@Test
public void testReadJwsSignedByMacSpecExample() throws Exception {
JwsJwtCompactConsumer jws = new JwsJwtCompactConsumer(ENCODED_TOKEN_SIGNED_BY_MAC);
assertTrue(jws.verifySignatureWith(new HmacJwsSignatureProvider(ENCODED_MAC_KEY)));
JwtToken token = jws.getJwtToken();
JwtHeaders headers = token.getHeaders();
assertEquals(JwtConstants.TYPE_JWT, headers.getType());
assertEquals(Algorithm.HmacSHA256.getJwtName(), headers.getAlgorithm());
validateSpecClaim(token.getClaims());
}
@Test
public void testReadJwsSignedByPrivateKey() throws Exception {
JwsJwtCompactConsumer jws = new JwsJwtCompactConsumer(ENCODED_TOKEN_SIGNED_BY_PRIVATE_KEY);
RSAPublicKey key =
CryptoUtils.getRSAPublicKey(RSA_MODULUS_ENCODED, RSA_PUBLIC_EXPONENT_ENCODED);
assertTrue(jws.verifySignatureWith(new PublicKeyJwsSignatureVerifier(key)));
JwtToken token = jws.getJwtToken();
JwtHeaders headers = token.getHeaders();
assertEquals(Algorithm.SHA256withRSA.getJwtName(), headers.getAlgorithm());
validateSpecClaim(token.getClaims());
}
@Test
public void testWriteReadJwsSignedByESPrivateKey() throws Exception {
JwtHeaders headers = new JwtHeaders();
headers.setAlgorithm(Algorithm.SHA256withECDSA.getJwtName());
JwsCompactProducer jws = initSpecJwtTokenWriter(headers);
ECPrivateKey privateKey = CryptoUtils.getECPrivateKey(EC_PRIVATE_KEY_ENCODED);
jws.signWith(new EcDsaJwsSignatureProvider(privateKey));
String signedJws = jws.getSignedEncodedJws();
ECPublicKey publicKey = CryptoUtils.getECPublicKey(EC_X_POINT_ENCODED, EC_Y_POINT_ENCODED);
JwsJwtCompactConsumer jwsConsumer = new JwsJwtCompactConsumer(signedJws);
assertTrue(jwsConsumer.verifySignatureWith(new PublicKeyJwsSignatureVerifier(publicKey)));
JwtToken token = jwsConsumer.getJwtToken();
JwtHeaders headersReceived = token.getHeaders();
assertEquals(Algorithm.SHA256withECDSA.getJwtName(), headersReceived.getAlgorithm());
validateSpecClaim(token.getClaims());
}
@Test
public void testReadJwsWithJwkSignedByMac() throws Exception {
JwsJwtCompactConsumer jws =
new JwsJwtCompactConsumer(ENCODED_TOKEN_WITH_JSON_KEY_SIGNED_BY_MAC);
assertTrue(jws.verifySignatureWith(new HmacJwsSignatureProvider(ENCODED_MAC_KEY)));
JwtToken token = jws.getJwtToken();
JwtHeaders headers = token.getHeaders();
assertEquals(JwtConstants.TYPE_JWT, headers.getType());
assertEquals(Algorithm.HmacSHA256.getJwtName(), headers.getAlgorithm());
JsonWebKey key = headers.getJsonWebKey();
assertEquals(JsonWebKey.KEY_TYPE_OCTET, key.getKeyType());
List<String> keyOps = key.getKeyOperation();
assertEquals(2, keyOps.size());
assertEquals(JsonWebKey.KEY_OPER_SIGN, keyOps.get(0));
assertEquals(JsonWebKey.KEY_OPER_VERIFY, keyOps.get(1));
validateSpecClaim(token.getClaims());
}
@Test
public void testWriteReadJwsUnsigned() throws Exception {
JwtHeaders headers = new JwtHeaders(JwtConstants.PLAIN_TEXT_ALGO);
JwtClaims claims = new JwtClaims();
claims.setIssuer("https://jwt-idp.example.com");
claims.setSubject("mailto:[email protected]");
claims.setAudience("https://jwt-rp.example.net");
claims.setNotBefore(1300815780L);
claims.setExpiryTime(1300819380L);
claims.setClaim("http://claims.example.com/member", true);
JwsCompactProducer writer = new JwsJwtCompactProducer(headers, claims);
String signed = writer.getSignedEncodedJws();
JwsJwtCompactConsumer reader = new JwsJwtCompactConsumer(signed);
assertEquals(0, reader.getDecodedSignature().length);
JwtToken token = reader.getJwtToken();
assertEquals(new JwtToken(headers, claims), token);
}
