From f78ef5c307606f3df9489832447fae6cee4a9d78 Mon Sep 17 00:00:00 2001 From: Jared King Date: Tue, 5 Dec 2017 14:08:07 -0600 Subject: [PATCH] implement single sign-on token generation - resolves #12 --- build.gradle | 1 + .../exception/SingleSignOnException.java | 9 ++++ .../java/com/invoiced/util/SingleSignOn.java | 33 ++++++++++++ .../com/invoiced/util/SingleSignOnTest.java | 54 +++++++++++++++++++ 4 files changed, 97 insertions(+) create mode 100644 src/main/java/com/invoiced/exception/SingleSignOnException.java create mode 100644 src/main/java/com/invoiced/util/SingleSignOn.java create mode 100644 src/test/java/com/invoiced/util/SingleSignOnTest.java diff --git a/build.gradle b/build.gradle index dcefd54..6a734bd 100644 --- a/build.gradle +++ b/build.gradle @@ -37,6 +37,7 @@ dependencies { compile group: 'org.apache.httpcomponents', name: 'httpclient', version: '4.5.2' compile group: 'org.apache.httpcomponents', name: 'httpmime', version: '4.5.2' compile group: 'com.mashape.unirest', name: 'unirest-java', version: '1.4.9' + compile 'com.auth0:java-jwt:3.3.0' compile group: 'org.slf4j', name: 'slf4j-api', version: '1.7.12' diff --git a/src/main/java/com/invoiced/exception/SingleSignOnException.java b/src/main/java/com/invoiced/exception/SingleSignOnException.java new file mode 100644 index 0000000..58e4e21 --- /dev/null +++ b/src/main/java/com/invoiced/exception/SingleSignOnException.java @@ -0,0 +1,9 @@ +package com.invoiced.exception; + +public class SingleSignOnException extends InvoicedException { + private static final long serialVersionUID = 1L; + + public SingleSignOnException(Throwable cause) { + super(cause); + } +} diff --git a/src/main/java/com/invoiced/util/SingleSignOn.java b/src/main/java/com/invoiced/util/SingleSignOn.java new file mode 100644 index 0000000..13db12d --- /dev/null +++ b/src/main/java/com/invoiced/util/SingleSignOn.java @@ -0,0 +1,33 @@ +package com.invoiced.util; + +import java.io.UnsupportedEncodingException; +import java.util.Date; + +import com.auth0.jwt.JWT; +import com.auth0.jwt.algorithms.Algorithm; +import com.invoiced.exception.SingleSignOnException; + +public class SingleSignOn { + + private final String ssoKey; + + public SingleSignOn(String ssoKey) { + this.ssoKey = ssoKey; + } + + public String generateToken(int customerId, int ttlSeconds) throws SingleSignOnException { + try { + Algorithm algorithm = Algorithm.HMAC256(this.ssoKey); + + long expiresAtMs = (long) (System.currentTimeMillis() + ttlSeconds * 1000.0); + Date expiresAt = new Date(expiresAtMs); + + return JWT.create().withIssuer("Invoiced Java").withIssuedAt(new Date()) + .withSubject(Integer.toString(customerId)).withExpiresAt(expiresAt).sign(algorithm); + } catch (IllegalArgumentException e) { + throw new SingleSignOnException(e); + } catch (UnsupportedEncodingException e) { + throw new SingleSignOnException(e); + } + } +} diff --git a/src/test/java/com/invoiced/util/SingleSignOnTest.java b/src/test/java/com/invoiced/util/SingleSignOnTest.java new file mode 100644 index 0000000..adfd094 --- /dev/null +++ b/src/test/java/com/invoiced/util/SingleSignOnTest.java @@ -0,0 +1,54 @@ +package com.invoiced.util; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.fail; + +import java.io.UnsupportedEncodingException; + +import org.junit.Test; + +import com.auth0.jwt.JWT; +import com.auth0.jwt.JWTVerifier; +import com.auth0.jwt.algorithms.Algorithm; +import com.auth0.jwt.exceptions.JWTVerificationException; +import com.auth0.jwt.interfaces.DecodedJWT; +import com.invoiced.exception.SingleSignOnException; + +public class SingleSignOnTest { + + @Test + public void testGenerateToken() { + String secret = "8baa4dbc338a54bbf7696eef3ee4aa2daadd61bba85fcfe8df96c7cfa227c43"; + SingleSignOn sso = new SingleSignOn(secret); + String token = null; + try { + token = sso.generateToken(1234, 3600); + } catch (SingleSignOnException e) { + e.printStackTrace(); + fail(); + } + + Algorithm algorithm = null; + try { + algorithm = Algorithm.HMAC256(secret); + } catch (IllegalArgumentException e) { + e.printStackTrace(); + fail(); + } catch (UnsupportedEncodingException e) { + e.printStackTrace(); + fail(); + } + + JWTVerifier verifier = JWT.require(algorithm).withIssuer("Invoiced Java").build(); + DecodedJWT jwt = null; + try { + jwt = verifier.verify(token); + } catch (JWTVerificationException e) { + e.printStackTrace(); + fail(); + } + + assertEquals("1234", jwt.getSubject()); + } + +}