| 81 | } |
| 82 | |
| 83 | func TestClaims_Sign(t *testing.T) { |
| 84 | type fields struct { |
| 85 | Claims jose.Claims |
| 86 | ExtraClaims map[string]interface{} |
| 87 | ExtraHeaders map[string]interface{} |
| 88 | } |
| 89 | type args struct { |
| 90 | alg jose.SignatureAlgorithm |
| 91 | key interface{} |
| 92 | } |
| 93 | |
| 94 | rsaKey, err := pemutil.Read("testdata/openssl.rsa2048.pem") |
| 95 | if err != nil { |
| 96 | t.Fatal(err) |
| 97 | } |
| 98 | |
| 99 | badKey, err := rsa.GenerateKey(rand.Reader, 1024) |
| 100 | if err != nil { |
| 101 | t.Fatal(err) |
| 102 | } |
| 103 | badKey.N = big.NewInt(10) // render key useless for signing |
| 104 | |
| 105 | tests := []struct { |
| 106 | name string |
| 107 | fields fields |
| 108 | args args |
| 109 | want string |
| 110 | wantErr bool |
| 111 | }{ |
| 112 | {"ok", fields{jose.Claims{}, nil, nil}, args{"RS256", rsaKey}, "eyJhbGciOiJSUzI1NiIsImtpZCI6IkoyUThZSzJsM2wyZmgwYURYLUxHLWlxTmlneVkwZHhUNHM2TkgtOFFmVTAiLCJ0eXAiOiJKV1QifQ.e30.0FbvZdz3qUv-k9AmGerLh5c1LbT6XRBUwFKe7iU0GU7fZnDYAmVyTIkyxwhc6zD5K5rURfqnGXKYNOa4JVUQ7T6S0fZOVFYI3pBExDImi3it9JTXWwDpDle6GqESQfpyZMdIWBB16B6vf8S4K7ZlKmAD00F6f1SB-Vzd_bV_kgdjTkBaHl3DSGRJdn8UBbGrkmrxm7iBogLKXtYMxDQLzIqZF3mMzZiTWNVELpoLOO5cAPXpcdVQ24a2u66KU5WM5n-GxBBYW7JwEDmFi7AoXWCixDlPlBTOVr2BIta99U9e7QwiD3OvEAnjrqUHHtsaJ-kcSxLiRM49CfnJZm_cjg", false}, |
| 113 | {"ok one audience", fields{jose.Claims{Audience: jose.Audience{"value"}}, nil, nil}, args{"RS256", rsaKey}, "eyJhbGciOiJSUzI1NiIsImtpZCI6IkoyUThZSzJsM2wyZmgwYURYLUxHLWlxTmlneVkwZHhUNHM2TkgtOFFmVTAiLCJ0eXAiOiJKV1QifQ.eyJhdWQiOiJ2YWx1ZSJ9.o1OyBGmRNi0YEiaMNYnJrSgegbQePHc267Y-fDEyRKxa8LQzSL7eZekUuI1VsSGsBJxWUBu9WI9XHjCEHCrhQst9rNiYaEG4ooz0SCS7JSii4CedvhgI0PPfw5g1uTmkHQ-1qxM9cUfRFM0sCd3ULffb8qdvg8l6CEwYKS0nCZmIH8rt8I9Z24k6gs85budt0g0ZM9iwH-irmFwTsn6ZbVfKgggeEPNXEMvcjsofch3p9-n30kkicsyAZMo4oTD1Z8nnX4JlghGpt1kjRh79kNXO7KdQKHNcyus7Hk2Cpf304cMT5yuxezhUJDl4-gqPE8Im4OvLvMmUibjWHiVfQw", false}, |
| 114 | {"ok multiple audiences", fields{jose.Claims{Audience: jose.Audience{"foo", "bar"}}, nil, nil}, args{"RS256", rsaKey}, "eyJhbGciOiJSUzI1NiIsImtpZCI6IkoyUThZSzJsM2wyZmgwYURYLUxHLWlxTmlneVkwZHhUNHM2TkgtOFFmVTAiLCJ0eXAiOiJKV1QifQ.eyJhdWQiOlsiZm9vIiwiYmFyIl19.ykdEryzCfOi1GzpM9VrYw7tCGlzK3u_0sehk4Cx_o3TiDz82dbyMfPQMAr_2agVPeNvnkPIadZutyt5rFyj-Dn0W1svQpwG7PKqSJKLjSBBiBT1gbJuCQBAs7dzmsJVqcq9i4UmgIKH4EQsvFWoxA52PSD9TtvfhKtFYP23deJZ22ViqBrbYjaz1nQG0Lm_hX8RyOoEWem25n_mwPUtYuKHNy9rekwHanpyEUiehCpIzuZgMGcZ6_lln1BYlPMWkfyTz6K1uRMeZC3phWdSgW4JTvFp7xRGiC8L-pAboPoj7t8GArZgm2aGnF2OAtIw1eJ8GiaH3EBS7Adnw8CUb9w", false}, |
| 115 | {"ok with empty payload", fields{jose.Claims{}, map[string]interface{}{}, nil}, args{"RS256", rsaKey}, "eyJhbGciOiJSUzI1NiIsImtpZCI6IkoyUThZSzJsM2wyZmgwYURYLUxHLWlxTmlneVkwZHhUNHM2TkgtOFFmVTAiLCJ0eXAiOiJKV1QifQ.e30.0FbvZdz3qUv-k9AmGerLh5c1LbT6XRBUwFKe7iU0GU7fZnDYAmVyTIkyxwhc6zD5K5rURfqnGXKYNOa4JVUQ7T6S0fZOVFYI3pBExDImi3it9JTXWwDpDle6GqESQfpyZMdIWBB16B6vf8S4K7ZlKmAD00F6f1SB-Vzd_bV_kgdjTkBaHl3DSGRJdn8UBbGrkmrxm7iBogLKXtYMxDQLzIqZF3mMzZiTWNVELpoLOO5cAPXpcdVQ24a2u66KU5WM5n-GxBBYW7JwEDmFi7AoXWCixDlPlBTOVr2BIta99U9e7QwiD3OvEAnjrqUHHtsaJ-kcSxLiRM49CfnJZm_cjg", false}, |
