@Test public void testAuthenticateKeystoreAnotherNoMatch() throws Exception { final KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType()); ks.load(getClass().getResourceAsStream("/keystore.jks"), passphrase); final String token = buildEcToken(ks.getKey("trellis-ec", passphrase), "foo"); final Authenticator authenticator = new FederatedJwtAuthenticator(ks, asList("foo")); assertThrows(SecurityException.class, () -> authenticator.authenticate(token), "Unexpected keystore entry!"); }
@Test public void testAuthenticateKeystoreEC() throws Exception { final KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType()); ks.load(getClass().getResourceAsStream("/keystore.jks"), passphrase); final String token = buildEcToken(ks.getKey("trellis-ec", passphrase), "trellis-ec"); final Authenticator authenticator = new FederatedJwtAuthenticator(ks, asList("trellis-ec")); final Optional<Principal> result = authenticator.authenticate(token); assertTrue(result.isPresent(), "Missing principal!"); result.ifPresent(p -> assertEquals("https://people.apache.org/~acoburn/#i", p.getName(), "Incorrect webid!")); }
@Test public void testAuthenticateKeystoreNoMatch() throws Exception { final KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType()); ks.load(getClass().getResourceAsStream("/keystore.jks"), passphrase); final String token = buildEcToken(ks.getKey("trellis-ec", passphrase), "trellis-ec"); final Authenticator authenticator = new FederatedJwtAuthenticator(ks, asList("trellis", "foo")); assertThrows(SecurityException.class, () -> authenticator.authenticate(token), "Unexpected keystore entry!"); }
@Test public void testKeyStoreException() throws Exception { final KeyStore mockKeyStore = mock(KeyStore.class, inv -> { throw new KeyStoreException("Expected"); }); final KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType()); ks.load(getClass().getResourceAsStream("/keystore.jks"), passphrase); final String token = buildEcToken(ks.getKey("trellis-ec", passphrase), "trellis-ec"); final Authenticator authenticator = new FederatedJwtAuthenticator(mockKeyStore, asList("trellis-ec")); assertThrows(SecurityException.class, () -> authenticator.authenticate(token), "Unexpectedly functional keystore!"); }