@Override public Jwt decode(String token) throws JwtException { return this.delegate.decode(token); }
@Test public void decodeWhenJwtIsMalformedThenReturnsStockException() { assertThatCode(() -> this.jwtDecoder.decode(MALFORMED_JWT)) .isInstanceOf(JwtException.class) .hasMessage("An error occurred while attempting to decode the Jwt: Malformed payload"); }
@Test public void decodeWhenUsingSignedJwtThenReturnsClaimsGivenByClaimSetConverter() { Converter<Map<String, Object>, Map<String, Object>> claimSetConverter = mock(Converter.class); when(claimSetConverter.convert(any(Map.class))) .thenReturn(Collections.singletonMap("custom", "value")); this.jwtDecoder.setClaimSetConverter(claimSetConverter); Jwt jwt = this.jwtDecoder.decode(SIGNED_JWT); assertThat(jwt.getClaims().size()).isEqualTo(1); assertThat(jwt.getClaims().get("custom")).isEqualTo("value"); }
@Test public void decodeWhenJwtInvalidThenThrowJwtException() { assertThatThrownBy(() -> this.jwtDecoder.decode("invalid")) .isInstanceOf(JwtException.class); }
@Test public void decodeWhenPlainJwtThenExceptionDoesNotMentionClass() { assertThatCode(() -> this.jwtDecoder.decode(UNSIGNED_JWT)) .isInstanceOf(JwtException.class) .hasMessageContaining("Unsupported algorithm of none"); }
@Test public void decodeWhenJwkResponseIsMalformedThenReturnsStockException() { NimbusJwtDecoder jwtDecoder = new NimbusJwtDecoder(withSigning(MALFORMED_JWK_SET)); assertThatCode(() -> jwtDecoder.decode(SIGNED_JWT)) .isInstanceOf(JwtException.class) .hasMessage("An error occurred while attempting to decode the Jwt: Malformed Jwk set"); }
@Test public void decodeWhenJwtFailsValidationThenReturnsCorrespondingErrorMessage() { OAuth2Error failure = new OAuth2Error("mock-error", "mock-description", "mock-uri"); OAuth2TokenValidator<Jwt> jwtValidator = mock(OAuth2TokenValidator.class); when(jwtValidator.validate(any(Jwt.class))) .thenReturn(OAuth2TokenValidatorResult.failure(failure)); this.jwtDecoder.setJwtValidator(jwtValidator); assertThatCode(() -> this.jwtDecoder.decode(SIGNED_JWT)) .isInstanceOf(JwtValidationException.class) .hasMessageContaining("mock-description"); }
@Test public void decodeWhenIatClaimNullThenDoesNotThrowException() { assertThatCode(() -> this.jwtDecoder.decode(SIGNED_JWT)) .doesNotThrowAnyException(); }
@Test public void decodeWhenExpClaimNullThenDoesNotThrowException() { assertThatCode(() -> this.jwtDecoder.decode(EMPTY_EXP_CLAIM_JWT)) .doesNotThrowAnyException(); }
@Test public void decodeWhenJwtValidationHasTwoErrorsThenJwtExceptionMessageShowsFirstError() { OAuth2Error firstFailure = new OAuth2Error("mock-error", "mock-description", "mock-uri"); OAuth2Error secondFailure = new OAuth2Error("another-error", "another-description", "another-uri"); OAuth2TokenValidatorResult result = OAuth2TokenValidatorResult.failure(firstFailure, secondFailure); OAuth2TokenValidator<Jwt> jwtValidator = mock(OAuth2TokenValidator.class); when(jwtValidator.validate(any(Jwt.class))).thenReturn(result); this.jwtDecoder.setJwtValidator(jwtValidator); assertThatCode(() -> this.jwtDecoder.decode(SIGNED_JWT)) .isInstanceOf(JwtValidationException.class) .hasMessageContaining("mock-description") .hasFieldOrPropertyWithValue("errors", Arrays.asList(firstFailure, secondFailure)); }
@Test public void decodeWhenSignedThenOk() { NimbusJwtDecoder jwtDecoder = new NimbusJwtDecoder(withSigning(JWK_SET)); Jwt jwt = jwtDecoder.decode(SIGNED_JWT); assertThat(jwt.containsClaim(JwtClaimNames.EXP)).isNotNull(); }
@Test public void decodeWhenJwkEndpointIsUnresponsiveThenReturnsJwtException() throws Exception { try ( MockWebServer server = new MockWebServer() ) { String jwkSetUri = server.url("/.well-known/jwks.json").toString(); NimbusJwtDecoder jwtDecoder = new NimbusJwtDecoder( withJwkSetUri(jwkSetUri).build()); server.shutdown(); assertThatCode(() -> jwtDecoder.decode(SIGNED_JWT)) .isInstanceOf(JwtException.class) .hasMessageContaining("An error occurred while attempting to decode the Jwt"); } }