Fix the tests

jingming · jingming · commit c6925c18e999 · 2016-11-16T15:11:29.000-08:00
diff --git a/src/main/java/com/twilio/example/ValidationExample.java b/src/main/java/com/twilio/example/ValidationExample.java
@@ -66,4 +66,4 @@ public static void main(String[] args) throws Exception {
         System.out.println(m.getSid());
 
     }
-}
+}
diff --git a/src/main/java/com/twilio/http/ValidationInterceptor.java b/src/main/java/com/twilio/http/ValidationInterceptor.java
@@ -33,4 +33,4 @@ public void process(HttpRequest request, HttpContext context) throws HttpExcepti
         Jwt jwt = ValidationToken.fromHttpRequest(accountSid, credentialSid, signingKeySid, privateKey, request, HEADERS);
         request.addHeader("Twilio-Client-Validation", jwt.toJwt());
     }
-}
+}
diff --git a/src/main/java/com/twilio/jwt/Jwt.java b/src/main/java/com/twilio/jwt/Jwt.java
@@ -4,8 +4,8 @@
 import io.jsonwebtoken.Jwts;
 import io.jsonwebtoken.SignatureAlgorithm;
 
-import java.nio.charset.StandardCharsets;
-import java.security.PrivateKey;
+import javax.crypto.spec.SecretKeySpec;
+import java.security.Key;
 import java.util.Date;
 import java.util.HashMap;
 import java.util.Map;
@@ -16,8 +16,7 @@
 public abstract class Jwt {
 
     private final SignatureAlgorithm algorithm;
-    private final PrivateKey secretKey;
-    private final String secret;
+    private final Key secretKey;
     private final String issuer;
     private final Date expiration;
 
@@ -35,21 +34,29 @@ public Jwt(
         String issuer,
         Date expiration
     ) {
-        this.algorithm = algorithm;
-        this.secret = secret;
-        this.secretKey = null;
-        this.issuer = issuer;
-        this.expiration = expiration;
+        this(
+            algorithm,
+            new SecretKeySpec(secret.getBytes(), algorithm.getJcaName()),
+            issuer,
+            expiration
+        );
     }
 
+    /**
+     * Create a new JWT.
+     *
+     * @param algorithm algorithm to use
+     * @param secretKey secret key
+     * @param issuer JWT issuer
+     * @param expiration expiration Date
+     */
     public Jwt(
         SignatureAlgorithm algorithm,
-        PrivateKey secretKey,
+        Key secretKey,
         String issuer,
         Date expiration
     ) {
         this.algorithm = algorithm;
-        this.secret = null;
         this.secretKey = secretKey;
         this.issuer = issuer;
         this.expiration = expiration;
@@ -67,16 +74,11 @@ public String toJwt() {
 
         JwtBuilder builder =
             Jwts.builder()
+                .signWith(this.algorithm, this.secretKey)
                 .setHeaderParams(headers)
                 .setIssuer(this.issuer)
                 .setExpiration(expiration);
 
-        if (this.secret != null) {
-            builder.signWith(this.algorithm, this.secret.getBytes(StandardCharsets.UTF_8));
-        } else if (this.secretKey != null) {
-            builder.signWith(this.algorithm, this.secretKey);
-        }
-
         if (this.getClaims() != null) {
             for (Map.Entry<String, Object> entry : this.getClaims().entrySet()) {
                 builder.claim(entry.getKey(), entry.getValue());
diff --git a/src/test/java/com/twilio/jwt/validation/ValidationTokenTest.java b/src/test/java/com/twilio/jwt/validation/ValidationTokenTest.java
@@ -1,23 +1,37 @@
 package com.twilio.jwt.validation;
 
 import com.google.common.collect.Lists;
+import com.twilio.jwt.Jwt;
+import io.jsonwebtoken.Claims;
+import io.jsonwebtoken.Jwts;
+import mockit.Expectations;
 import mockit.Mocked;
 import org.apache.http.Header;
 import org.apache.http.HttpEntity;
 import org.apache.http.HttpEntityEnclosingRequest;
 import org.apache.http.message.BasicHeader;
+import org.junit.Assert;
 import org.junit.Before;
+import org.junit.Test;
 
