org.eclipse.microprofile.jwt.Claims Java Examples

The following examples show how to use org.eclipse.microprofile.jwt.Claims. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: RequiredClaimsEndpoint.java    From microprofile-jwt-auth with Apache License 2.0 6 votes vote down vote up
@GET
@Path("/verifyUPN")
@Produces(MediaType.APPLICATION_JSON)
public JsonObject verifyUPN(@QueryParam("upn") String upn) {
    boolean pass = false;
    String msg;
    // upn
    String upnValue = rawTokenJson.getName();
    if (upnValue == null || upnValue.length() == 0) {
        msg = Claims.upn.name() + "value is null or empty, FAIL";
    }
    else if (upnValue.equals(upn)) {
        msg = Claims.upn.name() + " PASS";
        pass = true;
    }
    else {
        msg = String.format("%s: %s != %s", Claims.upn.name(), upnValue, upn);
    }
    JsonObject result = Json.createObjectBuilder()
            .add("pass", pass)
            .add("msg", msg)
            .build();
    return result;
}
 
Example #2
Source File: ClaimValueInjectionTest.java    From microprofile-jwt-auth with Apache License 2.0 6 votes vote down vote up
@RunAsClient
@Test(groups = TEST_GROUP_CDI,
    description = "Verify that the injected raw token claim using @Claim(standard) is as expected")
public void verifyInjectedAuthTimeStandard() throws Exception {
    Reporter.log("Begin verifyInjectedAuthTimeStandard\n");
    String uri = baseURL.toExternalForm() + "endp/verifyInjectedAuthTimeStandard";
    WebTarget echoEndpointTarget = ClientBuilder.newClient()
        .target(uri)
        .queryParam(Claims.auth_time.name(), authTimeClaim);
    Response response = echoEndpointTarget.request(MediaType.APPLICATION_JSON).header(HttpHeaders.AUTHORIZATION, "Bearer " + token).get();
    Assert.assertEquals(response.getStatus(), HttpURLConnection.HTTP_OK);
    String replyString = response.readEntity(String.class);
    JsonReader jsonReader = Json.createReader(new StringReader(replyString));
    JsonObject reply = jsonReader.readObject();
    Reporter.log(reply.toString());
    Assert.assertTrue(reply.getBoolean("pass"), reply.getString("msg"));
}
 
Example #3
Source File: RequiredClaimsEndpoint.java    From microprofile-jwt-auth with Apache License 2.0 6 votes vote down vote up
@GET
@Path("/verifyIssuer")
@Produces(MediaType.APPLICATION_JSON)
public JsonObject verifyIssuer(@QueryParam("iss") String iss) {
    boolean pass = false;
    String msg;
    String issValue = rawTokenJson.getIssuer();
    if (issValue == null || issValue.length() == 0) {
        msg = Claims.iss.name() + "value is null or empty, FAIL";
    }
    else if (issValue.equals(iss)) {
        msg = Claims.iss.name() + " PASS";
        pass = true;
    }
    else {
        msg = String.format("%s: %s != %s", Claims.iss.name(), issValue, iss);
    }
    JsonObject result = Json.createObjectBuilder()
            .add("pass", pass)
            .add("msg", msg)
            .build();
    return result;
}
 
Example #4
Source File: PrimitiveInjectionEndpoint.java    From microprofile-jwt-auth with Apache License 2.0 6 votes vote down vote up
@GET
@Path("/verifyInjectedUPN")
@Produces(MediaType.APPLICATION_JSON)
public JsonObject verifyInjectedUPN(@QueryParam("upn") String upn) {
    boolean pass = false;
    String msg;
    // uPN
    String upnValue = this.upn;
    if (upnValue == null || upnValue.length() == 0) {
        msg = Claims.upn.name() + "value is null or empty, FAIL";
    }
    else if (upnValue.equals(upn)) {
        msg = Claims.upn.name() + " PASS";
        pass = true;
    }
    else {
        msg = String.format("%s: %s != %s", Claims.upn.name(), upnValue, upn);
    }
    JsonObject result = Json.createObjectBuilder()
            .add("pass", pass)
            .add("msg", msg)
            .build();
    return result;
}
 
