2014-12-28 23:24:41 +03:00
|
|
|
package jwt_test
|
2012-07-07 02:02:02 +04:00
|
|
|
|
|
|
|
import (
|
2014-12-28 23:24:41 +03:00
|
|
|
"github.com/dgrijalva/jwt-go"
|
2014-07-06 02:08:42 +04:00
|
|
|
"io/ioutil"
|
2012-07-07 02:02:02 +04:00
|
|
|
"strings"
|
|
|
|
"testing"
|
|
|
|
)
|
|
|
|
|
2014-07-06 02:08:42 +04:00
|
|
|
var hmacTestData = []struct {
|
2012-07-07 02:02:02 +04:00
|
|
|
name string
|
|
|
|
tokenString string
|
2014-07-06 02:08:42 +04:00
|
|
|
alg string
|
2012-07-07 02:02:02 +04:00
|
|
|
claims map[string]interface{}
|
|
|
|
valid bool
|
|
|
|
}{
|
|
|
|
{
|
|
|
|
"web sample",
|
|
|
|
"eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ.dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk",
|
2014-07-06 02:08:42 +04:00
|
|
|
"HS256",
|
|
|
|
map[string]interface{}{"iss": "joe", "exp": 1300819380, "http://example.com/is_root": true},
|
|
|
|
true,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"HS384",
|
|
|
|
"eyJhbGciOiJIUzM4NCIsInR5cCI6IkpXVCJ9.eyJleHAiOjEuMzAwODE5MzhlKzA5LCJodHRwOi8vZXhhbXBsZS5jb20vaXNfcm9vdCI6dHJ1ZSwiaXNzIjoiam9lIn0.KWZEuOD5lbBxZ34g7F-SlVLAQ_r5KApWNWlZIIMyQVz5Zs58a7XdNzj5_0EcNoOy",
|
|
|
|
"HS384",
|
|
|
|
map[string]interface{}{"iss": "joe", "exp": 1300819380, "http://example.com/is_root": true},
|
|
|
|
true,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"HS512",
|
|
|
|
"eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJleHAiOjEuMzAwODE5MzhlKzA5LCJodHRwOi8vZXhhbXBsZS5jb20vaXNfcm9vdCI6dHJ1ZSwiaXNzIjoiam9lIn0.CN7YijRX6Aw1n2jyI2Id1w90ja-DEMYiWixhYCyHnrZ1VfJRaFQz1bEbjjA5Fn4CLYaUG432dEYmSbS4Saokmw",
|
|
|
|
"HS512",
|
2012-07-07 02:02:02 +04:00
|
|
|
map[string]interface{}{"iss": "joe", "exp": 1300819380, "http://example.com/is_root": true},
|
|
|
|
true,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
"web sample: invalid",
|
|
|
|
"eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ.dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXo",
|
2014-07-06 02:08:42 +04:00
|
|
|
"HS256",
|
2012-07-07 02:02:02 +04:00
|
|
|
map[string]interface{}{"iss": "joe", "exp": 1300819380, "http://example.com/is_root": true},
|
|
|
|
false,
|
|
|
|
},
|
|
|
|
}
|
2012-07-07 04:02:20 +04:00
|
|
|
|
2012-07-07 02:02:02 +04:00
|
|
|
// Sample data from http://tools.ietf.org/html/draft-jones-json-web-signature-04#appendix-A.1
|
2014-07-06 02:08:42 +04:00
|
|
|
var hmacTestKey, _ = ioutil.ReadFile("test/hmacTestKey")
|
2012-07-07 02:02:02 +04:00
|
|
|
|
2014-07-06 02:08:42 +04:00
|
|
|
func TestHMACVerify(t *testing.T) {
|
|
|
|
for _, data := range hmacTestData {
|
2012-07-07 02:02:02 +04:00
|
|
|
parts := strings.Split(data.tokenString, ".")
|
|
|
|
|
2014-12-28 23:24:41 +03:00
|
|
|
method := jwt.GetSigningMethod(data.alg)
|
2014-07-06 02:08:42 +04:00
|
|
|
err := method.Verify(strings.Join(parts[0:2], "."), parts[2], hmacTestKey)
|
2012-07-07 02:02:02 +04:00
|
|
|
if data.valid && err != nil {
|
|
|
|
t.Errorf("[%v] Error while verifying key: %v", data.name, err)
|
|
|
|
}
|
|
|
|
if !data.valid && err == nil {
|
|
|
|
t.Errorf("[%v] Invalid key passed validation", data.name)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
2012-07-07 02:43:17 +04:00
|
|
|
|
2014-07-06 02:08:42 +04:00
|
|
|
func TestHMACSign(t *testing.T) {
|
|
|
|
for _, data := range hmacTestData {
|
2012-07-07 02:43:17 +04:00
|
|
|
if data.valid {
|
|
|
|
parts := strings.Split(data.tokenString, ".")
|
2014-12-28 23:24:41 +03:00
|
|
|
method := jwt.GetSigningMethod(data.alg)
|
2014-07-06 02:08:42 +04:00
|
|
|
sig, err := method.Sign(strings.Join(parts[0:2], "."), hmacTestKey)
|
2012-07-07 02:43:17 +04:00
|
|
|
if err != nil {
|
|
|
|
t.Errorf("[%v] Error signing token: %v", data.name, err)
|
|
|
|
}
|
|
|
|
if sig != parts[2] {
|
|
|
|
t.Errorf("[%v] Incorrect signature.\nwas:\n%v\nexpecting:\n%v", data.name, sig, parts[2])
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
2012-07-07 04:02:20 +04:00
|
|
|
}
|
2015-04-11 23:31:06 +03:00
|
|
|
|
|
|
|
func BenchmarkHMACSigning(b *testing.B) {
|
|
|
|
|
|
|
|
var preppedData = make([]struct {
|
|
|
|
t *jwt.Token
|
|
|
|
method jwt.SigningMethod
|
|
|
|
k interface{}
|
|
|
|
}, len(hmacTestData))
|
|
|
|
|
|
|
|
for i, data := range hmacTestData {
|
|
|
|
preppedData[i].t, _ = jwt.Parse(data.tokenString, func(*jwt.Token) (interface{}, error) { return nil, nil })
|
|
|
|
preppedData[i].method = jwt.GetSigningMethod(data.alg)
|
|
|
|
}
|
|
|
|
|
|
|
|
for _, data := range preppedData {
|
|
|
|
b.RunParallel(func(pb *testing.PB) {
|
|
|
|
for pb.Next() {
|
|
|
|
data.t.SignedString(hmacTestKey)
|
|
|
|
}
|
|
|
|
})
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|