|
@@ -64,17 +64,27 @@ func TestJWTBearerAuth(t *testing.T) {
|
64
|
64
|
t.Fatal(err)
|
65
|
65
|
}
|
66
|
66
|
|
|
67
|
+ // fixed test vector signed with the RSA privkey:
|
|
68
|
+ token := "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJwcmVmZXJyZWRfdXNlcm5hbWUiOiJzbGluZ2FtbiJ9.caPZw2Dl4KZN-SErD5-WZB_lPPveHXaMCoUHxNebb94G9w3VaWDIRdngVU99JKx5nE_yRtpewkHHvXsQnNA_M63GBXGK7afXB8e-kV33QF3v9pXALMP5SzRwMgokyxas0RgHu4e4L0d7dn9o_nkdXp34GX3Pn1MVkUGBH6GdlbOdDHrs04pPQ0Qj-O2U0AIpnZq-X_GQs9ECJo4TlPKWR7Jlq5l9bS0dBnohea4FuqJr232je-dlRVkbCa7nrnFmsIsezsgA3Jb_j9Zu_iv460t_d2eaytbVp9P-DOVfzUfkBsKs-81URQEnTjW6ut445AJz2pxjX92X0GdmORpAkQ"
|
|
69
|
+ accountName, err := j.Validate(token)
|
|
70
|
+ if err != nil {
|
|
71
|
+ t.Errorf("could not validate valid token: %v", err)
|
|
72
|
+ }
|
|
73
|
+ if accountName != "slingamn" {
|
|
74
|
+ t.Errorf("incorrect account name for token: `%s`", accountName)
|
|
75
|
+ }
|
|
76
|
+
|
|
77
|
+ // programmatically sign a new token, validate it
|
67
|
78
|
privKey, err := jwt.ParseRSAPrivateKeyFromPEM([]byte(rsaTestPrivKey))
|
68
|
79
|
if err != nil {
|
69
|
80
|
t.Fatal(err)
|
70
|
81
|
}
|
71
|
82
|
jTok := jwt.NewWithClaims(jwt.SigningMethodRS256, jwt.MapClaims(map[string]any{"preferred_username": "slingamn"}))
|
72
|
|
- token, err := jTok.SignedString(privKey)
|
|
83
|
+ token, err = jTok.SignedString(privKey)
|
73
|
84
|
if err != nil {
|
74
|
85
|
t.Fatal(err)
|
75
|
86
|
}
|
76
|
|
-
|
77
|
|
- accountName, err := j.Validate(token)
|
|
87
|
+ accountName, err = j.Validate(token)
|
78
|
88
|
if err != nil {
|
79
|
89
|
t.Errorf("could not validate valid token: %v", err)
|
80
|
90
|
}
|
|
@@ -84,7 +94,7 @@ func TestJWTBearerAuth(t *testing.T) {
|
84
|
94
|
|
85
|
95
|
// test for the infamous algorithm confusion bug
|
86
|
96
|
jTok = jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims(map[string]any{"preferred_username": "slingamn"}))
|
87
|
|
- token, err = jTok.SignedString([]byte(rsaTestPrivKey))
|
|
97
|
+ token, err = jTok.SignedString([]byte(rsaTestPubKey))
|
88
|
98
|
if err != nil {
|
89
|
99
|
t.Fatal(err)
|
90
|
100
|
}
|