Skip to content

Commit 1f058f9

Browse files
lakhansamanilakhansamani
committed
Add test for jwt tokens
1 parent 8259fb5 commit 1f058f9

File tree

2 files changed

+150
-1
lines changed

2 files changed

+150
-1
lines changed

server/test/jwt_test.go

Lines changed: 143 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,143 @@
1+
package test
2+
3+
import (
4+
"testing"
5+
"time"
6+
7+
"github.com/authorizerdev/authorizer/server/constants"
8+
"github.com/authorizerdev/authorizer/server/envstore"
9+
"github.com/authorizerdev/authorizer/server/token"
10+
"github.com/golang-jwt/jwt"
11+
"github.com/stretchr/testify/assert"
12+
)
13+
14+
func TestJwt(t *testing.T) {
15+
claims := jwt.MapClaims{
16+
"exp": time.Now().Add(time.Minute * 30).Unix(),
17+
"iat": time.Now().Unix(),
18+
"email": "[email protected]",
19+
}
20+
21+
// persist older data till test is done and then reset it
22+
jwtType := envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtType)
23+
jwtSecret := envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtSecret)
24+
25+
t.Run("invalid jwt type", func(t *testing.T) {
26+
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtType, "invalid")
27+
token, err := token.SignJWTToken(claims)
28+
assert.Error(t, err, "unsupported signing method")
29+
assert.Empty(t, token)
30+
})
31+
t.Run("expired jwt token", func(t *testing.T) {
32+
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtType, "HS256")
33+
expiredClaims := jwt.MapClaims{
34+
"exp": time.Now().Add(-time.Minute * 30).Unix(),
35+
"iat": time.Now().Unix(),
36+
"email": "[email protected]",
37+
}
38+
jwtToken, err := token.SignJWTToken(expiredClaims)
39+
assert.NoError(t, err)
40+
_, err = token.ParseJWTToken(jwtToken)
41+
assert.Error(t, err, err.Error(), "Token is expired")
42+
})
43+
t.Run("HMAC algorithms", func(t *testing.T) {
44+
t.Run("HS256", func(t *testing.T) {
45+
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtType, "HS256")
46+
jwtToken, err := token.SignJWTToken(claims)
47+
assert.NoError(t, err)
48+
assert.NotEmpty(t, jwtToken)
49+
c, err := token.ParseJWTToken(jwtToken)
50+
assert.NoError(t, err)
51+
assert.Equal(t, c["email"].(string), claims["email"])
52+
})
53+
t.Run("HS384", func(t *testing.T) {
54+
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtType, "HS384")
55+
jwtToken, err := token.SignJWTToken(claims)
56+
assert.NoError(t, err)
57+
assert.NotEmpty(t, jwtToken)
58+
c, err := token.ParseJWTToken(jwtToken)
59+
assert.NoError(t, err)
60+
assert.Equal(t, c["email"].(string), claims["email"])
61+
})
62+
t.Run("HS512", func(t *testing.T) {
63+
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtType, "HS512")
64+
jwtToken, err := token.SignJWTToken(claims)
65+
assert.NoError(t, err)
66+
assert.NotEmpty(t, jwtToken)
67+
c, err := token.ParseJWTToken(jwtToken)
68+
assert.NoError(t, err)
69+
assert.Equal(t, c["email"].(string), claims["email"])
70+
})
71+
})
72+
73+
t.Run("RSA algorithms", func(t *testing.T) {
74+
