Class TokenUtils
- java.lang.Object
-
- org.eclipse.microprofile.jwt.tck.util.TokenUtils
-
public class TokenUtils extends Object
Utilities for generating a JWT for testing
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static class
TokenUtils.InvalidClaims
Enums to indicate which claims should be set to invalid values for testing failure modes
-
Method Summary
All Methods Static Methods Concrete Methods Deprecated Methods Modifier and Type Method Description static int
currentTimeInSecs()
static ECPrivateKey
decodeECPrivateKey(String pemEncoded)
Decode a PEM encoded private key string to an EC PrivateKeystatic ECPublicKey
decodeECPublicKey(String pemEncoded)
Decode a PEM encoded public key string to an EC PublicKeystatic RSAPrivateKey
decodePrivateKey(String pemEncoded)
Decode a PEM encoded private key string to an RSA PrivateKeystatic RSAPublicKey
decodePublicKey(String pemEncoded)
Decode a PEM encoded public key string to an RSA PublicKeystatic String
encryptClaims(String jsonResName)
Utility method to generate a JWT string from a JSON resource file that is encrypted by the publicKey.pem test resource key.static String
encryptClaims(String jsonResName, Set<TokenUtils.InvalidClaims> invalidClaims)
Utility method to generate a JWT string from a JSON resource file that is encrypted by the publicKey.pem test resource key, possibly with invalid fields.static String
encryptClaims(String jsonResName, Set<TokenUtils.InvalidClaims> invalidClaims, Map<String,Long> timeClaims)
Utility method to generate a JWT string from a JSON resource file that is encrypted by the publicKey.pem test resource key, possibly with invalid fields.static String
encryptClaims(PublicKey pk, String jsonResName)
Utility method to generate a JWT string from a JSON resource file that is encrypted by the public key.static String
encryptClaims(PublicKey pk, String kid, String jsonResName)
Utility method to generate a JWT string from a JSON resource file that is encrypted by the public key.static String
encryptClaims(PublicKey pk, String kid, String jsonResName, Set<TokenUtils.InvalidClaims> invalidClaims, Map<String,Long> timeClaims)
Utility method to generate a JWT string from a JSON resource file that is encrypted by the public key, possibly with invalid fields.static String
encryptClaims(PublicKey pk, KeyManagementAlgorithm keyAlgorithm, String kid, String jsonResName, Set<TokenUtils.InvalidClaims> invalidClaims, Map<String,Long> timeClaims)
Utility method to generate a JWT string from a JSON resource file that is encrypted by the public key, possibly with invalid fields.static KeyPair
generateKeyPair(int keySize)
Generate a new RSA keypair.static String
generateTokenString(String jsonResName)
Deprecated.static String
generateTokenString(String jsonResName, Set<TokenUtils.InvalidClaims> invalidClaims)
Deprecated.static String
generateTokenString(String jsonResName, Set<TokenUtils.InvalidClaims> invalidClaims, Map<String,Long> timeClaims)
Deprecated.static String
generateTokenString(PrivateKey pk, String kid, String jsonResName, Set<TokenUtils.InvalidClaims> invalidClaims, Map<String,Long> timeClaims)
Deprecated.static ECPrivateKey
readECPrivateKey(String pemResName)
Read a PEM encoded EC private key from the classpathstatic ECPublicKey
readECPublicKey(String pemResName)
Read a PEM encoded EC public key from the classpathstatic PrivateKey
readJwkPrivateKey(String jwkResName)
Read a private key in JWK format from the classpathstatic PublicKey
readJwkPublicKey(String jwkResName)
Read a public key in JWK format from the classpathstatic RSAPrivateKey
readPrivateKey(String pemResName)
Read a PEM encoded RSA private key from the classpathstatic RSAPublicKey
readPublicKey(String pemResName)
Read a PEM encoded RSA public key from the classpathstatic String
