github.com/zak-blake/goa@v1.4.1/middleware/security/jwt/jwt_test.go (about) 1 package jwt_test 2 3 import ( 4 "crypto/ecdsa" 5 "crypto/rsa" 6 "net/http" 7 "net/http/httptest" 8 9 "context" 10 11 jwtpkg "github.com/dgrijalva/jwt-go" 12 "github.com/goadesign/goa" 13 "github.com/goadesign/goa/middleware/security/jwt" 14 . "github.com/onsi/ginkgo" 15 . "github.com/onsi/gomega" 16 ) 17 18 var _ = Describe("Middleware", func() { 19 var securityScheme *goa.JWTSecurity 20 var respRecord *httptest.ResponseRecorder 21 var request *http.Request 22 var handler goa.Handler 23 var middleware goa.Middleware 24 var dispatchResult error 25 var fetchedToken *jwtpkg.Token 26 27 Context("JWT with Authorization Header", func() { 28 BeforeEach(func() { 29 securityScheme = &goa.JWTSecurity{ 30 In: goa.LocHeader, 31 Name: "Authorization", 32 } 33 respRecord = httptest.NewRecorder() 34 request, _ = http.NewRequest("GET", "http://example.com/", nil) 35 // HS256 {"scopes":"scope1","admin":true}, signed with "keys" 36 request.Header.Set("Authorization", "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzY29wZXMiOiJzY29wZTEiLCJhZG1pbiI6dHJ1ZX0.UCvEfbD_yuS5dCZidxZgogVi2yF0ZVecMsQQbY1HJy0") 37 handler = func(ctx context.Context, w http.ResponseWriter, r *http.Request) error { 38 fetchedToken = jwt.ContextJWT(ctx) 39 return nil 40 } 41 }) 42 43 JustBeforeEach(func() { 44 dispatchResult = middleware(handler)(context.Background(), respRecord, request) 45 }) 46 47 Context("HMAC keys signed token", func() { 48 BeforeEach(func() { 49 // HS256 {"scopes":"scope1","admin":true}, signed with "keys" 50 request.Header.Set("Authorization", "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzY29wZXMiOiJzY29wZTEiLCJhZG1pbiI6dHJ1ZX0.UCvEfbD_yuS5dCZidxZgogVi2yF0ZVecMsQQbY1HJy0") 51 52 }) 53 54 Context("with a single key", func() { 55 BeforeEach(func() { 56 middleware = jwt.New("keys", nil, securityScheme) 57 }) 58 59 It("should go through", func() { 60 Ω(dispatchResult).ShouldNot(HaveOccurred()) 61 Ω(fetchedToken).ShouldNot(BeNil()) 62 }) 63 }) 64 65 Context("with keys that didn't the JWT", func() { 66 BeforeEach(func() { 67 middleware = jwt.New("otherkey", nil, securityScheme) 68 }) 69 70 It("should fail with an error", func() { 71 Ω(dispatchResult).Should(HaveOccurred()) 72 Ω(dispatchResult.