Package com.nimbusds.jwt

Source Code of com.nimbusds.jwt.SignedJWTTest

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
package com.nimbusds.jwt;


import java.net.URL;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.util.Date;

import com.nimbusds.jose.util.Base64URL;
import junit.framework.TestCase;

import com.nimbusds.jose.*;
import com.nimbusds.jose.crypto.RSASSASigner;
import com.nimbusds.jose.crypto.RSASSAVerifier;


/**
* Tests signed JWTs.
*/
public class SignedJWTTest extends TestCase {


  public void testSignAndVerify()
    throws Exception {

    KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
    kpg.initialize(2048);

    KeyPair kp = kpg.genKeyPair();
    RSAPublicKey publicKey = (RSAPublicKey)kp.getPublic();
    RSAPrivateKey privateKey = (RSAPrivateKey)kp.getPrivate();

    JWTClaimsSet claimsSet = new JWTClaimsSet();
    claimsSet.setSubject("alice");
    claimsSet.setIssueTime(new Date(123000l));
    claimsSet.setIssuer("https://c2id.com");
    claimsSet.setCustomClaim("scope", "openid");

    JWSHeader header = new JWSHeader(JWSAlgorithm.RS256);
    header.setKeyID("1");
    header.setJWKURL(new URL("https://c2id.com/jwks.json"));

    SignedJWT signedJWT = new SignedJWT(header, claimsSet);

    assertEquals(JWSObject.State.UNSIGNED, signedJWT.getState());
    assertEquals(header, signedJWT.getHeader());
    assertEquals("alice", signedJWT.getJWTClaimsSet().getSubject());
    assertEquals(123000l, signedJWT.getJWTClaimsSet().getIssueTime().getTime());
    assertEquals("https://c2id.com", signedJWT.getJWTClaimsSet().getIssuer());
    assertEquals("openid", signedJWT.getJWTClaimsSet().getStringClaim("scope"));
    assertNull(signedJWT.getSignature());

    Base64URL sigInput = Base64URL.encode(signedJWT.getSigningInput());

    JWSSigner signer = new RSASSASigner(privateKey);

    signedJWT.sign(signer);

    assertEquals(JWSObject.State.SIGNED, signedJWT.getState());
    assertNotNull(signedJWT.getSignature());

    String serializedJWT = signedJWT.serialize();

    signedJWT = SignedJWT.parse(serializedJWT);
    assertEquals(serializedJWT, signedJWT.getParsedString());

    assertEquals(JWSObject.State.SIGNED, signedJWT.getState());
    assertNotNull(signedJWT.getSignature());
    assertTrue(sigInput.equals(Base64URL.encode(signedJWT.getSigningInput())));

    JWSVerifier verifier = new RSASSAVerifier(publicKey);
    assertTrue(signedJWT.verify(verifier));
  }
}
TOP

Related Classes of com.nimbusds.jwt.SignedJWTTest

  • com.nimbusds.jose.crypto.RSASSASigner
  • com.nimbusds.jose.crypto.RSASSAVerifier
  • com.nimbusds.jose.util.Base64URL
  • java.security.interfaces.RSAPrivateKey
  • java.util.Date
  • java.net.URL
  • java.security.interfaces.RSAPublicKey
  • java.security.KeyPair
  • java.security.KeyPairGenerator
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.