Mercurial Mercurial > prosody > prosody / annotate
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
spec/util_jwt_spec.lua
author Matthew Wild <mwild1@gmail.com>
Fri, 01 Jul 2022 18:51:15 +0100
changeset 12700 27a72982e331
parent 10665 4eee1aaa9405
child 12703 b3d0c1457584
permissions -rw-r--r--
util.jwt: Add support/tests for ES256 via improved API and using util.crypto In many cases code will be either signing or verifying. With asymmetric algorithms it's clearer and more efficient to just state that once, instead of passing keys (and possibly other parameters) with every sign/verify call. This also allows earlier validation of the key used. The previous (HS256-only) sign/verify methods continue to be exposed for backwards-compatibility.
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
10664
c4ded3be7cc0 util.jwt: Basic JSON Web Token library supporting HS256 tokens
Kim Alvefur <zash@zash.se>
parents:
diff changeset 
     1
 
local jwt = require "util.jwt";
c4ded3be7cc0 util.jwt: Basic JSON Web Token library supporting HS256 tokens
Kim Alvefur <zash@zash.se>
parents:
diff changeset 
     2
 












c4ded3be7cc0
util.jwt: Basic JSON Web Token library supporting HS256 tokens



Kim Alvefur <zash@zash.se>


parents: 

diff
changeset




     3


describe("util.jwt", function ()












c4ded3be7cc0
util.jwt: Basic JSON Web Token library supporting HS256 tokens



Kim Alvefur <zash@zash.se>


parents: 

diff
changeset




     4


	it("validates", function ()












c4ded3be7cc0
util.jwt: Basic JSON Web Token library supporting HS256 tokens



Kim Alvefur <zash@zash.se>


parents: 

diff
changeset




     5


		local key = "secret";












c4ded3be7cc0
util.jwt: Basic JSON Web Token library supporting HS256 tokens



Kim Alvefur <zash@zash.se>


parents: 

diff
changeset




     6


		local token = jwt.sign(key, { payload = "this" });












c4ded3be7cc0
util.jwt: Basic JSON Web Token library supporting HS256 tokens



Kim Alvefur <zash@zash.se>


parents: 

diff
changeset




     7


		assert.string(token);












c4ded3be7cc0
util.jwt: Basic JSON Web Token library supporting HS256 tokens



Kim Alvefur <zash@zash.se>


parents: 

diff
changeset




     8


		local ok, parsed = jwt.verify(key, token);












c4ded3be7cc0
util.jwt: Basic JSON Web Token library supporting HS256 tokens



Kim Alvefur <zash@zash.se>


parents: 

diff
changeset




     9


		assert.truthy(ok)












c4ded3be7cc0
util.jwt: Basic JSON Web Token library supporting HS256 tokens



Kim Alvefur <zash@zash.se>


parents: 

diff
changeset




    10


		assert.same({ payload = "this" }, parsed);












c4ded3be7cc0
util.jwt: Basic JSON Web Token library supporting HS256 tokens



Kim Alvefur <zash@zash.se>


parents: 

diff
changeset




    11


	end);












c4ded3be7cc0
util.jwt: Basic JSON Web Token library supporting HS256 tokens



Kim Alvefur <zash@zash.se>


parents: 

diff
changeset




    12


	it("rejects invalid", function ()












c4ded3be7cc0
util.jwt: Basic JSON Web Token library supporting HS256 tokens



Kim Alvefur <zash@zash.se>


parents: 

diff
changeset




    13


		local key = "secret";












c4ded3be7cc0
util.jwt: Basic JSON Web Token library supporting HS256 tokens



Kim Alvefur <zash@zash.se>


parents: 

diff
changeset




    14


		local token = jwt.sign("wrong", { payload = "this" });












c4ded3be7cc0
util.jwt: Basic JSON Web Token library supporting HS256 tokens



Kim Alvefur <zash@zash.se>


parents: 

diff
changeset




    15


		assert.string(token);







10665






4eee1aaa9405
util.jwt: Remove unused return value from tests [luacheck]



