technofab/jwt-authorizer
1
0
Fork 0
mirror of https://github.com/TECHNOFAB11/jwt-authorizer.git synced 2025-12-12 08:00:07 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix tests

Browse source
This commit is contained in:
Vladislav Manchev 2023-11-06 00:00:13 +02:00 committed by cduvray
parent a7d2830dd1
commit 77949d6a3a
2 changed files with 46 additions and 16 deletions
Download patch file Download diff file Expand all files Collapse all files

11
jwt-authorizer/tests/integration_tests.rs
View file

@ -11,7 +11,7 @@ use std::{
use axum::{response::Response, routing::get, Json, Router}; use axum::{response::Response, routing::get, Json, Router};
use http::{header::AUTHORIZATION, Request, StatusCode}; use http::{header::AUTHORIZATION, Request, StatusCode};
use hyper::Body; use hyper::Body;
use jwt_authorizer::{IntoLayer, JwtAuthorizer, JwtClaims, Refresh, RefreshStrategy}; use jwt_authorizer::{IntoLayer, JwtAuthorizer, JwtClaims, Refresh, RefreshStrategy, Validation};
use lazy_static::lazy_static; use lazy_static::lazy_static;
use serde::{Deserialize, Serialize}; use serde::{Deserialize, Serialize};
use serde_json::Value; use serde_json::Value;
@ -104,7 +104,14 @@ async fn app(jwt_auth: JwtAuthorizer<User>) -> Router {
let protected_route: Router = Router::new() let protected_route: Router = Router::new()
.route("/protected", get(protected_handler)) .route("/protected", get(protected_handler))
.route("/protected-with-user", get(protected_with_user)) .route("/protected-with-user", get(protected_with_user))
.layer(jwt_auth.build().await.unwrap().into_layer()); .layer(
jwt_auth
.validation(Validation::new().aud(&["aud1"]))
.build()
.await
.unwrap()
.into_layer(),
);
Router::new().merge(pub_route).merge(protected_route) Router::new().merge(pub_route).merge(protected_route)
} }

