OXIESEC PANEL
- Current Dir:
/
/
var
/
www
/
firebase
/
vendor
/
lcobucci
/
jwt
/
test
/
functional
Server IP: 139.59.38.164
Upload:
Create Dir:
Name
Size
Modified
Perms
📁
..
-
08/12/2024 10:34:18 AM
rwxr-xr-x
📄
ES512TokenTest.php
6.42 KB
08/12/2024 10:34:18 AM
rw-r--r--
📄
EcdsaTokenTest.php
8.64 KB
08/12/2024 10:34:18 AM
rw-r--r--
📄
HmacTokenTest.php
6.12 KB
08/12/2024 10:34:18 AM
rw-r--r--
📄
MaliciousTamperingPreventionTest.php
4.41 KB
08/12/2024 10:34:18 AM
rw-r--r--
📄
RFC6978VectorTest.php
5.26 KB
08/12/2024 10:34:18 AM
rw-r--r--
📄
RsaTokenTest.php
7.2 KB
08/12/2024 10:34:18 AM
rw-r--r--
📄
TimeFractionPrecisionTest.php
3.67 KB
08/12/2024 10:34:18 AM
rw-r--r--
📄
UnsignedTokenTest.php
5.44 KB
08/12/2024 10:34:18 AM
rw-r--r--
Editing: RsaTokenTest.php
Close
<?php declare(strict_types=1); namespace Lcobucci\JWT\FunctionalTests; use Lcobucci\JWT\Configuration; use Lcobucci\JWT\Keys; use Lcobucci\JWT\Signer\InvalidKeyProvided; use Lcobucci\JWT\Signer\Key\InMemory; use Lcobucci\JWT\Signer\Rsa\Sha256; use Lcobucci\JWT\Signer\Rsa\Sha512; use Lcobucci\JWT\Token; use Lcobucci\JWT\Validation\Constraint\SignedWith; use Lcobucci\JWT\Validation\RequiredConstraintsViolated; use PHPUnit\Framework\TestCase; use function assert; /** * @covers \Lcobucci\JWT\Configuration * @covers \Lcobucci\JWT\Encoding\JoseEncoder * @covers \Lcobucci\JWT\Encoding\ChainedFormatter * @covers \Lcobucci\JWT\Encoding\MicrosecondBasedDateConversion * @covers \Lcobucci\JWT\Encoding\UnifyAudience * @covers \Lcobucci\JWT\Token\Builder * @covers \Lcobucci\JWT\Token\Parser * @covers \Lcobucci\JWT\Token\Plain * @covers \Lcobucci\JWT\Token\DataSet * @covers \Lcobucci\JWT\Token\Signature * @covers \Lcobucci\JWT\Signer\InvalidKeyProvided * @covers \Lcobucci\JWT\Signer\OpenSSL * @covers \Lcobucci\JWT\Signer\Key\LocalFileReference * @covers \Lcobucci\JWT\Signer\Key\InMemory * @covers \Lcobucci\JWT\Signer\Rsa * @covers \Lcobucci\JWT\Signer\Rsa\Sha256 * @covers \Lcobucci\JWT\Signer\Rsa\Sha512 * @covers \Lcobucci\JWT\Validation\Validator * @covers \Lcobucci\JWT\Validation\RequiredConstraintsViolated * @covers \Lcobucci\JWT\Validation\Constraint\SignedWith */ class RsaTokenTest extends TestCase { use Keys; private Configuration $config; /** @before */ public function createConfiguration(): void { $this->config = Configuration::forAsymmetricSigner( new Sha256(), static::$rsaKeys['private'], static::$rsaKeys['public'] ); } /** @test */ public function builderShouldRaiseExceptionWhenKeyIsInvalid(): void { $builder = $this->config->builder(); $this->expectException(InvalidKeyProvided::class); $this->expectExceptionMessage('It was not possible to parse your key'); $builder->identifiedBy('1') ->permittedFor('http://client.abc.com') ->issuedBy('http://api.abc.com') ->withClaim('user', ['name' => 'testing', 'email' => 'testing@abc.com']) ->getToken($this->config->signer(), InMemory::plainText('testing')); } /** @test */ public function builderShouldRaiseExceptionWhenKeyIsNotRsaCompatible(): void { $builder = $this->config->builder(); $this->expectException(InvalidKeyProvided::class); $this->expectExceptionMessage('This key is not compatible with this signer'); $builder->identifiedBy('1') ->permittedFor('http://client.abc.com') ->issuedBy('http://api.abc.com') ->withClaim('user', ['name' => 'testing', 'email' => 'testing@abc.com']) ->getToken($this->config->signer(), static::$ecdsaKeys['private']); } /** @test */ public