(error)).Should(HaveOccurred()) 73 }) 74 }) 75 76 Context("with multiple keys", func() { 77 BeforeEach(func() { 78 middleware = jwt.New([]string{"firstkey", "keys"}, nil, securityScheme) 79 }) 80 81 It("should go through", func() { 82 Ω(dispatchResult).ShouldNot(HaveOccurred()) 83 Ω(fetchedToken).ShouldNot(BeNil()) 84 }) 85 }) 86 }) 87 88 Context("RSA keys signed token", func() { 89 BeforeEach(func() { 90 // RS256 {"scopes":"scope1 scope2","admin":true}, signed with rsaKey1 below 91 request.Header.Set("Authorization", "Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzY29wZXMiOiJzY29wZTEgc2NvcGUyIiwiYWRtaW4iOnRydWV9.gT4gSGqXTCUZAJT_TWZ4eknazVo-ulMKwSpHoghWZU8Sm9QXt48ISwFAb_wW2xhR58MUNX95iuiex0bCWvze59r35dEQ2SOZixuDvE8srQi2SRk9qqsVV9-R361qf2D8KfLX9jQ7j-UB40bleg0fOyBAjPLPq0ggBigSjQ2yUz8YDKma-n6Ulc3LJ4gyozmb3MjO9RV2pdD3N-m6ttwkTkUE2jhsL6a3T8f0Y6xSGTMyZasKc6kHbUyz6NjAeplLhbkBDE8-Ak4GaLGlLnLzZ49oTVrh89yauciW5yLQCXzXt2PODqp6zXPC0FFcDr-2USCpA-nqaQQyhliMcgtqVw") 92 }) 93 94 Context("with valid scopes", func() { 95 96 var ctx context.Context 97 98 BeforeEach(func() { 99 middleware = jwt.New("keys", nil, securityScheme) 100 ctx = goa.WithRequiredScopes(context.Background(), []string{"scope1"}) 101 }) 102 103 It("should accept scopes specified using the 'scope' claim", func() { 104 // HS256 {"scope":"scope1","admin":true}, signed with "keys" 105 request.Header.Set("Authorization", "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzY29wZSI6InNjb3BlMSIsImFkbWluIjp0cnVlfQ.EwMZtpTUPUoKsiCHqH659JQeMLf3-KdboStmQKjv2IU") 106 dispatchResult = middleware(handler)(ctx, respRecord, request) 107 Ω(dispatchResult).ShouldNot(HaveOccurred()) 108 }) 109 110 It("should accept scopes specified using the 'scopes' claim", func() { 111 // HS256 {"scopes":"scope1","admin":true}, signed with "keys" 112 request.Header.Set("Authorization", "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzY29wZXMiOiJzY29wZTEiLCJhZG1pbiI6dHJ1ZX0.UCvEfbD_yuS5dCZidxZgogVi2yF0ZVecMsQQbY1HJy0") 113 dispatchResult = middleware(handler)(ctx, respRecord, request) 114 Ω(dispatchResult).ShouldNot(HaveOccurred()) 115 }) 116 117 It("should fall back to 'scopes' if 'scope' is null", func() { 118 // HS256 {"scope":null, "scopes":"scope1", "admin":true}, signed with "keys" 119 request.Header.Set("Authorization", "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzY29wZSI6bnVsbCwic2NvcGVzIjoic2NvcGUxIiwiYWRtaW4iOnRydWV9.h8L_MlWWyB0RnwaUBDVu8nGPn5wPSVPMEm42iH8Jxmg") 120 dispatchResult = middleware(handler)(ctx, respRecord, request) 121 Ω(dispatchResult).ShouldNot(HaveOccurred()) 122 }) 123 124 It("should not fall back to 'scopes' if 'scope' is an empty string", func() { 125 // HS256 {"scope":"", "scopes":"scope1", "admin":true}, signed with "keys" 126 request.Header.Set("Authorization", "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzY29wZSI6IiIsInNjb3BlcyI6InNjb3BlMSIsImFkbWluIjp0cnVlfQ.U5r-gAvk8SWRYBK3Hmj7zqHSQ0lSQO1wAAk0soyHkoU") 127 dispatchResult = middleware(handler)(ctx, respRecord, request) 128 Ω(dispatchResult).Should(HaveOccurred()) 129 }) 130 131 }) 132 133 Context("with a single key", func() { 134 BeforeEach(func() { 135 middleware = jwt.New(rsaPubKey1, nil, securityScheme) 136 }) 137 138 It("should go through", func() { 139 Ω(dispatchResult).ShouldNot(HaveOccurred()) 140 Ω(fetchedToken).ShouldNot(BeNil()) 141 }) 142 }) 143 144 Context("with keys that didn't the JWT", func() { 145 BeforeEach(func() { 146 middleware = jwt.New(rsaPubKey2, nil, securityScheme) 147 }) 148 149 It("should fail with an error", func() { 150 Ω(dispatchResult).Should(HaveOccurred()) 151 Ω(dispatchResult.(error)).Should(HaveOccurred()) 152 }) 153 }) 154 155 Context("with multiple keys", func() { 156 BeforeEach(func() { 157 middleware = jwt.New([]*rsa.PublicKey{rsaPubKey1}, nil, securityScheme) 158 }) 159 160 It("should go through", func() { 161 Ω(dispatchResult).ShouldNot(HaveOccurred()) 162 Ω(fetchedToken).ShouldNot(BeNil()) 163 }) 164 }) 165 }) 166 167 Context("ECDSA keys signed token", func() { 168 BeforeEach(func() { 169 // ES256 {"scopes":"scope1 scope2","admin":true}, signed with ecKey1 below 170 request.Header.Set("Authorization", "Bearer "+ 171 "eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9."+ 172 "eyJhZG1pbiI6dHJ1ZSwic2NvcGVzIjoic2NvcGUxIHNjb3BlMiJ9."+ 173 "7gM4EblP4cvX5C6PBLSBFpKX2FQ9AsLNmOXEm86uvrd4czBfw1zDO24abQ7gtlbMcjuVvxrpIyRa7Nbbn31G7w") 174 }) 175 176 Context("with a single key", func() { 177 BeforeEach(func() { 178 middleware = jwt.New(ecPubKey1, nil, securityScheme) 179 }) 180 181 It("should go through", func() { 182 Ω(dispatchResult).ShouldNot(HaveOccurred()) 183 Ω(fetchedToken).ShouldNot(BeNil()) 184 }) 185 }) 186 187 Context("with keys that didn't the JWT", func() { 188 BeforeEach(func() { 189 middleware = jwt.New(ecPubKey2, nil, securityScheme) 190 }) 191 192 It("should fail with an error", func() { 193 Ω(dispatchResult).Should(HaveOccurred()) 194 Ω(dispatchResult.(error)).Should(HaveOccurred()) 195 }) 196 }) 197 198 Context("with multiple keys", func() { 199 BeforeEach(func() { 200 middleware = jwt.New([]*ecdsa.PublicKey{ecPubKey1}, nil, securityScheme) 201 }) 202 203 It("should go through", func() { 204 Ω(dispatchResult).ShouldNot(HaveOccurred()) 205 Ω(fetchedToken).ShouldNot(BeNil()) 206 }) 207 }) 208 }) 209 }) 210 211 Context("JWT with Authorization Query Parameter", func() { 212 BeforeEach(func() { 213 securityScheme = &goa.JWTSecurity{ 214 In: goa.LocQuery, 215 Name: "access_token", 216 } 217 respRecord = httptest.NewRecorder() 218 request, _ = http.NewRequest("GET", "http://example.com/", nil) 219 // HS256 {"scopes":"scope1","admin":true}, signed with "keys" 220 q := request.URL.Query() 221 q.Set("access_token", "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzY29wZXMiOiJzY29wZTEiLCJhZG1pbiI6dHJ1ZX0.UCvEfbD_yuS5dCZidxZgogVi2yF0ZVecMsQQbY1HJy0") 222 request.URL.RawQuery = q.Encode() 223 handler = func(ctx context.Context, w http.ResponseWriter, r *http.Request) error { 224 fetchedToken = jwt.ContextJWT(ctx) 225 return nil 226 } 227 }) 228 229 JustBeforeEach(func() { 230 dispatchResult = middleware(handler)(context.Background(), respRecord, request) 231 }) 232 233 Context("HMAC keys signed token", func() { 234 BeforeEach(func() { 235 // HS256 {"scopes":"scope1","admin":true}, signed with "keys" 236 q := request.URL.Query() 237 q.Set("access_token", "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzY29wZXMiOiJzY29wZTEiLCJhZG1pbiI6dHJ1ZX0.UCvEfbD_yuS5dCZidxZgogVi2yF0ZVecMsQQbY1HJy0") 238 request.URL.RawQuery = q.Encode() 239 240 }) 241 242 Context("with a single key", func() { 243 BeforeEach(func() { 244 middleware = jwt.New("keys", nil, securityScheme) 245 }) 246 247 It("should go through", func() { 248 Ω(dispatchResult).ShouldNot(HaveOccurred()) 249 Ω(fetchedToken).ShouldNot(BeNil()) 250 }) 251 }) 252 253 Context("with keys that didn't the JWT", func() { 254 BeforeEach(func() { 255 middleware = jwt.New("otherkey", nil, securityScheme) 256 }) 257 258 It("should fail with an error", func() { 259 Ω(dispatchResult).Should(HaveOccurred()) 260 Ω(dispatchResult.(error)).Should(HaveOccurred()) 261 }) 262 }) 263 264 Context("with multiple keys", func() { 265 BeforeEach(func() { 266 middleware = jwt.New([]string{"firstkey", "keys"}, nil, securityScheme) 267 }) 268 269 It("should go through", func() { 270 Ω(dispatchResult).ShouldNot(HaveOccurred()) 271 Ω(fetchedToken).ShouldNot(BeNil()) 272 }) 273 }) 274 }) 275 276 Context("RSA keys signed token", func() { 277 BeforeEach(func() { 278 // RS256 {"scopes":"scope1 scope2","admin":true}, signed with rsaKey1 below 279 q := request.URL.Query() 280 q.Set("access_token", "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzY29wZXMiOiJzY29wZTEgc2NvcGUyIiwiYWRtaW4iOnRydWV9.gT4gSGqXTCUZAJT_TWZ4eknazVo-ulMKwSpHoghWZU8Sm9QXt48ISwFAb_wW2xhR58MUNX95iuiex0bCWvze59r35dEQ2SOZixuDvE8srQi2SRk9qqsVV9-R361qf2D8KfLX9jQ7j-UB40bleg0fOyBAjPLPq0ggBigSjQ2yUz8YDKma-n6Ulc3LJ4gyozmb3MjO9RV2pdD3N-m6ttwkTkUE2jhsL6a3T8f0Y6xSGTMyZasKc6kHbUyz6NjAeplLhbkBDE8-Ak4GaLGlLnLzZ49oTVrh89yauciW5yLQCXzXt2PODqp6zXPC0FFcDr-2USCpA-nqaQQyhliMcgtqVw") 281 request.URL.RawQuery = q.Encode() 282 }) 283 284 Context("with valid scopes", func() { 285 286 var ctx context.Context 