github.com/aarzilli/tools@v0.0.0-20151123112009-0d27094f75e0/appengine/login/googlesignin/jwt-go/rsa_test.go (about) 1 package jwt_test 2 3 import ( 4 "github.com/dgrijalva/jwt-go" 5 "io/ioutil" 6 "strings" 7 "testing" 8 ) 9 10 var rsaTestData = []struct { 11 name string 12 tokenString string 13 alg string 14 claims map[string]interface{} 15 valid bool 16 }{ 17 { 18 "Basic RS256", 19 "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJmb28iOiJiYXIifQ.FhkiHkoESI_cG3NPigFrxEk9Z60_oXrOT2vGm9Pn6RDgYNovYORQmmA0zs1AoAOf09ly2Nx2YAg6ABqAYga1AcMFkJljwxTT5fYphTuqpWdy4BELeSYJx5Ty2gmr8e7RonuUztrdD5WfPqLKMm1Ozp_T6zALpRmwTIW0QPnaBXaQD90FplAg46Iy1UlDKr-Eupy0i5SLch5Q-p2ZpaL_5fnTIUDlxC3pWhJTyx_71qDI-mAA_5lE_VdroOeflG56sSmDxopPEG3bFlSu1eowyBfxtu0_CuVd-M42RU75Zc4Gsj6uV77MBtbMrf4_7M_NUTSgoIF3fRqxrj0NzihIBg", 20 "RS256", 21 map[string]interface{}{"foo": "bar"}, 22 true, 23 }, 24 { 25 "Basic RS384", 26 "eyJhbGciOiJSUzM4NCIsInR5cCI6IkpXVCJ9.eyJmb28iOiJiYXIifQ.W-jEzRfBigtCWsinvVVuldiuilzVdU5ty0MvpLaSaqK9PlAWWlDQ1VIQ_qSKzwL5IXaZkvZFJXT3yL3n7OUVu7zCNJzdwznbC8Z-b0z2lYvcklJYi2VOFRcGbJtXUqgjk2oGsiqUMUMOLP70TTefkpsgqDxbRh9CDUfpOJgW-dU7cmgaoswe3wjUAUi6B6G2YEaiuXC0XScQYSYVKIzgKXJV8Zw-7AN_DBUI4GkTpsvQ9fVVjZM9csQiEXhYekyrKu1nu_POpQonGd8yqkIyXPECNmmqH5jH4sFiF67XhD7_JpkvLziBpI-uh86evBUadmHhb9Otqw3uV3NTaXLzJw", 27 "RS384", 28 map[string]interface{}{"foo": "bar"}, 29 true, 30 }, 31 { 32 "Basic RS512", 33 "eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.eyJmb28iOiJiYXIifQ.zBlLlmRrUxx4SJPUbV37Q1joRcI9EW13grnKduK3wtYKmDXbgDpF1cZ6B-2Jsm5RB8REmMiLpGms-EjXhgnyh2TSHE-9W2gA_jvshegLWtwRVDX40ODSkTb7OVuaWgiy9y7llvcknFBTIg-FnVPVpXMmeV_pvwQyhaz1SSwSPrDyxEmksz1hq7YONXhXPpGaNbMMeDTNP_1oj8DZaqTIL9TwV8_1wb2Odt_Fy58Ke2RVFijsOLdnyEAjt2n9Mxihu9i3PhNBkkxa2GbnXBfq3kzvZ_xxGGopLdHhJjcGWXO-NiwI9_tiu14NRv4L2xC0ItD9Yz68v2ZIZEp_DuzwRQ", 34 "RS512", 35 map[string]interface{}{"foo": "bar"}, 36 true, 37 }, 38 { 39 "basic invalid: foo => bar", 40 "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJmb28iOiJiYXIifQ.EhkiHkoESI_cG3NPigFrxEk9Z60_oXrOT2vGm9Pn6RDgYNovYORQmmA0zs1AoAOf09ly2Nx2YAg6ABqAYga1AcMFkJljwxTT5fYphTuqpWdy4BELeSYJx5Ty2gmr8e7RonuUztrdD5WfPqLKMm1Ozp_T6zALpRmwTIW0QPnaBXaQD90FplAg46Iy1UlDKr-Eupy0i5SLch5Q-p2ZpaL_5fnTIUDlxC3pWhJTyx_71qDI-mAA_5lE_VdroOeflG56sSmDxopPEG3bFlSu1eowyBfxtu0_CuVd-M42RU75Zc4Gsj6uV77MBtbMrf4_7M_NUTSgoIF3fRqxrj0NzihIBg", 41 "RS256", 42 map[string]interface{}{"foo": "bar"}, 43 false, 44 }, 45 } 46 47 func TestRSAVerify(t *testing.T) { 48 key, _ := ioutil.ReadFile("test/sample_key.pub") 49 50 for _, data := range rsaTestData { 51 parts := strings.Split(data.tokenString, ".") 52 53 method := jwt.GetSigningMethod(data.alg) 54 err := method.Verify(strings.Join(parts[0:2], "."), parts[2], key) 55 if data.valid && err != nil { 56 t.Errorf("[%v] Error while verifying key: %v", data.name, err) 57 } 58 if !data.valid && err == nil { 59 t.Errorf("[%v] Invalid key passed validation", data.name) 60 } 61 } 62 } 63 64 func TestRSASign(t *testing.T) { 65 key, _ := ioutil.ReadFile("test/sample_key") 66 67 for _, data := range rsaTestData { 68 if data.valid { 69 parts := strings.Split(data.tokenString, ".") 