1
17
18 package jwt
19
20 import (
21 "crypto/rand"
22 "crypto/rsa"
23 "crypto/x509"
24 "encoding/hex"
25 "encoding/pem"
26 "errors"
27 "fmt"
28 "io"
29 "reflect"
30 "sort"
31 "testing"
32 "time"
33
34 "github.com/stretchr/testify/assert"
35 "github.com/stretchr/testify/require"
36
37 "gopkg.in/go-jose/go-jose.v2"
38 "gopkg.in/go-jose/go-jose.v2/json"
39 )
40
41 type testClaims struct {
42 Subject string `json:"sub"`
43 }
44
45 type invalidMarshalClaims struct {
46 }
47
48 var errInvalidMarshalClaims = errors.New("Failed marshaling invalid claims.")
49
50 func (c invalidMarshalClaims) MarshalJSON() ([]byte, error) {
51 return nil, errInvalidMarshalClaims
52 }
53
54 var sampleClaims = Claims{
55 Subject: "42",
56 IssuedAt: NewNumericDate(time.Date(2016, 1, 1, 0, 0, 0, 0, time.UTC)),
57 Issuer: "issuer",
58 Audience: Audience{"a1", "a2"},
59 }
60
61 type numberClaims struct {
62 Int int64 `json:"int"`
63 Float float64 `json:"float"`
64 }
65
66 func TestIntegerAndFloatsNormalize(t *testing.T) {
67 c := numberClaims{1 << 60, 12345.6789}
68
69 normalized, err := normalize(c)
70 if err != nil {
71 t.Fatal(err)
72 }
73
74 ni, err := (normalized["int"].(json.Number)).Int64()
75 nf, err := (normalized["float"].(json.Number)).Float64()
76
77 if ni != c.Int {
78 t.Error(fmt.Sprintf("normalize failed to preserve int64 (got %v, wanted %v, type %s)", normalized["int"], c.Int, reflect.TypeOf(normalized["int"])))
79 }
80 if nf != c.Float {
81 t.Error(fmt.Sprintf("normalize failed to preserve float64 (got %v, wanted %v, type %s)", normalized["float"], c.Float, reflect.TypeOf(normalized["float"])))
82 }
83 }
84
85 func TestBuilderCustomClaimsNonPointer(t *testing.T) {
86 jwt, err := Signed(rsaSigner).Claims(testClaims{"foo"}).CompactSerialize()
87 require.NoError(t, err, "Error creating JWT.")
88
89 parsed, err := ParseSigned(jwt)
90 require.NoError(t, err, "Error parsing JWT.")
91
92 out := &testClaims{}
93 if assert.NoError(t, parsed.Claims(&testPrivRSAKey1.PublicKey, out), "Error unmarshaling claims.") {
94 assert.Equal(t, "foo", out.Subject)
95 }
96 }
97
98 func TestBuilderCustomClaimsPointer(t *testing.T) {
99 jwt, err := Signed(rsaSigner).Claims(&testClaims{"foo"}).CompactSerialize()
100 require.NoError(t, err, "Error creating JWT.")
101
102 parsed, err := ParseSigned(jwt)
103 require.NoError(t, err, "Error parsing JWT.")
104
105 out := &testClaims{}
106 if assert.NoError(t, parsed.Claims(&testPrivRSAKey1.PublicKey, out), "Error unmarshaling claims.") {
107 assert.Equal(t, "foo", out.Subject)
108 }
109 }
110
111 func TestBuilderMergeClaims(t *testing.T) {
112 jwt, err := Signed(rsaSigner).
113 Claims(&Claims{
114 Subject: "42",
115 }).
116 Claims(map[string]interface{}{
117 "Scopes": []string{"read:users"},
118 }).
119 CompactSerialize()
120 require.NoError(t, err, "Error creating JWT.")
121
122 parsed, err := ParseSigned(jwt)
123 require.NoError(t, err, "Error parsing JWT.")
124
125 out := make(map[string]interface{})
126 if assert.NoError(t, parsed.Claims(&testPrivRSAKey1.PublicKey, &out), "Error unmarshaling claims.") {
127 assert.Equal(t, map[string]interface{}{
128 "sub": "42",
129 "Scopes": []interface{}{"read:users"},
130 }, out)
131 }
132
133 _, err = Signed(rsaSigner).Claims("invalid-claims").Claims(&testClaims{"foo"}).CompactSerialize()
134 assert.Equal(t, err, ErrInvalidClaims)
135
136 _, err = Signed(rsaSigner).Claims(&invalidMarshalClaims{}).CompactSerialize()
137 assert.EqualError(t, err, "json: error calling MarshalJSON for type *jwt.invalidMarshalClaims: Failed marshaling invalid claims.")