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtPrivateKey, "-----BEGIN RSA PRIVATE KEY-----\nMIICWgIBAAKBgHUQac/v0f3c8m4L9BMWfxBiEzkdV5CoaqfxhO5IwAX/1cs0WceN\njM7g/qzC7YmEOSiYqupiRtsyn6riz0xT/VUg4uv1uZ/muC6EVfOjR5Ack3Brquql\nD+oMxN4CeA0Wzp2dEV4N3Gv7wWHdhg9ZSc4g6+ZUdlkhIPfeO9RNK9pPAgMBAAEC\ngYBqLrIbp0dNQn0vbm48ZhppDNys4L2NfAYKQZs23Aw5JN6Si/CnffBrsk+u+ryl\nEKcb+KaHJQ9qQdfsFAC+FizhMQy0Dq9yw6shnqHX+paB6E6z2/vX8ToPzJRwxBY3\nyuaetCEpSXR7pQEd5YWDTUH7qYnb9FObD+umhVvmlsTHCQJBALagPmexu0DvMXKZ\nWdplik6eXg9lptiuj5MYqitEUyzU9E9HNeHKlZM7szGeWG3jNduoKcyo4M0Flvt9\ncP+soVUCQQCkGOQ5Y3/GoZmclKWMVwqGdmL6wEjhNfg4PRfgUalHBif9Q1KnM8FP\nAvIqIH8bttRfyT185WmaM2gml0ApwF0TAkBVil9QoK4t7xvBKtUsd809n+481gc9\njR4Q70edtoYjBKhejeNOHF7NNPRtNFcFOZybg3v4sc2CGrEqoQoRp+F1AkBeLmMe\nhPrbF/jAI5h4WaSS0/OvExlBGOaj8Hx5pKTRPLlK5I7VpCC4pmoyv3/0ehSd/TQr\nMMhRVlvaeki7Lcq9AkBravJUadVCAIsB6oh03mo8gUFFFqXDyEl6BiJYqrjCQ5wd\nAQYJGbqQvgjPxN9+PTPldDNi6KVXntSg5gF/dA+Z\n-----END RSA PRIVATE KEY-----")
75+
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtPublicKey, "-----BEGIN PUBLIC KEY-----\nMIGeMA0GCSqGSIb3DQEBAQUAA4GMADCBiAKBgHUQac/v0f3c8m4L9BMWfxBiEzkd\nV5CoaqfxhO5IwAX/1cs0WceNjM7g/qzC7YmEOSiYqupiRtsyn6riz0xT/VUg4uv1\nuZ/muC6EVfOjR5Ack3BrquqlD+oMxN4CeA0Wzp2dEV4N3Gv7wWHdhg9ZSc4g6+ZU\ndlkhIPfeO9RNK9pPAgMBAAE=\n-----END PUBLIC KEY-----")
76+
t.Run("RS256", func(t *testing.T) {
77+
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtType, "RS256")
78+
jwtToken, err := token.SignJWTToken(claims)
79+
assert.NoError(t, err)
80+
assert.NotEmpty(t, jwtToken)
81+
c, err := token.ParseJWTToken(jwtToken)
82+
assert.NoError(t, err)
83+
assert.Equal(t, c["email"].(string), claims["email"])
84+
})
85+
t.Run("RS384", func(t *testing.T) {
86+
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtType, "RS384")
87+
jwtToken, err := token.SignJWTToken(claims)
88+
assert.NoError(t, err)
89+
assert.NotEmpty(t, jwtToken)
90+
c, err := token.ParseJWTToken(jwtToken)
91+
assert.NoError(t, err)
92+
assert.Equal(t, c["email"].(string), claims["email"])
93+
})
94+
t.Run("RS512", func(t *testing.T) {
95+
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtType, "RS512")
96+
jwtToken, err := token.SignJWTToken(claims)
97+
assert.NoError(t, err)
98+
assert.NotEmpty(t, jwtToken)
99+
c, err := token.ParseJWTToken(jwtToken)
100+
assert.NoError(t, err)
101+
assert.Equal(t, c["email"].(string), claims["email"])
102+
})
103+
})
104+
105+
t.Run("ECDSA algorithms", func(t *testing.T) {
106+
t.Run("ES256", func(t *testing.T) {
107+
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtPrivateKey, "-----BEGIN PRIVATE KEY-----\nMIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgevZzL1gdAFr88hb2\nOF/2NxApJCzGCEDdfSp6VQO30hyhRANCAAQRWz+jn65BtOMvdyHKcvjBeBSDZH2r\n1RTwjmYSi9R/zpBnuQ4EiMnCqfMPWiZqB4QdbAd0E7oH50VpuZ1P087G\n-----END PRIVATE KEY-----")
108+
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtPublicKey, "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEEVs/o5+uQbTjL3chynL4wXgUg2R9\nq9UU8I5mEovUf86QZ7kOBIjJwqnzD1omageEHWwHdBO6B+dFabmdT9POxg==\n-----END PUBLIC KEY-----")
109+
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtType, "ES256")
110+
jwtToken, err := token.SignJWTToken(claims)
111+
assert.NoError(t, err)
112+
assert.NotEmpty(t, jwtToken)
113+
c, err := token.ParseJWTToken(jwtToken)
114+
assert.NoError(t, err)
115+
assert.Equal(t, c["email"].(string), claims["email"])
116+
})
117+
t.Run("ES384", func(t *testing.T) {
118+
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtPrivateKey, "-----BEGIN PRIVATE KEY-----\nMIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDCAHpFQ62QnGCEvYh/p\nE9QmR1C9aLcDItRbslbmhen/h1tt8AyMhskeenT+rAyyPhGhZANiAAQLW5ZJePZz\nMIPAxMtZXkEWbDF0zo9f2n4+T1h/2sh/fviblc/VTyrv10GEtIi5qiOy85Pf1RRw\n8lE5IPUWpgu553SteKigiKLUPeNpbqmYZUkWGh3MLfVzLmx85ii2vMU=\n-----END PRIVATE KEY-----")
