2 | 2 |
import (
|
3 | 3 |
"context"
|
4 | 4 |
"testing"
|
|
5 |
"time"
|
5 | 6 |
|
6 | 7 |
"crypto/subtle"
|
7 | 8 |
|
|
32 | 33 |
standardSignedKey = "eyJhbGciOiJIUzI1NiIsImtpZCI6ImtpZCIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJnby1raXQifQ.L5ypIJjCOOv3jJ8G5SelaHvR04UJuxmcBN5QW3m_aoY"
|
33 | 34 |
customSignedKey = "eyJhbGciOiJIUzI1NiIsImtpZCI6ImtpZCIsInR5cCI6IkpXVCJ9.eyJteV9wcm9wZXJ0eSI6InNvbWUgdmFsdWUiLCJhdWQiOiJnby1raXQifQ.s8F-IDrV4WPJUsqr7qfDi-3GRlcKR0SRnkTeUT_U-i0"
|
34 | 35 |
invalidKey = "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.e30.vKVCKto-Wn6rgz3vBdaZaCBGfCBDTXOENSo_X2Gq7qA"
|
|
36 |
malformedKey = "malformed.jwt.token"
|
35 | 37 |
)
|
36 | 38 |
|
37 | 39 |
func signingValidator(t *testing.T, signer endpoint.Endpoint, expectedKey string) {
|
|
129 | 131 |
t.Fatalf("JWT Claims.user did not match: expecting %s got %s", mapClaims["user"], cl["user"])
|
130 | 132 |
}
|
131 | 133 |
|
|
134 |
// Test for malformed token error response
|
|
135 |
parser = NewParser(keys, method, &jwt.StandardClaims{})(e)
|
|
136 |
ctx = context.WithValue(context.Background(), JWTTokenContextKey, malformedKey)
|
|
137 |
ctx1, err = parser(ctx, struct{}{})
|
|
138 |
if want, have := ErrTokenMalformed, err; want != have {
|
|
139 |
t.Fatalf("Expected %+v, got %+v", want, have)
|
|
140 |
}
|
|
141 |
|
|
142 |
// Test for expired token error response
|
|
143 |
parser = NewParser(keys, method, &jwt.StandardClaims{})(e)
|
|
144 |
expired := jwt.NewWithClaims(method, jwt.StandardClaims{ExpiresAt: time.Now().Unix() - 100})
|
|
145 |
token, err := expired.SignedString(key)
|
|
146 |
if err != nil {
|
|
147 |
t.Fatalf("Unable to Sign Token: %+v", err)
|
|
148 |
}
|
|
149 |
ctx = context.WithValue(context.Background(), JWTTokenContextKey, token)
|
|
150 |
ctx1, err = parser(ctx, struct{}{})
|
|
151 |
if want, have := ErrTokenExpired, err; want != have {
|
|
152 |
t.Fatalf("Expected %+v, got %+v", want, have)
|
|
153 |
}
|
|
154 |
|
|
155 |
// Test for not activated token error response
|
|
156 |
parser = NewParser(keys, method, &jwt.StandardClaims{})(e)
|
|
157 |
notactive := jwt.NewWithClaims(method, jwt.StandardClaims{NotBefore: time.Now().Unix() + 100})
|
|
158 |
token, err = notactive.SignedString(key)
|
|
159 |
if err != nil {
|
|
160 |
t.Fatalf("Unable to Sign Token: %+v", err)
|
|
161 |
}
|
|
162 |
ctx = context.WithValue(context.Background(), JWTTokenContextKey, token)
|
|
163 |
ctx1, err = parser(ctx, struct{}{})
|
|
164 |
if want, have := ErrTokenNotActive, err; want != have {
|
|
165 |
t.Fatalf("Expected %+v, got %+v", want, have)
|
|
166 |
}
|
|
167 |
|
|
168 |
// test valid standard claims token
|
132 | 169 |
parser = NewParser(keys, method, &jwt.StandardClaims{})(e)
|
133 | 170 |
ctx = context.WithValue(context.Background(), JWTTokenContextKey, standardSignedKey)
|
134 | 171 |
ctx1, err = parser(ctx, struct{}{})
|
|
143 | 180 |
t.Fatalf("JWT jwt.StandardClaims.Audience did not match: expecting %s got %s", standardClaims.Audience, stdCl.Audience)
|
144 | 181 |
}
|
145 | 182 |
|
|
183 |
// test valid customized claims token
|
146 | 184 |
parser = NewParser(keys, method, &customClaims{})(e)
|
147 | 185 |
ctx = context.WithValue(context.Background(), JWTTokenContextKey, customSignedKey)
|
148 | 186 |
ctx1, err = parser(ctx, struct{}{})
|