Example #5
Source File: PrimitiveInjectionEndpoint.java    From quarkus with Apache License 2.0 6 votes vote down vote up
@GET
@Path("/verifyInjectedExpiration")
@Produces(MediaType.APPLICATION_JSON)
public JsonObject verifyInjectedExpiration(@QueryParam("exp") Long exp) {
    boolean pass = false;
    String msg;
    // exp
    Long expValue = this.expiration;
    if (expValue == null || expValue.intValue() == 0) {
        msg = Claims.exp.name() + "value is null or empty, FAIL";
    } else if (expValue.equals(exp)) {
        msg = Claims.exp.name() + " PASS";
        pass = true;
    } else {
        msg = String.format("%s: %s != %s", Claims.exp.name(), expValue, exp);
    }
    JsonObject result = Json.createObjectBuilder()
            .add("pass", pass)
            .add("msg", msg)
            .build();
    return result;
}
 
Example #6
Source File: PrimitiveInjectionTest.java    From microprofile-jwt-auth with Apache License 2.0 6 votes vote down vote up
@RunAsClient
@Test(groups = TEST_GROUP_CDI_PROVIDER,
    description = "Verify that the injected customString claim is as expected")
public void verifyInjectedCustomString() throws Exception {
    Reporter.log("Begin verifyInjectedCustomString\n");
    String uri = baseURL.toExternalForm() + "endp/verifyInjectedCustomString";
    WebTarget echoEndpointTarget = ClientBuilder.newClient()
        .target(uri)
        .queryParam("value", "customStringValue")
        .queryParam(Claims.auth_time.name(), authTimeClaim);
    Response response = echoEndpointTarget.request(MediaType.APPLICATION_JSON).header(HttpHeaders.AUTHORIZATION, "Bearer " + token).get();
    Assert.assertEquals(response.getStatus(), HttpURLConnection.HTTP_OK);
    String replyString = response.readEntity(String.class);
    JsonReader jsonReader = Json.createReader(new StringReader(replyString));
    JsonObject reply = jsonReader.readObject();
    Reporter.log(reply.toString());
    Assert.assertTrue(reply.getBoolean("pass"), reply.getString("msg"));
}
 
Example #7
Source File: PrimitiveInjectionUnitTest.java    From quarkus with Apache License 2.0 6 votes vote down vote up
/**
 * Verify that the injected raw token claim is as expected
 */
@Test()
public void verifyInjectedRawToken() {
    io.restassured.response.Response response = RestAssured.given().auth()
            .oauth2(token)
            .when()
            .queryParam(Claims.raw_token.name(), token)
            .queryParam(Claims.auth_time.name(), authTimeClaim)
            .get("/endp/verifyInjectedRawToken").andReturn();

    Assertions.assertEquals(HttpURLConnection.HTTP_OK, response.getStatusCode());
    String replyString = response.body().asString();
    JsonReader jsonReader = Json.createReader(new StringReader(replyString));
    JsonObject reply = jsonReader.readObject();
    Assertions.assertTrue(reply.getBoolean("pass"), reply.getString("msg"));
}
 
Example #8
Source File: JwtAuthUnitTest.java    From quarkus with Apache License 2.0 6 votes vote down vote up
/**
 * Verify that the injected token issuer claim is as expected
 *
 */
@Test()
public void verifyIssuerClaim() {
    Response response = RestAssured.given().auth()
            .oauth2(token)
            .when()
            .queryParam(Claims.iss.name(), "https://server.example.com")
            .queryParam(Claims.auth_time.name(), authTimeClaim)
            .get("/endp/verifyInjectedIssuer").andReturn();

    Assertions.assertEquals(HttpURLConnection.HTTP_OK, response.getStatusCode());
    String replyString = response.body().asString();
    JsonReader jsonReader = Json.createReader(new StringReader(replyString));
    JsonObject reply = jsonReader.readObject();
    Assertions.assertTrue(reply.getBoolean("pass"), reply.getString("msg"));
}
 
