auth/internal/jwt/jwt_test.go - gocloud.git - Git at Google

 // Copyright 2023 Google LLC
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
 //      http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.

 package jwt

 import (
 	"crypto/rand"
 	"crypto/rsa"
 	"testing"
 )

 func TestSignAndVerifyDecode(t *testing.T) {
 	header := &Header{
 		Algorithm: "RS256",
 		Type:      "JWT",
 	}
 	payload := &Claims{
 		Iss: "http://google.com/",
 		Aud: "",
 		Exp: 3610,
 		Iat: 10,
 		AdditionalClaims: map[string]interface{}{
 			"foo": "bar",
 		},
 	}

 	privateKey, err := rsa.GenerateKey(rand.Reader, 2048)
 	if err != nil {
 		t.Fatal(err)
 	}

 	token, err := EncodeJWS(header, payload, privateKey)
 	if err != nil {
 		t.Fatal(err)
 	}

 	if err := VerifyJWS(token, &privateKey.PublicKey); err != nil {
 		t.Fatal(err)
 	}

 	claims, err := DecodeJWS(token)
 	if err != nil {
 		t.Fatal(err)
 	}

 	if claims.Iss != payload.Iss {
 		t.Errorf("got %q, want %q", claims.Iss, payload.Iss)
 	}
 	if claims.Aud != payload.Aud {
 		t.Errorf("got %q, want %q", claims.Aud, payload.Aud)
 	}
 	if claims.Exp != payload.Exp {
 		t.Errorf("got %d, want %d", claims.Exp, payload.Exp)
 	}
 	if claims.Iat != payload.Iat {
 		t.Errorf("got %d, want %d", claims.Iat, payload.Iat)
 	}
 	if claims.AdditionalClaims["foo"] != payload.AdditionalClaims["foo"] {
 		t.Errorf("got %q, want %q", claims.AdditionalClaims["foo"], payload.AdditionalClaims["foo"])
 	}
 }

 func TestVerifyFailsOnMalformedClaim(t *testing.T) {
 	err := VerifyJWS("abc.def", nil)
 	if err == nil {
 		t.Error("got no errors; want improperly formed JWT not to be verified")
 	}
 }
	// Copyright 2023 Google LLC
	//
	// Licensed under the Apache License, Version 2.0 (the "License");
	// you may not use this file except in compliance with the License.
	// You may obtain a copy of the License at
	//
	// http://www.apache.org/licenses/LICENSE-2.0
	//
	// Unless required by applicable law or agreed to in writing, software
	// distributed under the License is distributed on an "AS IS" BASIS,
	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	// See the License for the specific language governing permissions and
	// limitations under the License.

	package jwt

	import (
	"crypto/rand"
	"crypto/rsa"
	"testing"
	)

	func TestSignAndVerifyDecode(t *testing.T) {
	header := &Header{
	Algorithm: "RS256",
	Type: "JWT",
	}
	payload := &Claims{
	Iss: "http://google.com/",
	Aud: "",
	Exp: 3610,
	Iat: 10,
	AdditionalClaims: map[string]interface{}{
	"foo": "bar",
	},
	}

	privateKey, err := rsa.GenerateKey(rand.Reader, 2048)
	if err != nil {
	t.Fatal(err)
	}

	token, err := EncodeJWS(header, payload, privateKey)
	if err != nil {
	t.Fatal(err)
	}

	if err := VerifyJWS(token, &privateKey.PublicKey); err != nil {
	t.Fatal(err)
	}

	claims, err := DecodeJWS(token)
	if err != nil {
	t.Fatal(err)
	}

	if claims.Iss != payload.Iss {
	t.Errorf("got %q, want %q", claims.Iss, payload.Iss)
	}
	if claims.Aud != payload.Aud {
	t.Errorf("got %q, want %q", claims.Aud, payload.Aud)
	}
	if claims.Exp != payload.Exp {
	t.Errorf("got %d, want %d", claims.Exp, payload.Exp)
	}
	if claims.Iat != payload.Iat {
	t.Errorf("got %d, want %d", claims.Iat, payload.Iat)
	}
	if claims.AdditionalClaims["foo"] != payload.AdditionalClaims["foo"] {
	t.Errorf("got %q, want %q", claims.AdditionalClaims["foo"], payload.AdditionalClaims["foo"])
	}
	}

	func TestVerifyFailsOnMalformedClaim(t *testing.T) {
	err := VerifyJWS("abc.def", nil)
	if err == nil {
	t.Error("got no errors; want improperly formed JWT not to be verified")
	}
	}