287 288 BeforeEach(func() { 289 middleware = jwt.New("keys", nil, securityScheme) 290 ctx = goa.WithRequiredScopes(context.Background(), []string{"scope1"}) 291 }) 292 293 It("should accept scopes specified using the 'scope' claim", func() { 294 // HS256 {"scope":"scope1","admin":true}, signed with "keys" 295 q := request.URL.Query() 296 q.Set("access_token", "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzY29wZSI6InNjb3BlMSIsImFkbWluIjp0cnVlfQ.EwMZtpTUPUoKsiCHqH659JQeMLf3-KdboStmQKjv2IU") 297 request.URL.RawQuery = q.Encode() 298 dispatchResult = middleware(handler)(ctx, respRecord, request) 299 Ω(dispatchResult).ShouldNot(HaveOccurred()) 300 }) 301 302 It("should accept scopes specified using the 'scopes' claim", func() { 303 // HS256 {"scopes":"scope1","admin":true}, signed with "keys" 304 q := request.URL.Query() 305 q.Set("access_token", "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzY29wZXMiOiJzY29wZTEiLCJhZG1pbiI6dHJ1ZX0.UCvEfbD_yuS5dCZidxZgogVi2yF0ZVecMsQQbY1HJy0") 306 request.URL.RawQuery = q.Encode() 307 dispatchResult = middleware(handler)(ctx, respRecord, request) 308 Ω(dispatchResult).ShouldNot(HaveOccurred()) 309 }) 310 311 It("should fall back to 'scopes' if 'scope' is null", func() { 312 // HS256 {"scope":null, "scopes":"scope1", "admin":true}, signed with "keys" 313 q := request.URL.Query() 314 q.Set("access_token", "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzY29wZSI6bnVsbCwic2NvcGVzIjoic2NvcGUxIiwiYWRtaW4iOnRydWV9.h8L_MlWWyB0RnwaUBDVu8nGPn5wPSVPMEm42iH8Jxmg") 315 request.URL.RawQuery = q.Encode() 316 dispatchResult = middleware(handler)(ctx, respRecord, request) 317 Ω(dispatchResult).ShouldNot(HaveOccurred()) 318 }) 319 320 It("should not fall back to 'scopes' if 'scope' is an empty string", func() { 321 // HS256 {"scope":"", "scopes":"scope1", "admin":true}, signed with "keys" 322 q := request.URL.Query() 323 q.Set("access_token", "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzY29wZSI6IiIsInNjb3BlcyI6InNjb3BlMSIsImFkbWluIjp0cnVlfQ.U5r-gAvk8SWRYBK3Hmj7zqHSQ0lSQO1wAAk0soyHkoU") 324 request.URL.RawQuery = q.Encode() 325 dispatchResult = middleware(handler)(ctx, respRecord, request) 326 Ω(dispatchResult).Should(HaveOccurred()) 327 }) 328 329 }) 330 331 Context("with a single key", func() { 332 BeforeEach(func() { 333 middleware = jwt.New(rsaPubKey1, nil, securityScheme) 334 }) 335 336 It("should go through", func() { 337 Ω(dispatchResult).ShouldNot(HaveOccurred()) 338 Ω(fetchedToken).ShouldNot(BeNil()) 339 }) 340 }) 341 342 Context("with keys that didn't the JWT", func() { 343 BeforeEach(func() { 344 middleware = jwt.New(rsaPubKey2, nil, securityScheme) 345 }) 346 347 It("should fail with an error", func() { 348 Ω(dispatchResult).Should(HaveOccurred()) 349 Ω(dispatchResult.