"DashboardService" should "reject a fromDashboard/ping with an expired jwts header" in {
val config = DashboardConfigSource.config
val shrineCertCollection: KeyStoreCertCollection = KeyStoreCertCollection.fromFileRecoverWithClassPath(KeyStoreDescriptorParser(config.getConfig("shrine.keystore")))
val base64Cert = new String(TextCodec.BASE64URL.encode(shrineCertCollection.myCert.get.getEncoded))
val key: PrivateKey = shrineCertCollection.myKeyPair.privateKey
val expiration: Date = new Date(System.currentTimeMillis() - 300 * 1000) //bad for 5 minutes
"DashboardService" should "reject a fromDashboard/ping with no subject" in {
val config = DashboardConfigSource.config
val shrineCertCollection: KeyStoreCertCollection = KeyStoreCertCollection.fromClassPathResource(KeyStoreDescriptorParser(config.getConfig("shrine.keystore")))
val base64Cert = new String(TextCodec.BASE64URL.encode(shrineCertCollection.myCert.get.getEncoded))
val key: PrivateKey = shrineCertCollection.myKeyPair.privateKey
val expiration: Date = new Date(System.currentTimeMillis() + 30 * 1000)
val jwtsString = Jwts.builder().
setHeaderParam("kid", base64Cert).
setExpiration(expiration).
signWith(SignatureAlgorithm.RS512, key).
compact()
Get(s"/fromDashboard/ping") ~>
addCredentials(OAuth2BearerToken(jwtsString)) ~>
sealRoute(route) ~> check {
assertResult(Unauthorized)(status)
}
}
"DashboardService" should "reject a fromDashboard/ping with no Authorization header" in {
Get(s"/fromDashboard/ping") ~>
sealRoute(route) ~> check {
assertResult(Unauthorized)(status)
}
}
"DashboardService" should "reject a fromDashboard/ping with an Authorization header for the wrong authorization spec" in {
Get(s"/fromDashboard/ping") ~>
addCredentials(adminCredentials) ~>
sealRoute(route) ~> check {
assertResult(Unauthorized)(status)
}
}
/*
"DashboardService" should "not find a bogus web service to talk to" in {