51
jwt-authorizer/tests/tests.rs
View file

@ -96,7 +96,7 @@ mod tests {
async fn protected_with_jwt() { async fn protected_with_jwt() {
// ED PEM // ED PEM
let response = make_proteced_request( let response = make_proteced_request(
JwtAuthorizer::from_ed_pem("../config/ed25519-public2.pem"), JwtAuthorizer::from_ed_pem("../config/ed25519-public2.pem").validation(Validation::new().aud(&["aud1"])),
common::JWT_ED2_OK, common::JWT_ED2_OK,
) )
.await; .await;
@ -105,8 +105,11 @@ mod tests {
assert_eq!(&body[..], b"hello: b@b.com"); assert_eq!(&body[..], b"hello: b@b.com");
// ECDSA PEM // ECDSA PEM
let response = let response = make_proteced_request(
make_proteced_request(JwtAuthorizer::from_ec_pem("../config/ecdsa-public2.pem"), common::JWT_EC2_OK).await; JwtAuthorizer::from_ec_pem("../config/ecdsa-public2.pem").validation(Validation::new().aud(&["aud1"])),
common::JWT_EC2_OK,
)
.await;
assert_eq!(response.status(), StatusCode::OK); assert_eq!(response.status(), StatusCode::OK);
let body = hyper::body::to_bytes(response.into_body()).await.unwrap(); let body = hyper::body::to_bytes(response.into_body()).await.unwrap();
assert_eq!(&body[..], b"hello: b@b.com"); assert_eq!(&body[..], b"hello: b@b.com");
@ -119,24 +122,37 @@ mod tests {
assert_eq!(&body[..], b"hello: b@b.com"); assert_eq!(&body[..], b"hello: b@b.com");
// JWKS // JWKS
let response = make_proteced_request(JwtAuthorizer::from_jwks("../config/public1.jwks"), common::JWT_RSA1_OK).await; let response = make_proteced_request(
JwtAuthorizer::from_jwks("../config/public1.jwks").validation(Validation::new().aud(&["aud1"])),
common::JWT_RSA1_OK,
)
.await;
assert_eq!(response.status(), StatusCode::OK); assert_eq!(response.status(), StatusCode::OK);
let body = hyper::body::to_bytes(response.into_body()).await.unwrap(); let body = hyper::body::to_bytes(response.into_body()).await.unwrap();
assert_eq!(&body[..], b"hello: b@b.com"); assert_eq!(&body[..], b"hello: b@b.com");
let response = make_proteced_request(JwtAuthorizer::from_jwks("../config/public1.jwks"), common::JWT_EC1_OK).await; let response = make_proteced_request(
JwtAuthorizer::from_jwks("../config/public1.jwks").validation(Validation::new().aud(&["aud1"])),
common::JWT_EC1_OK,
)
.await;
assert_eq!(response.status(), StatusCode::OK); assert_eq!(response.status(), StatusCode::OK);
let body = hyper::body::to_bytes(response.into_body()).await.unwrap(); let body = hyper::body::to_bytes(response.into_body()).await.unwrap();
assert_eq!(&body[..], b"hello: b@b.com"); assert_eq!(&body[..], b"hello: b@b.com");
let response = make_proteced_request(JwtAuthorizer::from_jwks("../config/public1.jwks"), common::JWT_ED1_OK).await; let response = make_proteced_request(
JwtAuthorizer::from_jwks("../config/public1.jwks").validation(Validation::new().aud(&["aud1"])),
common::JWT_ED1_OK,
)
.await;
assert_eq!(response.status(), StatusCode::OK); assert_eq!(response.status(), StatusCode::OK);
let body = hyper::body::to_bytes(response.into_body()).await.unwrap(); let body = hyper::body::to_bytes(response.into_body()).await.unwrap();
assert_eq!(&body[..], b"hello: b@b.com"); assert_eq!(&body[..], b"hello: b@b.com");
// JWKS TEXT // JWKS TEXT
let response = make_proteced_request( let response = make_proteced_request(
JwtAuthorizer::from_jwks_text(include_str!("../../config/public1.jwks")), JwtAuthorizer::from_jwks_text(include_str!("../../config/public1.jwks"))
.validation(Validation::new().aud(&["aud1"])),
common::JWT_ED1_OK, common::JWT_ED1_OK,
) )
.await; .await;
@ -227,7 +243,8 @@ mod tests {
#[tokio::test] #[tokio::test]
async fn validate_signature() { async fn validate_signature() {
let response = make_proteced_request( let response = make_proteced_request(
JwtAuthorizer::from_rsa_pem("../config/rsa-public1.pem").validation(Validation::new().disable_validation()), JwtAuthorizer::from_rsa_pem("../config/rsa-public1.pem")
.validation(Validation::new().aud(&["aud1"]).disable_validation()),
common::JWT_EC2_OK, common::JWT_EC2_OK,
) )
.await; .await;
@ -251,7 +268,7 @@ mod tests {
assert_eq!(response.status(), StatusCode::UNAUTHORIZED); assert_eq!(response.status(), StatusCode::UNAUTHORIZED);