138 }
139
140 func TestSignedFullSerializeAndToken(t *testing.T) {
141 b := Signed(rsaSigner).Claims(&testClaims{"foo"})
142
143 jwt, err := b.FullSerialize()
144 require.NoError(t, err, "Error creating JWT.")
145 parsed, err := ParseSigned(jwt)
146 require.NoError(t, err, "Error parsing JWT.")
147 out := &testClaims{}
148 if assert.NoError(t, parsed.Claims(&testPrivRSAKey1.PublicKey, &out), "Error unmarshaling claims.") {
149 assert.Equal(t, &testClaims{
150 Subject: "foo",
151 }, out)
152 }
153
154 jwt2, err := b.Token()
155 require.NoError(t, err, "Error creating JWT.")
156 out2 := &testClaims{}
157 if assert.NoError(t, jwt2.Claims(&testPrivRSAKey1.PublicKey, &out2), "Error unmarshaling claims.") {
158 assert.Equal(t, &testClaims{
159 Subject: "foo",
160 }, out2)
161 }
162
163 b2 := Signed(rsaSigner).Claims(&invalidMarshalClaims{})
164 _, err = b2.FullSerialize()
165 require.EqualError(t, err, "json: error calling MarshalJSON for type *jwt.invalidMarshalClaims: Failed marshaling invalid claims.")
166 _, err = b2.Token()
167 require.EqualError(t, err, "json: error calling MarshalJSON for type *jwt.invalidMarshalClaims: Failed marshaling invalid claims.")
168 }
169
170 func TestEncryptedFullSerializeAndToken(t *testing.T) {
171 recipient := jose.Recipient{
172 Algorithm: jose.RSA1_5,
173 Key: testPrivRSAKey1.Public(),
174 }
175 encrypter, err := jose.NewEncrypter(jose.A128CBC_HS256, recipient, nil)
176 require.NoError(t, err, "Error creating encrypter.")
177
178 b := Encrypted(encrypter).Claims(&testClaims{"foo"})
179
180 jwt, err := b.FullSerialize()
181 require.NoError(t, err, "Error creating JWT.")
182 parsed, err := ParseEncrypted(jwt)
183 require.NoError(t, err, "Error parsing JWT.")
184 out := &testClaims{}
185 if assert.NoError(t, parsed.Claims(testPrivRSAKey1, &out)) {
186 assert.Equal(t, &testClaims{
187 Subject: "foo",
188 }, out)
189 }
190
191 jwt2, err := b.Token()
192 require.NoError(t, err, "Error creating JWT.")
193 out2 := &testClaims{}
194 if assert.NoError(t, jwt2.Claims(testPrivRSAKey1, &out2)) {
195 assert.Equal(t, &testClaims{
196 Subject: "foo",
197 }, out2)
198 }
199
200 b2 := Encrypted(encrypter).Claims(&invalidMarshalClaims{})
201
202 _, err = b2.FullSerialize()
203 require.EqualError(t, err, "json: error calling MarshalJSON for type *jwt.invalidMarshalClaims: Failed marshaling invalid claims.")
204 _, err = b2.Token()
205 require.EqualError(t, err, "json: error calling MarshalJSON for type *jwt.invalidMarshalClaims: Failed marshaling invalid claims.")
206 }
207
208 func TestBuilderSignedAndEncrypted(t *testing.T) {
209 recipient := jose.Recipient{
210 Algorithm: jose.RSA1_5,
211 Key: testPrivRSAKey1.Public(),
212 }
213 encrypter, err := jose.NewEncrypter(jose.A128CBC_HS256, recipient, (&jose.EncrypterOptions{}).WithContentType("JWT").WithType("JWT"))
214 require.NoError(t, err, "Error creating encrypter.")
215
216 jwt1, err := SignedAndEncrypted(rsaSigner, encrypter).Claims(&testClaims{"foo"}).Token()
217 require.NoError(t, err, "Error marshaling signed-then-encrypted token.")