Example #9
Source File: PrimitiveInjectionUnitTest.java    From quarkus with Apache License 2.0 6 votes vote down vote up
/**
 * Verify that the token upn claim is as expected
 */
@Test()
public void verifyInjectedUPN() {
    io.restassured.response.Response response = RestAssured.given().auth()
            .oauth2(token)
            .when()
            .queryParam(Claims.upn.name(), "[email protected]")
            .queryParam(Claims.auth_time.name(), authTimeClaim)
            .get("/endp/verifyInjectedUPN").andReturn();

    Assertions.assertEquals(HttpURLConnection.HTTP_OK, response.getStatusCode());
    String replyString = response.body().asString();
    JsonReader jsonReader = Json.createReader(new StringReader(replyString));
    JsonObject reply = jsonReader.readObject();
    Assertions.assertTrue(reply.getBoolean("pass"), reply.getString("msg"));
}
 
Example #10
Source File: PrimitiveInjectionUnitTest.java    From quarkus with Apache License 2.0 6 votes vote down vote up
/**
 * Verify that the token aud claim is as expected
 */
@Test()
public void verifyInjectedAudience() {
    io.restassured.response.Response response = RestAssured.given().auth()
            .oauth2(token)
            .when()
            .queryParam(Claims.aud.name(), "s6BhdRkqt3")
            .queryParam(Claims.auth_time.name(), authTimeClaim)
            .get("/endp/verifyInjectedAudience").andReturn();

    Assertions.assertEquals(HttpURLConnection.HTTP_OK, response.getStatusCode());
    String replyString = response.body().asString();
    JsonReader jsonReader = Json.createReader(new StringReader(replyString));
    JsonObject reply = jsonReader.readObject();
    Assertions.assertTrue(reply.getBoolean("pass"), reply.getString("msg"));
}
 
Example #11
Source File: ProviderInjectionTest.java    From microprofile-jwt-auth with Apache License 2.0 6 votes vote down vote up
@RunAsClient
@Test(groups = TEST_GROUP_CDI_PROVIDER,
    description = "Verify that the injected raw token claim is as expected")
public void verifyInjectedOptionalAuthTime() throws Exception {
    Reporter.log("Begin verifyInjectedOptionalAuthTime\n");
    String uri = baseURL.toExternalForm() + "endp/verifyInjectedOptionalAuthTime";
    WebTarget echoEndpointTarget = ClientBuilder.newClient()
        .target(uri)
        .queryParam(Claims.auth_time.name(), authTimeClaim);
    Response response = echoEndpointTarget.request(MediaType.APPLICATION_JSON).header(HttpHeaders.AUTHORIZATION, "Bearer " + token).get();
    Assert.assertEquals(response.getStatus(), HttpURLConnection.HTTP_OK);
    String replyString = response.readEntity(String.class);
    JsonReader jsonReader = Json.createReader(new StringReader(replyString));
    JsonObject reply = jsonReader.readObject();
    Reporter.log(reply.toString());
    Assert.assertTrue(reply.getBoolean("pass"), reply.getString("msg"));
}
 
Example #12
Source File: PrimitiveInjectionEndpoint.java    From quarkus with Apache License 2.0 6 votes vote down vote up
@GET
@Path("/verifyInjectedAudience")
@Produces(MediaType.APPLICATION_JSON)
public JsonObject verifyInjectedAudience(@QueryParam("aud") String audience) {
    boolean pass = false;
    String msg;
    // aud
    Set<String> audValue = aud;
    if (audValue == null || audValue.size() == 0) {
        msg = Claims.aud.name() + "value is null or empty, FAIL";
    } else if (audValue.contains(audience)) {
        msg = Claims.aud.name() + " PASS";
        pass = true;
    } else {
        msg = String.format("%s: %s != %s", Claims.aud.name(), audValue, audience);
    }
    JsonObject result = Json.createObjectBuilder()
            .add("pass", pass)
            .add("msg", msg)
            .build();
    return result;
}
 