function builderCanGenerateAToken(): Token { $user = ['name' => 'testing', 'email' => 'testing@abc.com']; $builder = $this->config->builder(); $token = $builder->identifiedBy('1') ->permittedFor('http://client.abc.com') ->issuedBy('http://api.abc.com') ->withClaim('user', $user) ->withHeader('jki', '1234') ->getToken($this->config->signer(), $this->config->signingKey()); self::assertEquals('1234', $token->headers()->get('jki')); self::assertEquals(['http://client.abc.com'], $token->claims()->get(Token\RegisteredClaims::AUDIENCE)); self::assertEquals('http://api.abc.com', $token->claims()->get(Token\RegisteredClaims::ISSUER)); self::assertEquals($user, $token->claims()->get('user')); return $token; } /** * @test * @depends builderCanGenerateAToken */ public function parserCanReadAToken(Token $generated): void { $read = $this->config->parser()->parse($generated->toString()); assert($read instanceof Token\Plain); self::assertEquals($generated, $read); self::assertEquals('testing', $read->claims()->get('user')['name']); } /** * @test * @depends builderCanGenerateAToken */ public function signatureAssertionShouldRaiseExceptionWhenKeyIsNotRight(Token $token): void { $this->expectException(RequiredConstraintsViolated::class); $this->expectExceptionMessage('The token violates some mandatory constraints'); $this->config->validator()->assert( $token, new SignedWith($this->config->signer(), self::$rsaKeys['encrypted-public']) ); } /** * @test * @depends builderCanGenerateAToken */ public function signatureAssertionShouldRaiseExceptionWhenAlgorithmIsDifferent(Token $token): void { $this->expectException(RequiredConstraintsViolated::class); $this->expectExceptionMessage('The token violates some mandatory constraints'); $this->config->validator()->assert( $token, new SignedWith(new Sha512(), $this->config->verificationKey()) ); } /** * @test * @depends builderCanGenerateAToken */ public function signatureAssertionShouldRaiseExceptionWhenKeyIsNotRsaCompatible(Token $token): void { $this->expectException(InvalidKeyProvided::class); $this->expectExceptionMessage('This key is not compatible with this signer'); $this->config->validator()->assert( $token, new SignedWith( $this->config->signer(), self::$ecdsaKeys['public1'] ) ); } /** * @test * @depends builderCanGenerateAToken */ public function signatureValidationShouldSucceedWhenKeyIsRight(Token $token): void { $constraint = new SignedWith($this->config->signer(), $this->config->verificationKey()); self::assertTrue($this->config->validator()->validate($token, $constraint)); } /** @test */ public function everythingShouldWorkWhenUsingATokenGeneratedByOtherLibs(): void { $data = 'eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXUyJ9.eyJoZWxsbyI6IndvcmxkIn0.s' . 'GYbB1KrmnESNfJ4D9hOe1Zad_BMyxdb8G4p4LNP7StYlOyBWck6q7XPpPj_6gB' . 'Bo1ohD3MA2o0HY42lNIrAStaVhfsFKGdIou8TarwMGZBPcif_3ThUV1pGS3fZc' . 'lFwF2SP7rqCngQis_xcUVCyqa8E1Wa_v28grnl1QZrnmQFO8B5JGGLqcrfUHJO' . 'nJCupP-Lqh4TmIhftIimSCgLNmJg80wyrpUEfZYReE7hPuEmY0ClTqAGIMQoNS' . '98ljwDxwhfbSuL2tAdbV4DekbTpWzspe3dOJ7RSzmPKVZ6NoezaIazKqyqkmHZfcMaHI1lQeGia6LTbHU1bp0gINi74Vw'; $token = $this->config->parser()->parse($data); assert($token instanceof Token\Plain); $constraint = new SignedWith($this->config->signer(), $this->config->verificationKey()); self::assertTrue($this->config->validator()->validate($token, $constraint)); self::assertEquals('world', $token->claims()->get('hello')); } }