保誠-保戶業務員媒合平台
究查 | 歷程 | 原始
wayne
2021-11-02 9b890d3e1b373bd3dfefd06199178134353dcb06 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132

package com.pollex.pam.security.jwt;


 


import static org.assertj.core.api.Assertions.assertThat;


 


import com.pollex.pam.security.AuthoritiesConstants;


import io.jsonwebtoken.Jwts;


import io.jsonwebtoken.SignatureAlgorithm;


import io.jsonwebtoken.io.Decoders;


import io.jsonwebtoken.security.Keys;


import java.nio.charset.StandardCharsets;


import java.security.Key;


import java.util.*;


import org.junit.jupiter.api.BeforeEach;


import org.junit.jupiter.api.Test;


import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;


import org.springframework.security.core.Authentication;


import org.springframework.security.core.GrantedAuthority;


import org.springframework.security.core.authority.SimpleGrantedAuthority;


import org.springframework.test.util.ReflectionTestUtils;


import tech.jhipster.config.JHipsterProperties;


 


class TokenProviderTest {


 


    private static final long ONE_MINUTE = 60000;


 


    private Key key;


    private TokenProvider tokenProvider;


 


    @BeforeEach


    public void setup() {


        JHipsterProperties jHipsterProperties = new JHipsterProperties();


        String base64Secret = "fd54a45s65fds737b9aafcb3412e07ed99b267f33413274720ddbb7f6c5e64e9f14075f2d7ed041592f0b7657baf8";


        jHipsterProperties.getSecurity().getAuthentication().getJwt().setBase64Secret(base64Secret);


        tokenProvider = new TokenProvider(jHipsterProperties);


        key = Keys.hmacShaKeyFor(Decoders.BASE64.decode(base64Secret));


 


        ReflectionTestUtils.setField(tokenProvider, "key", key);


        ReflectionTestUtils.setField(tokenProvider, "tokenValidityInMilliseconds", ONE_MINUTE);


    }


 


    @Test


    void testReturnFalseWhenJWThasInvalidSignature() {


        boolean isTokenValid = tokenProvider.validateToken(createTokenWithDifferentSignature());


 


        assertThat(isTokenValid).isFalse();


    }


 


    @Test


    void testReturnFalseWhenJWTisMalformed() {


        Authentication authentication = createAuthentication();


        String token = tokenProvider.createToken(authentication, false);


        String invalidToken = token.substring(1);


        boolean isTokenValid = tokenProvider.validateToken(invalidToken);


 


        assertThat(isTokenValid).isFalse();


    }


 


    @Test


    void testReturnFalseWhenJWTisExpired() {


        ReflectionTestUtils.setField(tokenProvider, "tokenValidityInMilliseconds", -ONE_MINUTE);


 


        Authentication authentication = createAuthentication();


        String token = tokenProvider.createToken(authentication, false);


 


        boolean isTokenValid = tokenProvider.validateToken(token);


 


        assertThat(isTokenValid).isFalse();


    }


 


    @Test


    void testReturnFalseWhenJWTisUnsupported() {


        String unsupportedToken = createUnsupportedToken();


 


        boolean isTokenValid = tokenProvider.validateToken(unsupportedToken);


 


        assertThat(isTokenValid).isFalse();


    }


 


    @Test


    void testReturnFalseWhenJWTisInvalid() {


        boolean isTokenValid = tokenProvider.validateToken("");


 


        assertThat(isTokenValid).isFalse();


    }


 


    @Test


    void testKeyIsSetFromSecretWhenSecretIsNotEmpty() {


        final String secret = "NwskoUmKHZtzGRKJKVjsJF7BtQMMxNWi";


        JHipsterProperties jHipsterProperties = new JHipsterProperties();


        jHipsterProperties.getSecurity().getAuthentication().getJwt().setSecret(secret);


 


        TokenProvider tokenProvider = new TokenProvider(jHipsterProperties);


 


        Key key = (Key) ReflectionTestUtils.getField(tokenProvider, "key");


        assertThat(key).isNotNull().isEqualTo(Keys.hmacShaKeyFor(secret.getBytes(StandardCharsets.UTF_8)));


    }


 


    @Test


    void testKeyIsSetFromBase64SecretWhenSecretIsEmpty() {


        final String base64Secret = "fd54a45s65fds737b9aafcb3412e07ed99b267f33413274720ddbb7f6c5e64e9f14075f2d7ed041592f0b7657baf8";


        JHipsterProperties jHipsterProperties = new JHipsterProperties();


        jHipsterProperties.getSecurity().getAuthentication().getJwt().setBase64Secret(base64Secret);


 


        TokenProvider tokenProvider = new TokenProvider(jHipsterProperties);


 


        Key key = (Key) ReflectionTestUtils.getField(tokenProvider, "key");


        assertThat(key).isNotNull().isEqualTo(Keys.hmacShaKeyFor(Decoders.BASE64.decode(base64Secret)));


    }


 


    private Authentication createAuthentication() {


        Collection<GrantedAuthority> authorities = new ArrayList<>();


        authorities.add(new SimpleGrantedAuthority(AuthoritiesConstants.ANONYMOUS));


        return new UsernamePasswordAuthenticationToken("anonymous", "anonymous", authorities);


    }


 


    private String createUnsupportedToken() {


        return Jwts.builder().setPayload("payload").signWith(key, SignatureAlgorithm.HS512).compact();


    }


 


    private String createTokenWithDifferentSignature() {


        Key otherKey = Keys.hmacShaKeyFor(


            Decoders.BASE64.decode("Xfd54a45s65fds737b9aafcb3412e07ed99b267f33413274720ddbb7f6c5e64e9f14075f2d7ed041592f0b7657baf8")


        );


 


        return Jwts


            .builder()


            .setSubject("anonymous")


            .signWith(otherKey, SignatureAlgorithm.HS512)


            .setExpiration(new Date(new Date().getTime() + ONE_MINUTE))


            .compact();


    }


}