diff --git a/src/test/java/ca/islandora/syn/token/VerifierTest.java b/src/test/java/ca/islandora/syn/token/VerifierTest.java index 7d803fa..9933556 100644 --- a/src/test/java/ca/islandora/syn/token/VerifierTest.java +++ b/src/test/java/ca/islandora/syn/token/VerifierTest.java @@ -2,24 +2,36 @@ import static junit.framework.TestCase.assertNull; import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertTrue; import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertTrue; -import com.auth0.jwt.JWT; -import com.auth0.jwt.algorithms.Algorithm; -import org.junit.Test; import java.security.KeyPair; import java.security.KeyPairGenerator; import java.security.interfaces.RSAKey; +import java.time.Instant; import java.time.LocalDateTime; +import java.time.ZoneId; import java.time.ZoneOffset; import java.util.Date; import java.util.List; +import org.junit.Before; +import org.junit.Test; + +import com.auth0.jwt.JWT; +import com.auth0.jwt.algorithms.Algorithm; + public class VerifierTest { private static String token; + private static ZoneOffset offset; + + @Before + public void setUp() { + offset = ZoneId.systemDefault().getRules().getOffset(Instant.now()); + } + @Test public void testClaimsWithoutVerify() { token = JWT.create() @@ -27,8 +39,8 @@ public void testClaimsWithoutVerify() { .withClaim("uid", 1) .withClaim("name", "admin") .withClaim("url", "http://test.com") - .withIssuedAt(Date.from(LocalDateTime.now().toInstant(ZoneOffset.UTC))) - .withExpiresAt(Date.from(LocalDateTime.now().plusHours(2).toInstant(ZoneOffset.UTC))) + .withIssuedAt(Date.from(LocalDateTime.now().toInstant(offset))) + .withExpiresAt(Date.from(LocalDateTime.now().plusHours(2).toInstant(offset))) .sign(Algorithm.none()); final Verifier verifier = Verifier.create(token); assertEquals(1, verifier.getUid()); @@ -64,8 +76,8 @@ public void testClaimsAndVerifyHmac() throws Exception { .withClaim("uid", 1) .withClaim("name", "admin") .withClaim("url", "http://test.com") - .withIssuedAt(Date.from(LocalDateTime.now().toInstant(ZoneOffset.UTC))) - .withExpiresAt(Date.from(LocalDateTime.now().plusHours(2).toInstant(ZoneOffset.UTC))) + .withIssuedAt(Date.from(LocalDateTime.now().toInstant(offset))) + .withExpiresAt(Date.from(LocalDateTime.now().plusHours(2).toInstant(offset))) .sign(Algorithm.HMAC256("secret")); final Verifier verifier = Verifier.create(token); @@ -93,8 +105,8 @@ public void testClaimsAndVerifyRsa() throws Exception { .withClaim("uid", 1) .withClaim("name", "admin") .withClaim("url", "http://test.com") - .withIssuedAt(Date.from(LocalDateTime.now().toInstant(ZoneOffset.UTC))) - .withExpiresAt(Date.from(LocalDateTime.now().plusHours(2).toInstant(ZoneOffset.UTC))) + .withIssuedAt(Date.from(LocalDateTime.now().toInstant(offset))) + .withExpiresAt(Date.from(LocalDateTime.now().plusHours(2).toInstant(offset))) .sign(Algorithm.RSA512(privateKey)); final Verifier verifier = Verifier.create(token); @@ -117,8 +129,8 @@ public void testClaimsAndVerifyHmacBadIssueDate() throws Exception { .withClaim("uid", 1) .withClaim("name", "admin") .withClaim("url", "http://test.com") - .withIssuedAt(Date.from(LocalDateTime.now().toInstant(ZoneOffset.UTC))) - .withExpiresAt(Date.from(LocalDateTime.now().minusHours(2).toInstant(ZoneOffset.UTC))) + .withIssuedAt(Date.from(LocalDateTime.now().toInstant(offset))) + .withExpiresAt(Date.from(LocalDateTime.now().minusHours(2).toInstant(offset))) .sign(Algorithm.HMAC256("secret")); final Verifier verifier = Verifier.create(token); diff --git a/src/test/java/ca/islandora/syn/valves/SynValveTest.java b/src/test/java/ca/islandora/syn/valves/SynValveTest.java index 009d7e5..5eaa6a8 100644 --- a/src/test/java/ca/islandora/syn/valves/SynValveTest.java +++ b/src/test/java/ca/islandora/syn/valves/SynValveTest.java @@ -23,7 +23,9 @@ import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; +import java.time.Instant; import java.time.LocalDateTime; +import java.time.ZoneId; import java.time.ZoneOffset; import java.util.Arrays; import java.util.Date; @@ -62,6 +64,8 @@ public class SynValveTest { @Rule public TemporaryFolder temporaryFolder = new TemporaryFolder(); + private static ZoneOffset offset; + @Before public void setUp() throws Exception { settings = temporaryFolder.newFile(); @@ -74,6 +78,7 @@ public void setUp() throws Exception { when(container.getRealm()).thenReturn(realm); when(request.getContext()).thenReturn(context); + offset = ZoneId.systemDefault().getRules().getOffset(Instant.now()); } @Test @@ -97,8 +102,8 @@ public void shouldPassAuth() throws Exception { .withClaim("name", "adminuser") .withClaim("url", "http://test.com") .withArrayClaim("roles", new String[] {"role1", "role2", "role3"}) - .withIssuedAt(Date.from(LocalDateTime.now().toInstant(ZoneOffset.UTC))) - .withExpiresAt(Date.from(LocalDateTime.now().plusHours(2).toInstant(ZoneOffset.UTC))) + .withIssuedAt(Date.from(LocalDateTime.now().toInstant(offset))) + .withExpiresAt(Date.from(LocalDateTime.now().plusHours(2).toInstant(offset))) .sign(Algorithm.HMAC256("secret")); final SecurityConstraint securityConstraint = new SecurityConstraint(); @@ -208,8 +213,8 @@ public void shouldFailTokenMissingUid() throws Exception { .withClaim("name", "adminuser") .withClaim("url", "http://test.com") .withArrayClaim("roles", new String[] {"role1", "role2", "role3"}) - .withIssuedAt(Date.from(LocalDateTime.now().toInstant(ZoneOffset.UTC))) - .withExpiresAt(Date.from(LocalDateTime.now().plusHours(2).toInstant(ZoneOffset.UTC))) + .withIssuedAt(Date.from(LocalDateTime.now().toInstant(offset))) + .withExpiresAt(Date.from(LocalDateTime.now().plusHours(2).toInstant(offset))) .sign(Algorithm.HMAC256("secret")); final SecurityConstraint securityConstraint = new SecurityConstraint(); @@ -234,8 +239,8 @@ public void shouldPassAuthDefaultSite() throws Exception { .withClaim("name", "normalUser") .withClaim("url", "http://test2.com") .withArrayClaim("roles", new String[] {}) - .withIssuedAt(Date.from(LocalDateTime.now().toInstant(ZoneOffset.UTC))) - .withExpiresAt(Date.from(LocalDateTime.now().plusHours(2).toInstant(ZoneOffset.UTC))) + .withIssuedAt(Date.from(LocalDateTime.now().toInstant(offset))) + .withExpiresAt(Date.from(LocalDateTime.now().plusHours(2).toInstant(offset))) .sign(Algorithm.HMAC256("secret2")); final ArgumentCaptor argument = ArgumentCaptor.forClass(GenericPrincipal.class); @@ -272,8 +277,8 @@ public void shouldFailAuthBecauseNoSiteMatch() throws Exception { .withClaim("name", "normalUser") .withClaim("url", "http://test-no-match.com") .withArrayClaim("roles", new String[] {}) - .withIssuedAt(Date.from(LocalDateTime.now().toInstant(ZoneOffset.UTC))) - .withExpiresAt(Date.from(LocalDateTime.now().plusHours(2).toInstant(ZoneOffset.UTC))) + .withIssuedAt(Date.from(LocalDateTime.now().toInstant(offset))) + .withExpiresAt(Date.from(LocalDateTime.now().plusHours(2).toInstant(offset))) .sign(Algorithm.HMAC256("secret")); final SecurityConstraint securityConstraint = new SecurityConstraint();