Kim Alvefur <zash@zash.se>


parents: 
10664

diff
changeset




    16


		local ok = jwt.verify(key, token);







10664






c4ded3be7cc0
util.jwt: Basic JSON Web Token library supporting HS256 tokens



Kim Alvefur <zash@zash.se>


parents: 

diff
changeset




    17


		assert.falsy(ok)












c4ded3be7cc0
util.jwt: Basic JSON Web Token library supporting HS256 tokens



Kim Alvefur <zash@zash.se>


parents: 

diff
changeset




    18


	end);







12700






27a72982e331
util.jwt: Add support/tests for ES256 via improved API and using util.crypto



Matthew Wild <mwild1@gmail.com>


parents: 
10665

diff
changeset




    19














27a72982e331
util.jwt: Add support/tests for ES256 via improved API and using util.crypto



Matthew Wild <mwild1@gmail.com>


parents: 
10665

diff
changeset




    20


	it("validates ES256", function ()












27a72982e331
util.jwt: Add support/tests for ES256 via improved API and using util.crypto



Matthew Wild <mwild1@gmail.com>


parents: 
10665

diff
changeset




    21


		local private_key = [[












27a72982e331
util.jwt: Add support/tests for ES256 via improved API and using util.crypto



Matthew Wild <mwild1@gmail.com>


parents: 
10665

diff
changeset




    22


-----BEGIN PRIVATE KEY-----












27a72982e331
util.jwt: Add support/tests for ES256 via improved API and using util.crypto



Matthew Wild <mwild1@gmail.com>


parents: 
10665

diff
changeset




    23


MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgevZzL1gdAFr88hb2












27a72982e331
util.jwt: Add support/tests for ES256 via improved API and using util.crypto



Matthew Wild <mwild1@gmail.com>


parents: 
10665

diff
changeset




    24


OF/2NxApJCzGCEDdfSp6VQO30hyhRANCAAQRWz+jn65BtOMvdyHKcvjBeBSDZH2r












27a72982e331
util.jwt: Add support/tests for ES256 via improved API and using util.crypto



Matthew Wild <mwild1@gmail.com>


parents: 
10665

diff
changeset




    25


1RTwjmYSi9R/zpBnuQ4EiMnCqfMPWiZqB4QdbAd0E7oH50VpuZ1P087G












27a72982e331
util.jwt: Add support/tests for ES256 via improved API and using util.crypto



Matthew Wild <mwild1@gmail.com>


parents: 
10665

diff
changeset




    26


-----END PRIVATE KEY-----












27a72982e331
util.jwt: Add support/tests for ES256 via improved API and using util.crypto



Matthew Wild <mwild1@gmail.com>


parents: 
10665

diff
changeset




    27


]];












27a72982e331
util.jwt: Add support/tests for ES256 via improved API and using util.crypto



Matthew Wild <mwild1@gmail.com>


parents: 
10665

diff
changeset




    28














27a72982e331
util.jwt: Add support/tests for ES256 via improved API and using util.crypto



Matthew Wild <mwild1@gmail.com>


parents: 
10665

diff
changeset




    29


		local sign = jwt.new_signer("ES256", private_key);












27a72982e331
util.jwt: Add support/tests for ES256 via improved API and using util.crypto



Matthew Wild <mwild1@gmail.com>


parents: 
10665

diff
changeset




    30














27a72982e331
util.jwt: Add support/tests for ES256 via improved API and using util.crypto



Matthew Wild <mwild1@gmail.com>


parents: 
10665

diff
changeset




    31


		local token = sign({












27a72982e331
util.jwt: Add support/tests for ES256 via improved API and using util.crypto



Matthew Wild <mwild1@gmail.com>


parents: 
10665

diff
changeset




    32


			sub = "1234567890";












27a72982e331
util.jwt: Add support/tests for ES256 via improved API and using util.crypto



Matthew Wild <mwild1@gmail.com>


parents: 
10665

diff
changeset




    33


			name = "John Doe";












