6.x

hutool-json/src/test/java/cn/hutool/json/jwt/JWTSignerTest.java

@@ -0,0 +1,130 @@
+package cn.hutool.json.jwt;
+
+import cn.hutool.core.date.DateUtil;
+import cn.hutool.crypto.KeyUtil;
+import cn.hutool.json.jwt.signers.AlgorithmUtil;
+import cn.hutool.json.jwt.signers.JWTSigner;
+import cn.hutool.json.jwt.signers.JWTSignerUtil;
+import org.junit.Assert;
+import org.junit.Test;
+
+public class JWTSignerTest {
+
+	@Test
+	public void hs256Test(){
+		String id = "hs256";
+		final JWTSigner signer = JWTSignerUtil.createSigner(id, KeyUtil.generateKey(AlgorithmUtil.getAlgorithm(id)));
+		Assert.assertEquals(AlgorithmUtil.getAlgorithm(id), signer.getAlgorithm());
+
+		signAndVerify(signer);
+	}
+
+	@Test
+	public void hs256Test2(){
+		final JWTSigner signer = JWTSignerUtil.hs256("123456".getBytes());
+
+		signAndVerify(signer);
+	}
+
+	@Test
+	public void hs384Test(){
+		String id = "hs384";
+		final JWTSigner signer = JWTSignerUtil.createSigner(id, KeyUtil.generateKey(AlgorithmUtil.getAlgorithm(id)));
+		Assert.assertEquals(AlgorithmUtil.getAlgorithm(id), signer.getAlgorithm());
+
+		signAndVerify(signer);
+	}
+
+	@Test
+	public void hs512Test(){
+		String id = "hs512";
+		final JWTSigner signer = JWTSignerUtil.createSigner(id, KeyUtil.generateKey(AlgorithmUtil.getAlgorithm(id)));
+		Assert.assertEquals(AlgorithmUtil.getAlgorithm(id), signer.getAlgorithm());
+
+		signAndVerify(signer);
+	}
+
+	@Test
+	public void rs256Test(){
+		String id = "rs256";
+		final JWTSigner signer = JWTSignerUtil.createSigner(id, KeyUtil.generateKeyPair(AlgorithmUtil.getAlgorithm(id)));
+		Assert.assertEquals(AlgorithmUtil.getAlgorithm(id), signer.getAlgorithm());
+
+		signAndVerify(signer);
+	}
+
+	@Test
+	public void rs384Test(){
+		String id = "rs384";
+		final JWTSigner signer = JWTSignerUtil.createSigner(id, KeyUtil.generateKeyPair(AlgorithmUtil.getAlgorithm(id)));
+		Assert.assertEquals(AlgorithmUtil.getAlgorithm(id), signer.getAlgorithm());
+
+		signAndVerify(signer);
+	}
+
+	@Test
+	public void rs512Test(){
+		String id = "rs512";
+		final JWTSigner signer = JWTSignerUtil.createSigner(id, KeyUtil.generateKeyPair(AlgorithmUtil.getAlgorithm(id)));
+		Assert.assertEquals(AlgorithmUtil.getAlgorithm(id), signer.getAlgorithm());
+
+		signAndVerify(signer);
+	}
+
+	@Test
+	public void es256Test(){
+		String id = "es256";
+		final JWTSigner signer = JWTSignerUtil.createSigner(id, KeyUtil.generateKeyPair(AlgorithmUtil.getAlgorithm(id)));
+		Assert.assertEquals(AlgorithmUtil.getAlgorithm(id), signer.getAlgorithm());
+
+		signAndVerify(signer);
+	}
+
+	@Test
+	public void es384Test(){
+		String id = "es384";
+		final JWTSigner signer = JWTSignerUtil.createSigner(id, KeyUtil.generateKeyPair(AlgorithmUtil.getAlgorithm(id)));
+		Assert.assertEquals(AlgorithmUtil.getAlgorithm(id), signer.getAlgorithm());
+
+		signAndVerify(signer);
+	}
+
+	@Test
+	public void es512Test(){
+		String id = "es512";
+		final JWTSigner signer = JWTSignerUtil.createSigner(id, KeyUtil.generateKeyPair(AlgorithmUtil.getAlgorithm(id)));
+		Assert.assertEquals(AlgorithmUtil.getAlgorithm(id), signer.getAlgorithm());
+
+		signAndVerify(signer);
+	}
+
+	@Test
+	public void ps256Test(){
+		String id = "ps256";
+		final JWTSigner signer = JWTSignerUtil.createSigner(id, KeyUtil.generateKeyPair(AlgorithmUtil.getAlgorithm(id)));
+		Assert.assertEquals(AlgorithmUtil.getAlgorithm(id), signer.getAlgorithm());
+
+		signAndVerify(signer);
+	}
+
+	@Test
+	public void ps384Test(){
+		String id = "ps384";
+		final JWTSigner signer = JWTSignerUtil.createSigner(id, KeyUtil.generateKeyPair(AlgorithmUtil.getAlgorithm(id)));
+		Assert.assertEquals(AlgorithmUtil.getAlgorithm(id), signer.getAlgorithm());
+
+		signAndVerify(signer);
+	}
+
+	private static void signAndVerify(JWTSigner signer){
+		JWT jwt = JWT.create()
+				.setPayload("sub", "1234567890")
+				.setPayload("name", "looly")
+				.setPayload("admin", true)
+				.setExpiresAt(DateUtil.tomorrow())
+				.setSigner(signer);
+
+		String token = jwt.sign();
+		Assert.assertTrue(JWT.of(token).verify(signer));
+	}
+}

