feat: verify signing key test

wbcsd · Dec 5, 2023 · 7d51a76 · 7d51a76
1 parent 46697c5
commit 7d51a76
Showing 1 changed file with 18 additions and 22 deletions.
diff --git a/endpoint/src/main.rs b/endpoint/src/main.rs
@@ -16,24 +16,21 @@ mod error;
 mod openid_conf;
 mod sample_data;
 
-use std::cmp::min;
-use std::convert::TryInto;
-
 use auth::{generate_keys, UserToken};
 use chrono::{DateTime, Utc};
 use either::Either;
+use std::cmp::min;
 
 use jsonwebtoken::jwk::{
-    self, AlgorithmParameters, CommonParameters, Jwk, JwkSet, KeyAlgorithm, PublicKeyUse,
+    AlgorithmParameters, CommonParameters, Jwk, JwkSet, KeyAlgorithm, PublicKeyUse,
     RSAKeyParameters,
 };
 use lambda_web::{is_running_on_lambda, launch_rocket_on_lambda, LambdaError};
 use okapi::openapi3::{Object, Parameter, ParameterValue};
 use rocket::form::Form;
 use rocket::request::FromRequest;
-use rocket::{catch, serde};
 
-use rocket::serde::json::{self, Json};
+use rocket::serde::json::Json;
 use rocket::State;
 use rocket_okapi::rapidoc::{
     make_rapidoc, GeneralConfig, HideShowConfig, RapiDocConfig, Theme, UiConfig,
@@ -82,9 +79,9 @@ fn openid_configuration() -> Json<OpenIdConfiguration> {
 
 #[get("/2/jwks")]
 fn jwks(state: &State<KeyPair>) -> Json<JwkSet> {
-    println!("{:?}", state.pub_key);
     let pub_key: RsaPublicKey =
         pkcs8::DecodePublicKey::from_public_key_pem(&state.pub_key).unwrap();
+
     let jwks = JwkSet {
         keys: vec![Jwk {
             common: CommonParameters {
@@ -99,8 +96,8 @@ fn jwks(state: &State<KeyPair>) -> Json<JwkSet> {
             },
             algorithm: AlgorithmParameters::RSA(RSAKeyParameters {
                 key_type: jsonwebtoken::jwk::RSAKeyType::RSA,
-                n: pub_key.n().to_string(),
-                e: pub_key.e().to_string(),
+                n: base64::encode_config(pub_key.n().to_bytes_be(), base64::URL_SAFE_NO_PAD),
+                e: base64::encode_config(pub_key.e().to_bytes_be(), base64::URL_SAFE_NO_PAD),
             }),
         }],
     };
@@ -588,11 +585,10 @@ fn post_auth_action_test() {
 
 #[test]
 fn verify_token_signature_test() {
-    // use jsonwebtoken::decode;
+    use jsonwebtoken::decode;
     use jsonwebtoken::Algorithm;
     use jsonwebtoken::DecodingKey;
     use jsonwebtoken::Validation;
-    // use serde::{Deserialize, Serialize};
     use std::collections::HashSet;
 
     let client = &Client::tracked(create_server()).unwrap();
@@ -603,27 +599,27 @@ fn verify_token_signature_test() {
 
     let server_priv_key: String = client.rocket().state::<KeyPair>().unwrap().priv_key.clone();
 
-    let _jwt = auth::encode_token(&token, server_priv_key).ok().unwrap();
+    let jwt = auth::encode_token(&token, server_priv_key).ok().unwrap();
 
     let response = client.get("/2/jwks").dispatch();
 
     let jwks: JwkSet = response.into_json().unwrap();
 
     let jwk = jwks.keys.first().unwrap();
 
-    let _decoding_key = match DecodingKey::from_jwk(&jwk) {
-        Ok(_) => (),
-        Err(e) => println!("{e}"),
-    };
+    let decoding_key = DecodingKey::from_jwk(&jwk).unwrap();
 
     let mut v = Validation::new(Algorithm::RS256);
     v.validate_exp = false;
-    v.required_spec_claims = HashSet::new();
-
-    // match decode::<auth::UserToken>(&jwt, &decoding_key, &v) {
-    //     Ok(t) => todo!(),
-    //     Err(e) => todo!(),
-    // };
+    v.required_spec_claims = HashSet::from(["username".to_string()]);
+
+    assert_eq!(
+        token.username,
+        decode::<auth::UserToken>(&jwt, &decoding_key, &v)
+            .unwrap()
+            .claims
+            .username
+    );
 }
 
 #[test]