protected static void setTokenValues(BlobCrypterSecurityToken token, Map<String, String> values) { token.setOwnerId(values.get(OWNER_KEY)); token.setViewerId(values.get(VIEWER_KEY)); token.setAppUrl(values.get(GADGET_KEY)); String moduleId = values.get(GADGET_INSTANCE_KEY); if (moduleId != null) { token.setModuleId(Long.parseLong(moduleId)); } String expiresAt = values.get(EXPIRES_KEY); if (expiresAt != null) { token.setExpiresAt(Long.parseLong(expiresAt)); } token.setTrustedJson(values.get(TRUSTED_JSON_KEY)); }
protected static void setTokenValues(BlobCrypterSecurityToken token, Map<String, String> values) { token.setOwnerId(values.get(OWNER_KEY)); token.setViewerId(values.get(VIEWER_KEY)); token.setAppUrl(values.get(GADGET_KEY)); String moduleId = values.get(GADGET_INSTANCE_KEY); if (moduleId != null) { token.setModuleId(Long.parseLong(moduleId)); } String expiresAt = values.get(EXPIRES_KEY); if (expiresAt != null) { token.setExpiresAt(Long.parseLong(expiresAt)); } token.setTrustedJson(values.get(TRUSTED_JSON_KEY)); }
@Test public void testUnknownContainer() throws Exception { BlobCrypterSecurityToken t = new BlobCrypterSecurityToken( getBlobCrypter(getContainerKey("container")), "container", null); t.setAppUrl("http://www.example.com/gadget.xml"); t.setModuleId(12345L); t.setOwnerId("owner"); t.setViewerId("viewer"); t.setTrustedJson("trusted"); String encrypted = t.encrypt(); encrypted = encrypted.replace("container:", "other:"); try { codec.createToken(ImmutableMap.of(SecurityTokenCodec.SECURITY_TOKEN_NAME, encrypted)); fail("should have reported that container was unknown"); } catch (SecurityTokenException e) { assertTrue(e.getMessage(), e.getMessage().contains("Unknown container")); } }
@Test public void testWrongContainer() throws Exception { BlobCrypterSecurityToken t = new BlobCrypterSecurityToken( getBlobCrypter(getContainerKey("container")), "container", null); t.setAppUrl("http://www.example.com/gadget.xml"); t.setModuleId(12345L); t.setOwnerId("owner"); t.setViewerId("viewer"); t.setTrustedJson("trusted"); String encrypted = t.encrypt(); encrypted = encrypted.replace("container:", "example:"); try { codec.createToken(ImmutableMap.of(SecurityTokenCodec.SECURITY_TOKEN_NAME, encrypted)); fail("should have tried to decrypt with wrong key"); } catch (SecurityTokenException e) { assertTrue(e.getMessage(), e.getMessage().contains("Invalid token signature")); } }
@Test public void testUnknownContainer() throws Exception { BlobCrypterSecurityToken t = new BlobCrypterSecurityToken( getBlobCrypter(getContainerKey("container")), "container", null); t.setAppUrl("http://www.example.com/gadget.xml"); t.setModuleId(12345L); t.setOwnerId("owner"); t.setViewerId("viewer"); t.setTrustedJson("trusted"); String encrypted = t.encrypt(); encrypted = encrypted.replace("container:", "other:"); try { codec.createToken(ImmutableMap.of(SecurityTokenCodec.SECURITY_TOKEN_NAME, encrypted)); fail("should have reported that container was unknown"); } catch (SecurityTokenException e) { assertTrue(e.getMessage(), e.getMessage().contains("Unknown container")); } }
@Test public void testWrongContainer() throws Exception { BlobCrypterSecurityToken t = new BlobCrypterSecurityToken( getBlobCrypter(getContainerKey("container")), "container", null); t.setAppUrl("http://www.example.com/gadget.xml"); t.setModuleId(12345L); t.setOwnerId("owner"); t.setViewerId("viewer"); t.setTrustedJson("trusted"); String encrypted = t.encrypt(); encrypted = encrypted.replace("container:", "example:"); try { codec.createToken(ImmutableMap.of(SecurityTokenCodec.SECURITY_TOKEN_NAME, encrypted)); fail("should have tried to decrypt with wrong key"); } catch (SecurityTokenException e) { assertTrue(e.getMessage(), e.getMessage().contains("Invalid token signature")); } }
@Test public void testExpired() throws Exception { BlobCrypterSecurityToken t = new BlobCrypterSecurityToken( getBlobCrypter(getContainerKey("container")), "container", null); t.setAppUrl("http://www.example.com/gadget.xml"); t.setModuleId(12345L); t.setOwnerId("owner"); t.setViewerId("viewer"); t.setTrustedJson("trusted"); String encrypted = t.encrypt(); timeSource.incrementSeconds(3600 + 181); // one hour plus clock skew try { codec.createToken(ImmutableMap.of(SecurityTokenCodec.SECURITY_TOKEN_NAME, encrypted)); fail("should have expired"); } catch (SecurityTokenException e) { assertTrue(e.getMessage(), e.getMessage().contains("Blob expired")); } }
