Fixes from PR requests.
Cameron Stitt
7 years ago
| 3 | 3 | "context" |
| 4 | 4 | "testing" |
| 5 | 5 | |
| 6 | "crypto/subtle" | |
| 7 | ||
| 6 | 8 | jwt "github.com/dgrijalva/jwt-go" |
| 7 | 9 | "github.com/go-kit/kit/endpoint" |
| 8 | 10 | ) |
| 9 | 11 | |
| 12 | type customClaims struct { | |
| 13 | MyProperty string `json:"my_property"` | |
| 14 | jwt.StandardClaims | |
| 15 | } | |
| 16 | ||
| 17 | func (c customClaims) VerifyMyProperty(p string) bool { | |
| 18 | return subtle.ConstantTimeCompare([]byte(c.MyProperty), []byte(p)) != 0 | |
| 19 | } | |
| 20 | ||
| 10 | 21 | var ( |
| 11 | 22 | kid = "kid" |
| 12 | 23 | key = []byte("test_signing_key") |
| 24 | myProperty = "some value" | |
| 13 | 25 | method = jwt.SigningMethodHS256 |
| 14 | 26 | invalidMethod = jwt.SigningMethodRS256 |
| 15 | 27 | mapClaims = jwt.MapClaims{"user": "go-kit"} |
| 16 | 28 | standardClaims = jwt.StandardClaims{Audience: "go-kit"} |
| 29 | myCustomClaims = customClaims{MyProperty: myProperty, StandardClaims: standardClaims} | |
| 17 | 30 | // Signed tokens generated at https://jwt.io/ |
| 18 | 31 | signedKey = "eyJhbGciOiJIUzI1NiIsImtpZCI6ImtpZCIsInR5cCI6IkpXVCJ9.eyJ1c2VyIjoiZ28ta2l0In0.14M2VmYyApdSlV_LZ88ajjwuaLeIFplB8JpyNy0A19E" |
| 19 | 32 | standardSignedKey = "eyJhbGciOiJIUzI1NiIsImtpZCI6ImtpZCIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJnby1raXQifQ.L5ypIJjCOOv3jJ8G5SelaHvR04UJuxmcBN5QW3m_aoY" |
| 33 | customSignedKey = "eyJhbGciOiJIUzI1NiIsImtpZCI6ImtpZCIsInR5cCI6IkpXVCJ9.eyJteV9wcm9wZXJ0eSI6InNvbWUgdmFsdWUiLCJhdWQiOiJnby1raXQifQ.s8F-IDrV4WPJUsqr7qfDi-3GRlcKR0SRnkTeUT_U-i0" | |
| 20 | 34 | invalidKey = "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.e30.vKVCKto-Wn6rgz3vBdaZaCBGfCBDTXOENSo_X2Gq7qA" |
| 21 | 35 | ) |
| 22 | 36 | |
| 44 | 58 | |
| 45 | 59 | signer = NewSigner(kid, key, method, standardClaims)(e) |
| 46 | 60 | signingValidator(t, signer, standardSignedKey) |
| 61 | ||
| 62 | signer = NewSigner(kid, key, method, myCustomClaims)(e) | |
| 63 | signingValidator(t, signer, customSignedKey) | |
| 47 | 64 | } |
| 48 | 65 | |
| 49 | 66 | func TestJWTParser(t *testing.T) { |
| 123 | 140 | t.Fatal("Claims were not passed into context correctly") |
| 124 | 141 | } |
| 125 | 142 | if !stdCl.VerifyAudience("go-kit", true) { |
| 126 | t.Fatal("JWT jwt.StandardClaims.Audience did not match: expecting %s got %s", standardClaims.Audience, stdCl.Audience) | |
| 143 | t.Fatalf("JWT jwt.StandardClaims.Audience did not match: expecting %s got %s", standardClaims.Audience, stdCl.Audience) | |
| 144 | } | |
| 145 | ||
| 146 | parser = NewParser(keys, method, &customClaims{})(e) | |
| 147 | ctx = context.WithValue(context.Background(), JWTTokenContextKey, customSignedKey) | |
| 148 | ctx1, err = parser(ctx, struct{}{}) | |
| 149 | if err != nil { | |
| 150 | t.Fatalf("Parser returned error: %s", err) | |
| 151 | } | |
| 152 | custCl, ok := ctx1.(context.Context).Value(JWTClaimsContextKey).(*customClaims) | |
| 153 | if !ok { | |
| 154 | t.Fatal("Claims were not passed into context correctly") | |
| 155 | } | |
| 156 | if !custCl.VerifyAudience("go-kit", true) { | |
| 157 | t.Fatalf("JWT customClaims.Audience did not match: expecting %s got %s", standardClaims.Audience, custCl.Audience) | |
| 158 | } | |
| 159 | if !custCl.VerifyMyProperty(myProperty) { | |
| 160 | t.Fatalf("JWT customClaims.MyProperty did not match: expecting %s got %s", myProperty, custCl.MyProperty) | |
| 127 | 161 | } |
| 128 | 162 | } |