-
Notifications
You must be signed in to change notification settings - Fork 4
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
signing header + payload, improved tests
- Loading branch information
Showing
16 changed files
with
303 additions
and
381 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
135 changes: 0 additions & 135 deletions
135
packages/signature-verifier/src/lib/__test__/unit/jwt.spec.ts
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
import { base64url } from 'jose' | ||
import { decode } from '../../decode' | ||
import { DECODED_TOKEN, HEADER_PART, SIGNATURE_PART, SIGNED_TOKEN } from './mock' | ||
|
||
describe('decode', () => { | ||
it('decodes a request successfully', async () => { | ||
const jwt = decode(SIGNED_TOKEN) | ||
expect(jwt).toEqual(DECODED_TOKEN) | ||
}) | ||
it('throws an error if token is malformed', async () => { | ||
expect(() => decode('invalid')).toThrow() | ||
}) | ||
it('throws an error if token is formed well with unmeaningful data', async () => { | ||
expect(() => decode('invalid.invalid.invalid')).toThrow() | ||
}) | ||
it('throws an error if payload is invalid with a valid signature', async () => { | ||
const token = `${HEADER_PART}.${'invalid'}.${SIGNATURE_PART}` | ||
expect(() => decode(token)).toThrow() | ||
const encodedPayload = base64url.encode( | ||
JSON.stringify({ requestHash: 'hashedRequest', iat: '1728917', exp: '1728917' }) | ||
) | ||
const token2 = `${HEADER_PART}.${encodedPayload}.${SIGNATURE_PART}` | ||
expect(() => decode(token2)).toThrow() | ||
}) | ||
it('throws an error if header is invalid', async () => { | ||
const encodedHeader = base64url.encode(JSON.stringify({ alg: 'invalid', kid: 'invalid' })) | ||
const token = `${encodedHeader}.${'invalid'}.${SIGNATURE_PART}` | ||
expect(() => decode(token)).toThrow() | ||
}) | ||
}) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,38 @@ | ||
import { generatePrivateKey, privateKeyToAccount } from 'viem/accounts' | ||
import { sign } from '../../sign' | ||
import { Alg, SignatureInput, VerificationInput } from '../../types' | ||
import { verify } from '../../verify' | ||
import { DECODED_TOKEN, EXP, IAT, KID, REQUEST } from './mock' | ||
|
||
describe('flow with viem keypairs', () => { | ||
it('should sign and verify a request successfully', async () => { | ||
const viemPkAlg = Alg.ES256K | ||
const pk = generatePrivateKey() | ||
const { publicKey: viemPk } = privateKeyToAccount(pk) | ||
const expected = { | ||
header: { | ||
...DECODED_TOKEN.header, | ||
alg: viemPkAlg | ||
}, | ||
payload: DECODED_TOKEN.payload, | ||
signature: expect.any(String) | ||
} | ||
const signingInput: SignatureInput = { | ||
request: REQUEST, | ||
privateKey: pk, | ||
algorithm: viemPkAlg, | ||
kid: KID, | ||
iat: IAT, | ||
exp: EXP | ||
} | ||
const jwt = await sign(signingInput) | ||
const verificationInput: VerificationInput = { | ||
request: REQUEST, | ||
rawToken: jwt, | ||
publicKey: viemPk, | ||
algorithm: viemPkAlg | ||
} | ||
const verifiedJwt = await verify(verificationInput) | ||
expect(verifiedJwt).toEqual(expected) | ||
}) | ||
}) |
Oops, something went wrong.