Example #13
Source File: PrimitiveInjectionTest.java    From microprofile-jwt-auth with Apache License 2.0 6 votes vote down vote up
@RunAsClient
@Test(groups = TEST_GROUP_CDI_PROVIDER,
    description = "Verify that the injected token issuer claim is as expected")
public void verifyIssuerClaim() throws Exception {
    Reporter.log("Begin verifyIssuerClaim");
    String uri = baseURL.toExternalForm() + "endp/verifyInjectedIssuer";
    WebTarget echoEndpointTarget = ClientBuilder.newClient()
        .target(uri)
        .queryParam(Claims.iss.name(), TCKConstants.TEST_ISSUER)
        .queryParam(Claims.auth_time.name(), authTimeClaim);
    Response response = echoEndpointTarget.request(MediaType.APPLICATION_JSON).header(HttpHeaders.AUTHORIZATION, "Bearer " + token).get();
    Assert.assertEquals(response.getStatus(), HttpURLConnection.HTTP_OK);
    String replyString = response.readEntity(String.class);
    JsonReader jsonReader = Json.createReader(new StringReader(replyString));
    JsonObject reply = jsonReader.readObject();
    Reporter.log(reply.toString());
    Assert.assertTrue(reply.getBoolean("pass"), reply.getString("msg"));
}
 
Example #14
Source File: RequiredClaimsUnitTest.java    From quarkus with Apache License 2.0 6 votes vote down vote up
/**
 * Verify that the token jti claim is as expected
 *
 */
@Test()
public void verifyJTI() {
    io.restassured.response.Response response = RestAssured.given().auth()
            .oauth2(token)
            .when()
            .queryParam(Claims.jti.name(), "a-f2b2180c")
            .queryParam(Claims.iss.name(), "https://server.example.com")
            .queryParam(Claims.auth_time.name(), authTimeClaim)
            .get("/endp/verifyJTI").andReturn();

    Assertions.assertEquals(HttpURLConnection.HTTP_OK, response.getStatusCode());
    String replyString = response.body().asString();
    JsonReader jsonReader = Json.createReader(new StringReader(replyString));
    JsonObject reply = jsonReader.readObject();
    Assertions.assertTrue(reply.getBoolean("pass"), reply.getString("msg"));
}
 
Example #15
Source File: ClaimValueInjectionTest.java    From microprofile-jwt-auth with Apache License 2.0 6 votes vote down vote up
@RunAsClient
@Test(groups = TEST_GROUP_CDI,
    description = "Verify that the injected customInteger claim is as expected")
public void verifyInjectedCustomInteger() throws Exception {
    Reporter.log("Begin verifyInjectedCustomInteger\n");
    String uri = baseURL.toExternalForm() + "endp/verifyInjectedCustomInteger";
    WebTarget echoEndpointTarget = ClientBuilder.newClient()
        .target(uri)
        .queryParam("value", 123456789)
        .queryParam(Claims.auth_time.name(), authTimeClaim);
    Response response = echoEndpointTarget.request(MediaType.APPLICATION_JSON).header(HttpHeaders.AUTHORIZATION, "Bearer " + token).get();
    Assert.assertEquals(response.getStatus(), HttpURLConnection.HTTP_OK);
    String replyString = response.readEntity(String.class);
    JsonReader jsonReader = Json.createReader(new StringReader(replyString));
    JsonObject reply = jsonReader.readObject();
    Reporter.log(reply.toString());
    Assert.assertTrue(reply.getBoolean("pass"), reply.getString("msg"));
}
 
Example #16
Source File: RequiredClaimsUnitTest.java    From quarkus with Apache License 2.0 6 votes vote down vote up
/**
 * Verify that the token aud claim is as expected
 *
 */
@Test()
public void verifyAudience() {
    io.restassured.response.Response response = RestAssured.given().auth()
            .oauth2(token)
            .when()
            .queryParam(Claims.aud.name(), "")
            .queryParam(Claims.iss.name(), "https://server.example.com")
            .queryParam(Claims.auth_time.name(), authTimeClaim)
            .get("/endp/verifyAudience").andReturn();