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.nio.charset.StandardCharsets;
+import java.security.KeyPair;
+import java.security.KeyPairGenerator;
+import java.security.PrivateKey;
+import java.util.Date;
 import java.util.List;
 
 public class ValidationTokenTest {
 
     private static final List<String> SIGNED_HEADERS = Lists.newArrayList("host", "authorization");
-//    private static final String CREDENTIAL_SID = "CR123";
+    private static final String ACCOUNT_SID = "AC123";
     private static final String CREDENTIAL_SID = "CR123";
-    private static final String SECRET = "secret";
+    private static final String SIGNING_KEY_SID = "SK123";
 
     private Header[] headers;
+    private PrivateKey privateKey;
 
     @Mocked
     private HttpEntityEnclosingRequest request;
@@ -26,98 +40,107 @@ public class ValidationTokenTest {
     private HttpEntity entity;
 
     @Before
-    public void setup() {
+    public void setup() throws Exception {
         headers = new Header[2];
         headers[0] = new BasicHeader("host", "api.twilio.com");
         headers[1] = new BasicHeader("authorization", "foobar");
+
+        KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
+        keyGen.initialize(2048);
+        KeyPair pair = keyGen.generateKeyPair();
+        privateKey = pair.getPrivate();
+    }
+
+    @Test
+    public void testTokenBuilder() {
+        Jwt jwt = new ValidationToken.Builder(ACCOUNT_SID, CREDENTIAL_SID, SIGNING_KEY_SID, privateKey)
+            .method("GET")
+            .uri("/Messages")
+            .queryString("PageSize=5&Limit=10")
+            .headers(headers)
+            .signedHeaders(SIGNED_HEADERS)
+            .requestBody("foobar")
+            .build();
+
+        Claims claims =
+            Jwts.parser()
+                .setSigningKey(privateKey)
+                .parseClaimsJws(jwt.toJwt())
+                .getBody();
+
+
+        this.validateToken(claims);
+        Assert.assertEquals("authorization;host", claims.get("hrh"));
+        Assert.assertEquals("4dc9b67bed579647914587b0e22a1c65c1641d8674797cd82de65e766cce5f80", claims.get("rqh"));
+    }
+
+    @Test
+    public void testTokenFromHttpRequest() throws IOException {
+        new Expectations() {{
+            request.getRequestLine().getMethod();
+            result = "GET";
+
+            request.getRequestLine().getUri();
+            result = "/Messages?PageSize=5&Limit=10";
+
+            request.getAllHeaders();
+            result = headers;
+        }};
+
+        Jwt jwt = ValidationToken.fromHttpRequest(ACCOUNT_SID, CREDENTIAL_SID, SIGNING_KEY_SID, privateKey, request, SIGNED_HEADERS);
+        Claims claims =
+            Jwts.parser()
+                .setSigningKey(privateKey)
+                .parseClaimsJws(jwt.toJwt())
+                .getBody();
+
+
+        this.validateToken(claims);
+        Assert.assertEquals("authorization;host", claims.get("hrh"));
+        Assert.assertEquals("4b3d2666845a38f00259a5231a08765bb2d12564bc4469fd5b2816204c588967", claims.get("rqh"));
     }
 
