Java Code Examples for org.eclipse.microprofile.jwt.tck.util.TokenUtils#signClaims()

The following examples show how to use org.eclipse.microprofile.jwt.tck.util.TokenUtils#signClaims() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: ECPublicKeyAsPEMTest.java    From microprofile-jwt-auth with Apache License 2.0 6 votes vote down vote up
@RunAsClient
@Test(groups = TEST_GROUP_CONFIG,
    description = "Validate that the embedded PEM key is used to sign the JWT")
public void testKeyAsPEM() throws Exception {
    Reporter.log("testKeyAsPEM, expect HTTP_OK");

    PrivateKey privateKey = TokenUtils.readECPrivateKey("/ecPrivateKey.pem");
    String kid = "/ecPrivateKey.pem";
    String token = TokenUtils.signClaims(privateKey, kid, "/Token1.json");

    String uri = baseURL.toExternalForm() + "endp/verifyKeyAsPEM";
    WebTarget echoEndpointTarget = ClientBuilder.newClient()
        .target(uri)
        ;
    Response response = echoEndpointTarget.request(APPLICATION_JSON).header(HttpHeaders.AUTHORIZATION, "Bearer "+token).get();
    Assert.assertEquals(response.getStatus(), HttpURLConnection.HTTP_OK);
    String replyString = response.readEntity(String.class);
    JsonReader jsonReader = Json.createReader(new StringReader(replyString));
    JsonObject reply = jsonReader.readObject();
    Reporter.log(reply.toString());
    Assert.assertTrue(reply.getBoolean("pass"), reply.getString("msg"));
}
 
Example 2
Source File: ECPublicKeyAsJWKLocationTest.java    From microprofile-jwt-auth with Apache License 2.0 6 votes vote down vote up
@RunAsClient
@Test(groups = TEST_GROUP_CONFIG,
    description = "Validate specifying the mp.jwt.verify.publickey.location as resource path to a JWK key")
public void testKeyAsLocation() throws Exception {
    Reporter.log("testKeyAsLocation, expect HTTP_OK");

    PrivateKey privateKey = TokenUtils.readECPrivateKey("/ecPrivateKey.pem");
    String kid = "eckey";
    String token = TokenUtils.signClaims(privateKey, kid, "/Token1.json");

    String uri = baseURL.toExternalForm() + "jwks/endp/verifyKeyLocationAsJWKResource";
    WebTarget echoEndpointTarget = ClientBuilder.newClient()
        .target(uri)
        .queryParam("kid", kid)
        ;
    Response response = echoEndpointTarget.request(APPLICATION_JSON).header(HttpHeaders.AUTHORIZATION, "Bearer "+token).get();
    Assert.assertEquals(response.getStatus(), HttpURLConnection.HTTP_OK);
    String replyString = response.readEntity(String.class);
    JsonReader jsonReader = Json.createReader(new StringReader(replyString));
    JsonObject reply = jsonReader.readObject();
    Reporter.log(reply.toString());
    Assert.assertTrue(reply.getBoolean("pass"), reply.getString("msg"));
}
 
Example 3
Source File: ECPublicKeyAsPEMLocationTest.java    From microprofile-jwt-auth with Apache License 2.0 6 votes vote down vote up
@RunAsClient
@Test(groups = TEST_GROUP_CONFIG,
    description = "Validate specifying the mp.jwt.verify.publickey.location is a resource location of a PEM EC public key")
public void testKeyAsLocationResource() throws Exception {
    Reporter.log("testKeyAsLocationResource, expect HTTP_OK");

    PrivateKey privateKey = TokenUtils.readECPrivateKey("/ecPrivateKey.pem");
    String kid = "/ecPrivateKey.pem";
    String token = TokenUtils.signClaims(privateKey, kid, "/Token1.json");

    String uri = baseURL.toExternalForm() + "pem/endp/verifyKeyLocationAsPEMResource";
    WebTarget echoEndpointTarget = ClientBuilder.newClient()
        .target(uri)
        ;
    Response response = echoEndpointTarget.request(APPLICATION_JSON).header(HttpHeaders.AUTHORIZATION, "Bearer "+token).get();
    Assert.assertEquals(response.getStatus(), HttpURLConnection.HTTP_OK);
    String replyString = response.readEntity(String.class);
    JsonReader jsonReader = Json.createReader(new StringReader(replyString));
    JsonObject reply = jsonReader.readObject();
    Reporter.log(reply.toString());
    Assert.assertTrue(reply.getBoolean("pass"), reply.getString("msg"));
}
 
Example 4
Source File: RolesAllowedSignEncryptTest.java    From microprofile-jwt-auth with Apache License 2.0 6 votes vote down vote up
@RunAsClient
@Test(groups = TEST_GROUP_JAXRS,
    description = "Validate a request with MP-JWT which fails with HTTP_UNAUTHORIZED when token is signed")
public void callEchoSignToken() throws Exception {
    Reporter.log("callEcho, expect HTTP_UNAUTHORIZED");

    PrivateKey signingKey = TokenUtils.readPrivateKey("/privateKey4k.pem");
    String signToken = TokenUtils.signClaims(signingKey, "/Token1.json", "/Token1.json", null, null);
    
    String uri = baseURL.toExternalForm() + "endp/echo";
    WebTarget echoEndpointTarget = ClientBuilder.newClient()
        .target(uri)
        .queryParam("input", "hello");
    Response response = echoEndpointTarget.request(TEXT_PLAIN).header(HttpHeaders.AUTHORIZATION, "Bearer " + signToken).get();
    Assert.assertEquals(response.getStatus(), HttpURLConnection.HTTP_UNAUTHORIZED);
}
 
Example 5
Source File: RolesAllowedEncryptTest.java    From microprofile-jwt-auth with Apache License 2.0 5 votes vote down vote up
@RunAsClient
@Test(groups = TEST_GROUP_JAXRS,
    description = "Validate a request with MP-JWT which fails with HTTP_UNAUTHORIZED when token is signed")
public void callEchoSignToken() throws Exception {
    Reporter.log("callEcho, expect HTTP_UNAUTHORIZED");

    String signToken = TokenUtils.signClaims("/Token1.json");
    
    String uri = baseURL.toExternalForm() + "endp/echo";
    WebTarget echoEndpointTarget = ClientBuilder.newClient()
        .target(uri)
        .queryParam("input", "hello");
    Response response = echoEndpointTarget.request(TEXT_PLAIN).header(HttpHeaders.AUTHORIZATION, "Bearer " + signToken).get();
    Assert.assertEquals(response.getStatus(), HttpURLConnection.HTTP_UNAUTHORIZED);
}