From bab34b7c7ff5b2a35799920670f1603b032b4547 Mon Sep 17 00:00:00 2001 From: Pierre HUBERT Date: Tue, 9 Apr 2024 18:04:00 +0200 Subject: [PATCH] Add more test to validate JWTs --- virtweb_backend/src/utils/jwt_utils.rs | 50 +++++++++++++++++++++++--- 1 file changed, 45 insertions(+), 5 deletions(-) diff --git a/virtweb_backend/src/utils/jwt_utils.rs b/virtweb_backend/src/utils/jwt_utils.rs index 813f81c..aa379bc 100644 --- a/virtweb_backend/src/utils/jwt_utils.rs +++ b/virtweb_backend/src/utils/jwt_utils.rs @@ -83,18 +83,58 @@ mod test { exp: u64, } + impl Default for Claims { + fn default() -> Self { + Self { + sub: "my-sub".to_string(), + exp: time() + 100, + } + } + } + #[test] fn jwt_encode_sign_verify_valid() { let (pub_key, priv_key) = generate_key_pair().unwrap(); - let claims = Claims { - sub: "my-sub".to_string(), - exp: time() + 100, - }; + let claims = Claims::default(); let jwt = sign_jwt(&priv_key, &claims).expect("Failed to sign JWT!"); let claims_out = validate_jwt(&pub_key, &jwt).expect("Failed to validate JWT!"); assert_eq!(claims, claims_out) } - // TODO : complete tests + #[test] + fn jwt_encode_sign_verify_invalid_key() { + let (_pub_key, priv_key) = generate_key_pair().unwrap(); + let (pub_key_2, _priv_key_2) = generate_key_pair().unwrap(); + let claims = Claims::default(); + let jwt = sign_jwt(&priv_key, &claims).expect("Failed to sign JWT!"); + validate_jwt::(&pub_key_2, &jwt).expect_err("JWT should not have validated!"); + } + + #[test] + fn jwt_verify_random_string() { + let (pub_key, _priv_key) = generate_key_pair().unwrap(); + validate_jwt::(&pub_key, "random_string") + .expect_err("JWT should not have validated!"); + } + + #[test] + fn jwt_expired() { + let (pub_key, priv_key) = generate_key_pair().unwrap(); + let claims = Claims { + exp: time() - 100, + ..Default::default() + }; + let jwt = sign_jwt(&priv_key, &claims).expect("Failed to sign JWT!"); + validate_jwt::(&pub_key, &jwt).expect_err("JWT should not have validated!"); + } + + #[test] + fn jwt_invalid_signature() { + let (pub_key, priv_key) = generate_key_pair().unwrap(); + let claims = Claims::default(); + let jwt = sign_jwt(&priv_key, &claims).expect("Failed to sign JWT!"); + validate_jwt::(&pub_key, &format!("{jwt}bad")) + .expect_err("JWT should not have validated!"); + } }