@Test public void testAnonymous() throws Exception { SecurityToken t = codec.createToken( ImmutableMap.of(SecurityTokenCodec.SECURITY_TOKEN_NAME, " ")); assertTrue(t.isAnonymous()); Map<String, String> empty = ImmutableMap.of(); t = codec.createToken(empty); assertTrue(t.isAnonymous()); }
@Test public void testAnonymous() throws Exception { SecurityToken t = codec.createToken( ImmutableMap.of(SecurityTokenCodec.SECURITY_TOKEN_NAME, " ")); assertTrue(t.isAnonymous()); Map<String, String> empty = ImmutableMap.of(); t = codec.createToken(empty); assertTrue(t.isAnonymous()); }
@Test public void testAnonymous() throws Exception { SecurityToken t = codec.createToken( ImmutableMap.of(SecurityTokenCodec.SECURITY_TOKEN_NAME, " ")); assertTrue(t.isAnonymous()); Map<String, String> empty = ImmutableMap.of(); t = codec.createToken(empty); assertTrue(t.isAnonymous()); }
@Test public void testAnonymous() throws Exception { SecurityToken t = codec.createToken( ImmutableMap.of(SecurityTokenCodec.SECURITY_TOKEN_NAME, " ")); assertTrue(t.isAnonymous()); Map<String, String> empty = ImmutableMap.of(); t = codec.createToken(empty); assertTrue(t.isAnonymous()); }
@Test public void testAnonymous() throws Exception { SecurityToken t = codec.createToken( ImmutableMap.of(SecurityTokenCodec.SECURITY_TOKEN_NAME, " ")); assertTrue(t.isAnonymous()); Map<String, String> empty = ImmutableMap.of(); t = codec.createToken(empty); assertTrue(t.isAnonymous()); }
@Test public void testMalformed() throws Exception { try { codec.createToken(ImmutableMap.of(SecurityTokenCodec.SECURITY_TOKEN_NAME, "foo")); fail("should have tried to decrypt with wrong key"); } catch (SecurityTokenException e) { assertTrue(e.getMessage(), e.getMessage().contains("Invalid security token foo")); } }
@Test public void testMalformed() throws Exception { try { codec.createToken(ImmutableMap.of(SecurityTokenCodec.SECURITY_TOKEN_NAME, "foo")); fail("should have tried to decrypt with wrong key"); } catch (SecurityTokenException e) { assertTrue(e.getMessage(), e.getMessage().contains("Invalid security token foo")); } }
@Test public void testMalformed() throws Exception { try { codec.createToken(ImmutableMap.of(SecurityTokenCodec.SECURITY_TOKEN_NAME, "foo")); fail("should have tried to decrypt with wrong key"); } catch (SecurityTokenException e) { assertTrue(e.getMessage(), e.getMessage().contains("Invalid security token foo")); } }
@Test public void testMalformed() throws Exception { try { codec.createToken(ImmutableMap.of(SecurityTokenCodec.SECURITY_TOKEN_NAME, "foo")); fail("should have tried to decrypt with wrong key"); } catch (SecurityTokenException e) { assertTrue(e.getMessage(), e.getMessage().contains("Invalid security token foo")); } }
@Test public void testMalformed() throws Exception { try { codec.createToken(ImmutableMap.of(SecurityTokenCodec.SECURITY_TOKEN_NAME, "foo")); fail("should have tried to decrypt with wrong key"); } catch (SecurityTokenException e) { assertTrue(e.getMessage(), e.getMessage().contains("Invalid security token foo")); } }
@Test public void testUnknownContainer() throws Exception { Map<String, String> values = new HashMap<String, String>(); values.put(Keys.APP_URL.getKey(), "http://www.example.com/gadget.xml"); values.put(Keys.MODULE_ID.getKey(), Long.toString(12345L, 10)); values.put(Keys.OWNER.getKey(), "owner"); values.put(Keys.VIEWER.getKey(), "viewer"); values.put(Keys.TRUSTED_JSON.getKey(), "trusted"); BlobCrypterSecurityToken t = new BlobCrypterSecurityToken("container", null, null, values); String encrypted = t.getContainer() + ":" + getBlobCrypter(getContainerKey("container")).wrap(t.toMap()); encrypted = encrypted.replace("container:", "other:"); try { codec.createToken(ImmutableMap.of(SecurityTokenCodec.SECURITY_TOKEN_NAME, encrypted)); fail("should have reported that container was unknown"); } catch (SecurityTokenException e) { assertTrue(e.getMessage(), e.getMessage().contains("Unknown container")); } }