hutool-json/src/test/java/cn/hutool/json/jwt/JWTTest.java

@@ -0,0 +1,91 @@
+package cn.hutool.json.jwt;
+
+import cn.hutool.core.date.DateUtil;
+import cn.hutool.core.util.StrUtil;
+import cn.hutool.json.jwt.signers.JWTSignerUtil;
+import org.junit.Assert;
+import org.junit.Test;
+
+public class JWTTest {
+
+	@Test
+	public void createHs256Test(){
+		byte[] key = "1234567890".getBytes();
+		JWT jwt = JWT.create()
+				.setPayload("sub", "1234567890")
+				.setPayload("name", "looly")
+				.setPayload("admin", true)
+				.setExpiresAt(DateUtil.parse("2022-01-01"))
+				.setKey(key);
+
+		String rightToken = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9." +
+				"eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6Imxvb2x5IiwiYWRtaW4iOnRydWUsImV4cCI6MTY0MDk2NjQwMH0." +
+				"bXlSnqVeJXWqUIt7HyEhgKNVlIPjkumHlAwFY-5YCtk";
+
+		String token = jwt.sign();
+		Assert.assertEquals(rightToken, token);
+
+		Assert.assertTrue(JWT.of(rightToken).setKey(key).verify());
+	}
+
+	@Test
+	public void parseTest(){
+		String rightToken = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9." +
+				"eyJzdWIiOiIxMjM0NTY3ODkwIiwiYWRtaW4iOnRydWUsIm5hbWUiOiJsb29seSJ9." +
+				"U2aQkC2THYV9L0fTN-yBBI7gmo5xhmvMhATtu8v0zEA";
+
+		final JWT jwt = JWT.of(rightToken);
+
+		Assert.assertTrue(jwt.setKey("1234567890".getBytes()).verify());
+
+		//header
+		Assert.assertEquals("JWT", jwt.getHeader(JWTHeader.TYPE));
+		Assert.assertEquals("HS256", jwt.getHeader(JWTHeader.ALGORITHM));
+		Assert.assertNull(jwt.getHeader(JWTHeader.CONTENT_TYPE));
+
+		//payload
+		Assert.assertEquals("1234567890", jwt.getPayload("sub"));
+		Assert.assertEquals("looly", jwt.getPayload("name"));
+		Assert.assertEquals(true, jwt.getPayload("admin"));
+	}
+
+	@Test
+	public void createNoneTest(){
+		JWT jwt = JWT.create()
+				.setPayload("sub", "1234567890")
+				.setPayload("name", "looly")
+				.setPayload("admin", true)
+				.setSigner(JWTSignerUtil.none());
+
+		String rightToken = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9." +
+				"eyJzdWIiOiIxMjM0NTY3ODkwIiwiYWRtaW4iOnRydWUsIm5hbWUiOiJsb29seSJ9.";
+
+		String token = jwt.sign();
+		Assert.assertEquals(token, token);
+
+		Assert.assertTrue(JWT.of(rightToken).setSigner(JWTSignerUtil.none()).verify());
+	}
+
+	/**
+	 * 必须定义签名器
+	 */
+	@Test(expected = JWTException.class)
+	public void needSignerTest(){
+		JWT jwt = JWT.create()
+				.setPayload("sub", "1234567890")
+				.setPayload("name", "looly")
+				.setPayload("admin", true);
+
+		jwt.sign();
+	}
+
+	@Test
+	public void verifyTest(){
+		String token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9." +
+				"eyJ1c2VyX25hbWUiOiJhZG1pbiIsInNjb3BlIjpbImFsbCJdLCJleHAiOjE2MjQwMDQ4MjIsInVzZXJJZCI6MSwiYXV0aG9yaXRpZXMiOlsiUk9MRV_op5LoibLkuozlj7ciLCJzeXNfbWVudV8xIiwiUk9MRV_op5LoibLkuIDlj7ciLCJzeXNfbWVudV8yIl0sImp0aSI6ImQ0YzVlYjgwLTA5ZTctNGU0ZC1hZTg3LTVkNGI5M2FhNmFiNiIsImNsaWVudF9pZCI6ImhhbmR5LXNob3AifQ." +
+				"aixF1eKlAKS_k3ynFnStE7-IRGiD5YaqznvK2xEjBew";
+
+		final boolean verify = JWT.of(token).setKey(StrUtil.utf8Bytes("123456")).verify();
+		Assert.assertTrue(verify);
+	}
+}

