You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@couchdb.apache.org by rn...@apache.org on 2022/05/24 15:37:32 UTC

[couchdb] branch jwtf-es256-fail created (now 18b8720f3)

This is an automated email from the ASF dual-hosted git repository.

rnewson pushed a change to branch jwtf-es256-fail
in repository https://gitbox.apache.org/repos/asf/couchdb.git


      at 18b8720f3 add failing es256 test

This branch includes the following new commits:

     new 18b8720f3 add failing es256 test

The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.

[couchdb] 01/01: add failing es256 test

Posted by rn...@apache.org.

This is an automated email from the ASF dual-hosted git repository.

rnewson pushed a commit to branch jwtf-es256-fail
in repository https://gitbox.apache.org/repos/asf/couchdb.git

commit 18b8720f34252a86408079025e113c4c7ce0cda1
Author: Robert Newson <rn...@apache.org>
AuthorDate: Tue May 24 16:16:57 2022 +0100

    add failing es256 test
---
 src/jwtf/test/jwtf_tests.erl | 37 ++++++++++++++++++++++++++++++++++---
 1 file changed, 34 insertions(+), 3 deletions(-)

diff --git a/src/jwtf/test/jwtf_tests.erl b/src/jwtf/test/jwtf_tests.erl
index e36ecbd23..79fb0cc3f 100644
--- a/src/jwtf/test/jwtf_tests.erl
+++ b/src/jwtf/test/jwtf_tests.erl
@@ -24,7 +24,7 @@ encode(Header0, Payload0) ->
 valid_header() ->
     {[{<<"typ">>, <<"JWT">>}, {<<"alg">>, <<"RS256">>}]}.
 
-jwt_io_pubkey() ->
+jwt_io_rsa_pubkey() ->
     PublicKeyPEM = <<
         "-----BEGIN PUBLIC KEY-----\n"
         "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDdlatRjRjogo3WojgGH"
@@ -36,6 +36,16 @@ jwt_io_pubkey() ->
     [PEMEntry] = public_key:pem_decode(PublicKeyPEM),
     public_key:pem_entry_decode(PEMEntry).
 
+jwt_io_ec_pubkey() ->
+    PublicKeyPEM = <<
+        "-----BEGIN PUBLIC KEY-----\n"
+        "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEEVs/o5+uQbTjL3chynL4wXgUg2R9"
+        "q9UU8I5mEovUf86QZ7kOBIjJwqnzD1omageEHWwHdBO6B+dFabmdT9POxg==\n"
+        "-----END PUBLIC KEY-----\n"
+    >>,
+    [PEMEntry] = public_key:pem_decode(PublicKeyPEM),
+    public_key:pem_entry_decode(PEMEntry).
+
 b64_badarg_test() ->
     Encoded = <<"0.0.0">>,
     ?assertEqual(
@@ -169,7 +179,7 @@ bad_rs256_sig_test() ->
         {[{<<"typ">>, <<"JWT">>}, {<<"alg">>, <<"RS256">>}]},
         {[]}
     ),
-    KS = fun(<<"RS256">>, undefined) -> jwt_io_pubkey() end,
+    KS = fun(<<"RS256">>, undefined) -> jwt_io_rsa_pubkey() end,
     ?assertEqual(
         {error, {bad_request, <<"Bad signature">>}},
         jwtf:decode(Encoded, [], KS)
@@ -264,7 +274,28 @@ rs256_test() ->
     >>,
 
     Checks = [sig, alg],
-    KS = fun(<<"RS256">>, undefined) -> jwt_io_pubkey() end,
+    KS = fun(<<"RS256">>, undefined) -> jwt_io_rsa_pubkey() end,
+
+    ExpectedPayload =
+        {[
+            {<<"sub">>, <<"1234567890">>},
+            {<<"name">>, <<"John Doe">>},
+            {<<"admin">>, true}
+        ]},
+
+    ?assertMatch({ok, ExpectedPayload}, jwtf:decode(EncodedToken, Checks, KS)).
+
+%% jwt.io generated
+es256_test() ->
+    EncodedToken = <<
+        "eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0N"
+        "TY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.1g"
+        "LptYop2guxSZHmf0ga292suPxwBdkijA1ZopCSSYLBdEl8Bg2fsxoU"
+        "cZuSGztMU9qAKV2p80NQn8czeGhHXA"
+    >>,
+
+    Checks = [sig, alg],
+    KS = fun(<<"ES256">>, undefined) -> jwt_io_ec_pubkey() end,
 
     ExpectedPayload =
         {[