@Test public void testWrongContainer() throws Exception { Map<String, String> values = new HashMap<String, String>(); values.put(Keys.APP_URL.getKey(), "http://www.example.com/gadget.xml"); values.put(Keys.MODULE_ID.getKey(), Long.toString(12345L, 10)); values.put(Keys.OWNER.getKey(), "owner"); values.put(Keys.VIEWER.getKey(), "viewer"); values.put(Keys.TRUSTED_JSON.getKey(), "trusted"); BlobCrypterSecurityToken t = new BlobCrypterSecurityToken("container", null, null, values); String encrypted = t.getContainer() + ":" + getBlobCrypter(getContainerKey("container")).wrap(t.toMap()); encrypted = encrypted.replace("container:", "example:"); try { codec.createToken(ImmutableMap.of(SecurityTokenCodec.SECURITY_TOKEN_NAME, encrypted)); fail("should have tried to decrypt with wrong key"); } catch (SecurityTokenException e) { assertTrue(e.getMessage(), e.getMessage().contains("Invalid token signature")); } }
@Test public void testUnknownContainer() throws Exception { Map<String, String> values = new HashMap<String, String>(); values.put(Keys.APP_URL.getKey(), "http://www.example.com/gadget.xml"); values.put(Keys.MODULE_ID.getKey(), Long.toString(12345L, 10)); values.put(Keys.OWNER.getKey(), "owner"); values.put(Keys.VIEWER.getKey(), "viewer"); values.put(Keys.TRUSTED_JSON.getKey(), "trusted"); BlobCrypterSecurityToken t = new BlobCrypterSecurityToken("container", null, null, values); String encrypted = t.getContainer() + ":" + getBlobCrypter(getContainerKey("container")).wrap(t.toMap()); encrypted = encrypted.replace("container:", "other:"); try { codec.createToken(ImmutableMap.of(SecurityTokenCodec.SECURITY_TOKEN_NAME, encrypted)); fail("should have reported that container was unknown"); } catch (SecurityTokenException e) { assertTrue(e.getMessage(), e.getMessage().contains("Unknown container")); } }
@Test public void testUnknownContainer() throws Exception { Map<String, String> values = new HashMap<String, String>(); values.put(Keys.APP_URL.getKey(), "http://www.example.com/gadget.xml"); values.put(Keys.MODULE_ID.getKey(), Long.toString(12345L, 10)); values.put(Keys.OWNER.getKey(), "owner"); values.put(Keys.VIEWER.getKey(), "viewer"); values.put(Keys.TRUSTED_JSON.getKey(), "trusted"); BlobCrypterSecurityToken t = new BlobCrypterSecurityToken("container", null, null, values); String encrypted = t.getContainer() + ":" + getBlobCrypter(getContainerKey("container")).wrap(t.toMap()); encrypted = encrypted.replace("container:", "other:"); try { codec.createToken(ImmutableMap.of(SecurityTokenCodec.SECURITY_TOKEN_NAME, encrypted)); fail("should have reported that container was unknown"); } catch (SecurityTokenException e) { assertTrue(e.getMessage(), e.getMessage().contains("Unknown container")); } }
@Test public void testCreateToken() throws Exception { Map<String, String> values = new HashMap<String, String>(); values.put(Keys.APP_URL.getKey(), "http://www.example.com/gadget.xml"); values.put(Keys.MODULE_ID.getKey(), Long.toString(12345L, 10)); values.put(Keys.OWNER.getKey(), "owner"); values.put(Keys.VIEWER.getKey(), "viewer"); values.put(Keys.TRUSTED_JSON.getKey(), "trusted"); BlobCrypterSecurityToken t = new BlobCrypterSecurityToken("container", null, null, values); String encrypted = t.getContainer() + ":" + getBlobCrypter(getContainerKey("container")).wrap(t.toMap()); SecurityToken t2 = codec.createToken(ImmutableMap.of(SecurityTokenCodec.SECURITY_TOKEN_NAME, encrypted)); assertEquals("http://www.example.com/gadget.xml", t2.getAppId()); assertEquals("http://www.example.com/gadget.xml", t2.getAppUrl()); assertEquals("container.com", t2.getDomain()); assertEquals(12345L, t2.getModuleId()); assertEquals("owner", t2.getOwnerId()); assertEquals("viewer", t2.getViewerId()); assertEquals("trusted", t2.getTrustedJson()); }