27a72982e331
util.jwt: Add support/tests for ES256 via improved API and using util.crypto



Matthew Wild <mwild1@gmail.com>


parents: 
10665

diff
changeset




    34


			admin = true;












27a72982e331
util.jwt: Add support/tests for ES256 via improved API and using util.crypto



Matthew Wild <mwild1@gmail.com>


parents: 
10665

diff
changeset




    35


			iat = 1516239022;












27a72982e331
util.jwt: Add support/tests for ES256 via improved API and using util.crypto



Matthew Wild <mwild1@gmail.com>


parents: 
10665

diff
changeset




    36


		});












27a72982e331
util.jwt: Add support/tests for ES256 via improved API and using util.crypto



Matthew Wild <mwild1@gmail.com>


parents: 
10665

diff
changeset




    37














27a72982e331
util.jwt: Add support/tests for ES256 via improved API and using util.crypto



Matthew Wild <mwild1@gmail.com>


parents: 
10665

diff
changeset




    38


		local public_key = [[












27a72982e331
util.jwt: Add support/tests for ES256 via improved API and using util.crypto



Matthew Wild <mwild1@gmail.com>


parents: 
10665

diff
changeset




    39


-----BEGIN PUBLIC KEY-----












27a72982e331
util.jwt: Add support/tests for ES256 via improved API and using util.crypto



Matthew Wild <mwild1@gmail.com>


parents: 
10665

diff
changeset




    40


MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEEVs/o5+uQbTjL3chynL4wXgUg2R9












27a72982e331
util.jwt: Add support/tests for ES256 via improved API and using util.crypto



Matthew Wild <mwild1@gmail.com>


parents: 
10665

diff
changeset




    41


q9UU8I5mEovUf86QZ7kOBIjJwqnzD1omageEHWwHdBO6B+dFabmdT9POxg==












27a72982e331
util.jwt: Add support/tests for ES256 via improved API and using util.crypto



Matthew Wild <mwild1@gmail.com>


parents: 
10665

diff
changeset




    42


-----END PUBLIC KEY-----












27a72982e331
util.jwt: Add support/tests for ES256 via improved API and using util.crypto



Matthew Wild <mwild1@gmail.com>


parents: 
10665

diff
changeset




    43


]];












27a72982e331
util.jwt: Add support/tests for ES256 via improved API and using util.crypto



Matthew Wild <mwild1@gmail.com>


parents: 
10665

diff
changeset




    44


		local verify = jwt.new_verifier("ES256", public_key);












27a72982e331
util.jwt: Add support/tests for ES256 via improved API and using util.crypto



Matthew Wild <mwild1@gmail.com>


parents: 
10665

diff
changeset




    45














27a72982e331
util.jwt: Add support/tests for ES256 via improved API and using util.crypto



Matthew Wild <mwild1@gmail.com>


parents: 
10665

diff
changeset




    46


		local result = {verify(token)};












27a72982e331
util.jwt: Add support/tests for ES256 via improved API and using util.crypto



Matthew Wild <mwild1@gmail.com>


parents: 
10665

diff
changeset




    47


		assert.same({












27a72982e331
util.jwt: Add support/tests for ES256 via improved API and using util.crypto



Matthew Wild <mwild1@gmail.com>


parents: 
10665

diff
changeset




    48


			true; -- success












27a72982e331
util.jwt: Add support/tests for ES256 via improved API and using util.crypto



Matthew Wild <mwild1@gmail.com>


parents: 
10665

diff
changeset




    49


			{     -- payload












27a72982e331
util.jwt: Add support/tests for ES256 via improved API and using util.crypto



Matthew Wild <mwild1@gmail.com>


parents: 
10665

diff
changeset




    50


				sub = "1234567890";












27a72982e331
util.jwt: Add support/tests for ES256 via improved API and using util.crypto



Matthew Wild <mwild1@gmail.com>


parents: 
10665

diff
changeset




    51


				name = "John Doe";












27a72982e331
util.jwt: Add support/tests for ES256 via improved API and using util.crypto