(error)).Should(HaveOccurred()) 350 }) 351 }) 352 353 Context("with multiple keys", func() { 354 BeforeEach(func() { 355 middleware = jwt.New([]*rsa.PublicKey{rsaPubKey1}, nil, securityScheme) 356 }) 357 358 It("should go through", func() { 359 Ω(dispatchResult).ShouldNot(HaveOccurred()) 360 Ω(fetchedToken).ShouldNot(BeNil()) 361 }) 362 }) 363 }) 364 365 Context("ECDSA keys signed token", func() { 366 BeforeEach(func() { 367 // ES256 {"scopes":"scope1 scope2","admin":true}, signed with ecKey1 below 368 q := request.URL.Query() 369 q.Set("access_token", ""+ 370 "eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9."+ 371 "eyJhZG1pbiI6dHJ1ZSwic2NvcGVzIjoic2NvcGUxIHNjb3BlMiJ9."+ 372 "7gM4EblP4cvX5C6PBLSBFpKX2FQ9AsLNmOXEm86uvrd4czBfw1zDO24abQ7gtlbMcjuVvxrpIyRa7Nbbn31G7w") 373 request.URL.RawQuery = q.Encode() 374 }) 375 376 Context("with a single key", func() { 377 BeforeEach(func() { 378 middleware = jwt.New(ecPubKey1, nil, securityScheme) 379 }) 380 381 It("should go through", func() { 382 Ω(dispatchResult).ShouldNot(HaveOccurred()) 383 Ω(fetchedToken).ShouldNot(BeNil()) 384 }) 385 }) 386 387 Context("with keys that didn't the JWT", func() { 388 BeforeEach(func() { 389 middleware = jwt.New(ecPubKey2, nil, securityScheme) 390 }) 391 392 It("should fail with an error", func() { 393 Ω(dispatchResult).Should(HaveOccurred()) 394 Ω(dispatchResult.(error)).Should(HaveOccurred()) 395 }) 396 }) 397 398 Context("with multiple keys", func() { 399 BeforeEach(func() { 400 middleware = jwt.New([]*ecdsa.PublicKey{ecPubKey1}, nil, securityScheme) 401 }) 402 403 It("should go through", func() { 404 Ω(dispatchResult).ShouldNot(HaveOccurred()) 405 Ω(fetchedToken).ShouldNot(BeNil()) 406 }) 407 }) 408 }) 409 }) 410 }) 411 412 var rsaKey1, _ = jwtpkg.ParseRSAPrivateKeyFromPEM([]byte(`-----BEGIN RSA PRIVATE KEY----- 413 MIIEogIBAAKCAQEArZIJcPQd7aSGb80wgFpy5SVjzzsGpfIysZ30SdWlTcWMVbAT 414 XmsDNgw98TzIeoyikSbSHEeORbKWKS2clgNsdLjYKv3XLTBaXfLcU3x9mhnk/kUL 415 N/AQgyvsRGynPris2oVzGSib7uOZK/9+u+QAKIrp7prcmMmnwvdcjFXjwzx83RTF 416 1b+iuVGCdV0T4m1XQdm/YtIUh7JNbYrUolkdwZlOxMZuV0FDC+ms02+gyj580Pyl 417 TuAD4JmtSmmijyWfEx5dsZYtGALyUxcm5Hz15RP3FACrv4B++BHI6smO4sWdrSYV 418 l3sHJ60Bm6zbwuyB2twJPOdL5nVIGiIDdf+1IwIDAQABAoIBACF3MtLQfqS/QBx2 419 V4+n4NdFqkTegJ2mYRfV+K/zvXeNS02KMXHW+DuHiLnmmlDmpMGP1psVQN03XbR6 420 0uIprtOigCtp3f8cf4/1r315V05LB9fuwAb9BnIEGf3nZSe2u702VcbYCZi50WKm 421 VG0tvMoUXp5exYG//9SblQCJ3uxZf9D8y5RnrUZtP4Pnjkn/3YeJCF+Kked55Cvi 422 