218 if nested, err := jwt1.Decrypt(testPrivRSAKey1); assert.NoError(t, err, "Error decrypting signed-then-encrypted token.") {
219 out := &testClaims{}
220 assert.NoError(t, nested.Claims(&testPrivRSAKey1.PublicKey, out))
221 assert.Equal(t, &testClaims{"foo"}, out)
222 }
223
224 b := SignedAndEncrypted(rsaSigner, encrypter).Claims(&testClaims{"foo"})
225 tok1, err := b.CompactSerialize()
226 if assert.NoError(t, err) {
227 jwt, err := ParseSignedAndEncrypted(tok1)
228 if assert.NoError(t, err, "Error parsing signed-then-encrypted compact token.") {
229 if nested, err := jwt.Decrypt(testPrivRSAKey1); assert.NoError(t, err) {
230 out := &testClaims{}
231 assert.NoError(t, nested.Claims(&testPrivRSAKey1.PublicKey, out))
232 assert.Equal(t, &testClaims{"foo"}, out)
233 }
234 }
235 }
236
237 tok2, err := b.FullSerialize()
238 if assert.NoError(t, err) {
239 jwe, err := ParseSignedAndEncrypted(tok2)
240 if assert.NoError(t, err, "Error parsing signed-then-encrypted full token.") {
241 assert.Equal(t, []jose.Header{{
242 Algorithm: string(jose.RSA1_5),
243 ExtraHeaders: map[jose.HeaderKey]interface{}{
244 jose.HeaderType: "JWT",
245 jose.HeaderContentType: "JWT",
246 "enc": "A128CBC-HS256",
247 },
248 }}, jwe.Headers)
249 if jws, err := jwe.Decrypt(testPrivRSAKey1); assert.NoError(t, err) {
250 assert.Equal(t, []jose.Header{{
251 Algorithm: string(jose.RS256),
252 ExtraHeaders: map[jose.HeaderKey]interface{}{
253 jose.HeaderType: "JWT",
254 },
255 }}, jws.Headers)
256 out := &testClaims{}
257 assert.NoError(t, jws.Claims(&testPrivRSAKey1.PublicKey, out))
258 assert.Equal(t, &testClaims{"foo"}, out)
259 }
260 }
261 }
262
263 b2 := SignedAndEncrypted(rsaSigner, encrypter).Claims(&invalidMarshalClaims{})
264 _, err = b2.CompactSerialize()
265 assert.EqualError(t, err, "json: error calling MarshalJSON for type *jwt.invalidMarshalClaims: Failed marshaling invalid claims.")
266 _, err = b2.FullSerialize()
267 assert.EqualError(t, err, "json: error calling MarshalJSON for type *jwt.invalidMarshalClaims: Failed marshaling invalid claims.")
268
269 encrypter2, err := jose.NewEncrypter(jose.A128CBC_HS256, recipient, nil)
270 require.NoError(t, err, "Error creating encrypter.")
271 _, err = SignedAndEncrypted(rsaSigner, encrypter2).CompactSerialize()
272 assert.EqualError(t, err, "go-jose/go-jose/jwt: expected content type to be JWT (cty header)")
273 }
274
275 func TestBuilderHeadersSigner(t *testing.T) {
276 tests := []struct {
277 Keys []*rsa.PrivateKey
278 Claims interface{}
279 }{
280 {
281 Keys: []*rsa.PrivateKey{testPrivRSAKey1},
282 Claims: &Claims{Issuer: "foo"},
283 },
284 {
285 Keys: []*rsa.PrivateKey{testPrivRSAKey1, testPrivRSAKey2},
286 Claims: &Claims{Issuer: "foo"},
287 },
288 }
