ctx.response().end(jwt.generateToken(new JsonObject(), new JWTOptions().setExpiresInSeconds(60))); });
ctx.response().end(jwt.generateToken(new JsonObject(), new JWTOptions().setExpiresInSeconds(60).setPermissions (authorities))); });
ctx.response().end(jwt.generateToken(new JsonObject(), new JWTOptions().setExpiresInSeconds(60).setPermissions (authorities))); });
/** * Generate a new JWT token. * @param claims Json with user defined claims for a list of official claims * @param options extra options for the generation * @return JWT encoded token */ public String generateToken(JsonObject claims, JWTOptions options) { String ret = delegate.generateToken(claims, options); return ret; }
/** * Generate a new JWT token. * @param claims Json with user defined claims for a list of official claims * @param options extra options for the generation * @return JWT encoded token */ public String generateToken(JsonObject claims, JWTOptions options) { String ret = delegate.generateToken(claims, options); return ret; }
/** * Generate a new JWT token. * @param claims Json with user defined claims for a list of official claims * @return JWT encoded token */ public String generateToken(JsonObject claims) { String ret = delegate.generateToken(claims); return ret; }
/** * Generate a new JWT token. * @param claims Json with user defined claims for a list of official claims * @return JWT encoded token */ public String generateToken(JsonObject claims) { String ret = delegate.generateToken(claims); return ret; }
@Test public void testLogin() throws Exception { Handler<RoutingContext> handler = rc -> { assertNotNull(rc.user()); assertEquals("paulo", rc.user().principal().getString("sub")); rc.response().end("Welcome to the protected resource!"); }; router.route("/protected/*").handler(JWTAuthHandler.create(authProvider)); router.route("/protected/somepage").handler(handler); testRequest(HttpMethod.GET, "/protected/somepage", null, resp -> { }, 401, "Unauthorized", null); // Now try again with credentials testRequest(HttpMethod.GET, "/protected/somepage", req -> req.putHeader("Authorization", "Bearer " + authProvider.generateToken(new JsonObject().put("sub", "paulo"), new JWTOptions())), 200, "OK", "Welcome to the protected resource!"); }
@Test public void testLoginFail() throws Exception { Handler<RoutingContext> handler = rc -> { fail("should not get here"); rc.response().end("Welcome to the protected resource!"); }; router.route("/protected/*").handler(JWTAuthHandler.create(authProvider)); router.route("/protected/somepage").handler(handler); testRequest(HttpMethod.GET, "/protected/somepage", null, 401, "Unauthorized", null); // Now try again with bad token final String token = authProvider.generateToken(new JsonObject().put("sub", "paulo"), new JWTOptions()); testRequest(HttpMethod.GET, "/protected/somepage", req -> req.putHeader("Authorization", "Bearer x" + token), 401, "Unauthorized", null); testRequest(HttpMethod.GET, "/protected/somepage", req -> req.putHeader("Authorization", "Basic " + token), 401, "Unauthorized", null); } }
public static java.lang.String generateToken(io.vertx.ext.auth.jwt.JWTAuth j_receiver, java.util.Map<String, Object> claims) { return j_receiver.generateToken(claims != null ? io.vertx.core.impl.ConversionHelper.toJsonObject(claims) : null); } }
public static java.lang.String generateToken(io.vertx.ext.auth.jwt.JWTAuth j_receiver, java.util.Map<String, Object> claims, java.util.Map<String, Object> options) { return j_receiver.generateToken(claims != null ? io.vertx.core.impl.ConversionHelper.toJsonObject(claims) : null, options != null ? new io.vertx.ext.jwt.JWTOptions(io.vertx.core.impl.ConversionHelper.toJsonObject(options)) : null); } public static java.lang.String generateToken(io.vertx.ext.auth.jwt.JWTAuth j_receiver, java.util.Map<String, Object> claims) {
@Test public void testGenerateNewTokenImmutableClaims() { JsonObject payload = new JsonObject() .put("sub", "Paulo"); String token0 = authProvider.generateToken(payload, new JWTOptions().addPermission("user")); String token1 = authProvider.generateToken(payload, new JWTOptions().addPermission("admin")); assertNotEquals(token0, token1); }