    Assertions.assertEquals(HttpURLConnection.HTTP_OK, response.getStatusCode());
    String replyString = response.body().asString();
    JsonReader jsonReader = Json.createReader(new StringReader(replyString));
    JsonObject reply = jsonReader.readObject();
    Assertions.assertTrue(reply.getBoolean("pass"), reply.getString("msg"));
}
 
Example #17
Source File: JsonValueInjectionTest.java    From microprofile-jwt-auth with Apache License 2.0 6 votes vote down vote up
@RunAsClient
@Test(groups = TEST_GROUP_CDI_JSON,
    description = "Verify that the injected jti claim is as expected")
public void verifyInjectedJTI() throws Exception {
    Reporter.log("Begin verifyInjectedJTI\n");
    String uri = baseURL.toExternalForm() + "endp/verifyInjectedJTI";
    WebTarget echoEndpointTarget = ClientBuilder.newClient()
        .target(uri)
        .queryParam(Claims.jti.name(), "a-123")
        .queryParam(Claims.auth_time.name(), authTimeClaim);
    Response response = echoEndpointTarget.request(MediaType.APPLICATION_JSON).header(HttpHeaders.AUTHORIZATION, "Bearer " + token).get();
    Assert.assertEquals(response.getStatus(), HttpURLConnection.HTTP_OK);
    String replyString = response.readEntity(String.class);
    JsonReader jsonReader = Json.createReader(new StringReader(replyString));
    JsonObject reply = jsonReader.readObject();
    Reporter.log(reply.toString());
    Assert.assertTrue(reply.getBoolean("pass"), reply.getString("msg"));
}
 
Example #18
Source File: RequiredClaimsTest.java    From microprofile-jwt-auth with Apache License 2.0 6 votes vote down vote up
@RunAsClient
@Test(groups = TEST_GROUP_JWT,
        description = "Verify that the exp claim is as expected")
public void verifyExpiration() throws Exception {
    Reporter.log("Begin verifyExpiration\n");
    String uri = baseURL.toExternalForm() + "endp/verifyExpiration";
    WebTarget echoEndpointTarget = ClientBuilder.newClient()
            .target(uri)
            .queryParam(Claims.exp.name(), expClaim)
            .queryParam(Claims.auth_time.name(), authTimeClaim);
    Response response = echoEndpointTarget.request(MediaType.APPLICATION_JSON).header(HttpHeaders.AUTHORIZATION, "Bearer " + token).get();
    Assert.assertEquals(response.getStatus(), HttpURLConnection.HTTP_OK);
    String replyString = response.readEntity(String.class);
    JsonReader jsonReader = Json.createReader(new StringReader(replyString));
    JsonObject reply = jsonReader.readObject();
    Reporter.log(reply.toString());
    Assert.assertTrue(reply.getBoolean("pass"), reply.getString("msg"));
}
 
Example #19
Source File: JsonValuejectionEndpoint.java    From microprofile-jwt-auth with Apache License 2.0 6 votes vote down vote up
@GET
@Path("/verifyInjectedAuthTime")
@Produces(MediaType.APPLICATION_JSON)
@RolesAllowed("Tester")
public JsonObject verifyInjectedAuthTime(@QueryParam("auth_time") Long authTime) {
    boolean pass = false;
    String msg;
    // auth_time
    Long authTimeValue = this.authTime.longValue();
    if(authTimeValue == null) {
        msg = Claims.auth_time.name()+" value is null or missing, FAIL";
    }
    else if(authTimeValue.equals(authTime)) {
        msg = Claims.auth_time.name()+" PASS";
        pass = true;
    }
    else {
        msg = String.format("%s: %s != %s", Claims.auth_time.name(), authTimeValue, authTime);
    }
    JsonObject result = Json.createObjectBuilder()
        .add("pass", pass)
        .add("msg", msg)
        .build();
    return result;
}
 
