add creator tests. update readme

lbalmaceda · lbalmaceda · commit 92fa94fb2c33 · 2016-11-09T19:18:00.000-03:00
diff --git a/README.md b/README.md
@@ -16,6 +16,22 @@ An implementation of [JSON Web Tokens](http://self-issued.info/docs/draft-ietf-o
 compile 'com.auth0:java-jwt:3.0.+'
 ```
 
+## Available Algorithms
+
+The library implements JWT Verification and Signing using the following algorithms:
+
+| JWS | Algorithm | Description |
+| :-------------: | :-------------: | :----- |
+| HS256 | HMAC256 | HMAC with SHA-256 |
+| HS384 | HMAC384 | HMAC with SHA-384 |
+| HS512 | HMAC512 | HMAC with SHA-512 |
+| RS256 | RSA256 | RSASSA-PKCS1-v1_5 with SHA-256 |
+| RS384 | RSA384 | RSASSA-PKCS1-v1_5 with SHA-384 |
+| RS512 | RSA512 | RSASSA-PKCS1-v1_5 with SHA-512 |
+| ES256 | ECDSA256 | ECDSA with curve P-256 and SHA-256 |
+| ES384 | ECDSA384 | ECDSA with curve P-384 and SHA-384 |
+| ES512 | ECDSA512 | ECDSA with curve P-521 and SHA-512 |
+
 ## Usage
 
 ### Decode a Token
@@ -31,22 +47,40 @@ try {
 
 If the token has an invalid syntax or the header or payload are not JSONs, a `JWTDecodeException` will raise.
 
-### Verify a Token
 
+### Create and Sign a Token
 
-The library implements JWT Verification using the following algorithms:
+You'll first need to create a `JWTCreator` instance by calling `JWT.create()` and passing the Algorithm instance. Use the builder to define the custom Claims your token needs to have. Finally to get the String token call `sign()`.
 
-| JWS | Algorithm | Description |
-| :-------------: | :-------------: | :----- |
-| HS256 | HMAC256 | HMAC with SHA-256 |
-| HS384 | HMAC384 | HMAC with SHA-384 |
-| HS512 | HMAC512 | HMAC with SHA-512 |
-| RS256 | RSA256 | RSASSA-PKCS1-v1_5 with SHA-256 |
-| RS384 | RSA384 | RSASSA-PKCS1-v1_5 with SHA-384 |
-| RS512 | RSA512 | RSASSA-PKCS1-v1_5 with SHA-512 |
-| ES256 | ECDSA256 | ECDSA with curve P-256 and SHA-256 |
-| ES384 | ECDSA384 | ECDSA with curve P-384 and SHA-384 |
-| ES512 | ECDSA512 | ECDSA with curve P-521 and SHA-512 |
+* Example using `HS256`
+
+```java
+try {
+    String token = JWT.create(Algorithm.HMAC256("secret"))
+        .withIssuer("auth0")
+        .sign();
+} catch (JWTCreationException exception){
+    //Invalid Signing configuration / Couldn't convert Claims.
+}
+```
+
+* Example using `RS256`
+
+```java
+PrivateKey key = //Get the key instance
+try {
+    String token = JWT.create(Algorithm.RSA256(key))
+        .withIssuer("auth0")
+        .sign();
+} catch (JWTCreationException exception){
+    //Invalid Signing configuration / Couldn't convert Claims.
+}
+```
+
+If a Claim couldn't be converted to JSON or the Key used in the signing process was invalid a `JWTCreationException` will raise.
+
+
+### Verify a Token
 
 You'll first need to create a `JWTVerifier` instance by calling `JWT.require()` and passing the Algorithm instance. If you require the token to have specific Claim values, use the builder to define them. The instance returned by the method `build()` is reusable, so you can define it once and use it to verify different tokens. Finally call `verifier.verify()` passing the token.
 
diff --git a/lib/src/main/java/com/auth0/jwt/JWTCreator.java b/lib/src/main/java/com/auth0/jwt/JWTCreator.java
@@ -7,11 +7,13 @@
 import com.fasterxml.jackson.core.JsonProcessingException;
 import com.fasterxml.jackson.databind.ObjectMapper;
 
-import java.util.Collections;
 import java.util.Date;
 import java.util.HashMap;
 import java.util.Map;
 
+/**
+ * The JWTCreator class holds the sign method to generate a complete JWT (with Signature) from a given Header and Payload content.
+ */
 class JWTCreator {
 
     private final Algorithm algorithm;
@@ -20,7 +22,6 @@ class JWTCreator {
 
     private JWTCreator(Algorithm algorithm, Map<String, Object> headerClaims, Map<String, Object> payloadClaims) throws JWTCreationException {
         this.algorithm = algorithm;
-        headerClaims.put(PublicClaims.ALGORITHM, algorithm.getName());
         try {
             headerJson = toSafeJson(headerClaims);
             payloadJson = toSafeJson(payloadClaims);
@@ -42,7 +43,7 @@ static JWTCreator.Builder init(Algorithm algorithm) throws IllegalArgumentExcept
     }
 
     /**
-     * The Builder class holds the Claims required by a JWT to be valid.
