/**
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.apache.cxf.rs.security.jose.jws;
import org.apache.cxf.rs.security.jose.jwa.SignatureAlgorithm;
import org.junit.Assert;
import org.junit.Test;
public class JwsJsonProducerTest extends Assert {
public static final String ENCODED_MAC_KEY_1 = "AyM1SysPpbyDfgZld3umj1qzKObwVMkoqQ-EstJQLr_T-1qS0gZH75"
+ "aKtMN3Yj0iPS4hcgUuTwjAzZr1Z9CAow";
public static final String ENCODED_MAC_KEY_2 = "09Y_RK7l5rAY9QY7EblYQNuYbu9cy1j7ovCbkeIyAKN8LIeRL-3H8g"
+ "c8kZSYzAQ1uTRC_egZ_8cgZSZa9T5nmQ";
public static final String UNSIGNED_PLAIN_JSON_DOCUMENT = "{"
+ " \"from\": \"user\"," + " \"to\": \"developer\","
+ " \"msg\": \"good job!\" " + "}";
public static final String UNSIGNED_PLAIN_DOCUMENT = "$.02";
public static final String UNSIGNED_PLAIN_JSON_DOCUMENT_AS_B64URL = "eyAiZnJvbSI6ICJ1c2VyIiwgInRvIjogI"
+ "mRldmVsb3BlciIsICJtc2ciOiAiZ29vZCBqb2IhIiB9";
public static final String SIGNED_JWS_JSON_DOCUMENT = "{"
+ "\"payload\":\""
+ UNSIGNED_PLAIN_JSON_DOCUMENT_AS_B64URL
+ "\",\"signatures\":[{\"protected\":\"eyJhbGciOiJIUzI1NiJ9\",\"signature\":"
+ "\"NNksREOsFCI1nUQEqzCe6XZFa-bRAge2XXMMAU2Jj2I\"}]}";
public static final String SIGNED_JWS_JSON_FLAT_DOCUMENT = "{"
+ "\"payload\":\""
+ UNSIGNED_PLAIN_JSON_DOCUMENT_AS_B64URL
+ "\",\"protected\":\"eyJhbGciOiJIUzI1NiJ9\",\"signature\":"
+ "\"NNksREOsFCI1nUQEqzCe6XZFa-bRAge2XXMMAU2Jj2I\"}";
public static final String SIGNED_JWS_JSON_FLAT_UNENCODED_DOCUMENT = "{"
+ "\"payload\":\"" + UNSIGNED_PLAIN_DOCUMENT + "\","
+ "\"protected\":\"eyJhbGciOiJIUzI1NiIsImI2NCI6ZmFsc2UsImNyaXQiOlsiYjY0Il19\","
+ "\"signature\":" + "\"A5dxf2s96_n5FLueVuW1Z_vh161FwXZC4YLPff6dmDY\"}";
public static final String DUAL_SIGNED_JWS_JSON_DOCUMENT = "{"
+ "\"payload\":\""
+ UNSIGNED_PLAIN_JSON_DOCUMENT_AS_B64URL
+ "\",\"signatures\":[{\"protected\":\"eyJhbGciOiJIUzI1NiJ9\","
+ "\"signature\":\"NNksREOsFCI1nUQEqzCe6XZFa-bRAge2XXMMAU2Jj2I\"},"
+ "{\"protected\":\"eyJhbGciOiJIUzI1NiJ9\","
+ "\"signature\":\"KY2r_Gubar7G86fVyrA7I2-69KA7faKDmebfCCmibdI\"}]}";
@Test
public void testSignPlainJsonDocumentPayloadConstruction() {
JwsJsonProducer producer = new JwsJsonProducer(UNSIGNED_PLAIN_JSON_DOCUMENT);
assertEquals(UNSIGNED_PLAIN_JSON_DOCUMENT_AS_B64URL,
producer.getUnsignedEncodedPayload());
}
@Test
public void testSignWithProtectedHeaderOnly() {
JwsJsonProducer producer = new JwsJsonProducer(UNSIGNED_PLAIN_JSON_DOCUMENT);
JwsHeaders headerEntries = new JwsHeaders();
headerEntries.setSignatureAlgorithm(SignatureAlgorithm.HS256);
producer.signWith(new HmacJwsSignatureProvider(ENCODED_MAC_KEY_1, SignatureAlgorithm.HS256),
headerEntries);
assertEquals(SIGNED_JWS_JSON_DOCUMENT,
producer.getJwsJsonSignedDocument());
}
@Test
public void testSignWithProtectedHeaderOnlyUnencodedPayload() {
JwsJsonProducer producer = new JwsJsonProducer(UNSIGNED_PLAIN_DOCUMENT, true);
JwsHeaders headers = new JwsHeaders();
headers.setSignatureAlgorithm(SignatureAlgorithm.HS256);
headers.setPayloadEncodingStatus(false);
producer.signWith(new HmacJwsSignatureProvider(ENCODED_MAC_KEY_1, SignatureAlgorithm.HS256),
headers);
assertEquals(SIGNED_JWS_JSON_FLAT_UNENCODED_DOCUMENT,
producer.getJwsJsonSignedDocument());
}
@Test
public void testSignWithProtectedHeaderOnlyFlat() {
JwsJsonProducer producer = new JwsJsonProducer(UNSIGNED_PLAIN_JSON_DOCUMENT, true);
JwsHeaders headerEntries = new JwsHeaders();
headerEntries.setSignatureAlgorithm(SignatureAlgorithm.HS256);
producer.signWith(new HmacJwsSignatureProvider(ENCODED_MAC_KEY_1, SignatureAlgorithm.HS256),
headerEntries);
assertEquals(SIGNED_JWS_JSON_FLAT_DOCUMENT,
producer.getJwsJsonSignedDocument());
}
@Test
public void testDualSignWithProtectedHeaderOnly() {
JwsJsonProducer producer = new JwsJsonProducer(UNSIGNED_PLAIN_JSON_DOCUMENT);
JwsHeaders headerEntries = new JwsHeaders();
headerEntries.setSignatureAlgorithm(SignatureAlgorithm.HS256);
producer.signWith(new HmacJwsSignatureProvider(ENCODED_MAC_KEY_1, SignatureAlgorithm.HS256),
headerEntries);
producer.signWith(new HmacJwsSignatureProvider(ENCODED_MAC_KEY_2, SignatureAlgorithm.HS256),
headerEntries);
assertEquals(DUAL_SIGNED_JWS_JSON_DOCUMENT,
producer.getJwsJsonSignedDocument());
}
}