Example #20
Source File: RequiredClaimsEndpoint.java    From quarkus with Apache License 2.0 6 votes vote down vote up
@GET
@Path("/verifyOptionalAudience")
@Produces(MediaType.APPLICATION_JSON)
public JsonObject verifyAudience2(@QueryParam("aud") String audience) {
    boolean pass = false;
    String msg;
    // aud
    final Optional<Object> audValue = rawTokenJson.claim("aud");
    if (audValue.isPresent()) {
        msg = Claims.aud.name() + "value IS present, FAIL";
    } else {
        msg = Claims.aud.name() + " PASS";
        pass = true;
    }
    JsonObject result = Json.createObjectBuilder()
            .add("pass", pass)
            .add("msg", msg)
            .build();
    return result;
}
 
Example #21
Source File: ClaimValueInjectionEndpoint.java    From microprofile-jwt-auth with Apache License 2.0 6 votes vote down vote up
@GET
@Path("/verifyInjectedRawTokenStandard")
@Produces(MediaType.APPLICATION_JSON)
public JsonObject verifyInjectedRawTokenStandard(@QueryParam("raw_token") String rt) {
    boolean pass = false;
    String msg;
    // raw_token
    String rawTokenValue = rawTokenStandard.getValue();
    if(rawTokenValue == null || rawTokenValue.length() == 0) {
        msg = Claims.raw_token.name()+"value is null or empty, FAIL";
    }
    else if(rawTokenValue.equals(rt)) {
        msg = Claims.raw_token.name()+" PASS";
        pass = true;
    }
    else {
        msg = String.format("%s: %s != %s", Claims.raw_token.name(), rawTokenValue, rt);
    }
    JsonObject result = Json.createObjectBuilder()
        .add("pass", pass)
        .add("msg", msg)
        .build();
    return result;
}
 
Example #22
Source File: RequiredClaimsEndpoint.java    From microprofile-jwt-auth with Apache License 2.0 6 votes vote down vote up
@GET
@Path("/verifyIssuedAt")
@Produces(MediaType.APPLICATION_JSON)
public JsonObject verifyIssuedAt(@QueryParam("iat") Long iat) {
    boolean pass = false;
    String msg;
    // iat
    Long iatValue = rawTokenJson.getIssuedAtTime();
    if (iatValue == null || iatValue.intValue() == 0) {
        msg = Claims.iat.name() + "value is null or empty, FAIL";
    }
    else if (iatValue.equals(iat)) {
        msg = Claims.iat.name() + " PASS";
        pass = true;
    }
    else {
        msg = String.format("%s: %s != %s", Claims.iat.name(), iatValue, iat);
    }
    JsonObject result = Json.createObjectBuilder()
            .add("pass", pass)
            .add("msg", msg)
            .build();
    return result;
}
 
Example #23
Source File: PrimitiveInjectionTest.java    From microprofile-jwt-auth with Apache License 2.0 6 votes vote down vote up
@RunAsClient
@Test(groups = TEST_GROUP_CDI_PROVIDER,
    description = "Verify that the injected sub claim is as expected")
public void verifyInjectedSUB() throws Exception {
    Reporter.log("Begin verifyInjectedSUB\n");
    String uri = baseURL.toExternalForm() + "endp/verifyInjectedSUB";
    WebTarget echoEndpointTarget = ClientBuilder.newClient()
        .target(uri)
        .queryParam(Claims.sub.name(), "24400320")
        .queryParam(Claims.auth_time.name(), authTimeClaim);
    Response response = echoEndpointTarget.request(MediaType.APPLICATION_JSON).header(HttpHeaders.AUTHORIZATION, "Bearer " + token).get();
    Assert.assertEquals(response.getStatus(), HttpURLConnection.HTTP_OK);
    String replyString = response.readEntity(String.class);
    JsonReader jsonReader = Json.createReader(new StringReader(replyString));
    JsonObject reply = jsonReader.readObject();
    Reporter.log(reply.toString());
    Assert.assertTrue(reply.getBoolean("pass"), reply.getString("msg"));
}
 