gv56/aiyWp9xEGsSWig5Zt8VNXihgT7D2KZzxcQDQlxw0CR5ECT7/4w7sZVvwc7B 423 I76JJDvpD0UGvzoUgx928efGKxJBrcjzvTNSKgHJYYCvaa6+qX2tjkmOqdG4xl27 424 /TaBISECgYEA4YJ32HKaS2ikn5J2C1qlHy4nRuVNhX8T9qvp6OBdbE2BQq3O5IUt 425 +wdTcjhD88aDdHCZmAd8i3FC4l+CKsQ5sTwRk0vTOZ7axC6+zDHg+na5/+NCq+xm 426 ffoaZ5jsZFyqfbsFn8NiLWLo2JSFV1AnUxwpPA2jbuylAuZVvVbLYHcCgYEAxQnO 427 L+U6NwTvN6EJgt3h1jHfXiQnapsj0O0XgK+g2K6vMovpXAf9noO+r3Qbx/aKxuRg 428 TvRQ08T5yyqysz+sYe0rp8oaMUhYQFMgJOUUBlmUVGxYdARMD6kTy/384B9Azoex 429 UCosMSEAD909MAsyQWB4X6OJKd+V68QpFYeIx7UCgYBHgaRY6PYOBU92He36abLE 430 MVFZBKrRMtt0s0yHgGV/SxA6wXxCMAzFdaw7IqZBbWgPiwjZET6nxLFNsLVItFIK 431 5h44k6mVss5xuNTdUM+i+/S8tCZW964EMkMfKHmE1XFmTuBYqY6/D4b/7hBeAFeH 432 3f0hQr3ZFYa5Zao4UIZKvwKBgGL8lhUBt8lENVlhEYIpLfeJfomw6AxqfAfN1GzV 433 zpyMxX9DQqz1ZrhnvzgtwHcoqHda6/c+TgzVfBhRDw12A4f+ulvE8HupuIw4NoHS 434 g8jc3+O5uoYuUnfbnRJyOsPtb4VSLgXz6deUmI9fugmU1l55tH93jMT4ijyzg2BJ 435 grGxAoGAWX24Yx9qoasqEQ2rgdTsgylwL28UczKQ5KNHt2PcEfPNw6/GpfK7YmlU 436 Heef2umEzb1K2ZK95wlMbF8zpNDWBf4PkxgfW+JEE+pO1kb5KXysBymymyXhGHAP 437 CwH9XHqbjVlsD358AbPeKqLgTCaGo9JgsEZDBpESmBDnIPUahMc= 438 -----END RSA PRIVATE KEY-----`)) 439 440 var rsaPubKey1, _ = jwtpkg.ParseRSAPublicKeyFromPEM([]byte(`-----BEGIN PUBLIC KEY----- 441 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZIJcPQd7aSGb80wgFpy 442 5SVjzzsGpfIysZ30SdWlTcWMVbATXmsDNgw98TzIeoyikSbSHEeORbKWKS2clgNs 443 dLjYKv3XLTBaXfLcU3x9mhnk/kULN/AQgyvsRGynPris2oVzGSib7uOZK/9+u+QA 444 KIrp7prcmMmnwvdcjFXjwzx83RTF1b+iuVGCdV0T4m1XQdm/YtIUh7JNbYrUolkd 445 wZlOxMZuV0FDC+ms02+gyj580PylTuAD4JmtSmmijyWfEx5dsZYtGALyUxcm5Hz1 446 5RP3FACrv4B++BHI6smO4sWdrSYVl3sHJ60Bm6zbwuyB2twJPOdL5nVIGiIDdf+1 447 IwIDAQAB 448 -----END PUBLIC KEY-----`)) 449 450 var rsaKey2, _ = jwtpkg.ParseRSAPrivateKeyFromPEM([]byte(`-----BEGIN RSA PRIVATE KEY----- 451 MIIEowIBAAKCAQEA4jr/DGbPt0UDGvu6Xo2LV0F6Wf8OnyxF2IFPdG5B4X0YS3DC 452 9SF3clbbBivDVa2bEXppyj+eLEKlfohCWXTrJK0LxTEcneuDkF4re+BdP3q9cKRz 453 FtI/ZVhVnD7+PS1wps7OiTM0iOaIDo9+uFrC6zBTRAiPyrdwh1ApttLdoD6i5D9D 454 7zzvpTXLC/UWaRz/phAaaop6dPPR1YblZEckWgqTMC3KrRX/6QJFFfpgyQzFT09W 455 DYnmXl2gS7C2sk4UejygqmVg96JxaIaT3WiQSjxXddjR/krcA9EGNNEkpZB2W6Ux 456 6d63yWsNG9YJUacwI+M2q5ZW964J1s//FiNZZQIDAQABAoIBAQCoqYtU16Gs5Qq3 457 p0z/CVAFMY/iYMGp8fvwuhdemoULc5QVSnBPCTBgUljgdOggjFm74iPU4TEvllCD 458 0VqGDyDwKwNHdKH9KoTfsRWCOXfLx9pMjI4xSXZyPDU3U8+AFMyT0EMzDrXwCs8M 459 6/Zxw1jmtxSc+DUb0T9X4m/3GaaZvDGGShnU8/XnEh2uEHrNwWnGWYPJ/rZjNZPy 460 PZ9W2VpcHKBMVEowK/cOoouNuflAISoLCCLMNYygr9T4Ylm3HGP9o7JuWL+wGQsa 461 aXrE5qTOpsxmBqTQ8pglnxnhDEFXmx3O+bwRfIwDSYe+wvCINpdIstWuybh4Ed2i 462 ZgLTlx8BAoGBAP9LwmfZ/2XNHBzk+f09TnTnhXzVsKkHu5BlXvWoDigVv4Dzl44j 463 