View Javadoc

1   package com.atlassian.asap.service.core.impl;
2   
3   import com.atlassian.asap.api.Jwt;
4   import com.atlassian.asap.api.JwtBuilder;
5   import com.atlassian.asap.core.keys.KeyProvider;
6   import com.atlassian.asap.core.parser.JwtParser;
7   import com.atlassian.asap.core.validator.JwtClaimsValidator;
8   import com.atlassian.asap.core.validator.JwtValidator;
9   import com.atlassian.asap.service.api.ValidationResult;
10  import com.atlassian.asap.service.core.spi.AsapConfiguration;
11  import com.google.common.base.MoreObjects;
12  import com.google.common.collect.ImmutableSet;
13  import org.hamcrest.Description;
14  import org.hamcrest.Matcher;
15  import org.hamcrest.TypeSafeMatcher;
16  import org.junit.Before;
17  import org.mockito.Mock;
18  
19  import java.security.PublicKey;
20  import java.time.Clock;
21  import java.util.Optional;
22  import java.util.Set;
23  
24  import static java.util.Optional.empty;
25  import static org.hamcrest.Matchers.is;
26  import static org.junit.Assert.assertThat;
27  import static org.mockito.Mockito.when;
28  
29  @SuppressWarnings({"NullableProblems", "checkstyle:VisibilityModifier"})
30  abstract class AbstractTokenValidatorImplTest {
31      static final String ISSUER = "harry";
32      static final String ISSUER2 = "harry2";
33      static final String AUDIENCE1 = "hogwarts";
34      static final String TOKEN = "token";
35      static final Optional<String> HEADER = Optional.of("Bearer token");
36  
37      private static final String KEY_ID = "harry/fawkes";
38  
39      @Mock
40      AsapConfiguration config;
41      @Mock
42      KeyProvider<PublicKey> publicKeyProvider;
43      @Mock
44      JwtParser jwtParser;
45      @Mock
46      JwtValidator jwtValidator;
47  
48      JwtBuilder jwtBuilder = JwtBuilder.newJwt()
49              .issuer(ISSUER)
50              .keyId(KEY_ID)
51              .audience(AUDIENCE1);
52      Set<String> expectedAllowedAudiences = ImmutableSet.of(AUDIENCE1);
53      TokenValidatorImpl tokenValidator;
54  
55      private JwtClaimsValidator jwtClaimsValidator;
56  
57      @Before
58      public void setUp() {
59          when(config.audience()).thenReturn(AUDIENCE1);
60          when(jwtParser.determineUnverifiedIssuer(TOKEN)).thenReturn(Optional.of(ISSUER));
61  
62          this.jwtClaimsValidator = new JwtClaimsValidator(Clock.systemUTC());
63          this.tokenValidator = new TokenValidatorFixture();
64      }
65  
66      static Matcher<ValidationResult> result(ValidationResult.Decision decision) {
67          return new ValidationResultMatcher(decision, empty(), empty());
68      }
69  
70      static Matcher<ValidationResult> result(ValidationResult.Decision decision, Jwt jwt) {
71          return new ValidationResultMatcher(decision, Optional.of(jwt), empty());
72      }
73  
74      static Matcher<ValidationResult> result(ValidationResult.Decision decision, String untrustedIssuer) {
75          return new ValidationResultMatcher(decision, empty(), Optional.of(untrustedIssuer));
76      }
77  
78      private static final class ValidationResultMatcher extends TypeSafeMatcher<ValidationResult> {
79          private final ValidationResult.Decision decision;
80          private final Optional<Jwt> token;
81          private final Optional<String> untrustedIssuer;
82  
83          private ValidationResultMatcher(ValidationResult.Decision decision, Optional<Jwt> token, Optional<String> untrustedIssuer) {
84              this.decision = decision;
85              this.token = token;
86              this.untrustedIssuer = untrustedIssuer;
87          }
88  
89          @Override
90          protected boolean matchesSafely(ValidationResult validationResult) {
91              return validationResult.decision().equals(decision)
92                      && validationResult.token().equals(token)
93                      && validationResult.untrustedIssuer().equals(untrustedIssuer);
94          }
95  
96          @Override
97          public void describeTo(Description description) {
98              description.appendText(MoreObjects.toStringHelper(ValidationResultImpl.class)
99                      .add("decision", decision)
100                     .add("token", token)
101                     .add("untrustedIssuer", untrustedIssuer)
102                     .toString());
103         }
104     }
105 
106     private class TokenValidatorFixture extends TokenValidatorImpl {
107         TokenValidatorFixture() {
108             super(AbstractTokenValidatorImplTest.this.config, publicKeyProvider, jwtClaimsValidator, jwtParser);
109         }
110 
111         @Override
112         protected JwtValidator createJwtValidator(KeyProvider<PublicKey> publicKeyProvider,
113                                                   JwtParser jwtParser,
114                                                   JwtClaimsValidator jwtClaimsValidator,
115                                                   Set<String> allowedAudiences) {
116             assertThat(allowedAudiences, is(expectedAllowedAudiences));
117             return jwtValidator;
118         }
119     }
120 }