Example #24
Source File: PrimitiveInjectionTest.java    From microprofile-jwt-auth with Apache License 2.0 6 votes vote down vote up
@RunAsClient
@Test(groups = TEST_GROUP_CDI_PROVIDER,
    description = "Verify that the injected groups claim is as expected")
public void verifyInjectedGroups() throws Exception {
    Reporter.log("Begin verifyInjectedGroups\n");
    String uri = baseURL.toExternalForm() + "endp/verifyInjectedGroups";
    WebTarget echoEndpointTarget = ClientBuilder.newClient()
        .target(uri)
        .queryParam(Claims.groups.name(), new String[]{
                "Echoer", "Tester", "group1", "group2"})
            .queryParam(Claims.auth_time.name(), authTimeClaim);
    Response response = echoEndpointTarget.request(MediaType.APPLICATION_JSON).header(HttpHeaders.AUTHORIZATION, "Bearer " + token).get();
    Assert.assertEquals(response.getStatus(), HttpURLConnection.HTTP_OK);
    String replyString = response.readEntity(String.class);
    JsonReader jsonReader = Json.createReader(new StringReader(replyString));
    JsonObject reply = jsonReader.readObject();
    Reporter.log(reply.toString());
    Assert.assertTrue(reply.getBoolean("pass"), reply.getString("msg"));
}
 
Example #25
Source File: RequiredClaimsEndpoint.java    From quarkus with Apache License 2.0 6 votes vote down vote up
@GET
@Path("/verifyIssuer")
@Produces(MediaType.APPLICATION_JSON)
public JsonObject verifyIssuer(@QueryParam("iss") String iss) {
    boolean pass = false;
    String msg;
    String issValue = rawTokenJson.getIssuer();
    if (issValue == null || issValue.length() == 0) {
        msg = Claims.iss.name() + "value is null or empty, FAIL";
    } else if (issValue.equals(iss)) {
        msg = Claims.iss.name() + " PASS";
        pass = true;
    } else {
        msg = String.format("%s: %s != %s", Claims.iss.name(), issValue, iss);
    }
    JsonObject result = Json.createObjectBuilder()
            .add("pass", pass)
            .add("msg", msg)
            .build();
    return result;
}
 
Example #26
Source File: KeycloakJWTCallerPrincipal.java    From thorntail with Apache License 2.0 6 votes vote down vote up
private static Map<String, Object> getAllClaimsFromToken(AccessToken at) {
    Map<String, Object> map = new HashMap<>();
    map.put(Claims.jti.name(), at.getId());
    map.put(Claims.iat.name(), Long.valueOf(at.getIssuedAt()));
    map.put(Claims.exp.name(), Long.valueOf(at.getExpiration()));
    map.put(Claims.nbf.name(), Long.valueOf(at.getNotBefore()));
    map.put(Claims.auth_time.name(), Long.valueOf(at.getAuthTime()));
    map.put(Claims.updated_at.name(), at.getUpdatedAt());
    map.put(Claims.iss.name(), at.getIssuer());
    map.put(Claims.azp.name(), at.getIssuedFor());
    map.put(Claims.acr.name(), at.getAcr());
    map.put(Claims.aud.name(), at.getAudience());
    map.put(Claims.sub.name(), at.getSubject());
    map.put(Claims.groups.name(), at.getRealmAccess().getRoles());
    map.put(Claims.preferred_username.name(), at.getPreferredUsername());
    map.put(Claims.family_name.name(), at.getFamilyName());
    map.put(Claims.nickname.name(), at.getNickName());
    map.putAll(at.getOtherClaims());
    return map;
}
 
