
    Assert.assertEquals(response.getStatus(), HttpURLConnection.HTTP_UNAUTHORIZED);
}
Example 2
Source File: InvalidTokenTest.java    From microprofile-jwt-auth with Apache License 2.0 6 votes vote down vote up 
@RunAsClient
@Test(groups = TEST_GROUP_JAXRS,
    description = "Validate a request with expired token fails with HTTP_UNAUTHORIZED")
public void callEchoExpiredToken() throws Exception {
    HashSet<TokenUtils.InvalidClaims> invalidFields = new HashSet<>();
    invalidFields.add(TokenUtils.InvalidClaims.EXP);
    String token = TokenUtils.generateTokenString("/Token1.json", invalidFields);
    System.out.printf("jwt: %s\n", token);

    String uri = baseURL.toExternalForm() + "endp/echo";
    WebTarget echoEndpointTarget = ClientBuilder.newClient()
        .target(uri)
        .queryParam("input", "hello")
        ;
    Response response = echoEndpointTarget.request(TEXT_PLAIN).header(HttpHeaders.AUTHORIZATION, "Bearer "+token).get();
    Assert.assertEquals(response.getStatus(), HttpURLConnection.HTTP_UNAUTHORIZED);
    String reply = response.readEntity(String.class);
    System.out.printf("Reply: %s\n", reply);
}
Example 3
Source File: InvalidTokenTest.java    From microprofile-jwt-auth with Apache License 2.0 6 votes vote down vote up 
@RunAsClient
@Test(groups = TEST_GROUP_JAXRS,
    description = "Validate a request with an non-matching issuer fails with HTTP_UNAUTHORIZED")
public void callEchoBadIssuer() throws Exception {
    HashSet<TokenUtils.InvalidClaims> invalidFields = new HashSet<>();
    invalidFields.add(TokenUtils.InvalidClaims.ISSUER);
    String token = TokenUtils.generateTokenString("/Token1.json", invalidFields);
    System.out.printf("jwt: %s\n", token);

    String uri = baseURL.toExternalForm() + "endp/echo";
    WebTarget echoEndpointTarget = ClientBuilder.newClient()
        .target(uri)
        .queryParam("input", "hello")
        ;
    Response response = echoEndpointTarget.request(TEXT_PLAIN).header(HttpHeaders.AUTHORIZATION, "Bearer "+token).get();
    Assert.assertEquals(response.getStatus(), HttpURLConnection.HTTP_UNAUTHORIZED);
    String reply = response.readEntity(String.class);
    System.out.printf("Reply: %s\n", reply);
}
Example 4
Source File: InvalidTokenTest.java    From microprofile-jwt-auth with Apache License 2.0 6 votes vote down vote up 
@RunAsClient
@Test(groups = TEST_GROUP_JAXRS,
    description = "Validate a request with an incorrect signer fails with HTTP_UNAUTHORIZED")
public void callEchoBadSigner() throws Exception {
    HashSet<TokenUtils.InvalidClaims> invalidFields = new HashSet<>();
    invalidFields.add(TokenUtils.InvalidClaims.SIGNER);
    String token = TokenUtils.generateTokenString("/Token1.json", invalidFields);
    System.out.printf("jwt: %s\n", token);

    String uri = baseURL.toExternalForm() + "endp/echo";
    WebTarget echoEndpointTarget = ClientBuilder.newClient()
        .target(uri)
        .queryParam("input", "hello")
        ;
    Response response = echoEndpointTarget.request(TEXT_PLAIN).header(HttpHeaders.AUTHORIZATION, "Bearer "+token).get();
    Assert.assertEquals(response.getStatus(), HttpURLConnection.HTTP_UNAUTHORIZED);
    String reply = response.readEntity(String.class);
    System.out.printf("Reply: %s\n", reply);
}
Example 5
Source File: InvalidTokenTest.java    From microprofile-jwt-auth with Apache License 2.0 6 votes vote down vote up 
@RunAsClient
@Test(groups = TEST_GROUP_JAXRS,
    description = "Validate a request with an incorrect signature algorithm fails with HTTP_UNAUTHORIZED")
public void callEchoBadSignerAlg() throws Exception {
    HashSet<TokenUtils.InvalidClaims> invalidFields = new HashSet<>();
    invalidFields.add(TokenUtils.InvalidClaims.ALG);
    String token = TokenUtils.generateTokenString("/Token1.json", invalidFields);
    System.out.printf("jwt: %s\n", token);

