1 package jwt_test
2
3 import (
4 "reflect"
5 "strings"
6 "testing"
7
8 "github.com/golang-jwt/jwt/v5"
9 )
10
11 var noneTestData = []struct {
12 name string
13 tokenString string
14 alg string
15 key interface{}
16 claims map[string]interface{}
17 valid bool
18 }{
19 {
20 "Basic",
21 "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJmb28iOiJiYXIifQ.",
22 "none",
23 jwt.UnsafeAllowNoneSignatureType,
24 map[string]interface{}{"foo": "bar"},
25 true,
26 },
27 {
28 "Basic - no key",
29 "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJmb28iOiJiYXIifQ.",
30 "none",
31 nil,
32 map[string]interface{}{"foo": "bar"},
33 false,
34 },
35 {
36 "Signed",
37 "eyJhbGciOiJSUzM4NCIsInR5cCI6IkpXVCJ9.eyJmb28iOiJiYXIifQ.W-jEzRfBigtCWsinvVVuldiuilzVdU5ty0MvpLaSaqK9PlAWWlDQ1VIQ_qSKzwL5IXaZkvZFJXT3yL3n7OUVu7zCNJzdwznbC8Z-b0z2lYvcklJYi2VOFRcGbJtXUqgjk2oGsiqUMUMOLP70TTefkpsgqDxbRh9CDUfpOJgW-dU7cmgaoswe3wjUAUi6B6G2YEaiuXC0XScQYSYVKIzgKXJV8Zw-7AN_DBUI4GkTpsvQ9fVVjZM9csQiEXhYekyrKu1nu_POpQonGd8yqkIyXPECNmmqH5jH4sFiF67XhD7_JpkvLziBpI-uh86evBUadmHhb9Otqw3uV3NTaXLzJw",
38 "none",
39 jwt.UnsafeAllowNoneSignatureType,
40 map[string]interface{}{"foo": "bar"},
41 false,
42 },
43 }
44
45 func TestNoneVerify(t *testing.T) {
46 for _, data := range noneTestData {
47 parts := strings.Split(data.tokenString, ".")
48
49 method := jwt.GetSigningMethod(data.alg)
50 err := method.Verify(strings.Join(parts[0:2], "."), decodeSegment(t, parts[2]), data.key)
51 if data.valid && err != nil {
52 t.Errorf("[%v] Error while verifying key: %v", data.name, err)
53 }
54 if !data.valid && err == nil {
55 t.Errorf("[%v] Invalid key passed validation", data.name)
56 }
57 }
58 }
59
60 func TestNoneSign(t *testing.T) {
61 for _, data := range noneTestData {
62 if !data.valid {
63 continue
64 }
65 parts := strings.Split(data.tokenString, ".")
66 method := jwt.GetSigningMethod(data.alg)
67 sig, err := method.Sign(strings.Join(parts[0:2], "."), data.key)
68 if err != nil {
69 t.Errorf("[%v] Error signing token: %v", data.name, err)
70 }
71 if !reflect.DeepEqual(sig, decodeSegment(t, parts[2])) {
72 t.Errorf("[%v] Incorrect signature.\nwas:\n%v\nexpecting:\n%v", data.name, sig, parts[2])
73 }
74 }
75 }
76
View as plain text