Example #27
Source File: ClaimValueInjectionEndpoint.java    From microprofile-jwt-auth with Apache License 2.0 6 votes vote down vote up
@GET
@Path("/verifyInjectedIssuer")
@Produces(MediaType.APPLICATION_JSON)
public JsonObject verifyInjectedIssuer(@QueryParam("iss") String iss) {
    boolean pass = false;
    String msg;
    String issValue = issuer.getValue();
    if(issValue == null || issValue.length() == 0) {
        msg = Claims.iss.name()+"value is null or empty, FAIL";
    }
    else if(issValue.equals(iss)) {
        msg = Claims.iss.name()+" PASS";
        pass = true;
    }
    else {
        msg = String.format("%s: %s != %s", Claims.iss.name(), issValue, iss);
    }
    JsonObject result = Json.createObjectBuilder()
        .add("pass", pass)
        .add("msg", msg)
        .build();
    return result;
}
 
Example #28
Source File: PrimitiveInjectionTest.java    From microprofile-jwt-auth with Apache License 2.0 6 votes vote down vote up
@RunAsClient
@Test(groups = TEST_GROUP_CDI_PROVIDER,
    description = "Verify that the injected jti claim is as expected")
public void verifyInjectedJTI() throws Exception {
    Reporter.log("Begin verifyInjectedJTI\n");
    String uri = baseURL.toExternalForm() + "endp/verifyInjectedJTI";
    WebTarget echoEndpointTarget = ClientBuilder.newClient()
        .target(uri)
        .queryParam(Claims.jti.name(), "a-123")
        .queryParam(Claims.auth_time.name(), authTimeClaim);
    Response response = echoEndpointTarget.request(MediaType.APPLICATION_JSON).header(HttpHeaders.AUTHORIZATION, "Bearer " + token).get();
    Assert.assertEquals(response.getStatus(), HttpURLConnection.HTTP_OK);
    String replyString = response.readEntity(String.class);
    JsonReader jsonReader = Json.createReader(new StringReader(replyString));
    JsonObject reply = jsonReader.readObject();
    Reporter.log(reply.toString());
    Assert.assertTrue(reply.getBoolean("pass"), reply.getString("msg"));
}
 
Example #29
Source File: JsonValueInjectionTest.java    From microprofile-jwt-auth with Apache License 2.0 6 votes vote down vote up
@RunAsClient
@Test(groups = TEST_GROUP_CDI_JSON,
    description = "Verify that the injected customStringArray claim is as expected")
public void verifyInjectedCustomStringArray() throws Exception {
    Reporter.log("Begin verifyInjectedCustomStringArray\n");
    String uri = baseURL.toExternalForm() + "endp/verifyInjectedCustomStringArray";
    WebTarget echoEndpointTarget = ClientBuilder.newClient()
        .target(uri)
        .queryParam("value", "value0", "value1", "value2")
        .queryParam(Claims.auth_time.name(), authTimeClaim);
    Response response = echoEndpointTarget.request(MediaType.APPLICATION_JSON).header(HttpHeaders.AUTHORIZATION, "Bearer " + token).get();
    Assert.assertEquals(response.getStatus(), HttpURLConnection.HTTP_OK);
    String replyString = response.readEntity(String.class);
    JsonReader jsonReader = Json.createReader(new StringReader(replyString));
    JsonObject reply = jsonReader.readObject();
    Reporter.log(reply.toString());
    Assert.assertTrue(reply.getBoolean("pass"), reply.getString("msg"));
}
 
Example #30
Source File: PrimitiveInjectionUnitTest.java    From quarkus with Apache License 2.0 6 votes vote down vote up
/**
 * Verify that the token customString claim is as expected
 *
 */
@Test()
public void verifyInjectedCustomDouble() {
    io.restassured.response.Response response = RestAssured.given().auth()
            .oauth2(token)
            .when()
            .queryParam("value", 3.141592653589793d)
            .queryParam(Claims.auth_time.name(), authTimeClaim)
            .get("/endp/verifyInjectedCustomDouble").andReturn();

    Assertions.assertEquals(HttpURLConnection.HTTP_OK, response.getStatusCode());
    String replyString = response.body().asString();
    JsonReader jsonReader = Json.createReader(new StringReader(replyString));
    JsonObject reply = jsonReader.readObject();
    Assertions.assertTrue(reply.getBoolean("pass"), reply.getString("msg"));
}