8 | 8 |
)
|
9 | 9 |
|
10 | 10 |
var (
|
11 | |
key = "test_signing_key"
|
|
11 |
kid = "kid"
|
|
12 |
key = []byte("test_signing_key")
|
12 | 13 |
method = jwt.SigningMethodHS256
|
13 | 14 |
invalidMethod = jwt.SigningMethodRS256
|
14 | |
claims = jwt.MapClaims{"user": "go-kit"}
|
15 | |
signedKey = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyIjoiZ28ta2l0In0.MMefQU5pwDeoWBSdyagqNlr1tDGddGUOMGiIWmMlFvk"
|
|
15 |
claims = Claims{"user": "go-kit"}
|
|
16 |
signedKey = "eyJhbGciOiJIUzI1NiIsImtpZCI6ImtpZCIsInR5cCI6IkpXVCJ9.eyJ1c2VyIjoiZ28ta2l0In0.14M2VmYyApdSlV_LZ88ajjwuaLeIFplB8JpyNy0A19E"
|
16 | 17 |
invalidKey = "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.e30.vKVCKto-Wn6rgz3vBdaZaCBGfCBDTXOENSo_X2Gq7qA"
|
17 | 18 |
)
|
18 | 19 |
|
19 | 20 |
func TestSigner(t *testing.T) {
|
20 | 21 |
e := func(ctx context.Context, i interface{}) (interface{}, error) { return ctx, nil }
|
21 | 22 |
|
22 | |
signer := NewSigner(key, method, claims)(e)
|
23 | |
ctx := context.Background()
|
24 | |
ctx1, err := signer(ctx, struct{}{})
|
|
23 |
keys := KeySet{
|
|
24 |
kid: {
|
|
25 |
Method: method,
|
|
26 |
Key: key,
|
|
27 |
},
|
|
28 |
}
|
|
29 |
|
|
30 |
signer := NewSigner(kid, keys, claims)(e)
|
|
31 |
ctx, err := signer(context.Background(), struct{}{})
|
25 | 32 |
if err != nil {
|
26 | 33 |
t.Fatalf("Signer returned error: %s", err)
|
27 | 34 |
}
|
28 | 35 |
|
29 | |
token, ok := ctx1.(context.Context).Value(JWTTokenContextKey).(string)
|
|
36 |
token, ok := ctx.(context.Context).Value(JWTTokenContextKey).(string)
|
30 | 37 |
if !ok {
|
31 | 38 |
t.Fatal("Token did not exist in context")
|
32 | 39 |
}
|
|
39 | 46 |
func TestJWTParser(t *testing.T) {
|
40 | 47 |
e := func(ctx context.Context, i interface{}) (interface{}, error) { return ctx, nil }
|
41 | 48 |
|
42 | |
keyfunc := func(token *jwt.Token) (interface{}, error) { return []byte(key), nil }
|
43 | |
badKeyfunc := func(token *jwt.Token) (interface{}, error) { return []byte("bad"), nil }
|
|
49 |
keys := KeySet{
|
|
50 |
kid: {
|
|
51 |
Method: method,
|
|
52 |
Key: key,
|
|
53 |
},
|
|
54 |
}
|
44 | 55 |
|
45 | |
parser := NewParser(keyfunc, method)(e)
|
|
56 |
parser := NewParser(keys)(e)
|
46 | 57 |
|
47 | 58 |
// No Token is passed into the parser
|
48 | 59 |
_, err := parser(context.Background(), struct{}{})
|
|
58 | 69 |
}
|
59 | 70 |
|
60 | 71 |
// Invalid Method is used in the parser
|
61 | |
badParser := NewParser(keyfunc, invalidMethod)(e)
|
|
72 |
invalidMethodKeys := KeySet{
|
|
73 |
kid: {
|
|
74 |
Method: invalidMethod,
|
|
75 |
Key: key,
|
|
76 |
},
|
|
77 |
}
|
|
78 |
|
|
79 |
badParser := NewParser(invalidMethodKeys)(e)
|
62 | 80 |
ctx = context.WithValue(context.Background(), JWTTokenContextKey, signedKey)
|
63 | 81 |
_, err = badParser(ctx, struct{}{})
|
64 | 82 |
if err == nil {
|
|
66 | 84 |
}
|
67 | 85 |
|
68 | 86 |
// Invalid key is used in the parser
|
69 | |
badParser = NewParser(badKeyfunc, method)(e)
|
|
87 |
invalidKeys := KeySet{
|
|
88 |
kid: {
|
|
89 |
Method: method,
|
|
90 |
Key: []byte("bad"),
|
|
91 |
},
|
|
92 |
}
|
|
93 |
|
|
94 |
badParser = NewParser(invalidKeys)(e)
|
70 | 95 |
ctx = context.WithValue(context.Background(), JWTTokenContextKey, signedKey)
|
71 | 96 |
_, err = badParser(ctx, struct{}{})
|
72 | 97 |
if err == nil {
|
|
80 | 105 |
t.Fatalf("Parser returned error: %s", err)
|
81 | 106 |
}
|
82 | 107 |
|
83 | |
cl, ok := ctx1.(context.Context).Value(JWTClaimsContextKey).(jwt.MapClaims)
|
|
108 |
cl, ok := ctx1.(context.Context).Value(JWTClaimsContextKey).(Claims)
|
84 | 109 |
if !ok {
|
85 | 110 |
t.Fatal("Claims were not passed into context correctly")
|
86 | 111 |
}
|