readResource(String resName)
Read a classpath resource into a string and return it.static String
signClaims(String jsonResName)
Utility method to generate a JWT string from a JSON resource file that is signed by the privateKey.pem test resource key using RS256 algorithm.static String
signClaims(String jsonResName, SignatureAlgorithm algorithm)
Utility method to generate a JWT string from a JSON resource file that is signed by the privateKey.pem test resource key using either RS256 or ES256 algorithm.static String
signClaims(String jsonResName, SignatureAlgorithm algorithm, Set<TokenUtils.InvalidClaims> invalidClaims)
Utility method to generate a JWT string from a JSON resource file that is signed by the privateKey.pem test resource key using either RS256 or ES256 algorithm, possibly with invalid fields.static String
signClaims(String jsonResName, SignatureAlgorithm algorithm, Set<TokenUtils.InvalidClaims> invalidClaims, Map<String,Long> timeClaims)
Utility method to generate a JWT string from a JSON resource file that is signed by either the privateKey.pem test resource using RS256 algorithm or the ecPrivateKey.pem test resource using ES256 algorithm, possibly with invalid fields and custom time claims.static String
signClaims(PrivateKey pk, String kid, String jsonResName)
Utility method to generate a JWT string from a JSON resource file that is signed by the private key using either RS256 or ES256 algorithm.static String
signClaims(PrivateKey pk, String kid, String jsonResName, Set<TokenUtils.InvalidClaims> invalidClaims, Map<String,Long> timeClaims)
Utility method to generate a JWT string from a JSON resource file that is signed by the private key using either RS256 or ES256 algorithm, possibly with invalid fields.static String
signEncryptClaims(String jsonResName)
Utility method to generate a JWT string from a JSON resource file by signing it first with the privateKey.pem test resource using RS256 algorithm and encrypting next with the publicKey.pem test resource.static String
signEncryptClaims(String jsonResName, SignatureAlgorithm signatureAlgorithm)
Utility method to generate a JWT string from a JSON resource file by signing it first by either the privateKey.pem test resource using RS256 algorithm or the ecPrivateKey.pem test resource using ES256 algorithm and encrypting it next with the publicKey.pem test resource.static String
signEncryptClaims(PrivateKey signingKey, String signingKid, PublicKey encryptionKey, String encryptionKid, String jsonResName)
Utility method to generate a JWT string from a JSON resource file by signing it first with the private key using RS256 algorithm and and encrypting next with the public key.static String
signEncryptClaims(PrivateKey signingKey, String signingKid, PublicKey encryptionKey, String encryptionKid, String jsonResName, boolean setContentType)
Utility method to generate a JWT string from a JSON resource file by signing it first with the private key using RS256 algorithm and encrypting next with the public key with an option to skip setting a content-type 'cty' parameter.static String
signEncryptClaims(PrivateKey signingKey, String signingKid, PublicKey encryptionKey, KeyManagementAlgorithm keyAlgorithm, String encryptionKid, String jsonResName, boolean setContentType)
Utility method to generate a JWT string from a JSON resource file by signing it first with the private key using RS256 algorithm and encrypting next with the public key with an option to skip setting a content-type 'cty' parameter.static String
signEncryptClaims(PrivateKey signingKey, PublicKey encryptionKey, String jsonResName)
Utility method to generate a JWT string from a JSON resource file by signing it first with the private key using RS256 algorithm and encrypting next with the public key.
