Skip to content

Commit

Permalink
Improve code coverage for JWTCreator
Browse files Browse the repository at this point in the history
  • Loading branch information
@skjolber
skjolber committed May 9, 2019
1 parent 988b8cb commit 3758bb7
Show file tree
Hide file tree
Showing 2 changed files with 182 additions and 15 deletions.
19 changes: 9 additions & 10 deletions lib/src/main/java/com/auth0/jwt/JWTCreator.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -335,9 +335,10 @@ public Builder withClaim(String name, List<Object> items) throws IllegalArgument
}

private static boolean validateClaim(Map<?, Object> map) {
// do not accept null values in maps
for (Entry<?, Object> entry : map.entrySet()) {
Object value = entry.getValue();
if(value != null && !isSupported(value)) {
if(value == null || !isSupported(value)) {
return false;
}

Expand All @@ -349,6 +350,7 @@ private static boolean validateClaim(Map<?, Object> map) {
}

private static boolean validateClaim(List<?> list) {
// accept null values in list
for (Object object : list) {
if(object != null && !isSupported(object)) {
return false;
Expand All @@ -359,16 +361,13 @@ private static boolean validateClaim(List<?> list) {

@SuppressWarnings("unchecked")
private static boolean isSupported(Object value) {
if(value != null) {
if(value instanceof List) {
return validateClaim((List<?>)value);
} else if(value instanceof Map) {
return validateClaim((Map<Object, Object>)value);
} else {
return isBasicType(value);
}
if(value instanceof List) {
return validateClaim((List<?>)value);
} else if(value instanceof Map) {
return validateClaim((Map<Object, Object>)value);
} else {
return isBasicType(value);
}
return true;
}

private static boolean isBasicType(Object value) {
Expand Down
178 changes: 173 additions & 5 deletions lib/src/test/java/com/auth0/jwt/JWTCreatorTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,8 @@
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.interfaces.ECDSAKeyProvider;
import com.auth0.jwt.interfaces.RSAKeyProvider;
import com.fasterxml.jackson.databind.ObjectMapper;

import org.apache.commons.codec.binary.Base64;
import org.junit.Rule;
import org.junit.Test;
Expand All @@ -11,8 +13,11 @@
import java.nio.charset.StandardCharsets;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.RSAPrivateKey;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

import static org.hamcrest.Matchers.is;
Expand Down Expand Up @@ -358,18 +363,112 @@ public void shouldAcceptCustomArrayClaimOfTypeLong() throws Exception {
assertThat(parts[1], is("eyJuYW1lIjpbMSwyLDNdfQ"));
}

@Test
public void shouldAcceptCustomClaimOfTypeObject() throws Exception {
@SuppressWarnings("unchecked")
@Test
public void shouldAcceptCustomMapClaimOfBasicObjectTypes() throws Exception {
Map<String, Object> data = new HashMap<>();
data.put("test1", "abc");
data.put("test2", "def");

// simple types
data.put("string", "abc");
data.put("integer", 1);
data.put("long", Long.MAX_VALUE);
data.put("double", 123.456d);
data.put("date", new Date(123L));
data.put("boolean", true);

// array types
data.put("intArray", new Integer[]{3, 5});
data.put("longArray", new Long[]{Long.MAX_VALUE, Long.MIN_VALUE});
data.put("stringArray", new String[]{"string"});

data.put("list", Arrays.asList("a", "b", "c"));

Map<String, Object> sub = new HashMap<>();
sub.put("subKey", "subValue");

data.put("map", sub);

String jwt = JWTCreator.init()
.withClaim("data", data)
.sign(Algorithm.HMAC256("secret"));

assertThat(jwt, is(notNullValue()));
String[] parts = jwt.split("\\.");
assertThat(parts[1], is("eyJkYXRhIjp7InRlc3QyIjoiZGVmIiwidGVzdDEiOiJhYmMifX0"));

String body = new String(Base64.decodeBase64(parts[1]), StandardCharsets.UTF_8);
ObjectMapper mapper = new ObjectMapper();
Map<String, Object> map = (Map<String, Object>) mapper.readValue(body, Map.class).get("data");

assertThat(map.get("string"), is("abc"));
assertThat(map.get("integer"), is(1));
assertThat(map.get("long"), is(Long.MAX_VALUE));
assertThat(map.get("double"), is(123.456d));
assertThat(map.get("date"), is(123));
assertThat(map.get("boolean"), is(true));

