This is an automated email from the ASF dual-hosted git repository. rnewson pushed a commit to branch jwtf-es256-fail in repository https://gitbox.apache.org/repos/asf/couchdb.git
commit 18b8720f34252a86408079025e113c4c7ce0cda1 Author: Robert Newson <[email protected]> AuthorDate: Tue May 24 16:16:57 2022 +0100 add failing es256 test --- src/jwtf/test/jwtf_tests.erl | 37 ++++++++++++++++++++++++++++++++++--- 1 file changed, 34 insertions(+), 3 deletions(-) diff --git a/src/jwtf/test/jwtf_tests.erl b/src/jwtf/test/jwtf_tests.erl index e36ecbd23..79fb0cc3f 100644 --- a/src/jwtf/test/jwtf_tests.erl +++ b/src/jwtf/test/jwtf_tests.erl @@ -24,7 +24,7 @@ encode(Header0, Payload0) -> valid_header() -> {[{<<"typ">>, <<"JWT">>}, {<<"alg">>, <<"RS256">>}]}. -jwt_io_pubkey() -> +jwt_io_rsa_pubkey() -> PublicKeyPEM = << "-----BEGIN PUBLIC KEY-----\n" "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDdlatRjRjogo3WojgGH" @@ -36,6 +36,16 @@ jwt_io_pubkey() -> [PEMEntry] = public_key:pem_decode(PublicKeyPEM), public_key:pem_entry_decode(PEMEntry). +jwt_io_ec_pubkey() -> + PublicKeyPEM = << + "-----BEGIN PUBLIC KEY-----\n" + "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEEVs/o5+uQbTjL3chynL4wXgUg2R9" + "q9UU8I5mEovUf86QZ7kOBIjJwqnzD1omageEHWwHdBO6B+dFabmdT9POxg==\n" + "-----END PUBLIC KEY-----\n" + >>, + [PEMEntry] = public_key:pem_decode(PublicKeyPEM), + public_key:pem_entry_decode(PEMEntry). + b64_badarg_test() -> Encoded = <<"0.0.0">>, ?assertEqual( @@ -169,7 +179,7 @@ bad_rs256_sig_test() -> {[{<<"typ">>, <<"JWT">>}, {<<"alg">>, <<"RS256">>}]}, {[]} ), - KS = fun(<<"RS256">>, undefined) -> jwt_io_pubkey() end, + KS = fun(<<"RS256">>, undefined) -> jwt_io_rsa_pubkey() end, ?assertEqual( {error, {bad_request, <<"Bad signature">>}}, jwtf:decode(Encoded, [], KS) @@ -264,7 +274,28 @@ rs256_test() -> >>, Checks = [sig, alg], - KS = fun(<<"RS256">>, undefined) -> jwt_io_pubkey() end, + KS = fun(<<"RS256">>, undefined) -> jwt_io_rsa_pubkey() end, + + ExpectedPayload = + {[ + {<<"sub">>, <<"1234567890">>}, + {<<"name">>, <<"John Doe">>}, + {<<"admin">>, true} + ]}, + + ?assertMatch({ok, ExpectedPayload}, jwtf:decode(EncodedToken, Checks, KS)). + +%% jwt.io generated +es256_test() -> + EncodedToken = << + "eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0N" + "TY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.1g" + "LptYop2guxSZHmf0ga292suPxwBdkijA1ZopCSSYLBdEl8Bg2fsxoU" + "cZuSGztMU9qAKV2p80NQn8czeGhHXA" + >>, + + Checks = [sig, alg], + KS = fun(<<"ES256">>, undefined) -> jwt_io_ec_pubkey() end, ExpectedPayload = {[
