#!/usr/bin/env perl
sub
is_d {
my
(
$got
,
$expected
,
$test_name
) =
@_
;
local
$Data::Dumper::Terse
= 1;
is(Data::Dumper->Dump([
$got
]), Data::Dumper->Dump([
$expected
]),
$test_name
);
}
my
$payload
= {
foo
=>
'bar'
};
{
my
$name
=
'encodes and decodes JWTs'
;
my
$secret
=
'secret'
;
my
$jwt
= Acme::JWT->encode(
$payload
,
$secret
);
my
$decoded_payload
= Acme::JWT->decode(
$jwt
,
$secret
);
is_d
$decoded_payload
,
$payload
,
$name
;
}
{
my
$algorithm
=
'HS512'
;
if
(
$Acme::JWT::has_sha2
) {
$algorithm
=
'RS256'
;
}
my
$name
=
'encodes and decodes JWTs for RSA signaturese'
;
my
$rsa
= Crypt::OpenSSL::RSA->generate_key(512);
my
$jwt
= Acme::JWT->encode(
$payload
,
$rsa
->get_private_key_string,
$algorithm
);
my
$decoded_payload
= Acme::JWT->decode(
$jwt
,
$rsa
->get_public_key_string);
is_d
$decoded_payload
,
$payload
,
$name
;
}
{
my
$name
=
'decodes valid JWTs'
;
my
$example_payload
= {
hello
=>
'world'
};
my
$example_secret
=
'secret'
;
my
$example_jwt
=
'eyJhbGciOiAiSFMyNTYiLCAidHlwIjogIkpXVCJ9.eyJoZWxsbyI6ICJ3b3JsZCJ9.tvagLDLoaiJKxOKqpBXSEGy7SYSifZhjntgm9ctpyj8'
;
my
$decoded_payload
= Acme::JWT->decode(
$example_jwt
,
$example_secret
);
is_d
$decoded_payload
,
$example_payload
,
$name
;
}
{
my
$name
=
'raises exception with wrong hmac key'
;
my
$right_secret
=
'foo'
;
my
$bad_secret
=
'bar'
;
my
$jwt_message
= Acme::JWT->encode(
$payload
,
$right_secret
,
'HS256'
);
eval
{
Acme::JWT->decode(
$jwt_message
,
$bad_secret
);
};
like $@,
qr/^Signature verifacation failed/
,
$name
;
}
{
my
$name
=
'raises exception with wrong rsa key'
;
my
$right_rsa
= Crypt::OpenSSL::RSA->generate_key(512);
my
$bad_rsa
= Crypt::OpenSSL::RSA->generate_key(512);
my
$jwt
= Acme::JWT->encode(
$payload
,
$right_rsa
->get_private_key_string,
'RS256'
);
eval
{
Acme::JWT->decode(
$jwt
,
$bad_rsa
->get_public_key_string);
};
like $@,
qr/^Signature verifacation failed/
,
$name
;
}
{
my
$name
=
'allows decoding without key'
;
my
$right_secret
=
'foo'
;
my
$bad_secret
=
'bar'
;
my
$jwt
= Acme::JWT->encode(
$payload
,
$right_secret
);
my
$decoded_payload
= Acme::JWT->decode(
$jwt
,
$bad_secret
, 0);
is_d
$decoded_payload
,
$payload
,
$name
;
}
{
my
$name
=
'raises exception on unsupported crypto algorithm'
;
eval
{
Acme::JWT->encode(
$payload
,
'secret'
,
'HS1024'
);
};
like $@,
qr/^Unsupported signing method/
,
$name
;
}
{
my
$name
=
'encodes and decodes plaintext JWTs'
;
my
$jwt
= Acme::JWT->encode(
$payload
,
undef
, 0);
is((
my
@a
=
split
(/\./,
$jwt
)), 2,
$name
.
'(length)'
);
my
$decoded_payload
= Acme::JWT->decode(
$jwt
,
undef
, 0);
is_d
$decoded_payload
,
$payload
,
$name
;
}
done_testing;