// array types
assertThat(map.get("intArray"), is(Arrays.asList(new Integer[]{3, 5})));
assertThat(map.get("longArray"), is(Arrays.asList(new Long[]{Long.MAX_VALUE, Long.MIN_VALUE})));
assertThat(map.get("stringArray"), is(Arrays.asList(new String[]{"string"})));

// list
assertThat(map.get("list"), is(Arrays.asList("a", "b", "c")));
assertThat(map.get("map"), is(sub));

}

@SuppressWarnings("unchecked")
@Test
public void shouldAcceptCustomListClaimOfBasicObjectTypes() throws Exception {
List<Object> data = new ArrayList<>();

// simple types
data.add("abc");
data.add(1);
data.add(Long.MAX_VALUE);
data.add(123.456d);
data.add(new Date(123L));
data.add(true);

// array types
data.add(new Integer[]{3, 5});
data.add(new Long[]{Long.MAX_VALUE, Long.MIN_VALUE});
data.add(new String[]{"string"});

data.add(Arrays.asList("a", "b", "c"));

Map<String, Object> sub = new HashMap<>();
sub.put("subKey", "subValue");

data.add(sub);

String jwt = JWTCreator.init()
.withClaim("data", data)
.sign(Algorithm.HMAC256("secret"));

assertThat(jwt, is(notNullValue()));
String[] parts = jwt.split("\\.");

String body = new String(Base64.decodeBase64(parts[1]), StandardCharsets.UTF_8);
ObjectMapper mapper = new ObjectMapper();
List<Object> list = (List<Object>) mapper.readValue(body, Map.class).get("data");

assertThat(list.get(0), is("abc"));
assertThat(list.get(1), is(1));
assertThat(list.get(2), is(Long.MAX_VALUE));
assertThat(list.get(3), is(123.456d));
assertThat(list.get(4), is(123));
assertThat(list.get(5), is(true));

// array types
assertThat(list.get(6), is(Arrays.asList(new Integer[]{3, 5})));
assertThat(list.get(7), is(Arrays.asList(new Long[]{Long.MAX_VALUE, Long.MIN_VALUE})));
assertThat(list.get(8), is(Arrays.asList(new String[]{"string"})));

// list
assertThat(list.get(9), is(Arrays.asList("a", "b", "c")));
assertThat(list.get(10), is(sub));

}

@Test
Expand All @@ -384,4 +483,73 @@ public void shouldRefuseCustomClaimOfTypeUserPojo() throws Exception{
.sign(Algorithm.HMAC256("secret"));
}

@Test
public void shouldAcceptCustomClaimForNullListItem() throws Exception{
Map<String, Object> data = new HashMap<>();
data.put("test1", Arrays.asList("a", null, "c"));

JWTCreator.init()
.withClaim("pojo", data)
.sign(Algorithm.HMAC256("secret"));
}

@Test
public void shouldRefuseCustomClaimForNullMapValue() throws Exception{
Map<String, Object> data = new HashMap<>();
data.put("subKey", null);

exception.expect(IllegalArgumentException.class);

JWTCreator.init()
.withClaim("pojo", data)
.sign(Algorithm.HMAC256("secret"));
}

@Test
public void shouldRefuseCustomClaimForNullMapKey() throws Exception{
Map<String, Object> data = new HashMap<>();
data.put(null, "subValue");

exception.expect(IllegalArgumentException.class);

JWTCreator.init()
.withClaim("pojo", data)
.sign(Algorithm.HMAC256("secret"));
}

@Test
public void shouldRefuseCustomMapClaimForNonStringKey() throws Exception{
Map data = new HashMap<>();
data.put(new Object(), "value");

exception.expect(IllegalArgumentException.class);

JWTCreator.init()
.withClaim("pojo", (Map<String, Object>)data)
.sign(Algorithm.HMAC256("secret"));
}

@Test
public void shouldRefuseCustomListClaimForUnknownListElement() throws Exception{
List<Object> list = Arrays.asList(new UserPojo("Michael", 255));

exception.expect(IllegalArgumentException.class);

JWTCreator.init()
.withClaim("list", list)
.sign(Algorithm.HMAC256("secret"));
}

@Test
public void shouldRefuseCustomListClaimForUnknownArrayType() throws Exception{
List<Object> list = new ArrayList<>();
list.add(new Object[] {"test"});

exception.expect(IllegalArgumentException.class);

JWTCreator.init()
.withClaim("list", list)
.sign(Algorithm.HMAC256("secret"));
}

}

0 comments on commit 3758bb7

Please sign in to comment.