/*
* Copyright (c) 2012 Google Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
* in compliance with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software distributed under the License
* is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
* or implied. See the License for the specific language governing permissions and limitations under
* the License.
*/
package com.google.api.client.json.webtoken;
import com.google.api.client.testing.json.MockJsonFactory;
import com.google.api.client.testing.json.webtoken.TestCertificates;
import com.google.api.client.testing.util.SecurityTestUtils;
import junit.framework.TestCase;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPrivateKey;
import javax.net.ssl.X509TrustManager;
/**
* Tests {@link JsonWebSignature}.
*
* @author Yaniv Inbar
*/
public class JsonWebSignatureTest extends TestCase {
public void testSign() throws Exception {
JsonWebSignature.Header header = new JsonWebSignature.Header();
header.setAlgorithm("RS256");
header.setType("JWT");
JsonWebToken.Payload payload = new JsonWebToken.Payload();
payload.setIssuer("issuer")
.setAudience("audience").setIssuedAtTimeSeconds(0L).setExpirationTimeSeconds(3600L);
RSAPrivateKey privateKey = SecurityTestUtils.newRsaPrivateKey();
assertEquals(
"..kDmKaHNYByLmqAi9ROeLcFmZM7W_emsceKvDZiEGAo-ineCunC6_Nb0HEpAuzIidV-LYTMHS3BvI49KFz9gi6hI3"
+ "ZndDL5EzplpFJo1ZclVk1_hLn94P2OTAkZ4ydsTfus6Bl98EbCkInpF_2t5Fr8OaHxCZCDdDU7W5DSnOsx4",
JsonWebSignature.signUsingRsaSha256(privateKey, new MockJsonFactory(), header, payload));
}
private X509Certificate verifyX509WithCaCert(TestCertificates.CertData caCert) throws Exception {
JsonWebSignature signature = TestCertificates.getJsonWebSignature();
X509TrustManager trustManager = caCert.getTrustManager();
return signature.verifySignature(trustManager);
}
public void testVerifyX509() throws Exception {
X509Certificate signatureCert = verifyX509WithCaCert(TestCertificates.CA_CERT);
assertNotNull(signatureCert);
assertTrue(signatureCert.getSubjectDN().getName().startsWith("CN=foo.bar.com"));
}
public void testVerifyX509WrongCa() throws Exception {
assertNull(verifyX509WithCaCert(TestCertificates.BOGUS_CA_CERT));
}
}