-
-
-
Method Detail
-
generateTokenString
@Deprecated public static String generateTokenString(String jsonResName) throws Exception
Deprecated.Utility method to generate a JWT string from a JSON resource file that is signed by the privateKey.pem test resource key using RS256 algorithm.- Parameters:
jsonResName
- - name of test resources file- Returns:
- the JWT string
- Throws:
Exception
- on parse failure
-
signClaims
public static String signClaims(String jsonResName) throws Exception
Utility method to generate a JWT string from a JSON resource file that is signed by the privateKey.pem test resource key using RS256 algorithm.- Parameters:
jsonResName
- - name of test resources file- Returns:
- the JWT string
- Throws:
Exception
- on parse failure
-
signClaims
public static String signClaims(String jsonResName, SignatureAlgorithm algorithm) throws Exception
Utility method to generate a JWT string from a JSON resource file that is signed by the privateKey.pem test resource key using either RS256 or ES256 algorithm.- Parameters:
jsonResName
- - name of test resources filealgorithm
- - signature algorithm- Returns:
- the JWT string
- Throws:
Exception
- on parse failure
-
generateTokenString
@Deprecated public static String generateTokenString(String jsonResName, Set<TokenUtils.InvalidClaims> invalidClaims) throws Exception
Deprecated.Utility method to generate a JWT string from a JSON resource file that is signed by the privateKey.pem test resource key using RS256 algorithm, possibly with invalid fields.- Parameters:
jsonResName
- - name of test resources fileinvalidClaims
- - the set of claims that should be added with invalid values to test failure modes- Returns:
- the JWT string
- Throws:
Exception
- on parse failure
-
signClaims
public static String signClaims(String jsonResName, SignatureAlgorithm algorithm, Set<TokenUtils.InvalidClaims> invalidClaims) throws Exception
Utility method to generate a JWT string from a JSON resource file that is signed by the privateKey.pem test resource key using either RS256 or ES256 algorithm, possibly with invalid fields.- Parameters:
jsonResName
- - name of test resources filealgorithm
- - signature algorithminvalidClaims
- - the set of claims that should be added with invalid values to test failure modes- Returns:
- the JWT string
- Throws:
Exception
- on parse failure
-
generateTokenString
@Deprecated public static String generateTokenString(String jsonResName, Set<TokenUtils.InvalidClaims> invalidClaims, Map<String,Long> timeClaims) throws Exception
Deprecated.Utility method to generate a JWT string from a JSON resource file that is signed by the privateKey.pem test resource key using RS256 algorithm, possibly with invalid fields and custom time fields.- Parameters:
jsonResName
- - name of test resources fileinvalidClaims
- - the set of claims that should be added with invalid values to test failure modestimeClaims
- - used to return the exp, iat, auth_time claims- Returns:
- the JWT string
- Throws:
Exception
- on parse failure
-
signClaims
public static String signClaims(String jsonResName, SignatureAlgorithm algorithm, Set<TokenUtils.InvalidClaims> invalidClaims, Map<String,Long> timeClaims) throws Exception
Utility method to generate a JWT string from a JSON resource file that is signed by either the privateKey.pem test resource using RS256 algorithm or the ecPrivateKey.pem test resource using ES256 algorithm, possibly with invalid fields and custom time claims.- Parameters:
jsonResName
- - name of test resources filealgorithm
- - signature algorithminvalidClaims
- - the set of claims that should be added with invalid values to test failure modestimeClaims
- - used to return the exp, iat, auth_time claims- Returns:
- the JWT string
- Throws:
Exception
- on parse failure
-
generateTokenString
@Deprecated public static String generateTokenString(PrivateKey pk, String kid, String jsonResName, Set<TokenUtils.InvalidClaims> invalidClaims, Map<String,Long> timeClaims) throws Exception
Deprecated.Utility method to generate a JWT string from a JSON resource file that is signed by the private key test resource key using either RS256 or ES256 algorithm, possibly with invalid fields.- Parameters:
pk
- - the private key to sign the token withkid
- - the kid header to assign to the tokenjsonResName
- - name of test resources fileinvalidClaims
- - the set of claims that should be added with invalid values to test failure modestimeClaims
- - used to return the exp, iat, auth_time claims- Returns:
- the JWT string
- Throws:
Exception
- on parse failure
-
signClaims
public static String signClaims(PrivateKey pk, String kid, String jsonResName) throws Exception
Utility method to generate a JWT string from a JSON resource file that is signed by the private key using either RS256 or ES256 algorithm.- Parameters:
pk
- - the private key to sign the token withkid
- - the kid claim to assign to the tokenjsonResName
- - name of test resources file- Returns:
- the JWT string
- Throws:
Exception
- on parse failure
-
signClaims
public static String signClaims(PrivateKey pk, String kid, String jsonResName, Set<TokenUtils.InvalidClaims> invalidClaims, Map<String,Long> timeClaims) throws Exception
Utility method to generate a JWT string from a JSON resource file that is signed by the private key using either RS256 or ES256 algorithm, possibly with invalid fields.- Parameters:
pk
- - the private key to sign the token withkid
- - the kid claim to assign to the tokenjsonResName
- - name of test resources fileinvalidClaims
- - the set of claims that should be added with invalid values to test failure modestimeClaims
- - used to return the exp, iat, auth_time claims- Returns:
- the JWT string
- Throws:
Exception
- on parse failure
-
encryptClaims
public static String encryptClaims(String jsonResName) throws Exception
Utility method to generate a JWT string from a JSON resource file that is encrypted by the publicKey.pem test resource key.- Parameters:
jsonResName
- - name of test resources file- Returns:
- the JWT string
- Throws:
Exception
- on parse failure
-
encryptClaims
public static String encryptClaims(String jsonResName, Set<TokenUtils.InvalidClaims> invalidClaims) throws Exception
Utility method to generate a JWT string from a JSON resource file that is encrypted by the publicKey.pem test resource key, possibly with invalid fields.- Parameters:
jsonResName
- - name of test resources fileinvalidClaims
- - the set of claims that should be added with invalid values to test failure modes- Returns:
- the JWT string
- Throws:
Exception
- on parse failure
-
encryptClaims
public static String encryptClaims(String jsonResName, Set<TokenUtils.InvalidClaims> invalidClaims, Map<String,Long> timeClaims) throws Exception
Utility method to generate a JWT string from a JSON resource file that is encrypted by the publicKey.pem test resource key, possibly with invalid fields.- Parameters:
jsonResName
- - name of test resources fileinvalidClaims
- - the set of claims that should be added with invalid values to test failure modestimeClaims
- - used to return the exp, iat, auth_time claims- Returns:
- the JWT string
- Throws:
Exception
- on parse failure
-
encryptClaims
public static String encryptClaims(PublicKey pk, String jsonResName) throws Exception
Utility method to generate a JWT string from a JSON resource file that is encrypted by the public key.- Parameters:
pk
- - the public key to encrypt the token withjsonResName
- - name of test resources file- Returns:
- the JWT string
- Throws:
Exception
- on parse failure
-
encryptClaims
public static String encryptClaims(PublicKey pk, String kid, String jsonResName) throws Exception
Utility method to generate a JWT string from a JSON resource file that is encrypted by the public key.- Parameters:
pk
- - the public key to encrypt the token withkid
- - the kid header to assign to the tokenjsonResName
- - name of test resources file- Returns:
- the JWT string
- Throws:
Exception
- on parse failure
-
encryptClaims
public static String encryptClaims(PublicKey pk, String kid, String jsonResName, Set<TokenUtils.InvalidClaims> invalidClaims, Map<String,Long> timeClaims) throws Exception
Utility method to generate a JWT string from a JSON resource file that is encrypted by the public key, possibly with invalid fields.- Parameters:
pk
- - the public key to encrypt the token withkid
