@Inject public KeycloakJwkProvider(KeycloakSettings keycloakSettings) throws MalformedURLException { final String jwksUrl = keycloakSettings.get().get(KeycloakConstants.JWKS_ENDPOINT_SETTING); if (jwksUrl == null) { throw new ConfigurationException("Jwks endpoint url not found in keycloak settings"); } this.jwkProvider = new GuavaCachedJwkProvider(new UrlJwkProvider(new URL(jwksUrl))); }
public Oauth2Client(TokensStore tokenStore, Oauth2Properties oauthProperties) throws Exception { this.tokenStore = tokenStore; this.oauthProperties = oauthProperties; RestTemplate rt = new RestTemplate(); rt.getInterceptors().add(createClientAuthInterceptor(oauthProperties)); this.oauthRestTemplate = rt; this.jwkProvider = new GuavaCachedJwkProvider( traceJwkLookupsOf(new UrlJwkProvider(new URL(oauthProperties.getJwksEndpoint())))); }
@Test public void shouldBuildCorrectHttpsUrlOnDomainWithHttps() { String httpsDomain = "https://samples.auth0.com"; String actualJwksUrl = new UrlJwkProvider(httpsDomain).url.toString(); assertThat(actualJwksUrl, equalTo(httpsDomain + WELL_KNOWN_JWKS_PATH)); }
@Test public void shouldBuildCorrectHttpUrlOnDomainWithHttp() { String httpDomain = "http://samples.auth0.com"; String actualJwksUrl = new UrlJwkProvider(httpDomain).url.toString(); assertThat(actualJwksUrl, equalTo(httpDomain + WELL_KNOWN_JWKS_PATH)); }
@Test public void shouldBuildCorrectHttpsUrlOnDomainWithHttpsAndSlash() { String httpsDomain = "https://samples.auth0.com"; String httpsDomainWithSlash = httpsDomain + "/"; String actualJwksUrl = new UrlJwkProvider(httpsDomainWithSlash).url.toString(); assertThat(actualJwksUrl, equalTo(httpsDomain + WELL_KNOWN_JWKS_PATH)); }
@Test public void shouldBuildCorrectHttpsUrlOnDomain() { String domain = "samples.auth0.com"; String actualJwksUrl = new UrlJwkProvider(domain).url.toString(); assertThat(actualJwksUrl, equalTo("https://" + domain + WELL_KNOWN_JWKS_PATH)); }
@Test public void shouldWorkOnDomainWithSlash() { String domain = "samples.auth0.com"; String domainWithSlash = domain + "/"; String actualJwksUrl = new UrlJwkProvider(domainWithSlash).url.toString(); assertThat(actualJwksUrl, equalTo("https://" + domain + WELL_KNOWN_JWKS_PATH)); }
@Test public void shouldUseOnlyDomain() { String domain = "samples.auth0.com"; String domainWithSubPath = domain + "/sub/path/"; String actualJwksUrl = new UrlJwkProvider(domainWithSubPath).url.toString(); assertThat(actualJwksUrl, equalTo("https://" + domain + WELL_KNOWN_JWKS_PATH)); }
@Test public void shouldFailWithNegativeReadTimeout() throws MalformedURLException { expectedException.expect(IllegalArgumentException.class); new UrlJwkProvider(new URL("https://localhost"), null, -1); }
@Test public void shouldBuildCorrectHttpUrlOnDomainWithHttpAndSlash() { String httpDomain = "http://samples.auth0.com"; String httpDomainWithSlash = httpDomain + "/"; String actualJwksUrl = new UrlJwkProvider(httpDomainWithSlash).url.toString(); assertThat(actualJwksUrl, equalTo(httpDomain + WELL_KNOWN_JWKS_PATH)); }
@Test public void shouldFailWithNegativeConnectTimeout() throws MalformedURLException { expectedException.expect(IllegalArgumentException.class); new UrlJwkProvider(new URL("https://localhost"), -1, null); }
@Test public void shouldReturnWithoutIdWhenSingleJwk() throws Exception { UrlJwkProvider provider = new UrlJwkProvider(getClass().getResource("/jwks-single-no-kid.json")); assertThat(provider.get(null), notNullValue()); UrlJwkProvider provider2 = new UrlJwkProvider(getClass().getResource("/jwks-single.json")); assertThat(provider2.get(null), notNullValue()); }
@Test public void shouldFailToLoadByDifferentIdWhenSingleJwk() throws Exception { expectedException.expect(SigningKeyNotFoundException.class); UrlJwkProvider provider = new UrlJwkProvider(getClass().getResource("/jwks-single-no-kid.json")); provider.get("wrong-kid"); }
@Test public void shouldFailOnInvalidProtocol() { expectedException.expect(IllegalArgumentException.class); String domainWithInvalidProtocol = "httptest://samples.auth0.com"; new UrlJwkProvider(domainWithInvalidProtocol); }
@Test public void shouldFailWithNullUrl() { expectedException.expect(IllegalArgumentException.class); new UrlJwkProvider((URL) null); }
@Test public void shouldFailToCreateWithNullDomain() { expectedException.expect(IllegalArgumentException.class); new UrlJwkProvider((String) null); }
@Test public void shouldFailToLoadSingleWithoutIdWhenMultipleJwk() throws Exception { expectedException.expect(SigningKeyNotFoundException.class); UrlJwkProvider provider = new UrlJwkProvider(getClass().getResource("/jwks.json")); provider.get(null); }
@Test public void shouldFailToLoadSingleWhenJsonIsInvalid() throws Exception { expectedException.expect(SigningKeyNotFoundException.class); UrlJwkProvider provider = new UrlJwkProvider(getClass().getResource("/invalid-jwks.json")); provider.get(KID); }
@Test public void shouldFailToLoadSingleWhenUrlHasNothing() throws Exception { expectedException.expect(SigningKeyNotFoundException.class); UrlJwkProvider provider = new UrlJwkProvider(new URL("file:///not_found.file")); provider.get(KID); }
@Test public void shouldFailToLoadSingleWhenKeysIsEmpty() throws Exception { expectedException.expect(SigningKeyNotFoundException.class); UrlJwkProvider provider = new UrlJwkProvider(getClass().getResource("/empty-jwks.json")); provider.get(KID); }