289
290 for i, tc := range tests {
291 wantKeyIDs := make([]string, len(tc.Keys))
292 signingKeys := make([]jose.SigningKey, len(tc.Keys))
293
294 for j, key := range tc.Keys {
295 keyIDBytes := make([]byte, 20)
296 if _, err := io.ReadFull(rand.Reader, keyIDBytes); err != nil {
297 t.Fatalf("failed to read random bytes: %v", err)
298 }
299 keyID := hex.EncodeToString(keyIDBytes)
300
301 wantKeyIDs[j] = keyID
302 signingKeys[j] = jose.SigningKey{
303 Algorithm: jose.RS256,
304 Key: &jose.JSONWebKey{
305 KeyID: keyID,
306 Algorithm: "RSA",
307 Key: key,
308 },
309 }
310 }
311
312 signer, err := jose.NewMultiSigner(signingKeys, nil)
313 if err != nil {
314 t.Errorf("case %d: NewMultiSigner(): %v", i, err)
315 continue
316 }
317
318 var token string
319 if len(tc.Keys) == 1 {
320 token, err = Signed(signer).Claims(tc.Claims).CompactSerialize()
321 } else {
322 token, err = Signed(signer).Claims(tc.Claims).FullSerialize()
323 }
324 if err != nil {
325 t.Errorf("case %d: failed to create token: %v", i, err)
326 continue
327 }
328 jws, err := jose.ParseSigned(token)
329 if err != nil {
330 t.Errorf("case %d: parse signed: %v", i, err)
331 continue
332 }
333 gotKeyIDs := make([]string, len(jws.Signatures))
334 for i, sig := range jws.Signatures {
335 gotKeyIDs[i] = sig.Header.KeyID
336 }
337 sort.Strings(wantKeyIDs)
338 sort.Strings(gotKeyIDs)
339 if !reflect.DeepEqual(wantKeyIDs, gotKeyIDs) {
340 t.Errorf("case %d: wanted=%q got=%q", i, wantKeyIDs, gotKeyIDs)
341 }
342 }
343 }
344
345 func TestBuilderHeadersEncrypter(t *testing.T) {
346 key := testPrivRSAKey1
347 claims := &Claims{Issuer: "foo"}
348
349 keyIDBytes := make([]byte, 20)
350 if _, err := io.ReadFull(rand.Reader, keyIDBytes); err != nil {
351 t.Fatalf("failed to read random bytes: %v", err)
352 }
353 keyID := hex.EncodeToString(keyIDBytes)
354
355 wantKeyID := keyID
356 recipient := jose.Recipient{
357 Algorithm: jose.RSA1_5,
358 Key: key.Public(),
359 KeyID: keyID,
360 }
361
362 wantType := jose.ContentType("JWT")
363 encrypter, err := jose.NewEncrypter(jose.A128CBC_HS256, recipient, (&jose.EncrypterOptions{}).WithType(wantType))
364 require.NoError(t, err, "failed to create encrypter")
365
366 token, err := Encrypted(encrypter).Claims(claims).CompactSerialize()
367 require.NoError(t, err, "failed to create token")
368
369 jwe, err := jose.ParseEncrypted(token)
370 if assert.NoError(t, err, "error parsing encrypted token") {
371 assert.Equal(t, jose.Header{
372 ExtraHeaders: map[jose.HeaderKey]interface{}{
373 jose.HeaderType: string(wantType),
374 "enc": "A128CBC-HS256",
375 },
376 Algorithm: string(jose.RSA1_5),
377 KeyID: wantKeyID,
378 }, jwe.Header)
379 }
380 }
381
382 func BenchmarkMapClaims(b *testing.B) {
