Updated JWT lib & added MySQL database tables.
Change-Id: I5860e0484ef03f473a863001f44128e8274a14d3
diff --git a/full/src/test/java/de/ids_mannheim/korap/authentication/APIAuthenticationTest.java b/full/src/test/java/de/ids_mannheim/korap/authentication/APIAuthenticationTest.java
index 0fca0b8..82bab07 100644
--- a/full/src/test/java/de/ids_mannheim/korap/authentication/APIAuthenticationTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/authentication/APIAuthenticationTest.java
@@ -9,6 +9,8 @@
import org.junit.Test;
import org.springframework.beans.factory.annotation.Autowired;
+import com.nimbusds.jose.JOSEException;
+
import de.ids_mannheim.korap.config.Attributes;
import de.ids_mannheim.korap.config.KustvaktConfiguration;
import de.ids_mannheim.korap.config.SpringJerseyTest;
@@ -24,8 +26,8 @@
private KustvaktConfiguration config;
@Test
- public void testCreateGetTokenContext ()
- throws KustvaktException, IOException, InterruptedException {
+ public void testCreateGetTokenContext () throws KustvaktException,
+ IOException, InterruptedException, JOSEException {
User user = new KorAPUser();
user.setUsername("testUser");
@@ -38,6 +40,7 @@
// get token context
String authToken = context.getToken();
+// System.out.println(authToken);
context = auth.getTokenContext(authToken);
TokenType tokenType = context.getTokenType();
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/controller/UserControllerTest.java b/full/src/test/java/de/ids_mannheim/korap/web/controller/UserControllerTest.java
index 4ea6807..68f1b55 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/controller/UserControllerTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/controller/UserControllerTest.java
@@ -21,6 +21,7 @@
import org.springframework.beans.factory.annotation.Autowired;
import com.fasterxml.jackson.databind.JsonNode;
+import com.nimbusds.jose.JOSEException;
import com.nimbusds.jwt.SignedJWT;
import com.sun.jersey.api.client.ClientResponse;
import com.sun.jersey.core.util.MultivaluedMapImpl;
@@ -185,7 +186,7 @@
// EM: cannot do test with LDAP
@Test
@Ignore
- public void loginJWTExpired() throws InterruptedException, KustvaktException, ParseException {
+ public void loginJWTExpired() throws InterruptedException, KustvaktException, ParseException, JOSEException {
assertTrue(BeansFactory.getKustvaktContext().getConfiguration().getTokenTTL() < 10);
@@ -205,7 +206,7 @@
SignedJWT jwt = sign.verifyToken(token);
while (true) {
- if (TimeUtils.isExpired(jwt.getJWTClaimsSet().getExpirationTimeClaim()))
+ if (TimeUtils.isExpired(jwt.getJWTClaimsSet().getExpirationTime().getTime()))
break;
}
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/controller/VirtualCorpusControllerTest.java b/full/src/test/java/de/ids_mannheim/korap/web/controller/VirtualCorpusControllerTest.java
index 42f36ae..9ff8db4 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/controller/VirtualCorpusControllerTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/controller/VirtualCorpusControllerTest.java
@@ -368,7 +368,7 @@
node = testCheckHiddenGroup(groupId);
assertEquals(StatusCodes.GROUP_NOT_FOUND,
node.at("/errors/0/0").asInt());
- assertEquals("Group with id 5 is not found",
+ assertEquals("Group with id "+groupId+" is not found",
node.at("/errors/0/1").asText());
}
@@ -387,13 +387,13 @@
}
@Test
- public void testCreateVCWithExpiredToken ()
+ public void testCreateVCWithInvalidToken ()
throws IOException, KustvaktException {
String json = "{\"name\": \"new vc\",\"type\": \"PRIVATE\","
+ "\"corpusQuery\": \"corpusSigle=GOE\"}";
InputStream is = getClass().getClassLoader()
- .getResourceAsStream("test-user.token");
+ .getResourceAsStream("test-invalid-signature.token");
String authToken;
try (BufferedReader reader =
@@ -413,6 +413,40 @@
assertEquals(Status.UNAUTHORIZED.getStatusCode(), response.getStatus());
JsonNode node = JsonUtils.readTree(entity);
+ assertEquals(StatusCodes.INVALID_ACCESS_TOKEN, node.at("/errors/0/0").asInt());
+ assertEquals("Json Web Signature (JWS) object verification failed.",
+ node.at("/errors/0/1").asText());
+
+ checkWWWAuthenticateHeader(response);
+ }
+
+ @Test
+ public void testCreateVCWithExpiredToken ()
+ throws IOException, KustvaktException {
+ String json = "{\"name\": \"new vc\",\"type\": \"PRIVATE\","
+ + "\"corpusQuery\": \"corpusSigle=GOE\"}";
+
+ InputStream is = getClass().getClassLoader()
+ .getResourceAsStream("test-expired.token");
+
+ String authToken;
+ try (BufferedReader reader =
+ new BufferedReader(new InputStreamReader(is));) {
+ authToken = reader.readLine();
+ }
+
+ ClientResponse response = resource().path("vc").path("create")
+ .header(Attributes.AUTHORIZATION,
+ AuthenticationScheme.API.displayName() + " "
+ + authToken)
+ .header(HttpHeaders.X_FORWARDED_FOR, "149.27.0.32")
+ .header(HttpHeaders.CONTENT_TYPE, ContentType.APPLICATION_JSON)
+ .entity(json).post(ClientResponse.class);
+
+ String entity = response.getEntity(String.class);
+ assertEquals(Status.UNAUTHORIZED.getStatusCode(), response.getStatus());
+
+ JsonNode node = JsonUtils.readTree(entity);
assertEquals(StatusCodes.EXPIRED, node.at("/errors/0/0").asInt());
assertEquals("Authentication token is expired",
node.at("/errors/0/1").asText());
diff --git a/full/src/test/resources/test-expired.token b/full/src/test/resources/test-expired.token
new file mode 100644
index 0000000..5d49da3
--- /dev/null
+++ b/full/src/test/resources/test-expired.token
@@ -0,0 +1 @@
+eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ0ZXN0VXNlciIsImlzcyI6Imh0dHA6XC9cL2tvcmFwLmlkcy1tYW5uaGVpbS5kZSIsImV4cCI6MTUyODMwMzE5OX0.rmEFpdm8-_iyHGb2tEaJbKBoceiZwnyodixWhyLrU9w
\ No newline at end of file
diff --git a/full/src/test/resources/test-user.token b/full/src/test/resources/test-invalid-signature.token
similarity index 100%
rename from full/src/test/resources/test-user.token
rename to full/src/test/resources/test-invalid-signature.token