@Test public void generate_token_with_big_expiration_date() { setSecretKey(A_SECRET_KEY); underTest.start(); Date now = new Date(); long oneYearInSeconds = 12 * 30 * 24 * 60 * 60L; String token = underTest.encode(new JwtSession(USER_LOGIN, oneYearInSeconds)); assertThat(token).isNotEmpty(); Claims claims = underTest.decode(token).get(); // Check expiration date it set to one year in the future assertThat(claims.getExpiration().getTime()).isGreaterThanOrEqualTo(now.getTime() + oneYearInSeconds * 1000L - 1000L); }
String encode(JwtSession jwtSession) { checkIsStarted(); long now = system2.now(); JwtBuilder jwtBuilder = Jwts.builder() .setId(uuidFactory.create()) .setSubject(jwtSession.getUserLogin()) .setIssuedAt(new Date(now)) .setExpiration(new Date(now + jwtSession.getExpirationTimeInSeconds() * 1000)) .signWith(SIGNATURE_ALGORITHM, secretKey); for (Map.Entry<String, Object> entry : jwtSession.getProperties().entrySet()) { jwtBuilder.claim(entry.getKey(), entry.getValue()); } return jwtBuilder.compact(); }
String encode(JwtSession jwtSession) { checkIsStarted(); long now = system2.now(); JwtBuilder jwtBuilder = Jwts.builder() .setId(uuidFactory.create()) .setSubject(jwtSession.getUserLogin()) .setIssuedAt(new Date(now)) .setExpiration(new Date(now + jwtSession.getExpirationTimeInSeconds() * 1000)) .signWith(SIGNATURE_ALGORITHM, secretKey); for (Map.Entry<String, Object> entry : jwtSession.getProperties().entrySet()) { jwtBuilder.claim(entry.getKey(), entry.getValue()); } return jwtBuilder.compact(); }
public void generateToken(UserDto user, Map<String, Object> properties, HttpServletRequest request, HttpServletResponse response) { String csrfState = jwtCsrfVerifier.generateState(request, response, sessionTimeoutInSeconds); String token = jwtSerializer.encode(new JwtSerializer.JwtSession( user.getLogin(), sessionTimeoutInSeconds, ImmutableMap.<String, Object>builder() .putAll(properties) .put(LAST_REFRESH_TIME_PARAM, system2.now()) .put(CSRF_JWT_PARAM, csrfState) .build())); response.addCookie(createCookie(request, JWT_COOKIE, token, sessionTimeoutInSeconds)); }
@Test public void encode_fail_when_not_started() { expectedException.expect(NullPointerException.class); expectedException.expectMessage("org.sonar.server.authentication.JwtSerializer not started"); underTest.encode(new JwtSession(USER_LOGIN, 10)); }
@Test public void generate_token_with_expiration_date() { setSecretKey(A_SECRET_KEY); underTest.start(); Date now = new Date(); long expirationTimeInSeconds = 10L; String token = underTest.encode(new JwtSession(USER_LOGIN, expirationTimeInSeconds)); assertThat(token).isNotEmpty(); Claims claims = underTest.decode(token).get(); assertThat(claims.getExpiration().getTime()).isGreaterThanOrEqualTo(now.getTime() + expirationTimeInSeconds * 1000L - 1000L); }
public void generateToken(UserDto user, Map<String, Object> properties, HttpServletRequest request, HttpServletResponse response) { String csrfState = jwtCsrfVerifier.generateState(request, response, sessionTimeoutInSeconds); String token = jwtSerializer.encode(new JwtSerializer.JwtSession( user.getUuid(), sessionTimeoutInSeconds, ImmutableMap.<String, Object>builder() .putAll(properties) .put(LAST_REFRESH_TIME_PARAM, system2.now()) .put(CSRF_JWT_PARAM, csrfState) .build())); response.addCookie(createCookie(request, JWT_COOKIE, token, sessionTimeoutInSeconds)); }
private void verifyToken(JwtSerializer.JwtSession token, UserDto user, int expectedExpirationTime, long expectedRefreshTime) { assertThat(token.getExpirationTimeInSeconds()).isEqualTo(expectedExpirationTime); assertThat(token.getUserLogin()).isEqualTo(user.getUuid()); assertThat(token.getProperties().get("lastRefreshTime")).isEqualTo(expectedRefreshTime); }
@Test public void decode_token() { setSecretKey(A_SECRET_KEY); underTest.start(); Date now = new Date(); String token = underTest.encode(new JwtSession(USER_LOGIN, 20 * 60)); Claims claims = underTest.decode(token).get(); assertThat(claims.getId()).isNotEmpty(); assertThat(claims.getSubject()).isEqualTo(USER_LOGIN); assertThat(claims.getExpiration()).isNotNull(); assertThat(claims.getIssuedAt()).isNotNull(); // Check expiration date it set to more than 19 minutes in the future assertThat(claims.getExpiration()).isAfterOrEqualsTo(new Date(now.getTime() + 19 * 60 * 1000)); }
@Test public void generate_csrf_state_when_creating_token() { UserDto user = db.users().insertUser(); underTest.generateToken(user, request, response); verify(jwtCsrfVerifier).generateState(request, response, 3 * 24 * 60 * 60); verify(jwtSerializer).encode(jwtArgumentCaptor.capture()); JwtSerializer.JwtSession token = jwtArgumentCaptor.getValue(); assertThat(token.getProperties().get("xsrfToken")).isEqualTo(CSRF_STATE); }
@Test public void refresh_token_generate_a_new_hash() { setSecretKey(A_SECRET_KEY); underTest.start(); String token = underTest.encode(new JwtSession(USER_LOGIN, 30)); Optional<Claims> claims = underTest.decode(token); String newToken = underTest.refresh(claims.get(), 45); assertThat(newToken).isNotEqualTo(token); }
@Test public void generate_token() { setSecretKey(A_SECRET_KEY); underTest.start(); String token = underTest.encode(new JwtSession(USER_LOGIN, 10)); assertThat(token).isNotEmpty(); }
@Test public void generate_token_with_property() { setSecretKey(A_SECRET_KEY); underTest.start(); String token = underTest.encode(new JwtSession(USER_LOGIN, 10, ImmutableMap.of("custom", "property"))); assertThat(token).isNotEmpty(); Claims claims = underTest.decode(token).get(); assertThat(claims.get("custom")).isEqualTo("property"); }