@Test public void shouldPassHMAC512Verification() throws Exception { String jwt = "eyJhbGciOiJIUzUxMiIsImN0eSI6IkpXVCJ9.eyJpc3MiOiJhdXRoMCJ9.VUo2Z9SWDV-XcOc_Hr6Lff3vl7L9e5Vb8ThXpmGDFjHxe3Dr1ZBmUChYF-xVA7cAdX1P_D4ZCUcsv3IefpVaJw"; Algorithm algorithmString = Algorithm.HMAC512("secret"); Algorithm algorithmBytes = Algorithm.HMAC512("secret".getBytes(StandardCharsets.UTF_8)); DecodedJWT decoded = JWT.decode(jwt); algorithmString.verify(decoded); algorithmBytes.verify(decoded); }
@Test public void shouldCreateHMAC512AlgorithmWithBytes() throws Exception { Algorithm algorithm = Algorithm.HMAC512("secret".getBytes(StandardCharsets.UTF_8)); assertThat(algorithm, is(notNullValue())); assertThat(algorithm, is(instanceOf(HMACAlgorithm.class))); assertThat(algorithm.getDescription(), is("HmacSHA512")); assertThat(algorithm.getName(), is("HS512")); }
@Test public void shouldCreateHMAC512AlgorithmWithString() throws Exception { Algorithm algorithm = Algorithm.HMAC512("secret"); assertThat(algorithm, is(notNullValue())); assertThat(algorithm, is(instanceOf(HMACAlgorithm.class))); assertThat(algorithm.getDescription(), is("HmacSHA512")); assertThat(algorithm.getName(), is("HS512")); }
@Test public void shouldCreateAnEmptyHMAC512SignedToken() throws Exception { String signed = JWT.create().sign(Algorithm.HMAC512("secret")); assertThat(signed, is(notNullValue())); String[] parts = signed.split("\\."); String headerJson = new String(Base64.decodeBase64(parts[0]), StandardCharsets.UTF_8); assertThat(headerJson, JsonMatcher.hasEntry("alg", "HS512")); assertThat(headerJson, JsonMatcher.hasEntry("typ", "JWT")); assertThat(parts[1], is("e30")); JWTVerifier verified = JWT.require(Algorithm.HMAC512("secret")) .build(); assertThat(verified, is(notNullValue())); }
@Test public void shouldAcceptHMAC512Algorithm() throws Exception { String token = "eyJhbGciOiJIUzUxMiIsImN0eSI6IkpXVCJ9.eyJpc3MiOiJhdXRoMCJ9.VUo2Z9SWDV-XcOc_Hr6Lff3vl7L9e5Vb8ThXpmGDFjHxe3Dr1ZBmUChYF-xVA7cAdX1P_D4ZCUcsv3IefpVaJw"; DecodedJWT jwt = JWT.require(Algorithm.HMAC512("secret")) .build() .verify(token); assertThat(jwt, is(notNullValue())); }
@Test public void shouldThrowHMAC512InstanceWithNullSecret() throws Exception { exception.expect(IllegalArgumentException.class); exception.expectMessage("The Secret cannot be null"); String secret = null; Algorithm.HMAC512(secret); }
@Test public void shouldThrowHMAC512InstanceWithNullSecretBytes() throws Exception { exception.expect(IllegalArgumentException.class); exception.expectMessage("The Secret cannot be null"); byte[] secret = null; Algorithm.HMAC512(secret); }
@Test public void shouldFailHMAC512VerificationWithInvalidSecretBytes() throws Exception { exception.expect(SignatureVerificationException.class); exception.expectMessage("The Token's Signature resulted invalid when verified using the Algorithm: HmacSHA512"); String jwt = "eyJhbGciOiJIUzUxMiIsImN0eSI6IkpXVCJ9.eyJpc3MiOiJhdXRoMCJ9.VUo2Z9SWDV-XcOc_Hr6Lff3vl7L9e5Vb8ThXpmGDFjHxe3Dr1ZBmUChYF-xVA7cAdX1P_D4ZCUcsv3IefpVaJw"; Algorithm algorithm = Algorithm.HMAC512("not_real_secret".getBytes(StandardCharsets.UTF_8)); algorithm.verify(JWT.decode(jwt)); }
