mirrors/prosody
1
0
Fork 0
mirror of https://github.com/bjc/prosody.git synced 2025-04-06 14:47:37 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions
prosody/spec/util_jwt_spec.lua
Matthew Wild ae16ddcac7 util.jwt: Add support/tests for ES256 via improved API and using util.crypto 
In many cases code will be either signing or verifying. With asymmetric
algorithms it's clearer and more efficient to just state that once, instead of
passing keys (and possibly other parameters) with every sign/verify call.

This also allows earlier validation of the key used.

The previous (HS256-only) sign/verify methods continue to be exposed for
backwards-compatibility.
2022-07-01 18:51:15 +01:00

70 lines
1.8 KiB
Lua
Raw Blame History

local jwt = require "util.jwt";
describe("util.jwt", function ()
it("validates", function ()
local key = "secret";
local token = jwt.sign(key, { payload = "this" });
assert.string(token);
local ok, parsed = jwt.verify(key, token);
assert.truthy(ok)
assert.same({ payload = "this" }, parsed);
end);
it("rejects invalid", function ()
local key = "secret";
local token = jwt.sign("wrong", { payload = "this" });
assert.string(token);
local ok = jwt.verify(key, token);
assert.falsy(ok)
end);
it("validates ES256", function ()
local private_key = [[
-----BEGIN PRIVATE KEY-----
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgevZzL1gdAFr88hb2
OF/2NxApJCzGCEDdfSp6VQO30hyhRANCAAQRWz+jn65BtOMvdyHKcvjBeBSDZH2r
1RTwjmYSi9R/zpBnuQ4EiMnCqfMPWiZqB4QdbAd0E7oH50VpuZ1P087G
-----END PRIVATE KEY-----
]];
local sign = jwt.new_signer("ES256", private_key);
local token = sign({
sub = "1234567890";
name = "John Doe";
admin = true;
iat = 1516239022;
});
local public_key = [[
-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEEVs/o5+uQbTjL3chynL4wXgUg2R9
q9UU8I5mEovUf86QZ7kOBIjJwqnzD1omageEHWwHdBO6B+dFabmdT9POxg==
-----END PUBLIC KEY-----
]];
local verify = jwt.new_verifier("ES256", public_key);
local result = {verify(token)};
assert.same({
true; -- success
{ -- payload
sub = "1234567890";
name = "John Doe";
admin = true;
iat = 1516239022;
};
}, result);
local result = {verify[[eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWUsImlhdCI6MTUxNjIzOTAyMn0.tyh-VfuzIxCyGYDlkBA7DfyjrqmSHu6pQ2hoZuFqUSLPNY2N0mpHb3nk5K17HWP_3cYHBw7AhHale5wky6-sVA]]};
assert.same({
true; -- success
{ -- payload
sub = "1234567890";
name = "John Doe";
admin = true;
iat = 1516239022;
};
}, result);
end);
end);
Reference in a new issue View git blame Copy permalink