Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@
<java.version>11</java.version>
<jjwt.version>0.13.0</jjwt.version>
<bouncycastle.version>1.84</bouncycastle.version>
<jackson.version>2.22.0</jackson.version>
<jackson.version>2.22.1</jackson.version>
<slf4j.version>2.0.17</slf4j.version>
<junit-jupiter.version>5.14.4</junit-jupiter.version>
<assertj.version>3.27.7</assertj.version>
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -22,15 +22,36 @@

package eu.webeid.security.validator;

import org.junit.jupiter.api.Test;
import eu.webeid.security.authtoken.WebEidAuthToken;
import eu.webeid.security.exceptions.AuthTokenParseException;
import eu.webeid.security.exceptions.AuthTokenException;
import eu.webeid.security.exceptions.AuthTokenParseException;
import eu.webeid.security.testutil.AbstractTestWithValidator;
import eu.webeid.security.util.DateAndTime;
import org.junit.jupiter.api.AfterEach;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.mockito.MockedStatic;

import static eu.webeid.security.testutil.DateMocker.mockDate;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.mockito.Mockito.mockStatic;

class AuthTokenAlgorithmTest extends AbstractTestWithValidator {
private MockedStatic<DateAndTime.DefaultClock> mockedClock;

@Override
@BeforeEach
protected void setup() {
super.setup();
mockedClock = mockStatic(DateAndTime.DefaultClock.class);
// Ensure that the certificates do not expire.
mockDate("2021-07-23", mockedClock);
}

@AfterEach
void tearDown() {
mockedClock.close();
}

@Test
void whenAlgorithmNone_thenValidationFails() throws AuthTokenException {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,10 @@
import eu.webeid.security.testutil.AbstractTestWithValidator;
import eu.webeid.security.testutil.AuthTokenValidators;
import eu.webeid.security.util.DateAndTime;
import org.junit.jupiter.api.AfterEach;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.mockito.MockedStatic;

import java.security.cert.X509Certificate;

Expand All @@ -46,6 +49,22 @@ class AuthTokenSignatureTest extends AbstractTestWithValidator {
"\"signature\":\"arx164xRiwhIQDINe0J+ZxJWZFOQTx0PBtOaWaxAe7gofEIHRIbV1w0sOCYBJnvmvMem9hU4nc2+iJx2x8poYck4Z6eI3GwtiksIec3XQ9ZIk1n/XchXnmPn3GYV+HzJ\"," +
"\"format\":\"web-eid:1.0\"}";

private MockedStatic<DateAndTime.DefaultClock> mockedClock;

@Override
@BeforeEach
protected void setup() {
super.setup();
mockedClock = mockStatic(DateAndTime.DefaultClock.class);
// Ensure that the certificates do not expire.
mockDate("2021-07-23", mockedClock);
}

@AfterEach
void tearDown() {
mockedClock.close();
}

@Test
void whenValidTokenAndNonce_thenValidationSucceeds() throws Exception {
final X509Certificate result = validator.validate(validAuthToken, VALID_CHALLENGE_NONCE);
Expand Down Expand Up @@ -80,15 +99,11 @@ void whenValidTokenAndWrongOrigin_thenValidationFails() throws Exception {

@Test
void whenTokenWithWrongCert_thenValidationFails() throws Exception {
// Ensure that the certificate does not expire.
try (final var mockedClock = mockStatic(DateAndTime.DefaultClock.class)) {
mockDate("2024-08-01", mockedClock);
final AuthTokenValidator authTokenValidator = AuthTokenValidators.getAuthTokenValidator();
final WebEidAuthToken authTokenWithWrongCert = authTokenValidator.parse(AUTH_TOKEN_WRONG_CERT);
assertThatThrownBy(() -> authTokenValidator
.validate(authTokenWithWrongCert, VALID_CHALLENGE_NONCE))
.isInstanceOf(AuthTokenSignatureValidationException.class);
}
final AuthTokenValidator authTokenValidator = AuthTokenValidators.getAuthTokenValidator();
final WebEidAuthToken authTokenWithWrongCert = authTokenValidator.parse(AUTH_TOKEN_WRONG_CERT);
assertThatThrownBy(() -> authTokenValidator
.validate(authTokenWithWrongCert, VALID_CHALLENGE_NONCE))
.isInstanceOf(AuthTokenSignatureValidationException.class);
}

}
Original file line number Diff line number Diff line change
Expand Up @@ -25,22 +25,43 @@
import eu.webeid.security.exceptions.JceException;
import eu.webeid.security.testutil.AbstractTestWithValidator;
import eu.webeid.security.testutil.AuthTokenValidators;
import eu.webeid.security.util.DateAndTime;
import eu.webeid.security.validator.AuthTokenValidator;
import org.bouncycastle.cert.ocsp.OCSPReq;
import org.bouncycastle.cert.ocsp.OCSPResp;
import org.junit.jupiter.api.AfterEach;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Disabled;
import org.junit.jupiter.api.Test;
import org.mockito.MockedStatic;

import java.io.IOException;
import java.net.URI;
import java.net.http.HttpClient;
import java.security.cert.CertificateException;
import java.time.Duration;

import static eu.webeid.security.testutil.DateMocker.mockDate;
import static org.assertj.core.api.Assertions.assertThatCode;
import static org.assertj.core.api.Assertions.assertThatThrownBy;
import static org.mockito.Mockito.mockStatic;

class OcspClientOverrideTest extends AbstractTestWithValidator {
private MockedStatic<DateAndTime.DefaultClock> mockedClock;

@Override
@BeforeEach
protected void setup() {
super.setup();
mockedClock = mockStatic(DateAndTime.DefaultClock.class);
// Ensure that the certificates do not expire.
mockDate("2021-07-23", mockedClock);
}

@AfterEach
void tearDown() {
mockedClock.close();
}

@Test
void whenOcspClientIsOverridden_thenItIsUsed() throws JceException, CertificateException, IOException {
Expand Down
Loading