1 package jwt_test
2
3 import (
4 "io/ioutil"
5 "strings"
6 "testing"
7
8 "github.com/golang-jwt/jwt"
9 )
10
11 var hmacTestData = []struct {
12 name string
13 tokenString string
14 alg string
15 claims map[string]interface{}
16 valid bool
17 }{
18 {
19 "web sample",
20 "eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ.dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk",
21 "HS256",
22 map[string]interface{}{"iss": "joe", "exp": 1300819380, "http://example.com/is_root": true},
23 true,
24 },
25 {
26 "HS384",
27 "eyJhbGciOiJIUzM4NCIsInR5cCI6IkpXVCJ9.eyJleHAiOjEuMzAwODE5MzhlKzA5LCJodHRwOi8vZXhhbXBsZS5jb20vaXNfcm9vdCI6dHJ1ZSwiaXNzIjoiam9lIn0.KWZEuOD5lbBxZ34g7F-SlVLAQ_r5KApWNWlZIIMyQVz5Zs58a7XdNzj5_0EcNoOy",
28 "HS384",
29 map[string]interface{}{"iss": "joe", "exp": 1300819380, "http://example.com/is_root": true},
30 true,
31 },
32 {
33 "HS512",
34 "eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJleHAiOjEuMzAwODE5MzhlKzA5LCJodHRwOi8vZXhhbXBsZS5jb20vaXNfcm9vdCI6dHJ1ZSwiaXNzIjoiam9lIn0.CN7YijRX6Aw1n2jyI2Id1w90ja-DEMYiWixhYCyHnrZ1VfJRaFQz1bEbjjA5Fn4CLYaUG432dEYmSbS4Saokmw",
35 "HS512",
36 map[string]interface{}{"iss": "joe", "exp": 1300819380, "http://example.com/is_root": true},
37 true,
38 },
39 {
40 "web sample: invalid",
41 "eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ.dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXo",
42 "HS256",
43 map[string]interface{}{"iss": "joe", "exp": 1300819380, "http://example.com/is_root": true},
44 false,
45 },
46 }
47
48
49 var hmacTestKey, _ = ioutil.ReadFile("test/hmacTestKey")
50
51 func TestHMACVerify(t *testing.T) {
52 for _, data := range hmacTestData {
53 parts := strings.Split(data.tokenString, ".")
54
55 method := jwt.GetSigningMethod(data.alg)
56 err := method.Verify(strings.Join(parts[0:2], "."), parts[2], hmacTestKey)
57 if data.valid && err != nil {
58 t.Errorf("[%v] Error while verifying key: %v", data.name, err)
59 }
60 if !data.valid && err == nil {
61 t.Errorf("[%v] Invalid key passed validation", data.name)
62 }
63 }
64 }
65
66 func TestHMACSign(t *testing.T) {
67 for _, data := range hmacTestData {
68 if data.valid {
69 parts := strings.Split(data.tokenString, ".")
70 method := jwt.GetSigningMethod(data.alg)
71 sig, err := method.Sign(strings.Join(parts[0:2], "."), hmacTestKey)
72 if err != nil {
73 t.Errorf("[%v] Error signing token: %v", data.name, err)
74 }
75 if sig != parts[2] {
76 t.Errorf("[%v] Incorrect signature.\nwas:\n%v\nexpecting:\n%v", data.name, sig, parts[2])
77 }
78 }
79 }
80 }
81
82 func BenchmarkHS256Signing(b *testing.B) {
83 benchmarkSigning(b, jwt.SigningMethodHS256, hmacTestKey)
84 }
85
86 func BenchmarkHS384Signing(b *testing.B) {
87 benchmarkSigning(b, jwt.SigningMethodHS384, hmacTestKey)
88 }
89
90 func BenchmarkHS512Signing(b *testing.B) {
91 benchmarkSigning(b, jwt.SigningMethodHS512, hmacTestKey)
92 }
93
View as plain text