hutool-json/src/test/java/cn/hutool/json/jwt/JWTUtilTest.java

@@ -0,0 +1,55 @@
+package cn.hutool.json.jwt;
+
+import org.junit.Assert;
+import org.junit.Test;
+
+import java.util.HashMap;
+import java.util.Map;
+
+public class JWTUtilTest {
+
+	@Test
+	public void createTest(){
+		byte[] key = "1234".getBytes();
+		Map<String, Object> map = new HashMap<String, Object>() {
+			private static final long serialVersionUID = 1L;
+			{
+				put("uid", Integer.parseInt("123"));
+				put("expire_time", System.currentTimeMillis() + 1000 * 60 * 60 * 24 * 15);
+
+			}
+		};
+
+		JWTUtil.createToken(map, key);
+	}
+
+	@Test
+	public void parseTest(){
+		String rightToken = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9." +
+				"eyJzdWIiOiIxMjM0NTY3ODkwIiwiYWRtaW4iOnRydWUsIm5hbWUiOiJsb29seSJ9." +
+				"U2aQkC2THYV9L0fTN-yBBI7gmo5xhmvMhATtu8v0zEA";
+		final JWT jwt = JWTUtil.parseToken(rightToken);
+
+		Assert.assertTrue(jwt.setKey("1234567890".getBytes()).verify());
+
+		//header
+		Assert.assertEquals("JWT", jwt.getHeader(JWTHeader.TYPE));
+		Assert.assertEquals("HS256", jwt.getHeader(JWTHeader.ALGORITHM));
+		Assert.assertNull(jwt.getHeader(JWTHeader.CONTENT_TYPE));
+
+		//payload
+		Assert.assertEquals("1234567890", jwt.getPayload("sub"));
+		Assert.assertEquals("looly", jwt.getPayload("name"));
+		Assert.assertEquals(true, jwt.getPayload("admin"));
+	}
+
+	@Test
+	public void verifyTest(){
+		String token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9." +
+				"eyJ1c2VyX25hbWUiOiJhZG1pbiIsInNjb3BlIjpbImFsbCJdLCJleHAiOjE2MjQwMDQ4MjIsInVzZXJJZCI6MSwiYXV0aG9yaXRpZXMiOlsiUk9MRV_op5LoibLkuozlj7ciLCJzeXNfbWVudV8xIiwiUk9MRV_op5LoibLkuIDlj7ciLCJzeXNfbWVudV8yIl0sImp0aSI6ImQ0YzVlYjgwLTA5ZTctNGU0ZC1hZTg3LTVkNGI5M2FhNmFiNiIsImNsaWVudF9pZCI6ImhhbmR5LXNob3AifQ." +
+				"aixF1eKlAKS_k3ynFnStE7-IRGiD5YaqznvK2xEjBew";
+
+		final boolean verify = JWTUtil.verify(token, "123456".getBytes());
+		Assert.assertTrue(verify);
+	}
+}

