Package uk.co.spudsoft.jwtvalidatorvertx

Class NimbusAllAlgorithmsTest

java.lang.Object
uk.co.spudsoft.jwtvalidatorvertx.NimbusAllAlgorithmsTest
@TestInstance(PER_CLASS) @TestMethodOrder(org.junit.jupiter.api.MethodOrderer.OrderAnnotation.class) @ExtendWith(io.vertx.junit5.VertxExtension.class) public class NimbusAllAlgorithmsTest extends Object
Required tests:
  • Invalid structure (not three dots)
  • Invalid structure (first part not base64)
  • Invalid structure (second part not base64)
  • Invalid structure (third part not base64)
  • Invalid structure (first part not JSON)
  • Invalid structure (second part not JSON)
  • Algorithm none
  • Algorithm not in acceptable list (RS256, RS384, RS512) but token otherwise valid
  • Signature invalid
  • Key not in jwks output
  • Token exp value in the past - measure acceptable leeway over < 1 hour
  • Token nbf claim in the future - measure acceptable leeway over < 1 hour
  • Token bad iss accepted - not matching preconfigured values
  • Token bad aud accepted
  • Token aud not accepted when single value despite being the aud for the service
  • Token aud not accepted when single element array despite being the aud for the service
  • Token aud not accepted when first element of array despite being the aud for the service
  • Token aud not accepted when last element of array despite being the aud for the service
  • Token sub not present
Author:
njt

  • Constructor Details

    • NimbusAllAlgorithmsTest

      public NimbusAllAlgorithmsTest()

  • Method Details

    • init

      @BeforeAll public void init() throws IOException
      Throws:
      IOException

    • shutdown

      @AfterAll public void shutdown() throws IOException
      Throws:
      IOException

    • testValidES256

      @Test public void testValidES256(io.vertx.junit5.VertxTestContext testContext)

    • testValidES384

      @Test public void testValidES384(io.vertx.junit5.VertxTestContext testContext)

    • testValidES512

      @Test public void testValidES512(io.vertx.junit5.VertxTestContext testContext)

    • testValidEdDSA

      @Test public void testValidEdDSA(io.vertx.junit5.VertxTestContext testContext)

    • testValidPS256

      @Test public void testValidPS256(io.vertx.junit5.VertxTestContext testContext)

    • testValidPS384

      @Test public void testValidPS384(io.vertx.junit5.VertxTestContext testContext)

    • testValidPS512

      @Test public void testValidPS512(io.vertx.junit5.VertxTestContext testContext)

    • testValidRS256

      @Test public void testValidRS256(io.vertx.junit5.VertxTestContext testContext)

    • testValidRS384

      @Test public void testValidRS384(io.vertx.junit5.VertxTestContext testContext)

    • testValidRS512

      @Test public void testValidRS512(io.vertx.junit5.VertxTestContext testContext)

    • testValid

      public void testValid(io.vertx.junit5.VertxTestContext testContext, JsonWebAlgorithm jwa, int sigLength)
      Test a valid token using a specific algorithm. Note that this is the method that is copied to the README.md file, which is why it's overly commented.
      Parameters:
      testContext - The VertxTestContext to complete asynchronously.
      jwa - The algorithm to use.
      sigLength - The expected length of the signature (to be tested).