    String uri = baseURL.toExternalForm() + "endp/echo";
    WebTarget echoEndpointTarget = ClientBuilder.newClient()
        .target(uri)
        .queryParam("input", "hello")
        ;
    Response response = echoEndpointTarget.request(TEXT_PLAIN).header(HttpHeaders.AUTHORIZATION, "Bearer "+token).get();
    Assert.assertEquals(response.getStatus(), HttpURLConnection.HTTP_UNAUTHORIZED);
    String reply = response.readEntity(String.class);
    System.out.printf("Reply: %s\n", reply);
}
Example 6
Source File: TestJsonWebToken.java    From smallrye-jwt with Apache License 2.0 5 votes vote down vote up 
@Test(expectedExceptions = { ParseException.class }, description = "Illustrate validation of issuer")
public void testFailIssuer() throws Exception {
    HashSet<TokenUtils.InvalidClaims> invalidFields = new HashSet<>();
    invalidFields.add(TokenUtils.InvalidClaims.ISSUER);
    String token = TokenUtils.generateTokenString("/Token1.json", invalidFields);
    RSAPublicKey publicKey = (RSAPublicKey) TokenUtils.readPublicKey("/publicKey.pem");
    JWTAuthContextInfo contextInfo = new JWTAuthContextInfo(publicKey, "https://server.example.com");
    contextInfo.setExpGracePeriodSecs(60);
    JsonWebToken jwt = validateToken(token, contextInfo);
}
Example 7
Source File: TestJsonWebToken.java    From smallrye-jwt with Apache License 2.0 5 votes vote down vote up 
@Test(expectedExceptions = { ParseException.class }, description = "Illustrate validation of signer")
public void testNimbusFailSignature() throws Exception {
    HashSet<TokenUtils.InvalidClaims> invalidFields = new HashSet<>();
    invalidFields.add(TokenUtils.InvalidClaims.SIGNER);
    String token = TokenUtils.generateTokenString("/Token1.json", invalidFields);
    RSAPublicKey publicKey = (RSAPublicKey) TokenUtils.readPublicKey("/publicKey.pem");
    JWTAuthContextInfo contextInfo = new JWTAuthContextInfo(publicKey, "https://server.example.com");
    contextInfo.setExpGracePeriodSecs(60);
    JsonWebToken jwt = validateToken(token, contextInfo);
}
Example 8
Source File: TestJsonWebToken.java    From smallrye-jwt with Apache License 2.0 5 votes vote down vote up 
@Test(expectedExceptions = { ParseException.class }, description = "Illustrate validation of exp")
public void testNimbusFailExpired() throws Exception {
    HashMap<String, Long> timeClaims = new HashMap<>();
    HashSet<TokenUtils.InvalidClaims> invalidFields = new HashSet<>();
    invalidFields.add(TokenUtils.InvalidClaims.EXP);
    String token = TokenUtils.generateTokenString("/Token1.json", invalidFields, timeClaims);
    RSAPublicKey publicKey = (RSAPublicKey) TokenUtils.readPublicKey("/publicKey.pem");
    JWTAuthContextInfo contextInfo = new JWTAuthContextInfo(publicKey, "https://server.example.com");
    contextInfo.setExpGracePeriodSecs(60);
    JsonWebToken jwt = validateToken(token, contextInfo);
}
Example 9
Source File: AbstractVerifierTest.java    From microprofile-jwt-auth with Apache License 2.0 5 votes vote down vote up 
@Test(expectedExceptions = {BadJWTException.class, InvalidJwtException.class, InvalidClaimException.class, IncorrectClaimException.class},
    description = "Illustrate validation of issuer")
public void testBadIssuer() throws Exception {
    HashSet<TokenUtils.InvalidClaims> invalidFields = new HashSet<>();
    invalidFields.add(TokenUtils.InvalidClaims.ISSUER);
    String token = TokenUtils.generateTokenString("/Token1.json", invalidFields);
    RSAPublicKey publicKey = (RSAPublicKey) TokenUtils.readPublicKey("/publicKey.pem");
    int expGracePeriodSecs = 60;
    validateToken(token, publicKey, TEST_ISSUER, expGracePeriodSecs);
}
Example 10
Source File: AbstractVerifierTest.java    From microprofile-jwt-auth with Apache License 2.0 5 votes vote down vote up 
@Test(expectedExceptions = {BadJWSException.class, SignatureVerificationException.class,
    InvalidJwtSignatureException.class, SignatureException.class},
    description = "Illustrate validation of signer")
public void testFailSignature() throws Exception {
    HashSet<TokenUtils.InvalidClaims> invalidFields = new HashSet<>();
    invalidFields.add(TokenUtils.InvalidClaims.SIGNER);
    String token = TokenUtils.generateTokenString("/Token1.json", invalidFields);
    RSAPublicKey publicKey = (RSAPublicKey) TokenUtils.readPublicKey("/publicKey.pem");
    int expGracePeriodSecs = 60;
    validateToken(token, publicKey, TEST_ISSUER, expGracePeriodSecs);
}
Example 11
Source File: AbstractVerifierTest.java    From microprofile-jwt-auth with Apache License 2.0 5 votes vote down vote up 
@Test(expectedExceptions = {JOSEException.class, AlgorithmMismatchException.class, InvalidJwtException.class, UnsupportedJwtException.class},
    description = "Illustrate validation of signature algorithm")
public void testFailSignatureAlgorithm() throws Exception {
    HashSet<TokenUtils.InvalidClaims> invalidFields = new HashSet<>();
    invalidFields.add(TokenUtils.InvalidClaims.ALG);
    String token = TokenUtils.generateTokenString("/Token1.json", invalidFields);
    RSAPublicKey publicKey = (RSAPublicKey) TokenUtils.readPublicKey("/publicKey.pem");
    int expGracePeriodSecs = 60;
    validateToken(token, publicKey, TEST_ISSUER, expGracePeriodSecs);
}
Example 12
Source File: AbstractVerifierTest.java    From microprofile-jwt-auth with Apache License 2.0 5 votes vote down vote up 
@Test(expectedExceptions = {BadJWTException.class, InvalidJwtException.class, TokenExpiredException.class, ExpiredJwtException.class},
    description = "Illustrate validation of exp")
public void testFailExpired() throws Exception {
    HashMap<String, Long> timeClaims = new HashMap<>();
    HashSet<TokenUtils.InvalidClaims> invalidFields = new HashSet<>();
    invalidFields.add(TokenUtils.InvalidClaims.EXP);
    String token = TokenUtils.generateTokenString("/Token1.json", invalidFields, timeClaims);
    RSAPublicKey publicKey = (RSAPublicKey) TokenUtils.readPublicKey("/publicKey.pem");
    int expGracePeriodSecs = 60;
    validateToken(token, publicKey, TEST_ISSUER, expGracePeriodSecs);
}