rs256 test case to verify only

go-chi · Dec 14, 2023 · a77c650 · a77c650
1 parent 4e5a7fd
commit a77c650
Showing 1 changed file with 79 additions and 47 deletions.
diff --git a/jwtauth_test.go b/jwtauth_test.go
@@ -51,53 +51,6 @@ func init() {
 // Tests
 //
 
-func TestSimpleRSA(t *testing.T) {
-	privateKeyBlock, _ := pem.Decode([]byte(PrivateKeyRS256String))
-
-	privateKey, err := x509.ParsePKCS1PrivateKey(privateKeyBlock.Bytes)
-
-	if err != nil {
-		t.Fatalf(err.Error())
-	}
-
-	publicKeyBlock, _ := pem.Decode([]byte(PublicKeyRS256String))
-
-	publicKey, err := x509.ParsePKIXPublicKey(publicKeyBlock.Bytes)
-
-	if err != nil {
-		t.Fatalf(err.Error())
-	}
-
-	TokenAuthRS256 = jwtauth.New(jwa.RS256.String(), privateKey, publicKey)
-
-	claims := map[string]interface{}{
-		"key":  "val",
-		"key2": "val2",
-		"key3": "val3",
-	}
-
-	_, tokenString, err := TokenAuthRS256.Encode(claims)
-
-	if err != nil {
-		t.Fatalf("Failed to encode claims %s\n", err.Error())
-	}
-
-	token, err := TokenAuthRS256.Decode(tokenString)
-
-	if err != nil {
-		t.Fatalf("Failed to decode token string %s\n", err.Error())
-	}
-
-	tokenClaims, err := token.AsMap(context.Background())
-	if err != nil {
-		t.Fatal(err.Error())
-	}
-
-	if !reflect.DeepEqual(claims, tokenClaims) {
-		t.Fatalf("The decoded claims don't match the original ones\n")
-	}
-}
-
 func TestSimple(t *testing.T) {
 	r := chi.NewRouter()
 
@@ -157,6 +110,85 @@ func TestSimple(t *testing.T) {
 	}
 }
 
+func TestSimpleRSA(t *testing.T) {
+	privateKeyBlock, _ := pem.Decode([]byte(PrivateKeyRS256String))
+
+	privateKey, err := x509.ParsePKCS1PrivateKey(privateKeyBlock.Bytes)
+	if err != nil {
+		t.Fatalf(err.Error())
+	}
+
+	publicKeyBlock, _ := pem.Decode([]byte(PublicKeyRS256String))
+
+	publicKey, err := x509.ParsePKIXPublicKey(publicKeyBlock.Bytes)
+	if err != nil {
+		t.Fatalf(err.Error())
+	}
+
+	TokenAuthRS256 = jwtauth.New(jwa.RS256.String(), privateKey, publicKey)
+
+	claims := map[string]interface{}{
+		"key":  "val",
+		"key2": "val2",
+		"key3": "val3",
+	}
+
+	_, tokenString, err := TokenAuthRS256.Encode(claims)
+	if err != nil {
+		t.Fatalf("Failed to encode claims %s\n", err.Error())
+	}
+
+	token, err := TokenAuthRS256.Decode(tokenString)
+	if err != nil {
+		t.Fatalf("Failed to decode token string %s\n", err.Error())
+	}
+
+	tokenClaims, err := token.AsMap(context.Background())
+	if err != nil {
+		t.Fatal(err.Error())
+	}
+
+	if !reflect.DeepEqual(claims, tokenClaims) {
+		t.Fatalf("The decoded claims don't match the original ones\n")
+	}
+}
+
+func TestSimpleRSAVerifyOnly(t *testing.T) {
+	tokenString := "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJrZXkiOiJ2YWwiLCJrZXkyIjoidmFsMiIsImtleTMiOiJ2YWwzIn0.kLEK3FZZPsAlQNKR5yHyjRyrlCJFhvKmrh7o-GqDT_zaGQgvb0Dufp8uNSMeOFAlLGK5FbKX7BckjJqfvEyrTQ"
+	claims := map[string]interface{}{
+		"key":  "val",
+		"key2": "val2",
+		"key3": "val3",
+	}
+
+	publicKeyBlock, _ := pem.Decode([]byte(PublicKeyRS256String))
+	publicKey, err := x509.ParsePKIXPublicKey(publicKeyBlock.Bytes)
+	if err != nil {
+		t.Fatalf(err.Error())
+	}
+
+	TokenAuthRS256 = jwtauth.New(jwa.RS256.String(), nil, publicKey)
+
+	_, _, err = TokenAuthRS256.Encode(claims)
+	if err == nil {
+		t.Fatalf("Expecting error when encoding claims without signing key")
+	}
+
+	token, err := TokenAuthRS256.Decode(tokenString)
+	if err != nil {
+		t.Fatalf("Failed to decode token string %s\n", err.Error())
+	}
+
+	tokenClaims, err := token.AsMap(context.Background())
+	if err != nil {
+		t.Fatal(err.Error())
+	}
+
+	if !reflect.DeepEqual(claims, tokenClaims) {
+		t.Fatalf("The decoded claims don't match the original ones\n")
+	}
+}
+
 func TestMore(t *testing.T) {
 	r := chi.NewRouter()