-//    @Test
-//    public void testTokenBuilder() {
-//        Jwt jwt = new ValidationToken.Builder(CREDENTIAL_SID, SECRET)
-//            .method("GET")
-//            .uri("/Messages")
-//            .queryString("PageSize=5&Limit=10")
-//            .headers(headers)
-//            .signedHeaders(SIGNED_HEADERS)
-//            .requestBody("foobar")
-//            .build();
-//
-//        Claims claims =
-//            Jwts.parser()
-//                .setSigningKey(SECRET.getBytes())
-//                .parseClaimsJws(jwt.toJwt())
-//                .getBody();
-//
-//
-//        Assert.assertEquals("authorization;host", claims.get("hrh"));
-//        Assert.assertEquals("4dc9b67bed579647914587b0e22a1c65c1641d8674797cd82de65e766cce5f80", claims.get("rqh"));
-//    }
-//
-//    @Test
-//    public void testTokenFromHttpRequest() throws IOException {
-//        new Expectations() {{
-//            request.getRequestLine().getMethod();
-//            result = "GET";
-//
-//            request.getRequestLine().getUri();
-//            result = "/Messages?PageSize=5&Limit=10";
-//
-//            request.getAllHeaders();
-//            result = headers;
-//        }};
-//
-//        Jwt jwt = ValidationToken.fromHttpRequest(CREDENTIAL_SID, SECRET, request, SIGNED_HEADERS);
-//        Claims claims =
-//            Jwts.parser()
-//                .setSigningKey(SECRET.getBytes())
-//                .parseClaimsJws(jwt.toJwt())
-//                .getBody();
-//
-//
-//        Assert.assertEquals("authorization;host", claims.get("hrh"));
-//        Assert.assertEquals("4b3d2666845a38f00259a5231a08765bb2d12564bc4469fd5b2816204c588967", claims.get("rqh"));
-//    }
-//
-//    @Test
-//    public void testTokenFromPostRequest() throws IOException {
-//        new Expectations() {{
-//            request.getRequestLine().getMethod();
-//            result = "POST";
-//
-//            request.getRequestLine().getUri();
-//            result = "/Messages";
-//
-//            request.getAllHeaders();
-//            result = headers;
-//
-//            request.getEntity();
-//            result = entity;
-//
-//            entity.getContent();
-//            result = new ByteArrayInputStream("testbody".getBytes(StandardCharsets.UTF_8));
-//        }};
-//
-//        Jwt jwt = ValidationToken.fromHttpRequest(CREDENTIAL_SID, SECRET, request, SIGNED_HEADERS);
-//        Claims claims =
-//            Jwts.parser()
-//                .setSigningKey(SECRET.getBytes())
-//                .parseClaimsJws(jwt.toJwt())
-//                .getBody();
-//
-//
-//        Assert.assertEquals("authorization;host", claims.get("hrh"));
-//        Assert.assertEquals("bd792c967c20d546c738b94068f5f72758a10d26c12979677501e1eefe58c65a", claims.get("rqh"));
-//    }
-//
-//    private void validateToken(Claims claims) {
-//        Assert.assertEquals(CREDENTIAL_SID, claims.getIssuer());
-//
-//        Assert.assertNotNull(claims.getExpiration());
-//        Assert.assertNotNull(claims.get("hrh"));
-//        Assert.assertNotNull(claims.get("rqh"));
-//
-//        Assert.assertTrue(claims.getExpiration().getTime() > new Date().getTime());
-//    }
+    @Test
+    public void testTokenFromPostRequest() throws IOException {
+        new Expectations() {{
+            request.getRequestLine().getMethod();
+            result = "POST";
+
+            request.getRequestLine().getUri();
+            result = "/Messages";
+
+            request.getAllHeaders();
+            result = headers;
+
+            request.getEntity();
+            result = entity;
+
+            entity.getContent();
+            result = new ByteArrayInputStream("testbody".getBytes(StandardCharsets.UTF_8));
+        }};
+
+        Jwt jwt = ValidationToken.fromHttpRequest(ACCOUNT_SID, CREDENTIAL_SID, SIGNING_KEY_SID, privateKey, request, SIGNED_HEADERS);
+        Claims claims =
+            Jwts.parser()
+                .setSigningKey(privateKey)
+                .parseClaimsJws(jwt.toJwt())
+                .getBody();
+
+
+        this.validateToken(claims);
+        Assert.assertEquals("authorization;host", claims.get("hrh"));
+        Assert.assertEquals("bd792c967c20d546c738b94068f5f72758a10d26c12979677501e1eefe58c65a", claims.get("rqh"));
+    }
+
+    private void validateToken(Claims claims) {
+        Assert.assertEquals(SIGNING_KEY_SID, claims.getIssuer());
+        Assert.assertEquals(ACCOUNT_SID, claims.getSubject());
+
+        Assert.assertNotNull(claims.getExpiration());
+        Assert.assertNotNull(claims.get("hrh"));
+        Assert.assertNotNull(claims.get("rqh"));
+
+        Assert.assertTrue(claims.getExpiration().getTime() > new Date().getTime());
+    }
 
 }

Original file line number	Diff line number	Diff line change
`@@ -66,4 +66,4 @@ public static void main(String[] args) throws Exception {`
`66`	`66`	`System.out.println(m.getSid());`
`67`	`67`
`68`	`68`	`}`
`69`		`-}`
	`69`	`+}`
Original file line number	Diff line number	Diff line change
`@@ -33,4 +33,4 @@ public void process(HttpRequest request, HttpContext context) throws HttpExcepti`
`33`	`33`	`Jwt jwt = ValidationToken.fromHttpRequest(accountSid, credentialSid, signingKeySid, privateKey, request, HEADERS);`
`34`	`34`	`request.addHeader("Twilio-Client-Validation", jwt.toJwt());`
`35`	`35`	`}`
`36`		`-}`
	`36`	`+}`