Repository: syncope Updated Branches: refs/heads/master 7d20e44d1 -> 6edc1e675
Adding a "None" signature test-case Project: http://git-wip-us.apache.org/repos/asf/syncope/repo Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/6edc1e67 Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/6edc1e67 Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/6edc1e67 Branch: refs/heads/master Commit: 6edc1e67554d90dd3d1fc62ff064dc1b8a0c4978 Parents: 7d20e44 Author: Colm O hEigeartaigh <cohei...@apache.org> Authored: Wed Jun 21 16:32:21 2017 +0100 Committer: Colm O hEigeartaigh <cohei...@apache.org> Committed: Wed Jun 21 17:37:41 2017 +0100 ---------------------------------------------------------------------- .../org/apache/syncope/fit/core/JWTITCase.java | 41 ++++++++++++++++++++ 1 file changed, 41 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/syncope/blob/6edc1e67/fit/core-reference/src/test/java/org/apache/syncope/fit/core/JWTITCase.java ---------------------------------------------------------------------- diff --git a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/JWTITCase.java b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/JWTITCase.java index 42164fc..703a706 100644 --- a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/JWTITCase.java +++ b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/JWTITCase.java @@ -38,6 +38,7 @@ import org.apache.cxf.rs.security.jose.jws.JwsJwtCompactConsumer; import org.apache.cxf.rs.security.jose.jws.JwsJwtCompactProducer; import org.apache.cxf.rs.security.jose.jws.JwsSignatureProvider; import org.apache.cxf.rs.security.jose.jws.JwsSignatureVerifier; +import org.apache.cxf.rs.security.jose.jws.NoneJwsSignatureProvider; import org.apache.cxf.rs.security.jose.jwt.JwtClaims; import org.apache.cxf.rs.security.jose.jwt.JwtToken; import org.apache.syncope.client.lib.SyncopeClient; @@ -298,4 +299,44 @@ public class JWTITCase extends AbstractITCase { // expected } } + + @Test + public void testNoneSignature() throws ParseException { + // Get an initial token + SyncopeClient adminClient = clientFactory.create(ADMIN_UNAME, ADMIN_PWD); + AccessTokenService accessTokenService = adminClient.getService(AccessTokenService.class); + + Response response = accessTokenService.login(); + String token = response.getHeaderString(RESTHeaders.TOKEN); + assertNotNull(token); + JwsJwtCompactConsumer consumer = new JwsJwtCompactConsumer(token); + String tokenId = consumer.getJwtClaims().getTokenId(); + + // Create a new token using the Id of the first token + + JwtClaims jwtClaims = new JwtClaims(); + jwtClaims.setTokenId(tokenId); + jwtClaims.setSubject(consumer.getJwtClaims().getSubject()); + jwtClaims.setIssuedAt(consumer.getJwtClaims().getIssuedAt()); + jwtClaims.setIssuer(consumer.getJwtClaims().getIssuer()); + jwtClaims.setExpiryTime(consumer.getJwtClaims().getExpiryTime()); + jwtClaims.setNotBefore(consumer.getJwtClaims().getNotBefore()); + + JwsHeaders jwsHeaders = new JwsHeaders(JoseType.JWT, SignatureAlgorithm.NONE); + JwtToken jwtToken = new JwtToken(jwsHeaders, jwtClaims); + JwsJwtCompactProducer producer = new JwsJwtCompactProducer(jwtToken); + + JwsSignatureProvider jwsSignatureProvider = new NoneJwsSignatureProvider(); + String signed = producer.signWith(jwsSignatureProvider); + + SyncopeClient jwtClient = clientFactory.create(signed); + UserSelfService jwtUserSelfService = jwtClient.getService(UserSelfService.class); + try { + jwtUserSelfService.read(); + fail("Failure expected on no signature"); + } catch (AccessControlException ex) { + // expected + } + } + }