Matthew Wild <mwild1@gmail.com>


parents: 
10665

diff
changeset




    52


				admin = true;












27a72982e331
util.jwt: Add support/tests for ES256 via improved API and using util.crypto



Matthew Wild <mwild1@gmail.com>


parents: 
10665

diff
changeset




    53


				iat = 1516239022;












27a72982e331
util.jwt: Add support/tests for ES256 via improved API and using util.crypto



Matthew Wild <mwild1@gmail.com>


parents: 
10665

diff
changeset




    54


			};












27a72982e331
util.jwt: Add support/tests for ES256 via improved API and using util.crypto



Matthew Wild <mwild1@gmail.com>


parents: 
10665

diff
changeset




    55


		}, result);












27a72982e331
util.jwt: Add support/tests for ES256 via improved API and using util.crypto



Matthew Wild <mwild1@gmail.com>


parents: 
10665

diff
changeset




    56














27a72982e331
util.jwt: Add support/tests for ES256 via improved API and using util.crypto



Matthew Wild <mwild1@gmail.com>


parents: 
10665

diff
changeset




    57


		local result = {verify[[eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWUsImlhdCI6MTUxNjIzOTAyMn0.tyh-VfuzIxCyGYDlkBA7DfyjrqmSHu6pQ2hoZuFqUSLPNY2N0mpHb3nk5K17HWP_3cYHBw7AhHale5wky6-sVA]]};












27a72982e331
util.jwt: Add support/tests for ES256 via improved API and using util.crypto



Matthew Wild <mwild1@gmail.com>


parents: 
10665

diff
changeset




    58


		assert.same({












27a72982e331
util.jwt: Add support/tests for ES256 via improved API and using util.crypto



Matthew Wild <mwild1@gmail.com>


parents: 
10665

diff
changeset




    59


			true; -- success












27a72982e331
util.jwt: Add support/tests for ES256 via improved API and using util.crypto



Matthew Wild <mwild1@gmail.com>


parents: 
10665

diff
changeset




    60


			{     -- payload












27a72982e331
util.jwt: Add support/tests for ES256 via improved API and using util.crypto



Matthew Wild <mwild1@gmail.com>


parents: 
10665

diff
changeset




    61


				sub = "1234567890";












27a72982e331
util.jwt: Add support/tests for ES256 via improved API and using util.crypto



Matthew Wild <mwild1@gmail.com>


parents: 
10665

diff
changeset




    62


				name = "John Doe";












27a72982e331
util.jwt: Add support/tests for ES256 via improved API and using util.crypto



Matthew Wild <mwild1@gmail.com>


parents: 
10665

diff
changeset




    63


				admin = true;












27a72982e331
util.jwt: Add support/tests for ES256 via improved API and using util.crypto



Matthew Wild <mwild1@gmail.com>


parents: 
10665

diff
changeset




    64


				iat = 1516239022;












27a72982e331
util.jwt: Add support/tests for ES256 via improved API and using util.crypto



Matthew Wild <mwild1@gmail.com>


parents: 
10665

diff
changeset




    65


			};












27a72982e331
util.jwt: Add support/tests for ES256 via improved API and using util.crypto



Matthew Wild <mwild1@gmail.com>


parents: 
10665

diff
changeset




    66


		}, result);












27a72982e331
util.jwt: Add support/tests for ES256 via improved API and using util.crypto



Matthew Wild <mwild1@gmail.com>


parents: 
10665

diff
changeset




    67


	end);












27a72982e331
util.jwt: Add support/tests for ES256 via improved API and using util.crypto



Matthew Wild <mwild1@gmail.com>


parents: 
10665

diff
changeset




    68









10664






c4ded3be7cc0
util.jwt: Basic JSON Web Token library supporting HS256 tokens



Kim Alvefur <zash@zash.se>


parents: 

diff
changeset




    69


end);












c4ded3be7cc0
util.jwt: Basic JSON Web Token library supporting HS256 tokens



Kim Alvefur <zash@zash.se>


parents: 

diff
changeset




    70
















prosody