1package jwt_test 2 3import ( 4 "github.com/dgrijalva/jwt-go" 5 "io/ioutil" 6 "strings" 7 "testing" 8) 9 10var hmacTestData = []struct { 11 name string 12 tokenString string 13 alg string 14 claims map[string]interface{} 15 valid bool 16}{ 17 { 18 "web sample", 19 "eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ.dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk", 20 "HS256", 21 map[string]interface{}{"iss": "joe", "exp": 1300819380, "http://example.com/is_root": true}, 22 true, 23 }, 24 { 25 "HS384", 26 "eyJhbGciOiJIUzM4NCIsInR5cCI6IkpXVCJ9.eyJleHAiOjEuMzAwODE5MzhlKzA5LCJodHRwOi8vZXhhbXBsZS5jb20vaXNfcm9vdCI6dHJ1ZSwiaXNzIjoiam9lIn0.KWZEuOD5lbBxZ34g7F-SlVLAQ_r5KApWNWlZIIMyQVz5Zs58a7XdNzj5_0EcNoOy", 27 "HS384", 28 map[string]interface{}{"iss": "joe", "exp": 1300819380, "http://example.com/is_root": true}, 29 true, 30 }, 31 { 32 "HS512", 33 "eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJleHAiOjEuMzAwODE5MzhlKzA5LCJodHRwOi8vZXhhbXBsZS5jb20vaXNfcm9vdCI6dHJ1ZSwiaXNzIjoiam9lIn0.CN7YijRX6Aw1n2jyI2Id1w90ja-DEMYiWixhYCyHnrZ1VfJRaFQz1bEbjjA5Fn4CLYaUG432dEYmSbS4Saokmw", 34 "HS512", 35 map[string]interface{}{"iss": "joe", "exp": 1300819380, "http://example.com/is_root": true}, 36 true, 37 }, 38 { 39 "web sample: invalid", 40 "eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ.dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXo", 41 "HS256", 42 map[string]interface{}{"iss": "joe", "exp": 1300819380, "http://example.com/is_root": true}, 43 false, 44 }, 45} 46 47// Sample data from http://tools.ietf.org/html/draft-jones-json-web-signature-04#appendix-A.1 48var hmacTestKey, _ = ioutil.ReadFile("test/hmacTestKey") 49 50func TestHMACVerify(t *testing.T) { 51 for _, data := range hmacTestData { 52 parts := strings.Split(data.tokenString, ".") 53 54 method := jwt.GetSigningMethod(data.alg) 55 err := method.Verify(strings.Join(parts[0:2], "."), parts[2], hmacTestKey) 56 if data.valid && err != nil { 57 t.Errorf("[%v] Error while verifying key: %v", data.name, err) 58 } 59 if !data.valid && err == nil { 60 t.Errorf("[%v] Invalid key passed validation", data.name) 61 } 62 } 63} 64 65func TestHMACSign(t *testing.T) { 66 for _, data := range hmacTestData { 67 if data.valid { 68 parts := strings.Split(data.tokenString, ".") 69 method := jwt.GetSigningMethod(data.alg) 70 sig, err := method.Sign(strings.Join(parts[0:2], "."), hmacTestKey) 71 if err != nil { 72 t.Errorf("[%v] Error signing token: %v", data.name, err) 73 } 74 if sig != parts[2] { 75 t.Errorf("[%v] Incorrect signature.\nwas:\n%v\nexpecting:\n%v", data.name, sig, parts[2]) 76 } 77 } 78 } 79} 80 81func BenchmarkHS256Signing(b *testing.B) { 82 benchmarkSigning(b, jwt.SigningMethodHS256, hmacTestKey) 83} 84 85func BenchmarkHS384Signing(b *testing.B) { 86 benchmarkSigning(b, jwt.SigningMethodHS384, hmacTestKey) 87} 88 89func BenchmarkHS512Signing(b *testing.B) { 90 benchmarkSigning(b, jwt.SigningMethodHS512, hmacTestKey) 91} 92