Skip to content

Commit

Permalink
Add simple tests to verify that EdDSA can be set as signature algorithm
Browse files Browse the repository at this point in the history
  • Loading branch information
@0rzech
0rzech committed Jun 1, 2024
1 parent 8a4ced7 commit c4b6656
Showing 1 changed file with 77 additions and 0 deletions.
77 changes: 77 additions & 0 deletions implementation/jwt-build/src/test/java/io/smallrye/jwt/build/JwtSignTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -67,6 +67,7 @@
import org.jose4j.jwt.consumer.InvalidJwtSignatureException;
import org.jose4j.jwt.consumer.JwtConsumer;
import org.jose4j.jwt.consumer.JwtConsumerBuilder;
import org.jose4j.jwx.HeaderParameterNames;
import org.jose4j.jwx.JsonWebStructure;
import org.jose4j.keys.EdDsaKeyUtil;
import org.jose4j.keys.EllipticCurves;
Expand Down Expand Up @@ -916,6 +917,82 @@ void signClaimsEcKeyFileWithConfiguredAlgorithm() throws Exception {
assertEquals("custom-value", claims.getClaimValue("customClaim"));
}

@Test
void signClaimsWithConfiguredEddsaAlgorithm() throws Exception {
var alg = "EdDSA";
var configSource = getConfigSource();
configSource.setSignatureAlgorithm(alg);
configSource.setSigningKeyLocation("/edEcPrivateKey.jwk");

try {
var jwt = Jwt.claim("customClaim", "custom-value").sign();

var keyContent = KeyUtils.readKeyContent("/edEcPublicKey.jwk");
var jws = getVerifiedJws(jwt, PublicJsonWebKey.Factory.newPublicJwk(keyContent).getPublicKey());
var claims = JwtClaims.parse(jws.getPayload());

assertEquals(4, claims.getClaimsMap().size());
var headers = getJwsHeaders(jwt, 2);
checkDefaultClaimsAndHeaders(headers, claims, "EdDSA", 300);
assertEquals("custom-value", claims.getClaimValue("customClaim"));
} finally {
configSource.setSignatureAlgorithm(null);
configSource.setSigningKeyLocation("/privateKey.pem");
}
}

@Test
void signClaimsWithEddsaFromHeader() throws Exception {
var alg = "EdDSA";
var configSource = getConfigSource();
configSource.setSigningKeyLocation("/edEcPrivateKey.jwk");

try {
var jwt = Jwt.claims()
.issuer("https://issuer.com")
.jws()
.header(HeaderParameterNames.ALGORITHM, alg)
.header("customHeader", "custom-header-value")
.sign();

var keyContent = KeyUtils.readKeyContent("/edEcPublicKey.jwk");
var jws = getVerifiedJws(jwt, PublicJsonWebKey.Factory.newPublicJwk(keyContent).getPublicKey());
var claims = JwtClaims.parse(jws.getPayload());

assertEquals(4, claims.getClaimsMap().size());
assertEquals("https://issuer.com", claims.getIssuer());
assertEquals("custom-header-value", jws.getHeader("customHeader"));
} finally {
configSource.setSigningKeyLocation("/privateKey.pem");
}
}

@Test
void signClaimsWithEddsaFromAlgorithm() throws Exception {
var alg = SignatureAlgorithm.EDDSA;
var configSource = getConfigSource();
configSource.setSigningKeyLocation("/edEcPrivateKey.jwk");

try {
var jwt = Jwt.claims()
.issuer("https://issuer.com")
.jws()
.algorithm(alg)
.header("customHeader", "custom-header-value")
.sign();

var keyContent = KeyUtils.readKeyContent("/edEcPublicKey.jwk");
var jws = getVerifiedJws(jwt, PublicJsonWebKey.Factory.newPublicJwk(keyContent).getPublicKey());
var claims = JwtClaims.parse(jws.getPayload());

assertEquals(4, claims.getClaimsMap().size());
assertEquals("https://issuer.com", claims.getIssuer());
assertEquals("custom-header-value", jws.getHeader("customHeader"));
} finally {
configSource.setSigningKeyLocation("/privateKey.pem");
}
}

private static SecretKey createSecretKey() throws Exception {
String jwkJson = "{\"kty\":\"oct\",\"k\":\"Fdh9u8rINxfivbrianbbVT1u232VQBZYKx1HGAGPt2I\"}";
JsonWebKey jwk = JsonWebKey.Factory.newJwk(jwkJson);
Expand Down

0 comments on commit c4b6656

Please sign in to comment.