Add check for keyResolver when building parser

paseto-toolkit · Mar 28, 2020 · a380230 · a380230
1 parent b8cdc20
commit a380230
Show file tree

Hide file tree

Showing 2 changed files with 32 additions and 2 deletions.
diff --git a/impl/src/main/java/dev/paseto/jpaseto/impl/DefaultPasetoParserBuilder.java b/impl/src/main/java/dev/paseto/jpaseto/impl/DefaultPasetoParserBuilder.java
@@ -74,7 +74,7 @@ public PasetoParserBuilder setDeserializer(Deserializer<Map<String, Object>> des
     @Override
     public PasetoParser build() {
 
-        Assert.isTrue( publicKey != null || sharedSecret != null,"PasetoParser must be configure with a public key (for public tokens) and/or a sharedSecret (for local tokens).");
+        Assert.isTrue( keyResolver != null || publicKey != null || sharedSecret != null,"PasetoParser must be configure with a public key (for public tokens) and/or a sharedSecret (for local tokens).");
 
         @SuppressWarnings("unchecked")
         Deserializer<Map<String, Object>> tmpDeserializer = (this.deserializer != null)

diff --git a/impl/src/test/groovy/dev/paseto/jpaseto/impl/DefaultPasetoParserBuilderTest.groovy b/impl/src/test/groovy/dev/paseto/jpaseto/impl/DefaultPasetoParserBuilderTest.groovy
@@ -24,7 +24,6 @@ import org.testng.annotations.DataProvider
 import org.testng.annotations.Test
 
 import java.security.KeyPair
-import java.security.KeyPairGenerator
 import java.security.PublicKey
 import java.time.Clock
 import java.time.Duration
@@ -35,7 +34,9 @@ import static dev.paseto.jpaseto.impl.Util.expect
 import static java.nio.charset.StandardCharsets.UTF_8
 import static org.hamcrest.MatcherAssert.assertThat
 import static org.hamcrest.Matchers.*
+import static org.mockito.ArgumentMatchers.eq
 import static org.mockito.Mockito.mock
+import static org.mockito.Mockito.when
 
 class DefaultPasetoParserBuilderTest {
 
@@ -176,6 +177,35 @@ class DefaultPasetoParserBuilderTest {
         assertThat e.getMessage(), startsWith("Expected 'kid' claim to be equal to: 'Valid',")
     }
 
+    /**
+     * https://github.com/paseto-toolkit/jpaseto/issues/4
+     */
+    @Test
+    void justKeyPublicResolverTest() {
+        // start with a token
+        String token = Pasetos.V1.PUBLIC.builder()
+                .setPrivateKey(keyPair.getPrivate())
+                .setExpiration(Instant.now().plus(1, ChronoUnit.HOURS))
+                .setSubject("test-sub")
+                .setKeyId("test-kid")
+                .compact()
+
+        // setup a mock keyResolver
+        def keyResolver = mock(KeyResolver)
+        def expectedFooter = new DefaultFooterClaims(["kid": "test-kid"])
+        when(keyResolver.resolvePublicKey(eq(Version.V1), eq(Purpose.PUBLIC), eq(expectedFooter)))
+                .thenReturn(keyPair.getPublic())
+        // parse with the key resolver
+        def parser = Pasetos.parserBuilder()
+                .setKeyResolver(keyResolver)
+                .build()
+
+        assertThat parser.keyResolver, sameInstance(keyResolver)
+        def result = parser.parse(token)
+        assertThat result.getFooter(), is(expectedFooter)
+        assertThat result.getClaims().getSubject(), is("test-sub")
+    }
+
     @Test
     void missingKeyIdTest() {
         String token = Pasetos.V1.PUBLIC.builder()