let response = make_proteced_request( let response = make_proteced_request(
JwtAuthorizer::from_ec_pem("../config/ecdsa-public1.pem").validation(Validation::new()), JwtAuthorizer::from_ec_pem("../config/ecdsa-public1.pem").validation(Validation::new().aud(&["aud1"])),
common::JWT_EC1_OK, common::JWT_EC1_OK,
) )
.await; .await;
@ -259,7 +276,7 @@ mod tests {
let response = make_proteced_request( let response = make_proteced_request(
JwtAuthorizer::from_ec_pem("../config/ecdsa-public1.pem") JwtAuthorizer::from_ec_pem("../config/ecdsa-public1.pem")
.validation(Validation::new().iss(&["http://localhost:3001"])), .validation(Validation::new().iss(&["http://localhost:3001"]).aud(&["aud1"])),
common::JWT_EC1_OK, common::JWT_EC1_OK,
) )
.await; .await;
@ -276,7 +293,7 @@ mod tests {
assert_eq!(response.status(), StatusCode::UNAUTHORIZED); assert_eq!(response.status(), StatusCode::UNAUTHORIZED);
let response = make_proteced_request( let response = make_proteced_request(
JwtAuthorizer::from_ed_pem("../config/ed25519-public1.pem").validation(Validation::new()), JwtAuthorizer::from_ed_pem("../config/ed25519-public1.pem").validation(Validation::new().aud(&["aud1"])),
common::JWT_ED1_OK, common::JWT_ED1_OK,
) )
.await; .await;
@ -316,7 +333,7 @@ mod tests {
.await; .await;
assert_eq!(response.status(), StatusCode::UNAUTHORIZED); assert_eq!(response.status(), StatusCode::UNAUTHORIZED);
let response = make_proteced_request( let response = make_proteced_request(
JwtAuthorizer::from_ec_pem("../config/ecdsa-public1.pem").validation(Validation::new().exp(true)), JwtAuthorizer::from_ec_pem("../config/ecdsa-public1.pem").validation(Validation::new().exp(true).aud(&["aud1"])),
common::JWT_EC1_OK, common::JWT_EC1_OK,
) )
.await; .await;
@ -350,7 +367,7 @@ mod tests {
assert_eq!(response.status(), StatusCode::UNAUTHORIZED); assert_eq!(response.status(), StatusCode::UNAUTHORIZED);
let response = make_proteced_request( let response = make_proteced_request(
JwtAuthorizer::from_ec_pem("../config/ecdsa-public1.pem").validation(Validation::new().nbf(true)), JwtAuthorizer::from_ec_pem("../config/ecdsa-public1.pem").validation(Validation::new().nbf(true).aud(&["aud1"])),
common::JWT_EC1_OK, common::JWT_EC1_OK,
) )
.await; .await;
@ -364,7 +381,9 @@ mod tests {
async fn jwt_source_cookie() { async fn jwt_source_cookie() {
// OK // OK
let response = proteced_request_with_header( let response = proteced_request_with_header(
JwtAuthorizer::from_rsa_pem("../config/rsa-public1.pem").jwt_source(JwtSource::Cookie("ccc".to_owned())), JwtAuthorizer::from_rsa_pem("../config/rsa-public1.pem")
.validation(Validation::new().aud(&["aud1"]))
.jwt_source(JwtSource::Cookie("ccc".to_owned())),
header::COOKIE.as_str(), header::COOKIE.as_str(),
&format!("ccc={}", common::JWT_RSA1_OK), &format!("ccc={}", common::JWT_RSA1_OK),
) )
@ -403,10 +422,12 @@ mod tests {
// 1) Vec // 1) Vec
let auths: Vec<Authorizer<User>> = vec![ let auths: Vec<Authorizer<User>> = vec![
JwtAuthorizer::from_ec_pem("../config/ecdsa-public1.pem") JwtAuthorizer::from_ec_pem("../config/ecdsa-public1.pem")
.validation(Validation::new().aud(&["aud1"]))
.build() .build()
.await .await
.unwrap(), .unwrap(),
JwtAuthorizer::from_rsa_pem("../config/rsa-public1.pem") JwtAuthorizer::from_rsa_pem("../config/rsa-public1.pem")
.validation(Validation::new().aud(&["aud1"]))
.jwt_source(JwtSource::Cookie("ccc".to_owned())) .jwt_source(JwtSource::Cookie("ccc".to_owned()))
.build() .build()
.await .await
@ -448,12 +469,14 @@ mod tests {
// 3) Arc // 3) Arc
let auth1 = Arc::new( let auth1 = Arc::new(
JwtAuthorizer::from_ec_pem("../config/ecdsa-public1.pem") JwtAuthorizer::from_ec_pem("../config/ecdsa-public1.pem")
.validation(Validation::new().aud(&["aud1"]))
.build() .build()
.await .await
.unwrap(), .unwrap(),
); );
let auth2 = Arc::new( let auth2 = Arc::new(
JwtAuthorizer::from_rsa_pem("../config/rsa-public1.pem") JwtAuthorizer::from_rsa_pem("../config/rsa-public1.pem")
.validation(Validation::new().aud(&["aud1"]))
.jwt_source(JwtSource::Cookie("ccc".to_owned())) .jwt_source(JwtSource::Cookie("ccc".to_owned()))
.build() .build()
.await .await