From c5f73d43d4ce8b461271f8775200dfaf25dce2e4 Mon Sep 17 00:00:00 2001 From: cduvray Date: Mon, 6 Nov 2023 08:10:18 +0100 Subject: [PATCH] test: generate token with and witout aud --- demo-server/src/oidc_provider/mod.rs | 17 +++++++++++++++-- jwt-authorizer/src/claims.rs | 3 +-- 2 files changed, 16 insertions(+), 4 deletions(-) diff --git a/demo-server/src/oidc_provider/mod.rs b/demo-server/src/oidc_provider/mod.rs index 70848a4..8c5db5d 100644 --- a/demo-server/src/oidc_provider/mod.rs +++ b/demo-server/src/oidc_provider/mod.rs @@ -4,6 +4,7 @@ use josekit::jwk::{ Jwk, }; use jsonwebtoken::{encode, Algorithm, EncodingKey, Header}; +use jwt_authorizer::{NumericDate, OneOrArray, RegisteredClaims}; use serde::{Deserialize, Serialize}; use serde_json::{json, Value}; use std::{net::SocketAddr, thread, time::Duration}; @@ -101,7 +102,6 @@ fn build_header(alg: Algorithm, kid: &str) -> Header { struct Claims { iss: &'static str, sub: &'static str, - aud: &'static str, exp: usize, nbf: usize, } @@ -111,11 +111,20 @@ pub async fn tokens() -> Json { let claims = Claims { iss: ISSUER_URI, sub: "b@b.com", - aud: "aud1", exp: 2000000000, // May 2033 nbf: 1516239022, // Jan 2018 }; + let claims_with_aud = RegisteredClaims { + iss: Some(ISSUER_URI.to_owned()), + sub: Some("b@b.com".to_owned()), + aud: Some(OneOrArray::Array(vec!["aud1".to_owned(), "aud2".to_owned()])), + exp: Some(NumericDate(2000000000)), // May 2033 + nbf: Some(NumericDate(1516239022)), // Jan 2018 + iat: None, + jti: None, + }; + let rsa1_key = EncodingKey::from_rsa_pem(include_bytes!("../../../config/rsa-private1.pem")).unwrap(); let rsa2_key = EncodingKey::from_rsa_pem(include_bytes!("../../../config/rsa-private2.pem")).unwrap(); let ec1_key = EncodingKey::from_ec_pem(include_bytes!("../../../config/ecdsa-private1.pem")).unwrap(); @@ -124,7 +133,9 @@ pub async fn tokens() -> Json { let ed2_key = EncodingKey::from_ed_pem(include_bytes!("../../../config/ed25519-private2.pem")).unwrap(); let rsa1_token = encode(&build_header(Algorithm::RS256, "rsa01"), &claims, &rsa1_key).unwrap(); + let rsa1_token_aud = encode(&build_header(Algorithm::RS256, "rsa01"), &claims_with_aud, &rsa1_key).unwrap(); let rsa2_token = encode(&build_header(Algorithm::RS256, "rsa02"), &claims, &rsa2_key).unwrap(); + let ec1_token_aud = encode(&build_header(Algorithm::ES256, "ec01"), &claims_with_aud, &ec1_key).unwrap(); let ec1_token = encode(&build_header(Algorithm::ES256, "ec01"), &claims, &ec1_key).unwrap(); let ec2_token = encode(&build_header(Algorithm::ES256, "ec02"), &claims, &ec2_key).unwrap(); let ed1_token = encode(&build_header(Algorithm::EdDSA, "ed01"), &claims, &ed1_key).unwrap(); @@ -132,8 +143,10 @@ pub async fn tokens() -> Json { Json(json!({ "rsa01": rsa1_token, + "rsa01_aud": rsa1_token_aud, "rsa02": rsa2_token, "ec01": ec1_token, + "ec01_aud": ec1_token_aud, "ec02": ec2_token, "ed01": ed1_token, "ed02": ed2_token, diff --git a/jwt-authorizer/src/claims.rs b/jwt-authorizer/src/claims.rs index 64a3162..894af54 100644 --- a/jwt-authorizer/src/claims.rs +++ b/jwt-authorizer/src/claims.rs @@ -3,7 +3,7 @@ use serde::{Deserialize, Serialize}; /// The number of seconds from 1970-01-01T00:00:00Z UTC until the specified UTC date/time ignoring leap seconds. /// (https://www.rfc-editor.org/rfc/rfc7519#section-2) #[derive(Deserialize, Serialize, Clone, PartialEq, Eq, Debug)] -pub struct NumericDate(i64); +pub struct NumericDate(pub i64); /// accesses the underlying value impl From for i64 { @@ -170,7 +170,6 @@ mod tests { }"#; let claims: RegisteredClaims = serde_json::from_str(claims_str).expect("Failed RfcClaims deserialisation"); - // assert_eq!(claims.iss.unwrap(), "http://localhost:3001"); let jwt_serd = serde_json::to_string(&claims).unwrap(); let mut trimed_claims = claims_str.to_owned();