hutool-json/src/test/java/cn/hutool/json/jwt/JWTValidatorTest.java

@@ -0,0 +1,82 @@
+package cn.hutool.json.jwt;
+
+import cn.hutool.core.date.DateUtil;
+import cn.hutool.core.exceptions.ValidateException;
+import cn.hutool.json.jwt.signers.JWTSignerUtil;
+import org.junit.Assert;
+import org.junit.Test;
+
+public class JWTValidatorTest {
+
+	@Test(expected = ValidateException.class)
+	public void expiredAtTest(){
+		String token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE0Nzc1OTJ9.isvT0Pqx0yjnZk53mUFSeYFJLDs-Ls9IsNAm86gIdZo";
+		JWTValidator.of(token).validateDate(DateUtil.date());
+	}
+
+	@Test(expected = ValidateException.class)
+	public void issueAtTest(){
+		final String token = JWT.create()
+				.setIssuedAt(DateUtil.date())
+				.setKey("123456".getBytes())
+				.sign();
+
+		// 签发时间早于被检查的时间
+		JWTValidator.of(token).validateDate(DateUtil.yesterday());
+	}
+
+	@Test
+	public void issueAtPassTest(){
+		final String token = JWT.create()
+				.setIssuedAt(DateUtil.date())
+				.setKey("123456".getBytes())
+				.sign();
+
+		// 签发时间早于被检查的时间
+		JWTValidator.of(token).validateDate(DateUtil.date());
+	}
+
+	@Test(expected = ValidateException.class)
+	public void notBeforeTest(){
+		final JWT jwt = JWT.create()
+				.setNotBefore(DateUtil.date());
+
+		JWTValidator.of(jwt).validateDate(DateUtil.yesterday());
+	}
+
+	@Test
+	public void notBeforePassTest(){
+		final JWT jwt = JWT.create()
+				.setNotBefore(DateUtil.date());
+		JWTValidator.of(jwt).validateDate(DateUtil.date());
+	}
+
+	@Test
+	public void validateAlgorithmTest(){
+		final String token = JWT.create()
+				.setNotBefore(DateUtil.date())
+				.setKey("123456".getBytes())
+				.sign();
+
+		// 验证算法
+		JWTValidator.of(token).validateAlgorithm(JWTSignerUtil.hs256("123456".getBytes()));
+	}
+
+	@Test
+	public void validateTest(){
+		String token = "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJNb0xpIiwiZXhwIjoxNjI0OTU4MDk0NTI4LCJpYXQiOjE2MjQ5NTgwMzQ1MjAsInVzZXIiOiJ1c2VyIn0.L0uB38p9sZrivbmP0VlDe--j_11YUXTu3TfHhfQhRKc";
+		byte[] key = "1234567890".getBytes();
+		boolean validate = JWT.of(token).setKey(key).validate(0);
+		Assert.assertFalse(validate);
+	}
+
+	@Test(expected = ValidateException.class)
+	public void validateDateTest(){
+		final JWT jwt = JWT.create()
+				.setPayload("id", 123)
+				.setPayload("username", "hutool")
+				.setExpiresAt(DateUtil.parse("2021-10-13 09:59:00"));
+
+		JWTValidator.of(jwt).validateDate(DateUtil.date());
+	}
+}