70 method := jwt.GetSigningMethod(data.alg) 71 sig, err := method.Sign(strings.Join(parts[0:2], "."), key) 72 if err != nil { 73 t.Errorf("[%v] Error signing token: %v", data.name, err) 74 } 75 if sig != parts[2] { 76 t.Errorf("[%v] Incorrect signature.\nwas:\n%v\nexpecting:\n%v", data.name, sig, parts[2]) 77 } 78 } 79 } 80 } 81 82 func TestRSAVerifyWithPreParsedPrivateKey(t *testing.T) { 83 key, _ := ioutil.ReadFile("test/sample_key.pub") 84 parsedKey, err := jwt.ParseRSAPublicKeyFromPEM(key) 85 if err != nil { 86 t.Fatal(err) 87 } 88 testData := rsaTestData[0] 89 parts := strings.Split(testData.tokenString, ".") 90 err = jwt.SigningMethodRS256.Verify(strings.Join(parts[0:2], "."), parts[2], parsedKey) 91 if err != nil { 92 t.Errorf("[%v] Error while verifying key: %v", testData.name, err) 93 } 94 } 95 96 func TestRSAWithPreParsedPrivateKey(t *testing.T) { 97 key, _ := ioutil.ReadFile("test/sample_key") 98 parsedKey, err := jwt.ParseRSAPrivateKeyFromPEM(key) 99 if err != nil { 100 t.Fatal(err) 101 } 102 testData := rsaTestData[0] 103 parts := strings.Split(testData.tokenString, ".") 104 sig, err := jwt.SigningMethodRS256.Sign(strings.Join(parts[0:2], "."), parsedKey) 105 if err != nil { 106 t.Errorf("[%v] Error signing token: %v", testData.name, err) 107 } 108 if sig != parts[2] { 109 t.Errorf("[%v] Incorrect signature.\nwas:\n%v\nexpecting:\n%v", testData.name, sig, parts[2]) 110 } 111 } 112 113 func TestRSAKeyParsing(t *testing.T) { 114 key, _ := ioutil.ReadFile("test/sample_key") 115 pubKey, _ := ioutil.ReadFile("test/sample_key.pub") 116 badKey := []byte("All your base are belong to key") 117 118 // Test parsePrivateKey 119 if _, e := jwt.ParseRSAPrivateKeyFromPEM(key); e != nil { 120 t.Errorf("Failed to parse valid private key: %v", e) 121 } 122 123 if k, e := jwt.ParseRSAPrivateKeyFromPEM(pubKey); e == nil { 124 t.Errorf("Parsed public key as valid private key: %v", k) 125 } 126 127 if k, e := jwt.ParseRSAPrivateKeyFromPEM(badKey); e == nil { 128 t.Errorf("Parsed invalid key as valid private key: %v", k) 129 } 130 131 // Test parsePublicKey 132 if _, e := jwt.ParseRSAPublicKeyFromPEM(pubKey); e != nil { 133 t.Errorf("Failed to parse valid public key: %v", e) 134 } 135 136 if k, e := jwt.ParseRSAPublicKeyFromPEM(key); e == nil { 137 t.Errorf("Parsed private key as valid public key: %v", k) 138 } 139 140 if k, e := jwt.ParseRSAPublicKeyFromPEM(badKey); e == nil { 141 t.Errorf("Parsed invalid key as valid private key: %v", k) 142 } 143 144 } 145 146 func BenchmarkRS256Signing(b *testing.B) { 147 key, _ := ioutil.ReadFile("test/sample_key") 148 parsedKey, err := jwt.ParseRSAPrivateKeyFromPEM(key) 149 if err != nil { 150 b.Fatal(err) 151 } 152 153 benchmarkSigning(b, jwt.SigningMethodRS256, parsedKey) 154 } 155 156 func BenchmarkRS384Signing(b *testing.B) { 157 key, _ := ioutil.ReadFile("test/sample_key") 158 parsedKey, err := jwt.ParseRSAPrivateKeyFromPEM(key) 159 if err != nil { 160 b.Fatal(err) 161 } 162 163 benchmarkSigning(b, jwt.SigningMethodRS384, parsedKey) 164 } 165 166 func BenchmarkRS512Signing(b *testing.B) { 167 key, _ := ioutil.ReadFile("test/sample_key") 168 parsedKey, err := jwt.ParseRSAPrivateKeyFromPEM(key) 169 if err != nil { 170 b.Fatal(err) 171 } 172 173 benchmarkSigning(b, jwt.SigningMethodRS512, parsedKey) 174 }