- - the kid header to assign to the tokenjsonResName
- - name of test resources fileinvalidClaims
- - the set of claims that should be added with invalid values to test failure modestimeClaims
- - used to return the exp, iat, auth_time claims- Returns:
- the JWT string
- Throws:
Exception
- on parse failure
-
encryptClaims
public static String encryptClaims(PublicKey pk, KeyManagementAlgorithm keyAlgorithm, String kid, String jsonResName, Set<TokenUtils.InvalidClaims> invalidClaims, Map<String,Long> timeClaims) throws Exception
Utility method to generate a JWT string from a JSON resource file that is encrypted by the public key, possibly with invalid fields.- Parameters:
pk
- - the public key to encrypt the token withkeyAlgorithm
- - the key encryption algorithmkid
- - the kid header to assign to the tokenjsonResName
- - name of test resources fileinvalidClaims
- - the set of claims that should be added with invalid values to test failure modestimeClaims
- - used to return the exp, iat, auth_time claims- Returns:
- the JWT string
- Throws:
Exception
- on parse failure
-
signEncryptClaims
public static String signEncryptClaims(String jsonResName) throws Exception
Utility method to generate a JWT string from a JSON resource file by signing it first with the privateKey.pem test resource using RS256 algorithm and encrypting next with the publicKey.pem test resource.- Parameters:
jsonResName
- - name of test resources file- Returns:
- the JWT string
- Throws:
Exception
- on parse failure
-
signEncryptClaims
public static String signEncryptClaims(String jsonResName, SignatureAlgorithm signatureAlgorithm) throws Exception
Utility method to generate a JWT string from a JSON resource file by signing it first by either the privateKey.pem test resource using RS256 algorithm or the ecPrivateKey.pem test resource using ES256 algorithm and encrypting it next with the publicKey.pem test resource.- Parameters:
jsonResName
- - name of test resources filesignatureAlgorithm
- - signature algorithm- Returns:
- the JWT string
- Throws:
Exception
- on parse failure
-
signEncryptClaims
public static String signEncryptClaims(PrivateKey signingKey, PublicKey encryptionKey, String jsonResName) throws Exception
Utility method to generate a JWT string from a JSON resource file by signing it first with the private key using RS256 algorithm and encrypting next with the public key.- Parameters:
signingKey
- - the private key to sign the token withencryptionKey
- - the public key to encrypt the token withjsonResName
- - name of test resources file- Returns:
- the JWT string
- Throws:
Exception
- on parse failure
-
signEncryptClaims
public static String signEncryptClaims(PrivateKey signingKey, String signingKid, PublicKey encryptionKey, String encryptionKid, String jsonResName) throws Exception
Utility method to generate a JWT string from a JSON resource file by signing it first with the private key using RS256 algorithm and and encrypting next with the public key.- Parameters:
signingKey
- - the private key to sign the token withsigningKid
- - the signing key identifierencryptionKey
- - the public key to encrypt the token withencryptionKid
- - the encryption key identifierjsonResName
- - name of test resources file- Returns:
- the JWT string
- Throws:
Exception
- on parse failure
-
signEncryptClaims
public static String signEncryptClaims(PrivateKey signingKey, String signingKid, PublicKey encryptionKey, String encryptionKid, String jsonResName, boolean setContentType) throws Exception
Utility method to generate a JWT string from a JSON resource file by signing it first with the private key using RS256 algorithm and encrypting next with the public key with an option to skip setting a content-type 'cty' parameter.- Parameters:
signingKey
- - the private key to sign the token withsigningKid
- - the signing key identifierencryptionKey
- - the public key to encrypt the token withencryptionKid
- - the encryption key identifierjsonResName
- - name of test resources filesetContentType
- - set a content-type 'cty' parameter if true- Returns:
- the JWT string
- Throws:
Exception
- on parse failure
-
signEncryptClaims