@Test public void shouldDoHMAC512SigningWithBytes() throws Exception { Algorithm algorithm = Algorithm.HMAC512("secret".getBytes(StandardCharsets.UTF_8)); String jwt = asJWT(algorithm, HS512Header, auth0IssPayload); String expectedSignature = "OXWyxmf-VcVo8viOiTFfLaEy6mrQqLEos5R82Xsx8mtFxQadJAQ1aVniIWN8qT2GNE_pMQPcdzk4x7Cqxsp1dw"; assertSignaturePresent(jwt); assertSignatureValue(jwt, expectedSignature); algorithm.verify(JWT.decode(jwt)); }
@Test public void shouldFailHMAC512VerificationWithInvalidSecretString() throws Exception { exception.expect(SignatureVerificationException.class); exception.expectMessage("The Token's Signature resulted invalid when verified using the Algorithm: HmacSHA512"); String jwt = "eyJhbGciOiJIUzUxMiIsImN0eSI6IkpXVCJ9.eyJpc3MiOiJhdXRoMCJ9.VUo2Z9SWDV-XcOc_Hr6Lff3vl7L9e5Vb8ThXpmGDFjHxe3Dr1ZBmUChYF-xVA7cAdX1P_D4ZCUcsv3IefpVaJw"; Algorithm algorithm = Algorithm.HMAC512("not_real_secret"); algorithm.verify(JWT.decode(jwt)); }
@Test public void shouldPassHMAC512Verification() throws Exception { String token = "eyJhbGciOiJIUzUxMiIsImN0eSI6IkpXVCJ9.eyJpc3MiOiJhdXRoMCJ9.VUo2Z9SWDV-XcOc_Hr6Lff3vl7L9e5Vb8ThXpmGDFjHxe3Dr1ZBmUChYF-xVA7cAdX1P_D4ZCUcsv3IefpVaJw"; Algorithm algorithm = Algorithm.HMAC512("secret"); JWTVerifier verifier = JWTVerifier.init(algorithm).withIssuer("auth0").build(); concurrentVerify(verifier, token); }
@Test public void shouldDoHMAC512SigningWithString() throws Exception { Algorithm algorithm = Algorithm.HMAC512("secret"); String jwt = asJWT(algorithm ,HS512Header, auth0IssPayload); String expectedSignature = "OXWyxmf-VcVo8viOiTFfLaEy6mrQqLEos5R82Xsx8mtFxQadJAQ1aVniIWN8qT2GNE_pMQPcdzk4x7Cqxsp1dw"; assertSignaturePresent(jwt); assertSignatureValue(jwt, expectedSignature); algorithm.verify(JWT.decode(jwt)); }
@Test public void shouldThrowWhenAlgorithmDoesntMatchTheTokensAlgorithm() throws Exception { exception.expect(AlgorithmMismatchException.class); exception.expectMessage("The provided Algorithm doesn't match the one defined in the JWT's Header."); JWTVerifier verifier = JWTVerifier.init(Algorithm.HMAC512("secret")).build(); verifier.verify("eyJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJhdXRoMCJ9.s69x7Mmu4JqwmdxiK6sesALO7tcedbFsKEEITUxw9ho"); }
public TokenController() { if (algorithm == null) { try { String key = "hd%34#$soe"; algorithm = Algorithm.HMAC512(key); } catch (UnsupportedEncodingException e) { e.printStackTrace(); } } }
private Algorithm getHMAC(String name, byte[] key) throws IllegalArgumentException { if ("HMAC256".equals(name) || "HS256".equals(name)) { return Algorithm.HMAC256(key); } else if ("HMAC384".equals(name) || "HS384".equals(name)) { return Algorithm.HMAC384(key); } else if ("HMAC512".equals(name) || "HS512".equals(name)) { return Algorithm.HMAC512(key); } else { throw new IllegalArgumentException("unknown HMAC algorithm " + name); } }
protected Algorithm getAlgorithm() { String secret = registry.getContribution().getSecret(); if (isBlank(secret)) { return null; } return Algorithm.HMAC512(secret); }
return Algorithm.HMAC512(key);