com.atlassian.asap.nimbus.parser

Class NimbusJwtParserTest

java.lang.Object

com.atlassian.asap.nimbus.parser.NimbusJwtParserTest

public class NimbusJwtParserTest
extends Object

Constructor Summary

Constructors

Constructor and Description
NimbusJwtParserTest()

Method Summary

Modifier and Type	Method and Description
void	shouldAcceptValidSignedToken()
void	shouldDetermineIssuerReturnEmptyIfNotAvailable()
void	shouldDetermineIssuerSucceedIfAvailable()
void	shouldParseMultipleAudiences()
void	shouldParseNotBeforeDateIfAvailable()
void	shouldParseNullPrivateClaimIfAvailable()
void	shouldParseStringPrivateClaimIfAvailable()
void	shouldParseSubjectIfAvailable()
void	shouldRejectTokenIfAlgorithmIsNone()
void	shouldRejectTokenIfAlgorithmUsesSymmetricCryptography() ASAP requires asymmetric cryptography, otherwise we cannot ensure that the client is the exclusive owner of the key used to sign the token.
void	shouldRequireAlgHeader()
void	shouldRequireAudClaim()
void	shouldRequireExpClaim()
void	shouldRequireIatClaim()
void	shouldRequireIssClaim()
void	shouldRequireJtiClaim()
void	shouldRequireKidHeader()

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

NimbusJwtParserTest

public NimbusJwtParserTest()

Method Detail

shouldAcceptValidSignedToken

public void shouldAcceptValidSignedToken()
                                  throws Exception

Throws:

Exception

shouldParseStringPrivateClaimIfAvailable

public void shouldParseStringPrivateClaimIfAvailable()
                                              throws Exception

Throws:

Exception

shouldParseNullPrivateClaimIfAvailable

public void shouldParseNullPrivateClaimIfAvailable()
                                            throws Exception

Throws:

Exception

shouldParseSubjectIfAvailable

public void shouldParseSubjectIfAvailable()
                                   throws Exception

Throws:

Exception

shouldParseNotBeforeDateIfAvailable

public void shouldParseNotBeforeDateIfAvailable()
                                         throws Exception

Throws:

Exception

shouldParseMultipleAudiences

public void shouldParseMultipleAudiences()
                                  throws Exception

Throws:

Exception

shouldRequireKidHeader

public void shouldRequireKidHeader()
                            throws Exception

Throws:

Exception

shouldRequireAlgHeader

public void shouldRequireAlgHeader()
                            throws Exception

Throws:

Exception

shouldRequireIssClaim

public void shouldRequireIssClaim()
                           throws Exception

Throws:

Exception

shouldRequireAudClaim

public void shouldRequireAudClaim()
                           throws Exception

Throws:

Exception

shouldRequireJtiClaim

public void shouldRequireJtiClaim()
                           throws Exception

Throws:

Exception

shouldRequireIatClaim

public void shouldRequireIatClaim()
                           throws Exception

Throws:

Exception

shouldRequireExpClaim

public void shouldRequireExpClaim()
                           throws Exception

Throws:

Exception

shouldRejectTokenIfAlgorithmIsNone

public void shouldRejectTokenIfAlgorithmIsNone()
                                        throws Exception

Throws:

Exception

shouldDetermineIssuerSucceedIfAvailable

public void shouldDetermineIssuerSucceedIfAvailable()

shouldDetermineIssuerReturnEmptyIfNotAvailable

public void shouldDetermineIssuerReturnEmptyIfNotAvailable()

shouldRejectTokenIfAlgorithmUsesSymmetricCryptography

public void shouldRejectTokenIfAlgorithmUsesSymmetricCryptography()
                                                           throws Exception

ASAP requires asymmetric cryptography, otherwise we cannot ensure that the client is the exclusive owner of the key used to sign the token. Therefore HMAC algorithms must be rejected. This is in contradiction to JWA, sect 3.1, which specifies that HS256 is a "required" algorithm for implementations.

Throws:

Exception