Skip to content
This repository was archived by the owner on Apr 15, 2026. It is now read-only.

Commit aad2705

Browse files
corbadomancorbadoman
committed
Optimized JWT unit tests
1 parent afbf47a commit aad2705

1 file changed

Lines changed: 23 additions & 9 deletions

File tree

src/test/java/com/corbado/unit/SessionServiceTest.java

Lines changed: 23 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,6 @@
1919
import java.security.spec.PKCS8EncodedKeySpec;
2020
import java.util.ArrayList;
2121
import java.util.Base64;
22-
import java.util.Collections;
2322
import java.util.Date;
2423
import java.util.List;
2524
import java.util.Map;
@@ -42,6 +41,7 @@
4241
import com.auth0.jwk.SigningKeyNotFoundException;
4342
import com.auth0.jwt.JWT;
4443
import com.auth0.jwt.algorithms.Algorithm;
44+
import com.auth0.jwt.exceptions.AlgorithmMismatchException;
4545
import com.auth0.jwt.exceptions.IncorrectClaimException;
4646
import com.auth0.jwt.exceptions.JWTDecodeException;
4747
import com.auth0.jwt.exceptions.JWTVerificationException;
@@ -143,7 +143,7 @@ void test_testDataIsPresent() throws InvalidKeySpecException, NoSuchAlgorithmExc
143143
*/
144144
@Test
145145
void test_testGenerateJwt() throws InvalidKeySpecException, NoSuchAlgorithmException {
146-
assertNotNull(generateJwt("1", 3, 4));
146+
assertNotNull(generateJwt("1", 3, 4, Algorithm.RSA256(privateKey)));
147147
}
148148

149149
/**
@@ -243,7 +243,8 @@ static List<Object[]> provideJwts() throws InvalidKeySpecException, NoSuchAlgori
243243
generateJwt(
244244
"https://auth.acme.com",
245245
System.currentTimeMillis() / 1000 + 100,
246-
System.currentTimeMillis() / 1000 + 100),
246+
System.currentTimeMillis() / 1000 + 100,
247+
Algorithm.RSA256(privateKey)),
247248
IncorrectClaimException.class
248249
});
249250

@@ -253,7 +254,8 @@ static List<Object[]> provideJwts() throws InvalidKeySpecException, NoSuchAlgori
253254
generateJwt(
254255
"https://auth.acme.com",
255256
System.currentTimeMillis() / 1000 - 100,
256-
System.currentTimeMillis() / 1000 - 100),
257+
System.currentTimeMillis() / 1000 - 100,
258+
Algorithm.RSA256(privateKey)),
257259
TokenExpiredException.class
258260
});
259261

@@ -263,17 +265,30 @@ static List<Object[]> provideJwts() throws InvalidKeySpecException, NoSuchAlgori
263265
generateJwt(
264266
"https://invalid.com",
265267
System.currentTimeMillis() / 1000 + 100,
266-
System.currentTimeMillis() / 1000 - 100),
268+
System.currentTimeMillis() / 1000 - 100,
269+
Algorithm.RSA256(privateKey)),
267270
IncorrectClaimException.class
268271
});
269272

273+
// Invalid alg "none"
274+
testData.add(
275+
new Object[] {
276+
generateJwt(
277+
"https://auth.acme.com",
278+
System.currentTimeMillis() / 1000 + 100,
279+
System.currentTimeMillis() / 1000 - 100,
280+
Algorithm.none()),
281+
AlgorithmMismatchException.class
282+
});
283+
270284
// Success
271285
testData.add(
272286
new Object[] {
273287
generateJwt(
274288
"https://auth.acme.com",
275289
System.currentTimeMillis() / 1000 + 100,
276-
System.currentTimeMillis() / 1000 - 100),
290+
System.currentTimeMillis() / 1000 - 100,
291+
Algorithm.RSA256(privateKey)),
277292
null
278293
});
279294

@@ -317,12 +332,11 @@ private static RSAPrivateKey readPrivateKey(final String privateKeyPath)
317332
* @throws InvalidKeySpecException the invalid key spec exception
318333
* @throws NoSuchAlgorithmException the no such algorithm exception
319334
*/
320-
private static String generateJwt(final String iss, final long exp, final long nbf)
335+
private static String generateJwt(final String iss, final long exp, final long nbf, final Algorithm algorithm)
321336
throws InvalidKeySpecException, NoSuchAlgorithmException {
322337

323-
final Algorithm algorithm = Algorithm.RSA256(privateKey);
324338
return JWT.create()
325-
.withHeader(Collections.singletonMap("kid", "kid123"))
339+
.withHeader(Map.of("kid", "kid123"))
326340
.withIssuer(iss)
327341
.withIssuedAt(new Date())
328342
.withExpiresAt(new Date(exp * 1000L))

0 commit comments

Comments
 (0)