public static String signEncryptClaims(PrivateKey signingKey, String signingKid, PublicKey encryptionKey, KeyManagementAlgorithm keyAlgorithm, String encryptionKid, String jsonResName, boolean setContentType) throws Exception
Utility method to generate a JWT string from a JSON resource file by signing it first with the private key using RS256 algorithm and encrypting next with the public key with an option to skip setting a content-type 'cty' parameter.- Parameters:
signingKey
- - the private key to sign the token withsigningKid
- - the signing key identifierencryptionKey
- - the public key to encrypt the token withkeyEncryptionAlgorithm
- - the key encryption algorithmencryptionKid
- - the encryption key identifierjsonResName
- - name of test resources filesetContentType
- - set a content-type 'cty' parameter if true- Returns:
- the JWT string
- Throws:
Exception
- on parse failure
-
readResource
public static String readResource(String resName) throws IOException
Read a classpath resource into a string and return it.- Parameters:
resName
- - classpath resource name- Returns:
- the resource content as a string
- Throws:
IOException
- - on failure
-
readPrivateKey
public static RSAPrivateKey readPrivateKey(String pemResName) throws Exception
Read a PEM encoded RSA private key from the classpath- Parameters:
pemResName
- - key file resource name- Returns:
- RSAPrivateKey
- Throws:
Exception
- on decode failure
-
readECPrivateKey
public static ECPrivateKey readECPrivateKey(String pemResName) throws Exception
Read a PEM encoded EC private key from the classpath- Parameters:
pemResName
- - key file resource name- Returns:
- ECPrivateKey
- Throws:
Exception
- on decode failure
-
readPublicKey
public static RSAPublicKey readPublicKey(String pemResName) throws Exception
Read a PEM encoded RSA public key from the classpath- Parameters:
pemResName
- - key file resource name- Returns:
- RSAPublicKey
- Throws:
Exception
- on decode failure
-
readECPublicKey
public static ECPublicKey readECPublicKey(String pemResName) throws Exception
Read a PEM encoded EC public key from the classpath- Parameters:
pemResName
- - key file resource name- Returns:
- ECPublicKey
- Throws:
Exception
- on decode failure
-
readJwkPublicKey
public static PublicKey readJwkPublicKey(String jwkResName) throws Exception
Read a public key in JWK format from the classpath- Parameters:
jwkResName
- - key file resource name- Returns:
- PublicKey
- Throws:
Exception
- on decode failure
-
readJwkPrivateKey
public static PrivateKey readJwkPrivateKey(String jwkResName) throws Exception
Read a private key in JWK format from the classpath- Parameters:
jwkResName
- - key file resource name- Returns:
- PublicKey
- Throws:
Exception
- on decode failure
-
generateKeyPair
public static KeyPair generateKeyPair(int keySize) throws NoSuchAlgorithmException
Generate a new RSA keypair.- Parameters:
keySize
- - the size of the key- Returns:
- KeyPair
- Throws:
NoSuchAlgorithmException
- on failure to load RSA key generator
-
decodePrivateKey
public static RSAPrivateKey decodePrivateKey(String pemEncoded) throws Exception
Decode a PEM encoded private key string to an RSA PrivateKey- Parameters:
pemEncoded
- - PEM string for private key- Returns:
- RSAPrivateKey
- Throws:
Exception
- on decode failure
-
decodeECPrivateKey
public static ECPrivateKey decodeECPrivateKey(String pemEncoded) throws Exception
Decode a PEM encoded private key string to an EC PrivateKey- Parameters:
pemEncoded
- - PEM string for private key- Returns:
- ECPrivateKey
- Throws:
Exception
- on decode failure
-
decodePublicKey
public static RSAPublicKey decodePublicKey(String pemEncoded) throws Exception
Decode a PEM encoded public key string to an RSA PublicKey- Parameters:
pemEncoded
- - PEM string for private key- Returns:
- RSAPublicKey
- Throws:
Exception
- on decode failure
-
decodeECPublicKey
public static ECPublicKey decodeECPublicKey(String pemEncoded) throws Exception
Decode a PEM encoded public key string to an EC PublicKey- Parameters:
pemEncoded
- - PEM string for private key- Returns:
- ECPublicKey
- Throws:
Exception
- on decode failure
-
currentTimeInSecs
public static int currentTimeInSecs()
- Returns:
- the current time in seconds since epoch
-
-