@Test public void validateWhenJwtIsNullThenThrowsIllegalArgumentException() { assertThatCode(() -> this.validator.validate(null)) .isInstanceOf(IllegalArgumentException.class); }
@Test public void validateWhenIssuerMatchesThenReturnsSuccess() { Jwt jwt = new Jwt( MOCK_TOKEN, MOCK_ISSUED_AT, MOCK_EXPIRES_AT, MOCK_HEADERS, Collections.singletonMap("iss", ISSUER)); assertThat(this.validator.validate(jwt)) .isEqualTo(OAuth2TokenValidatorResult.success()); }
@Test public void validateWhenIssuerMatchesAndIsNotAUriThenReturnsSuccess() { Jwt jwt = new Jwt( MOCK_TOKEN, MOCK_ISSUED_AT, MOCK_EXPIRES_AT, MOCK_HEADERS, Collections.singletonMap(JwtClaimNames.ISS, "issuer")); JwtIssuerValidator validator = new JwtIssuerValidator("issuer"); assertThat(validator.validate(jwt)) .isEqualTo(OAuth2TokenValidatorResult.success()); }
@Test public void validateWhenIssuerMismatchesThenReturnsError() { Jwt jwt = new Jwt( MOCK_TOKEN, MOCK_ISSUED_AT, MOCK_EXPIRES_AT, MOCK_HEADERS, Collections.singletonMap(JwtClaimNames.ISS, "https://other")); OAuth2TokenValidatorResult result = this.validator.validate(jwt); assertThat(result.getErrors()).isNotEmpty(); }
@Test public void validateWhenJwtHasNoIssuerThenReturnsError() { Jwt jwt = new Jwt( MOCK_TOKEN, MOCK_ISSUED_AT, MOCK_EXPIRES_AT, MOCK_HEADERS, Collections.singletonMap(JwtClaimNames.AUD, "https://aud")); OAuth2TokenValidatorResult result = this.validator.validate(jwt); assertThat(result.getErrors()).isNotEmpty(); }