You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@syncope.apache.org by co...@apache.org on 2017/06/21 16:37:45 UTC
syncope git commit: Adding a "None" signature test-case
Repository: syncope
Updated Branches:
refs/heads/master 7d20e44d1 -> 6edc1e675
Adding a "None" signature test-case
Project: http://git-wip-us.apache.org/repos/asf/syncope/repo
Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/6edc1e67
Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/6edc1e67
Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/6edc1e67
Branch: refs/heads/master
Commit: 6edc1e67554d90dd3d1fc62ff064dc1b8a0c4978
Parents: 7d20e44
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Wed Jun 21 16:32:21 2017 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Wed Jun 21 17:37:41 2017 +0100
----------------------------------------------------------------------
.../org/apache/syncope/fit/core/JWTITCase.java | 41 ++++++++++++++++++++
1 file changed, 41 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/syncope/blob/6edc1e67/fit/core-reference/src/test/java/org/apache/syncope/fit/core/JWTITCase.java
----------------------------------------------------------------------
diff --git a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/JWTITCase.java b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/JWTITCase.java
index 42164fc..703a706 100644
--- a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/JWTITCase.java
+++ b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/JWTITCase.java
@@ -38,6 +38,7 @@ import org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer;
import org.apache.cxf.rs.security.jose.jws.JwsJwtCompactProducer;
import org.apache.cxf.rs.security.jose.jws.JwsSignatureProvider;
import org.apache.cxf.rs.security.jose.jws.JwsSignatureVerifier;
+import org.apache.cxf.rs.security.jose.jws.NoneJwsSignatureProvider;
import org.apache.cxf.rs.security.jose.jwt.JwtClaims;
import org.apache.cxf.rs.security.jose.jwt.JwtToken;
import org.apache.syncope.client.lib.SyncopeClient;
@@ -298,4 +299,44 @@ public class JWTITCase extends AbstractITCase {
// expected
}
}
+
+ @Test
+ public void testNoneSignature() throws ParseException {
+ // Get an initial token
+ SyncopeClient adminClient = clientFactory.create(ADMIN_UNAME, ADMIN_PWD);
+ AccessTokenService accessTokenService = adminClient.getService(AccessTokenService.class);
+
+ Response response = accessTokenService.login();
+ String token = response.getHeaderString(RESTHeaders.TOKEN);
+ assertNotNull(token);
+ JwsJwtCompactConsumer consumer = new JwsJwtCompactConsumer(token);
+ String tokenId = consumer.getJwtClaims().getTokenId();
+
+ // Create a new token using the Id of the first token
+
+ JwtClaims jwtClaims = new JwtClaims();
+ jwtClaims.setTokenId(tokenId);
+ jwtClaims.setSubject(consumer.getJwtClaims().getSubject());
+ jwtClaims.setIssuedAt(consumer.getJwtClaims().getIssuedAt());
+ jwtClaims.setIssuer(consumer.getJwtClaims().getIssuer());
+ jwtClaims.setExpiryTime(consumer.getJwtClaims().getExpiryTime());
+ jwtClaims.setNotBefore(consumer.getJwtClaims().getNotBefore());
+
+ JwsHeaders jwsHeaders = new JwsHeaders(JoseType.JWT, SignatureAlgorithm.NONE);
+ JwtToken jwtToken = new JwtToken(jwsHeaders, jwtClaims);
+ JwsJwtCompactProducer producer = new JwsJwtCompactProducer(jwtToken);
+
+ JwsSignatureProvider jwsSignatureProvider = new NoneJwsSignatureProvider();
+ String signed = producer.signWith(jwsSignatureProvider);
+
+ SyncopeClient jwtClient = clientFactory.create(signed);
+ UserSelfService jwtUserSelfService = jwtClient.getService(UserSelfService.class);
+ try {
+ jwtUserSelfService.read();
+ fail("Failure expected on no signature");
+ } catch (AccessControlException ex) {
+ // expected
+ }
+ }
+
}