383 m := map[string]interface{}{
384 "sub": "42",
385 "iat": 1451606400,
386 "iss": "issuer",
387 "aud": []string{"a1", "a2"},
388 }
389
390 for i := 0; i < b.N; i++ {
391 Signed(rsaSigner).Claims(m)
392 }
393 }
394
395 func BenchmarkStructClaims(b *testing.B) {
396 for i := 0; i < b.N; i++ {
397 Signed(rsaSigner).Claims(sampleClaims)
398 }
399 }
400
401 func BenchmarkSignedCompactSerializeRSA(b *testing.B) {
402 tb := Signed(rsaSigner).Claims(sampleClaims)
403
404 b.ResetTimer()
405 for i := 0; i < b.N; i++ {
406 tb.CompactSerialize()
407 }
408 }
409
410 func BenchmarkSignedCompactSerializeSHA(b *testing.B) {
411 tb := Signed(hmacSigner).Claims(sampleClaims)
412
413 b.ResetTimer()
414 for i := 0; i < b.N; i++ {
415 tb.CompactSerialize()
416 }
417 }
418
419 func mustUnmarshalRSA(data string) *rsa.PrivateKey {
420 block, _ := pem.Decode([]byte(data))
421 if block == nil {
422 panic("failed to decode PEM data")
423 }
424 key, err := x509.ParsePKCS8PrivateKey(block.Bytes)
425 if err != nil {
426 panic("failed to parse RSA key: " + err.Error())
427 }
428 if key, ok := key.(*rsa.PrivateKey); ok {
429 return key
430 }
431 panic("key is not of type *rsa.PrivateKey")
432 }
433
434 func mustMakeSigner(alg jose.SignatureAlgorithm, k interface{}) jose.Signer {
435 sig, err := jose.NewSigner(jose.SigningKey{Algorithm: alg, Key: k}, (&jose.SignerOptions{}).WithType("JWT"))
436 if err != nil {
437 panic("failed to create signer:" + err.Error())
438 }
439
440 return sig
441 }
442
443 var (
444 sharedKey = []byte("secret")
445 sharedEncryptionKey = []byte("itsa16bytesecret")
446
447 testPrivRSAKey1 = mustUnmarshalRSA(`-----BEGIN PRIVATE KEY-----
448 MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDIHBvDHAr7jh8h
449 xaqBCl11fjI9YZtdC5b3HtXTXZW3c2dIOImNUjffT8POP6p5OpzivmC1om7iOyuZ
450 3nJjC9LT3zqqs3f2i5d4mImxEuqG6uWdryFfkp0uIv5VkjVO+iQWd6pDAPGP7r1Z
451 foXCleyCtmyNH4JSkJneNPOk/4BxO8vcvRnCMT/Gv81IT6H+OQ6OovWOuJr8RX9t
452 1wuCjC9ezZxeI9ONffhiO5FMrVh5H9LJTl3dPOVa4aEcOvgd45hBmvxAyXqf8daE
453 6Kl2O7vQ4uwgnSTVXYIIjCjbepuersApIMGx/XPSgiU1K3Xtah/TBvep+S3VlwPc
454 q/QH25S9AgMBAAECggEAe+y8XKYfPw4SxY1uPB+5JSwT3ON3nbWxtjSIYy9Pqp5z
455 Vcx9kuFZ7JevQSk4X38m7VzM8282kC/ono+d8yy9Uayq3k/qeOqV0X9Vti1qxEbw
456 ECkG1/MqGApfy4qSLOjINInDDV+mOWa2KJgsKgdCwuhKbVMYGB2ozG2qfYIlfvlY
457 vLcBEpGWmswJHNmkcjTtGFIyJgPbsI6ndkkOeQbqQKAaadXtG1xUzH+vIvqaUl/l
458 AkNf+p4qhPkHsoAWXf1qu9cYa2T8T+mEo79AwlgVC6awXQWNRTiyClDJC7cu6NBy
459 ZHXCLFMbalzWF9qeI2OPaFX2x3IBWrbyDxcJ4TSdQQKBgQD/Fp/uQonMBh1h4Vi4
460 HlxZdqSOArTitXValdLFGVJ23MngTGV/St4WH6eRp4ICfPyldsfcv6MZpNwNm1Rn
461 lB5Gtpqpby1dsrOSfvVbY7U3vpLnd8+hJ/lT5zCYt5Eor46N6iWRkYWzNe4PixiF
462 z1puGUvFCbZdeeACVrPLmW3JKQKBgQDI0y9WTf8ezKPbtap4UEE6yBf49ftohVGz
