@Bean JwtDecoder decoder() throws Exception { RSAPublicKey publicKey = (RSAPublicKey) KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(this.spec)); return new NimbusJwtDecoder(withPublicKey(publicKey).build()); } }
@Test public void withPublicKeyWhenNullThenThrowsException() { assertThatThrownBy(() -> JwtProcessors.withPublicKey(null)) .isInstanceOf(IllegalArgumentException.class); }
@Test public void processWhenUsingPublicKeyThenSuccessfullyDecodes() throws Exception { JWTProcessor<SecurityContext> processor = JwtProcessors.withPublicKey(key()).build(); assertThat(processor.process(RS256_SIGNED_JWT, null)) .extracting(JWTClaimsSet::getSubject) .isEqualTo("test-subject"); }
@Test public void processWhenUsingPublicKeyWithRs512ThenSuccessfullyDecodes() throws Exception { JWTProcessor<SecurityContext> processor = JwtProcessors .withPublicKey(key()).jwsAlgorithm(JwsAlgorithms.RS512).build(); assertThat(processor.process(RS512_SIGNED_JWT, null)) .extracting(JWTClaimsSet::getSubject) .isEqualTo("test-subject"); }
@Test public void buildWhenSignatureAlgorithmMismatchesKeyTypeThenThrowsException() { assertThatCode(() -> JwtProcessors.withPublicKey(key()) .jwsAlgorithm(JwsAlgorithms.ES256) .build()) .isInstanceOf(IllegalStateException.class); }
@Test public void processWhenSignatureMismatchesAlgorithmThenThrowsException() throws Exception { JWTProcessor<SecurityContext> processor = JwtProcessors .withPublicKey(key()).jwsAlgorithm(JwsAlgorithms.RS512).build(); assertThatCode(() -> processor.process(RS256_SIGNED_JWT, null)) .isInstanceOf(BadJOSEException.class); }