119+
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtPublicKey, "-----BEGIN PUBLIC KEY-----\nMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEC1uWSXj2czCDwMTLWV5BFmwxdM6PX9p+\nPk9Yf9rIf374m5XP1U8q79dBhLSIuaojsvOT39UUcPJROSD1FqYLued0rXiooIii\n1D3jaW6pmGVJFhodzC31cy5sfOYotrzF\n-----END PUBLIC KEY-----")
120+
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtType, "ES384")
121+
jwtToken, err := token.SignJWTToken(claims)
122+
assert.NoError(t, err)
123+
assert.NotEmpty(t, jwtToken)
124+
c, err := token.ParseJWTToken(jwtToken)
125+
assert.NoError(t, err)
126+
assert.Equal(t, c["email"].(string), claims["email"])
127+
})
128+
t.Run("ES512", func(t *testing.T) {
129+
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtPrivateKey, "-----BEGIN PRIVATE KEY-----\nMIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIBiyAa7aRHFDCh2qga\n9sTUGINE5jHAFnmM8xWeT/uni5I4tNqhV5Xx0pDrmCV9mbroFtfEa0XVfKuMAxxf\nZ6LM/yKhgYkDgYYABAGBzgdnP798FsLuWYTDDQA7c0r3BVk8NnRUSexpQUsRilPN\nv3SchO0lRw9Ru86x1khnVDx+duq4BiDFcvlSAcyjLACJvjvoyTLJiA+TQFdmrear\njMiZNE25pT2yWP1NUndJxPcvVtfBW48kPOmvkY4WlqP5bAwCXwbsKrCgk6xbsp12\new==\n-----END PRIVATE KEY-----")
130+
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtPublicKey, "-----BEGIN PUBLIC KEY-----\nMIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBgc4HZz+/fBbC7lmEww0AO3NK9wVZ\nPDZ0VEnsaUFLEYpTzb90nITtJUcPUbvOsdZIZ1Q8fnbquAYgxXL5UgHMoywAib47\n6MkyyYgPk0BXZq3mq4zImTRNuaU9slj9TVJ3ScT3L1bXwVuPJDzpr5GOFpaj+WwM\nAl8G7CqwoJOsW7Kddns=\n-----END PUBLIC KEY-----")
131+
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtType, "ES512")
132+
jwtToken, err := token.SignJWTToken(claims)
133+
assert.NoError(t, err)
134+
assert.NotEmpty(t, jwtToken)
135+
c, err := token.ParseJWTToken(jwtToken)
136+
assert.NoError(t, err)
137+
assert.Equal(t, c["email"].(string), claims["email"])
138+
})
139+
})
140+
141+
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtType, jwtType)
142+
envstore.EnvInMemoryStoreObj.UpdateEnvVariable(constants.StringStoreIdentifier, constants.EnvKeyJwtSecret, jwtSecret)
143+
}

server/token/jwt.go

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,13 @@ import (
1212
func SignJWTToken(claims jwt.MapClaims) (string, error) {
1313
jwtType := envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtType)
1414
signingMethod := jwt.GetSigningMethod(jwtType)
15+
if signingMethod == nil {
16+
return "", errors.New("unsupported signing method")
17+
}
1518
t := jwt.New(signingMethod)
19+
if t == nil {
20+
return "", errors.New("unsupported signing method")
21+
}
1622
t.Claims = claims
1723

1824
switch signingMethod {
@@ -45,7 +51,7 @@ func ParseJWTToken(token string) (jwt.MapClaims, error) {
4551

4652
switch signingMethod {
4753
case jwt.SigningMethodHS256, jwt.SigningMethodHS384, jwt.SigningMethodHS512:
48-
_, err = jwt.ParseWithClaims(token, claims, func(token *jwt.Token) (interface{}, error) {
54+
_, err = jwt.ParseWithClaims(token, &claims, func(token *jwt.Token) (interface{}, error) {
4955
return []byte(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyJwtSecret)), nil
5056
})
5157
case jwt.SigningMethodRS256, jwt.SigningMethodRS384, jwt.SigningMethodRS512:

0 commit comments

Comments
 (0)