+     * The Builder class holds the Claims that defines the JWT to be created.
      */
     static class Builder {
         private final Algorithm algorithm;
@@ -65,7 +66,7 @@ static class Builder {
          * @return this same Builder instance.
          */
         public Builder withHeader(Map<String, Object> headerClaims) {
-            this.headerClaims = Collections.unmodifiableMap(headerClaims);
+            this.headerClaims = new HashMap<>(headerClaims);
             return this;
         }
 
@@ -95,7 +96,12 @@ public Builder withSubject(String subject) {
          * @return this same Builder instance.
          */
         public Builder withAudience(String[] audience) {
-            addClaim(PublicClaims.AUDIENCE, audience);
+            //FIXME: Use a custom Serializer
+            if (audience.length == 1) {
+                addClaim(PublicClaims.AUDIENCE, audience[0]);
+            } else if (audience.length > 1) {
+                addClaim(PublicClaims.AUDIENCE, audience);
+            }
             return this;
         }
 
@@ -105,7 +111,7 @@ public Builder withAudience(String[] audience) {
          * @return this same Builder instance.
          */
         public Builder withExpiresAt(Date expiresAt) {
-            addClaim(PublicClaims.EXPIRES_AT, expiresAt);
+            addClaim(PublicClaims.EXPIRES_AT, dateToSeconds(expiresAt));
             return this;
         }
 
@@ -115,7 +121,7 @@ public Builder withExpiresAt(Date expiresAt) {
          * @return this same Builder instance.
          */
         public Builder withNotBefore(Date notBefore) {
-            addClaim(PublicClaims.NOT_BEFORE, notBefore);
+            addClaim(PublicClaims.NOT_BEFORE, dateToSeconds(notBefore));
             return this;
         }
 
@@ -125,7 +131,7 @@ public Builder withNotBefore(Date notBefore) {
          * @return this same Builder instance.
          */
         public Builder withIssuedAt(Date issuedAt) {
-            addClaim(PublicClaims.ISSUED_AT, issuedAt);
+            addClaim(PublicClaims.ISSUED_AT, dateToSeconds(issuedAt));
             return this;
         }
 
@@ -143,11 +149,18 @@ public Builder withJWTId(String jwtId) {
          * Creates a new instance of the JWT with the specified payloadClaims.
          *
          * @return a new JWT instance.
+         * @throws JWTCreationException if the Claims coudln't be converted to a valid JSON or there was a problem with the signing key.
          */
         public String sign() throws JWTCreationException {
+            headerClaims.put(PublicClaims.ALGORITHM, algorithm.getName());
             return new JWTCreator(algorithm, headerClaims, payloadClaims).sign();
         }
 
+        private int dateToSeconds(Date date) {
+            //FIXME: Use a custom Serializer
+            return (int) (date.getTime() / 1000);
+        }
+
         private void addClaim(String name, Object value) {
             if (value == null) {
                 payloadClaims.remove(name);
diff --git a/lib/src/main/java/com/auth0/jwt/JWTVerifier.java b/lib/src/main/java/com/auth0/jwt/JWTVerifier.java
@@ -9,7 +9,7 @@
 /**
  * The JWTVerifier class holds the verify method to assert that a given Token has not only a proper JWT format, but also it's signature matches.
  */
-class JWTVerifier {
+final class JWTVerifier {
     private final Algorithm algorithm;
     final Map<String, Object> claims;
     private final Clock clock;
diff --git a/lib/src/test/java/com/auth0/jwt/JWTCreatorTest.java b/lib/src/test/java/com/auth0/jwt/JWTCreatorTest.java
@@ -0,0 +1,148 @@
+package com.auth0.jwt;
+
+import com.auth0.jwt.algorithms.Algorithm;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.rules.ExpectedException;
+
+import java.util.Date;
+import java.util.HashMap;
+import java.util.Map;
+
+import static org.hamcrest.Matchers.is;
+import static org.hamcrest.Matchers.notNullValue;
+import static org.junit.Assert.assertThat;
+
+public class JWTCreatorTest {
+
+    @Rule
+    public ExpectedException exception = ExpectedException.none();
+
+    @Test
+    public void shouldThrowWhenInitializedWithoutAlgorithm() throws Exception {
+        exception.expect(IllegalArgumentException.class);
+        exception.expectMessage("The Algorithm cannot be null");
+        JWTCreator.init(null);
+    }
+
+    @SuppressWarnings("Convert2Diamond")
+    @Test
+    public void shouldAddHeader() throws Exception {
+        Map<String, Object> header = new HashMap<String, Object>();
+        header.put("asd", 123);
