@Test
public void testWriteJwsSignedByMacSpecExample() throws Exception {
JwtHeaders headers = new JwtHeaders(Algorithm.HmacSHA256.getJwtName());
JwsCompactProducer jws = initSpecJwtTokenWriter(headers);
jws.signWith(new HmacJwsSignatureProvider(ENCODED_MAC_KEY));
assertEquals(ENCODED_TOKEN_SIGNED_BY_MAC, jws.getSignedEncodedJws());
}
@Test
public void testReadJwsSignedByMacSpecExample() throws Exception {
JwsJwtCompactConsumer jws = new JwsJwtCompactConsumer(ENCODED_TOKEN_SIGNED_BY_MAC);
assertTrue(jws.verifySignatureWith(new HmacJwsSignatureProvider(ENCODED_MAC_KEY)));
JwtToken token = jws.getJwtToken();
JwtHeaders headers = token.getHeaders();
assertEquals(JwtConstants.TYPE_JWT, headers.getType());
assertEquals(Algorithm.HmacSHA256.getJwtName(), headers.getAlgorithm());
validateSpecClaim(token.getClaims());
}
private void doTestWriteJwsWithJwkSignedByMac(Object jsonWebKey) throws Exception {
JwtHeaders headers = new JwtHeaders(Algorithm.HmacSHA256.getJwtName());
headers.setHeader(JwtConstants.HEADER_JSON_WEB_KEY, jsonWebKey);
JwtClaims claims = new JwtClaims();
claims.setIssuer("joe");
claims.setExpiryTime(1300819380L);
claims.setClaim("http://example.com/is_root", Boolean.TRUE);
JwtToken token = new JwtToken(headers, claims);
JwsCompactProducer jws = new JwsJwtCompactProducer(token, getWriter());
jws.signWith(new HmacJwsSignatureProvider(ENCODED_MAC_KEY));
assertEquals(ENCODED_TOKEN_WITH_JSON_KEY_SIGNED_BY_MAC, jws.getSignedEncodedJws());
}
@Test
public void testReadJwsWithJwkSignedByMac() throws Exception {
JwsJwtCompactConsumer jws =
new JwsJwtCompactConsumer(ENCODED_TOKEN_WITH_JSON_KEY_SIGNED_BY_MAC);
assertTrue(jws.verifySignatureWith(new HmacJwsSignatureProvider(ENCODED_MAC_KEY)));
JwtToken token = jws.getJwtToken();
JwtHeaders headers = token.getHeaders();
assertEquals(JwtConstants.TYPE_JWT, headers.getType());
assertEquals(Algorithm.HmacSHA256.getJwtName(), headers.getAlgorithm());
JsonWebKey key = headers.getJsonWebKey();
assertEquals(JsonWebKey.KEY_TYPE_OCTET, key.getKeyType());
List<String> keyOps = key.getKeyOperation();
assertEquals(2, keyOps.size());
assertEquals(JsonWebKey.KEY_OPER_SIGN, keyOps.get(0));
assertEquals(JsonWebKey.KEY_OPER_VERIFY, keyOps.get(1));
validateSpecClaim(token.getClaims());
}