xref: /aosp_15_r20/external/tink/java_src/examples/jwt/jwt_signature_example_test.sh (revision e7b1675dde1b92d52ec075b0a92829627f2c52a5) 
1#!/bin/bash
2# Copyright 2021 Google LLC
3#
4# Licensed under the Apache License, Version 2.0 (the "License");
5# you may not use this file except in compliance with the License.
6# You may obtain a copy of the License at
7#
8#      http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS,
12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13# See the License for the specific language governing permissions and
14# limitations under the License.
15################################################################################
16
17set -euo pipefail
18
19#############################################################################
20##### Tests for digital signature Java example.
21
22SIGN_CLI="$1"
23GEN_PUBLIC_JWK_SET_CLI="$2"
24VERIFY_CLI="$3"
25PRIVATE_KEYSET_PATH="$4"
26
27AUDIENCE="audience"
28TOKEN_PATH="${TEST_TMPDIR}/token.txt"
29PUBLIC_JWK_SET_PATH="${TEST_TMPDIR}/public_jwk_set.json"
30
31#############################################################################
32
33# A helper function for getting the return code of a command that may fail
34# Temporarily disables error safety and stores return value in $TEST_STATUS
35# Usage:
36# % test_command somecommand some args
37# % echo $TEST_STATUS
38test_command() {
39  set +e
40  "$@"
41  TEST_STATUS=$?
42  set -e
43}
44
45#############################################################################
46#### Test generate token
47test_name="generate_token"
48echo "+++ Starting test $test_name..."
49
50test_command ${SIGN_CLI} ${PRIVATE_KEYSET_PATH} ${AUDIENCE} ${TOKEN_PATH}
51
52if [[ $TEST_STATUS -eq 0 ]]; then
53  echo "+++ Success: Generating the token succeeded."
54else
55  echo "--- Failure: Generating the token failed."
56  exit 1
57fi
58
59#############################################################################
60#### Test generate public JWK Set
61test_name="generate_public_jwk_set"
62echo "+++ Starting test $test_name..."
63
64test_command ${GEN_PUBLIC_JWK_SET_CLI} ${PRIVATE_KEYSET_PATH} ${PUBLIC_JWK_SET_PATH}
65
66if [[ $TEST_STATUS -eq 0 ]]; then
67  echo "+++ Success: Generating the public JWK set succeeded."
68else
69  echo "--- Failure: Generating the public JWK set failed."
70  exit 1
71fi
72
73#############################################################################
74##### Test verification
75test_name="token_verification_success"
76echo "+++ Starting test $test_name..."
77
78test_command ${VERIFY_CLI} ${PUBLIC_JWK_SET_PATH} ${AUDIENCE} ${TOKEN_PATH}
79
80if [[ $TEST_STATUS -eq 0 ]]; then
81  echo "+++ Success: Verification passed for a valid token."
82else
83  echo "--- Failure: Verification failed for a valid token."
84  exit 1
85fi
86
87#############################################################################
88#### Test verification fails with invalid token.
89test_name="token_verification_fails_with_invalid_token"
90echo "+++ Starting test $test_name..."
91
92##### Create an invalid token.
93INVALID_TOKEN_PATH="${TEST_TMPDIR}/invalid_token.txt"
94echo "ABCABCABCD" > $INVALID_TOKEN_PATH
95
96##### Run verification.
97test_command ${VERIFY_CLI} ${PUBLIC_JWK_SET_PATH} ${AUDIENCE} ${INVALID_TOKEN_PATH}
98
99if [[ $TEST_STATUS -ne 0 ]]; then
100  echo "+++ Success: Verification failed with invalid token."
101else
102  echo "--- Failure: Verification passed with invalid token."
103  exit 1
104fi
105
106
107#############################################################################
108#### Test verification fails with an invalid audience.
109test_name="token_verification_fails_with_invalid_audience"
110echo "+++ Starting test $test_name..."
111
112test_command ${VERIFY_CLI} $PUBLIC_JWK_SET_PATH unknown_audience ${TOKEN_PATH}
113
114if [[ $TEST_STATUS -ne 0 ]]; then
115  echo "+++ Success: Verification failed for an invalid audience."
116else
117  echo "--- Failure: Verification passed for an invalid audience."
118  exit 1
119fi
120
121
122#############################################################################
123#### Test signing fails with invalid keyset.
124test_name="generating_token_fails_with_invalid_keyset"
125echo "+++ Starting test $test_name..."
126
127test_command ${SIGN_CLI} ${PUBLIC_JWK_SET_PATH} ${AUDIENCE} ${TOKEN_PATH}
128
129if [[ $TEST_STATUS -ne 0 ]]; then
130  echo "+++ Success: Generating a token failed with invalid keyset."
131else
132  echo "--- Failure: Generating a token did not fail with invalid keyset."
133  exit 1
134fi
135
136
137#############################################################################
138#### Test verification fails with invalid keyset.
139test_name="verify_fails_with_a_invalid_keyset"
140echo "+++ Starting test $test_name..."
141
142test_command ${VERIFY_CLI} ${PRIVATE_KEYSET_PATH} ${AUDIENCE} ${TOKEN_PATH}
143
144if [[ $TEST_STATUS -ne 0 ]]; then
145  echo "+++ Success: Verification failed with invalid keyset."
146else
147  echo "--- Failure: Verification did not fail with invalid keyset."
148  exit 1
149fi
150