@Test public void testExpired() throws Exception { BlobCrypterSecurityToken t = new BlobCrypterSecurityToken( getBlobCrypter(getContainerKey("container")), "container", null); t.setAppUrl("http://www.example.com/gadget.xml"); t.setModuleId(12345L); t.setOwnerId("owner"); t.setViewerId("viewer"); t.setTrustedJson("trusted"); String encrypted = t.encrypt(); timeSource.incrementSeconds(3600 + 181); // one hour plus clock skew try { codec.createToken(ImmutableMap.of(SecurityTokenCodec.SECURITY_TOKEN_NAME, encrypted)); fail("should have expired"); } catch (SecurityTokenException e) { assertTrue(e.getMessage(), e.getMessage().contains("Blob expired")); } }
@Test public void testRealValues() throws Exception { BlobCrypterSecurityToken t = new BlobCrypterSecurityToken(crypter, CONTAINER, DOMAIN); t.setAppUrl("http://www.example.com/gadget.xml"); t.setModuleId(12345L); t.setOwnerId("owner"); t.setViewerId("viewer"); t.setTrustedJson("trusted"); String token = t.encrypt(); assertTrue("should start with container: " + token, token.startsWith("container:")); String[] fields = StringUtils.split(token, ':'); BlobCrypterSecurityToken t2 = BlobCrypterSecurityToken.decrypt(crypter, CONTAINER, DOMAIN, fields[1], "active"); assertEquals("http://www.example.com/gadget.xml", t2.getAppId()); assertEquals("http://www.example.com/gadget.xml", t2.getAppUrl()); assertEquals(DOMAIN, t2.getDomain()); assertEquals(12345L, t2.getModuleId()); assertEquals("owner", t2.getOwnerId()); assertEquals("viewer", t2.getViewerId()); assertEquals("trusted", t2.getTrustedJson()); assertEquals(CONTAINER, t2.getContainer()); assertEquals("active", t2.getActiveUrl()); }
@Test public void testRealValues() throws Exception { BlobCrypterSecurityToken t = new BlobCrypterSecurityToken(crypter, CONTAINER, DOMAIN); t.setAppUrl("http://www.example.com/gadget.xml"); t.setModuleId(12345L); t.setOwnerId("owner"); t.setViewerId("viewer"); t.setTrustedJson("trusted"); String token = t.encrypt(); assertTrue("should start with container: " + token, token.startsWith("container:")); String[] fields = StringUtils.split(token, ':'); BlobCrypterSecurityToken t2 = BlobCrypterSecurityToken.decrypt(crypter, CONTAINER, DOMAIN, fields[1], "active"); assertEquals("http://www.example.com/gadget.xml", t2.getAppId()); assertEquals("http://www.example.com/gadget.xml", t2.getAppUrl()); assertEquals(DOMAIN, t2.getDomain()); assertEquals(12345L, t2.getModuleId()); assertEquals("owner", t2.getOwnerId()); assertEquals("viewer", t2.getViewerId()); assertEquals("trusted", t2.getTrustedJson()); assertEquals(CONTAINER, t2.getContainer()); assertEquals("active", t2.getActiveUrl()); }
@Test public void testCreateToken() throws Exception { BlobCrypterSecurityToken t = new BlobCrypterSecurityToken( getBlobCrypter(getContainerKey("container")), "container", null); t.setAppUrl("http://www.example.com/gadget.xml"); t.setModuleId(12345L); t.setOwnerId("owner"); t.setViewerId("viewer"); t.setTrustedJson("trusted"); String encrypted = t.encrypt(); SecurityToken t2 = codec.createToken( ImmutableMap.of(SecurityTokenCodec.SECURITY_TOKEN_NAME, encrypted)); assertEquals("http://www.example.com/gadget.xml", t2.getAppId()); assertEquals("http://www.example.com/gadget.xml", t2.getAppUrl()); assertEquals("container.com", t2.getDomain()); assertEquals(12345L, t2.getModuleId()); assertEquals("owner", t2.getOwnerId()); assertEquals("viewer", t2.getViewerId()); assertEquals("trusted", t2.getTrustedJson()); }
@Test public void testCreateToken() throws Exception { BlobCrypterSecurityToken t = new BlobCrypterSecurityToken( getBlobCrypter(getContainerKey("container")), "container", null); t.setAppUrl("http://www.example.com/gadget.xml"); t.setModuleId(12345L); t.setOwnerId("owner"); t.setViewerId("viewer"); t.setTrustedJson("trusted"); String encrypted = t.encrypt(); SecurityToken t2 = codec.createToken( ImmutableMap.of(SecurityTokenCodec.SECURITY_TOKEN_NAME, encrypted)); assertEquals("http://www.example.com/gadget.xml", t2.getAppId()); assertEquals("http://www.example.com/gadget.xml", t2.getAppUrl()); assertEquals("container.com", t2.getDomain()); assertEquals(12345L, t2.getModuleId()); assertEquals("owner", t2.getOwnerId()); assertEquals("viewer", t2.getViewerId()); assertEquals("trusted", t2.getTrustedJson()); }