463 p4iD6Ng1uqePwKahwoVXKOc179CjGGtW/UUBORAoKRmxdHajHq6LJgsBxpaARz21
464 COPy99BUyp9ER5P8vYn63lC7Cpd/K7uyMjaz1DAzYBZIeVZHIw8O9wuGNJKjRFy9
465 SZyD3V0ddQKBgFMdohrWH2QVEfnUnT3Q1rJn0BJdm2bLTWOosbZ7G72TD0xAWEnz
466 sQ1wXv88n0YER6X6YADziEdQykq8s/HT91F/KkHO8e83zP8M0xFmGaQCOoelKEgQ
467 aFMIX3NDTM7+9OoUwwz9Z50PE3SJFAJ1n7eEEoYvNfabQXxBl+/dHEKRAoGAPEvU
468 EaiXacrtg8EWrssB2sFLGU/ZrTciIbuybFCT4gXp22pvXXAHEvVP/kzDqsRhLhwb
469 BNP6OuSkNziNikpjA5pngZ/7fgZly54gusmW/m5bxWdsUl0iOXVYbeAvPlqGH2me
470 LP4Pfs1hw17S/cbT9Z1NE31jbavP4HFikeD73SUCgYEArQfuudml6ei7XZ1Emjq8
471 jZiD+fX6e6BD/ISatVnuyZmGj9wPFsEhY2BpLiAMQHMDIvH9nlKzsFvjkTPB86qG
472 jCh3D67Os8eSBk5uRC6iW3Fc4DXvB5EFS0W9/15Sl+V5vXAcrNMpYS82OTSMG2Gt
473 b9Ym/nxaqyTu0PxajXkKm5Q=
474 -----END PRIVATE KEY-----`)
475
476 testPrivRSAKey2 = mustUnmarshalRSA(`-----BEGIN PRIVATE KEY-----
477 MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCxJ09jkXZ5Okyq
478 FrEKrs+GTzZRvoLziyzDTIZLJC6BVryau4gaFjuBG+pnm4z53oDP0XVnjFsx1mBw
479 R6RHeXlXbxLXsMfJpMzU9I2SRen9DokpD187CAnjLOoN9QRl1h8CA+sqR5Jw9mdl
480 mdaBKC99M9QYAPK3vGNfPC4soo8LDSBiemmt5raL4WSfoYh/6qg5rHUTymY28uxV
481 ew3I9Yp+3ltIw+WlRDtW5l+MM5CSUofjj2zcgcG3LEuPtvyZ+CSObxxcZZugm9zc
482 JdiazNyUxtX8yAj3Xg8Hde0jt0QDXv7A+U0KMVi9lX6PJEaNj4tOhOmQhJVMzAyr
483 1W/bifZVAgMBAAECggEAduKnn21GMZLTUi4KP94SvNK55F/Sp7hVoPbhBNpSL1BT
484 IBAMBV24LyvZwhAcqq8MiOrLPGNv6+EvNQqPD7xQl0GeRouHeCYVpDA+NdSfc8jm
485 eVysjwQVBpTkudsdSW5JvuN8VRJVD2P8/a0gy+p4/C/k/Prd6DoQAiBz6FZrYoEd
486 iYgIegHOMXWd4vzO3ENOWSIUI6ci7Aro+Y0Z75kfiVokAGhUcFgrZ58E82fBYh8I
487 cxO20oMnucGrLicQzj536jx4wX3Cdd4jr9UVEJ9ZII1ldlp03nZlFLXqJH1547Aq
488 ZM+3vVcBGoJ8T9ZQ4VDAL++0K2DLC9JkTARAYCEi/QKBgQDebIc1+2zblhQtVQ/e
489 IbEErZcB7v+TkUoRoBfR0lj7bKBFJgRe37fgu1xf95/s63okdnOw/OuQqtGmgx/J
490 TL3yULBdNcwTCRm41t+cqoGymjK0VRbqk6CWBId0E3r5TaCVWedk2JI2XwTvIJ1A
491 eDiqfJeDHUD44yaonwbysj9ZDwKBgQDL5VQfTppVaJk2PXNwhAkRQklZ8RFmt/7p
492 yA3dddQNdwMk4Fl8F7QuO1gBxDiHdnwIrlEOz6fTsM3LwIS+Q12P1vYFIhpo7HDB
493 wvjfMwCPxBIS4jI28RgcAf0VbZ/+CHAm6bb9iDwsjXhh1J5oOm5VKnju6/rPH/QY
494 +md40pnSWwKBgBnKPbdNquafNUG4XjmkcHEZa6wGuU20CAGZLYnfuP+WLdM2wET7
495 7cc6ElDyVnHTL/twXKPF/85rcBm9lH7zzgZ9wqVcKoh+gqQDDjSNNLKv3Hc6cojK
496 i1E5vzb/Vz/290q5/PGdhv6U7+6GOpWSGwfxoGPMjY8OT5o3rkeP0XaTAoGBALLR
497 GQmr4eZtqZDMK+XNpjYgsDvVE7HGRCW7cY17vNFiQruglloiX778BJ7n+7uxye3D
498 EwuuSj15ncLHwKMsaW2w1GqEEi1azzjfSWxWSnPLPR6aifdtUfueMtsMHXio5dL6
499 vaV0SXG5UI5b7eDy/bhrW0wOYRQtreIKGZz49jZpAoGBAIvxYngkLwmq6g6MmnAc
500 YK4oT6YAm2wfSy2mzpEQP5r1igp1rN7T46o7FMUPDLS9wK3ESAaIYe01qT6Yftcc
501 5qF+yiOGDTr9XQiHwe4BcyrNEMfUjDhDU5ao2gH8+t1VGr1KspLsUNbedrJwZsY4
502 UCZVKEEDHzKfLO/iBgKjJQF7
503 -----END PRIVATE KEY-----`)
504
505 rsaSigner = mustMakeSigner(jose.RS256, testPrivRSAKey1)
506 hmacSigner = mustMakeSigner(jose.HS256, sharedKey)
507 )
508
View as plain text