+        String signed = JWTCreator.init(Algorithm.HMAC256("secret"))
+                .withHeader(header)
+                .sign();
+
+        assertThat(signed, is(notNullValue()));
+        assertThat(SignUtils.splitToken(signed)[0], is("eyJhbGciOiJIUzI1NiIsImFzZCI6MTIzfQ"));
+    }
+
+    @Test
+    public void shouldAddIssuer() throws Exception {
+        String signed = JWTCreator.init(Algorithm.HMAC256("secret"))
+                .withIssuer("auth0")
+                .sign();
+
+        assertThat(signed, is(notNullValue()));
+        assertThat(SignUtils.splitToken(signed)[1], is("eyJpc3MiOiJhdXRoMCJ9"));
+    }
+
+    @Test
+    public void shouldAddSubject() throws Exception {
+        String signed = JWTCreator.init(Algorithm.HMAC256("secret"))
+                .withSubject("1234567890")
+                .sign();
+
+        assertThat(signed, is(notNullValue()));
+        assertThat(SignUtils.splitToken(signed)[1], is("eyJzdWIiOiIxMjM0NTY3ODkwIn0"));
+    }
+
+    @Test
+    public void shouldAddAudience() throws Exception {
+        String signed = JWTCreator.init(Algorithm.HMAC256("secret"))
+                .withAudience(new String[]{"Mark"})
+                .sign();
+
+        assertThat(signed, is(notNullValue()));
+        assertThat(SignUtils.splitToken(signed)[1], is("eyJhdWQiOiJNYXJrIn0"));
+
+
+        String signedArr = JWTCreator.init(Algorithm.HMAC256("secret"))
+                .withAudience(new String[]{"Mark", "David"})
+                .sign();
+
+        assertThat(signedArr, is(notNullValue()));
+        assertThat(SignUtils.splitToken(signedArr)[1], is("eyJhdWQiOlsiTWFyayIsIkRhdmlkIl19"));
+    }
+
+    @Test
+    public void shouldAddExpiresAt() throws Exception {
+        String signed = JWTCreator.init(Algorithm.HMAC256("secret"))
+                .withExpiresAt(new Date(1477592000))
+                .sign();
+
+        assertThat(signed, is(notNullValue()));
+        assertThat(SignUtils.splitToken(signed)[1], is("eyJleHAiOjE0Nzc1OTJ9"));
+    }
+
+    @Test
+    public void shouldAddNotBefore() throws Exception {
+        String signed = JWTCreator.init(Algorithm.HMAC256("secret"))
+                .withNotBefore(new Date(1477592000))
+                .sign();
+
+        assertThat(signed, is(notNullValue()));
+        assertThat(SignUtils.splitToken(signed)[1], is("eyJuYmYiOjE0Nzc1OTJ9"));
+    }
+
+    @Test
+    public void shouldAddIssuedAt() throws Exception {
+        String signed = JWTCreator.init(Algorithm.HMAC256("secret"))
+                .withIssuedAt(new Date(1477592000))
+                .sign();
+
+        assertThat(signed, is(notNullValue()));
+        assertThat(SignUtils.splitToken(signed)[1], is("eyJpYXQiOjE0Nzc1OTJ9"));
+    }
+
+    @Test
+    public void shouldAddJWTId() throws Exception {
+        String signed = JWTCreator.init(Algorithm.HMAC256("secret"))
+                .withJWTId("jwt_id_123")
+                .sign();
+
+        assertThat(signed, is(notNullValue()));
+        assertThat(SignUtils.splitToken(signed)[1], is("eyJqdGkiOiJqd3RfaWRfMTIzIn0"));
+    }
+
+
+    @Test
+    public void shouldRemoveClaimWhenPassingNull() throws Exception {
+        String signed = JWTCreator.init(Algorithm.HMAC256("secret"))
+                .withIssuer("iss")
+                .withIssuer(null)
+                .sign();
+
+        assertThat(signed, is(notNullValue()));
+        assertThat(SignUtils.splitToken(signed)[1], is("e30"));
+    }
+
+    @Test
+    public void shouldSetCorrectAlgorithmInTheHeader() throws Exception {
+        String signed = JWTCreator.init(Algorithm.HMAC256("secret"))
+                .sign();
+
+        assertThat(signed, is(notNullValue()));
+        assertThat(SignUtils.splitToken(signed)[0], is("eyJhbGciOiJIUzI1NiJ9"));
+    }
+
+    @Test
+    public void shouldSetEmptySignatureIfAlgorithmIsNone() throws Exception {
+        String signed = JWTCreator.init(Algorithm.none())
+                .sign();
+        assertThat(signed, is(notNullValue()));
+        assertThat(SignUtils.splitToken(signed)[2], is(""));
+    }
+
+}
diff --git a/lib/src/test/java/com/auth0/jwt/JWTTest.java b/lib/src/test/java/com/auth0/jwt/JWTTest.java
@@ -301,6 +301,7 @@ public void shouldGetType() throws Exception {
 
     // *********************************************** //
     // Creation / Signing
+    // *********************************************** //
 
     @Test
     public void shouldCreateAnEmptyHMAC256SignedToken() throws Exception {