@Test public void testLeeway3() { authProvider = JWTAuth.create(vertx, getConfig().setJWTOptions(new JWTOptions().setLeeway(5))); long now = System.currentTimeMillis() / 1000; JsonObject payload = new JsonObject() .put("sub", "Paulo") .put("exp", now) .put("iat", now); String token = authProvider.generateToken(payload); assertNotNull(token); JsonObject authInfo = new JsonObject().put("jwt", token); // fail because exp is <= to now authProvider.authenticate(authInfo, onSuccess(t -> testComplete())); await(); }
@Test public void testLeeway() { authProvider = JWTAuth.create(vertx, getConfig().setJWTOptions(new JWTOptions().setLeeway(0))); long now = System.currentTimeMillis() / 1000; JsonObject payload = new JsonObject() .put("sub", "Paulo") .put("exp", now); String token = authProvider.generateToken(payload); assertNotNull(token); JsonObject authInfo = new JsonObject().put("jwt", token); // fail because exp is <= to now authProvider.authenticate(authInfo, onFailure(t -> testComplete())); await(); }
@Test public void testLeeway4() { authProvider = JWTAuth.create(vertx, getConfig().setJWTOptions(new JWTOptions().setLeeway(5))); long now = (System.currentTimeMillis() / 1000) + 2; JsonObject payload = new JsonObject() .put("sub", "Paulo") .put("iat", now); String token = authProvider.generateToken(payload); assertNotNull(token); JsonObject authInfo = new JsonObject().put("jwt", token); // pass because iat is > now (clock drifted 2 sec) and we have a leeway of 5sec authProvider.authenticate(authInfo, onSuccess(t -> testComplete())); await(); }
@Test public void testLeeway2() { authProvider = JWTAuth.create(vertx, getConfig().setJWTOptions(new JWTOptions().setLeeway(0))); long now = (System.currentTimeMillis() / 1000) + 2; JsonObject payload = new JsonObject() .put("sub", "Paulo") .put("iat", now); String token = authProvider.generateToken(payload); assertNotNull(token); JsonObject authInfo = new JsonObject().put("jwt", token); // fail because iat is > now (clock drifted 2 sec) authProvider.authenticate(authInfo, onFailure(t -> testComplete())); await(); }
@Test public void testTokenWithTimestamp() { JsonObject payload = new JsonObject() .put("sub", "Paulo"); final String token = authProvider.generateToken(payload, new JWTOptions()); assertNotNull(token); JsonObject authInfo = new JsonObject().put("jwt", token); authProvider.authenticate(authInfo, onSuccess(res -> { assertNotNull(res); assertTrue(res.principal().containsKey("iat")); testComplete(); })); await(); }
@Test public void testBadIssuer() { authProvider = JWTAuth.create(vertx, getConfig().setJWTOptions(new JWTOptions().setIssuer("https://vertx.io"))); JsonObject payload = new JsonObject().put("sub", "Paulo"); final String token = authProvider.generateToken(payload, new JWTOptions().setIssuer("https://auth0.io")); assertNotNull(token); JsonObject authInfo = new JsonObject() .put("jwt", token); authProvider.authenticate(authInfo, onFailure(thr -> { assertNotNull(thr); testComplete(); })); await(); }
@Test public void testLogin() throws Exception { Handler<RoutingContext> handler = rc -> { assertNotNull(rc.user()); assertEquals("paulo", rc.user().principal().getString("sub")); rc.response().end("Welcome to the protected resource!"); }; router.route("/protected/*").handler(JWTAuthHandler.create(authProvider)); router.route("/protected/somepage").handler(handler); testRequest(HttpMethod.GET, "/protected/somepage", null, resp -> { }, 401, "Unauthorized", null); // Now try again with credentials testRequest(HttpMethod.GET, "/protected/somepage", req -> req.putHeader("Authorization", "Bearer " + authProvider.generateToken(new JsonObject().put("sub", "paulo"), new JWTOptions())), 200, "OK", "Welcome to the protected resource!"); }
@Test public void testLoginFail() throws Exception { Handler<RoutingContext> handler = rc -> { fail("should not get here"); rc.response().end("Welcome to the protected resource!"); }; router.route("/protected/*").handler(JWTAuthHandler.create(authProvider)); router.route("/protected/somepage").handler(handler); testRequest(HttpMethod.GET, "/protected/somepage", null, 401, "Unauthorized", null); // Now try again with bad token final String token = authProvider.generateToken(new JsonObject().put("sub", "paulo"), new JWTOptions()); testRequest(HttpMethod.GET, "/protected/somepage", req -> req.putHeader("Authorization", "Bearer x" + token), 401, "Unauthorized", null); testRequest(HttpMethod.GET, "/protected/somepage", req -> req.putHeader("Authorization", "Basic " + token), 401, "Unauthorized", null); } }