| 116 | {"ok with payload", fields{jose.Claims{}, map[string]interface{}{"foo": "bar"}, nil}, args{"RS256", rsaKey}, "eyJhbGciOiJSUzI1NiIsImtpZCI6IkoyUThZSzJsM2wyZmgwYURYLUxHLWlxTmlneVkwZHhUNHM2TkgtOFFmVTAiLCJ0eXAiOiJKV1QifQ.eyJmb28iOiJiYXIifQ.KFHfeRbE3Xk-EaJee1WIyzNB4J3Ybwt56pnTkArU0a5F8cING1Z2bhrtYFrm8ejJOMwuYBxp3JzZQKvKND363hPuiT-Zz9fF_cYjOAk1lj2yEXHPhUkWKWb91uaCus6F4AgMsacjMWN26cw3fEDdGmitRii2sNUKcM6sf7rpUo2k1hME8PpevEpXtwIecAmxwvQWBaKMXc_stxMnvbTGO_BTbFtmdDwvrqbapHxzRXMJbZcDAyREi_qqLN-2ylBfs-mRtccghrdzuq3ckvFy_7ojBk9bWoxHbcOqL0tDwOu8AOjEMX2GE5zlfqltU_IXVm95xlVObkAsL6buqrdfog", false}, |
| 117 | {"ok with header", fields{jose.Claims{}, nil, map[string]interface{}{"foo": "bar"}}, args{"RS256", rsaKey}, "eyJhbGciOiJSUzI1NiIsImZvbyI6ImJhciIsImtpZCI6IkoyUThZSzJsM2wyZmgwYURYLUxHLWlxTmlneVkwZHhUNHM2TkgtOFFmVTAiLCJ0eXAiOiJKV1QifQ.e30.WpiGDkrqo-6D3JHJRDozHC_jV_ROzf0GYhiQCwSVMUKArMb7BWAoccDKym6vuPSUYxm6luV-3dr-HNG1lKp-g4weikZ04YUwfhmF02JU60GZDP2YG67BR3TWItaLLGWKfLAp8p_B0dSdDWQaevLLBpM765rpYG6OeBhh2qFQ3PdXRJtR4GRzf-D0HH82z7591g8Rb0DxawcB3W2KYqyWFUcRg7lYwXMIaA0sYGuH-Go0ho-6xmHF13tckv2E9b_lSwynwNy1JyEQyxYcPa7QD9xxM4_qKK2JkjIsamBGohXA4KO1sXdwbgvoqRSVYVF55WKErDHCsmfXHCZ8REvz5g", false}, |
| 118 | {"ok with kid", fields{jose.Claims{}, nil, map[string]interface{}{"kid": "my-custom-kid"}}, args{"RS256", rsaKey}, "eyJhbGciOiJSUzI1NiIsImtpZCI6Im15LWN1c3RvbS1raWQiLCJ0eXAiOiJKV1QifQ.e30.4BXXjh4OixA9RnO08DX_3d98enThNz4RHf2kuIbP46O-QOPHYAs9JTSZouK-64P2ErKUTKcfj7I4Qj0cV9QXUjT8jeqk7sy-MtSF8bBNUU8qHZs53PE_1HXatPqqVVQnm7iffQCIBo52OInOqlHTZW5ruV2TE1hiAkRGF9iU2LjeGtPy2lruDtyPAoCjTcox8bnYH3LjpfVQKlhMmEzCG7xrq_rytiY3aXsnoj4PAspJvZPgMYaIJGcnbEEzpdmPK0ikhYPHJSdbwzGCvPT2wc5xg-1yNgaK-n2f5AXLYhW6C4pLABOH10TrFbDo-Yjp4WfxeWaekmY04lxgFxhvGw", false}, |
| 119 | {"fail with unsupported key", fields{jose.Claims{}, nil, nil}, args{"HS256", []byte("the-key")}, "", true}, |
| 120 | {"fail with wrong alg", fields{jose.Claims{}, nil, nil}, args{"FOOBAR", rsaKey}, "", true}, |
| 121 | {"fail with invalid alg", fields{jose.Claims{}, nil, nil}, args{"HS256", rsaKey}, "", true}, |
| 122 | {"fail on sign", fields{jose.Claims{}, nil, nil}, args{"RS256", badKey}, "", true}, |
| 123 | } |
| 124 | for _, tt := range tests { |
| 125 | t.Run(tt.name, func(t *testing.T) { |
| 126 | c := &Claims{ |
| 127 | Claims: tt.fields.Claims, |
| 128 | ExtraClaims: tt.fields.ExtraClaims, |
| 129 | ExtraHeaders: tt.fields.ExtraHeaders, |
| 130 | } |
| 131 | got, err := c.Sign(tt.args.alg, tt.args.key) |
| 132 | if (err != nil) != tt.wantErr { |
| 133 | t.Errorf("Claims.Sign() error = %v, wantErr %v", err, tt.wantErr) |
| 134 | return |
| 135 | } |
| 136 | if got != tt.want { |
| 137 | t.Errorf("Claims.Sign() = %v, want %v", got, tt.want) |
| 138 | } |
| 139 | }) |
| 140 | } |