X1Ade5PjiOf0Jti2QCkAaI+CjExdP1zCqDZBQFpKI3QQgvlWoKXHVFV9ziC8gcX+ 464 I6M8wmtIoK8ISnC6A5s1wKIvOPsZyP7aVZgu805BKfVqtFWCK42vnRVRAoGBAOLa 465 t2pOzVttd3vPgzGovD+Mf3RsPg6ygazj0GiDRspRCnoeopFEoBPFcKIQZlPp8rfT 466 NLOuwVkW5TqntrCW0UwixZMXicIaPDo0idXInIfP0+f7JxSYb5q7vmbyRt8uAYY9 467 GU4L/ZIn127JbgQ5n5nuODMvTe7m5Ky+FUYHw43VAoGAE6QOdtLstTZMfWSYXwVC 468 bfgJ6wq9pqNzqK5D2f5t6GOT8iXLeSH7iTxbb4tH0yCThISw9vaTFMdkZ9OctlQ7 469 gMEQZGHjzGAg03H4tghZ0qH1I8uc6FCfCUX5ZyuVQSIQKBAHiv9drJyZc6gOMJ03 470 jJfAHDsjMUBeU13KYAIswaECgYBTYiNSzv5KodTuTFsjsKrpDOJ4T6ULz+88NkyP 471 bdliWiFou8Pzc28HdWYuG6sRIwfVK6vOc+ibr3+4bJcJF5Z8zrcilt9K2kvS9SbI 472 zsFCZlC0jytRNaqoDGQzANCuDgH/bovTlTKyOzTDgwSORwP0F4zOu4+AxZu+Juw4 473 3nextQKBgEAGLuChkztZCVt0W2D8wJYFR7XjezcbsfpoXx9H8htk6u4STu9TwB76 474 DxoYj3qiTV2kRRBQQZRAli1TbDOnJuqFMnRL0aPsqebuW2sqY9Hx9G6TxokN8Nc6 475 RlTE+CbPcjBgAx+AANL/X2KYoXLAjOrYY5kQD8Qbt8Wkme7m6hiP 476 -----END RSA PRIVATE KEY-----`)) 477 478 var rsaPubKey2, _ = jwtpkg.ParseRSAPublicKeyFromPEM([]byte(`-----BEGIN PUBLIC KEY----- 479 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jr/DGbPt0UDGvu6Xo2L 480 V0F6Wf8OnyxF2IFPdG5B4X0YS3DC9SF3clbbBivDVa2bEXppyj+eLEKlfohCWXTr 481 JK0LxTEcneuDkF4re+BdP3q9cKRzFtI/ZVhVnD7+PS1wps7OiTM0iOaIDo9+uFrC 482 6zBTRAiPyrdwh1ApttLdoD6i5D9D7zzvpTXLC/UWaRz/phAaaop6dPPR1YblZEck 483 WgqTMC3KrRX/6QJFFfpgyQzFT09WDYnmXl2gS7C2sk4UejygqmVg96JxaIaT3WiQ 484 SjxXddjR/krcA9EGNNEkpZB2W6Ux6d63yWsNG9YJUacwI+M2q5ZW964J1s//FiNZ 485 ZQIDAQAB 486 -----END PUBLIC KEY-----`)) 487 488 var ecKey1, _ = jwtpkg.ParseECPrivateKeyFromPEM([]byte(`-----BEGIN EC PRIVATE KEY----- 489 MHcCAQEEIM4zAVusfF+Xl4Z5a5LaspGk+OIwGQweubphSqC1R9+VoAoGCCqGSM49 490 AwEHoUQDQgAE3tWSknhfssUVytNbPz3TB7giFfxKtHsFW27Yls+Ohfuui9NW4eEk 491 fLOxYkTI9tyoKfh9Dan5kJFA7ZYEwZ0zMQ== 492 -----END EC PRIVATE KEY-----`)) 493 494 var ecPubKey1, _ = jwtpkg.ParseECPublicKeyFromPEM([]byte(`-----BEGIN PUBLIC KEY----- 495 MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE3tWSknhfssUVytNbPz3TB7giFfxK 496 tHsFW27Yls+Ohfuui9NW4eEkfLOxYkTI9tyoKfh9Dan5kJFA7ZYEwZ0zMQ== 497 -----END PUBLIC KEY-----`)) 498 499 var ecKey2, _ = jwtpkg.ParseECPrivateKeyFromPEM([]byte(`-----BEGIN EC PRIVATE KEY----- 500 MHcCAQEEIKQ7EyFGaYMuFpMLnqK+mBnT9CrWOqzVxsF8wBlGrTq/oAoGCCqGSM49 501 AwEHoUQDQgAE8IX3mOtLvBpvrylaRjFpadqGrirXh9dkjJfM/t1dnLu5qPhybMIY 502 tEr3Xs8vYp2wyaSTVKsyj9y+t344T5Bhdw== 503 -----END EC PRIVATE KEY-----`)) 504 505 var ecPubKey2, _ = jwtpkg.ParseECPublicKeyFromPEM([]byte(`-----BEGIN PUBLIC KEY----- 506 MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE8IX3mOtLvBpvrylaRjFpadqGrirX 507 h9dkjJfM/t1dnLu5qPhybMIYtEr3Xs8vYp2wyaSTVKsyj9y+t344T5Bhdw== 508 -----END PUBLIC KEY-----`))