@Test public void testUnknownContainer() throws Exception { BlobCrypterSecurityToken t = new BlobCrypterSecurityToken( getBlobCrypter(getContainerKey("container")), "container", null); t.setAppUrl("http://www.example.com/gadget.xml"); t.setModuleId(12345L); t.setOwnerId("owner"); t.setViewerId("viewer"); t.setTrustedJson("trusted"); String encrypted = t.encrypt(); encrypted = encrypted.replace("container:", "other:"); try { codec.createToken(ImmutableMap.of(SecurityTokenCodec.SECURITY_TOKEN_NAME, encrypted)); fail("should have reported that container was unknown"); } catch (SecurityTokenException e) { assertTrue(e.getMessage(), e.getMessage().contains("Unknown container")); } }
@Test public void testUnknownContainer() throws Exception { BlobCrypterSecurityToken t = new BlobCrypterSecurityToken( getBlobCrypter(getContainerKey("container")), "container", null); t.setAppUrl("http://www.example.com/gadget.xml"); t.setModuleId(12345L); t.setOwnerId("owner"); t.setViewerId("viewer"); t.setTrustedJson("trusted"); String encrypted = t.encrypt(); encrypted = encrypted.replace("container:", "other:"); try { codec.createToken(ImmutableMap.of(SecurityTokenCodec.SECURITY_TOKEN_NAME, encrypted)); fail("should have reported that container was unknown"); } catch (SecurityTokenException e) { assertTrue(e.getMessage(), e.getMessage().contains("Unknown container")); } }
@Test public void testWrongContainer() throws Exception { BlobCrypterSecurityToken t = new BlobCrypterSecurityToken( getBlobCrypter(getContainerKey("container")), "container", null); t.setAppUrl("http://www.example.com/gadget.xml"); t.setModuleId(12345L); t.setOwnerId("owner"); t.setViewerId("viewer"); t.setTrustedJson("trusted"); String encrypted = t.encrypt(); encrypted = encrypted.replace("container:", "example:"); try { codec.createToken(ImmutableMap.of(SecurityTokenCodec.SECURITY_TOKEN_NAME, encrypted)); fail("should have tried to decrypt with wrong key"); } catch (SecurityTokenException e) { assertTrue(e.getMessage(), e.getMessage().contains("Invalid token signature")); } }
@Test public void testExpired() throws Exception { BlobCrypterSecurityToken t = new BlobCrypterSecurityToken( getBlobCrypter(getContainerKey("container")), "container", null); t.setAppUrl("http://www.example.com/gadget.xml"); t.setModuleId(12345L); t.setOwnerId("owner"); t.setViewerId("viewer"); t.setTrustedJson("trusted"); String encrypted = t.encrypt(); timeSource.incrementSeconds(3600 + 181); // one hour plus clock skew try { codec.createToken(ImmutableMap.of(SecurityTokenCodec.SECURITY_TOKEN_NAME, encrypted)); fail("should have expired"); } catch (SecurityTokenException e) { assertTrue(e.getMessage(), e.getMessage().contains("Blob expired")); } }
@Test public void testExpired() throws Exception { BlobCrypterSecurityToken t = new BlobCrypterSecurityToken( getBlobCrypter(getContainerKey("container")), "container", null); t.setAppUrl("http://www.example.com/gadget.xml"); t.setModuleId(12345L); t.setOwnerId("owner"); t.setViewerId("viewer"); t.setTrustedJson("trusted"); String encrypted = t.encrypt(); timeSource.incrementSeconds(3600 + 181); // one hour plus clock skew try { codec.createToken(ImmutableMap.of(SecurityTokenCodec.SECURITY_TOKEN_NAME, encrypted)); fail("should have expired"); } catch (SecurityTokenException e) { assertTrue(e.getMessage(), e.getMessage().contains("Blob expired")); } }