JWSTest.java example

Explorer
Resteasy-master
package org.jboss.resteasy.test.jose;

import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.codehaus.jackson.map.ObjectMapper;
import org.codehaus.jackson.map.SerializationConfig;
import org.codehaus.jackson.map.annotate.JsonSerialize;
import org.jboss.resteasy.jose.jws.Algorithm;
import org.jboss.resteasy.jose.jws.JWSBuilder;
import org.jboss.resteasy.jose.jws.JWSHeader;
import org.jboss.resteasy.jose.jws.JWSInput;
import org.jboss.resteasy.jose.jws.crypto.HMACProvider;
import org.jboss.resteasy.jose.jws.crypto.RSAProvider;
import org.jboss.resteasy.spi.ResteasyProviderFactory;
import org.junit.Assert;
import org.junit.FixMethodOrder;
import org.junit.Test;
import org.junit.runners.MethodSorters;

import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.ws.rs.core.MediaType;

import java.nio.charset.StandardCharsets;
import java.security.KeyPair;
import java.security.KeyPairGenerator;

import static org.hamcrest.CoreMatchers.containsString;

/**
 * @tpSubChapter Jose tests
 * @tpChapter Unit tests
 * @tpTestCaseDetails Test for JWS
 * @tpSince RESTEasy 3.0.16
 */
@FixMethodOrder(MethodSorters.NAME_ASCENDING)
public class JWSTest {
    protected static final Logger logger = LogManager.getLogger(JWSTest.class.getName());
    private static final String HEADER_ERROR_MSG = "Wrong algorithm header";
    private static final String RESPONSE_ERROR_MSG = "Response contains wrong content";
    private static final String VERIFY_ERROR_MSG = "Wrong verification";

    /**
     * @tpTestDetails Header serialization test
     * @tpSince RESTEasy 3.0.16
     */
    @Test
    public void testHeaderSerialization() throws Exception {
        ObjectMapper mapper = new ObjectMapper();
        mapper.setSerializationInclusion(JsonSerialize.Inclusion.NON_NULL);
        mapper.enable(SerializationConfig.Feature.INDENT_OUTPUT);
        JWSHeader header = new JWSHeader(Algorithm.HS256, null, null);
        String val = header.toString();
        logger.info(val);
        Assert.assertThat(HEADER_ERROR_MSG, val, containsString("alg"));
        Assert.assertThat(HEADER_ERROR_MSG, val, containsString("HS256"));
        header = mapper.readValue(val, JWSHeader.class);
        val = mapper.writeValueAsString(header);
        logger.info(val);
        Assert.assertThat(HEADER_ERROR_MSG, val, containsString("alg"));
        Assert.assertThat(HEADER_ERROR_MSG, val, containsString("HS256"));
    }

    /**
     * @tpTestDetails Basic RSA test
     * @tpSince RESTEasy 3.0.16
     */
    @Test
    public void testRSA() throws Exception {
        KeyPair keyPair = KeyPairGenerator.getInstance("RSA").generateKeyPair();

        String encoded = new JWSBuilder()
                .content("Hello World".getBytes(StandardCharsets.UTF_8))
                .rsa256(keyPair.getPrivate());

        logger.info(encoded);

        JWSInput input = new JWSInput(encoded, ResteasyProviderFactory.getInstance());
        String msg = (String) input.readContent(String.class, null, null, MediaType.TEXT_PLAIN_TYPE);
        Assert.assertEquals(RESPONSE_ERROR_MSG, "Hello World", msg);
        Assert.assertTrue(VERIFY_ERROR_MSG, RSAProvider.verify(input, keyPair.getPublic()));

    }

    /**
     * @tpTestDetails RSA with content type test
     * @tpSince RESTEasy 3.0.16
     */
    @Test
    public void testRSAWithContentType() throws Exception {
        KeyPair keyPair = KeyPairGenerator.getInstance("RSA").generateKeyPair();

        String encoded = new JWSBuilder()
                .contentType(MediaType.TEXT_PLAIN_TYPE)
                .content("Hello World", MediaType.TEXT_PLAIN_TYPE)
                .rsa256(keyPair.getPrivate());

        logger.info(encoded);

        JWSInput input = new JWSInput(encoded, ResteasyProviderFactory.getInstance());
        logger.info(input.getHeader());
        String msg = input.readContent(String.class);
        Assert.assertEquals(RESPONSE_ERROR_MSG, "Hello World", msg);
        Assert.assertTrue(VERIFY_ERROR_MSG, RSAProvider.verify(input, keyPair.getPublic()));

    }

    /**
     * @tpTestDetails HMAC with ContentType test
     * @tpSince RESTEasy 3.0.16
     */
    @Test
    public void testHMACWithContentType() throws Exception {
        SecretKey key = KeyGenerator.getInstance(HMACProvider.getJavaAlgorithm(Algorithm.HS256)).generateKey();

        String encoded = new JWSBuilder()
                .contentType(MediaType.TEXT_PLAIN_TYPE)
                .content("Hello World", MediaType.TEXT_PLAIN_TYPE)
                .hmac256(key);

        logger.info(encoded);

        JWSInput input = new JWSInput(encoded, ResteasyProviderFactory.getInstance());
        logger.info(input.getHeader());
        String msg = input.readContent(String.class);
        Assert.assertEquals(RESPONSE_ERROR_MSG, "Hello World", msg);
        Assert.assertTrue(VERIFY_ERROR_MSG, HMACProvider.verify(input, key));
    }
}