commit
44f446e745
2 changed files with 25 additions and 1 deletions
|
@ -17,7 +17,12 @@ public class RSATokenVerifier {
|
|||
}
|
||||
|
||||
public static AccessToken verifyToken(String tokenString, PublicKey realmKey, String realm, boolean checkActive) throws VerificationException {
|
||||
JWSInput input = new JWSInput(tokenString);
|
||||
JWSInput input = null;
|
||||
try {
|
||||
input = new JWSInput(tokenString);
|
||||
} catch (Exception e) {
|
||||
throw new VerificationException("Couldn't parse token", e);
|
||||
}
|
||||
if (!isPublicKeyValid(input, realmKey)) throw new VerificationException("Invalid token signature.");
|
||||
|
||||
AccessToken token;
|
||||
|
|
|
@ -55,6 +55,7 @@ import javax.ws.rs.client.ClientBuilder;
|
|||
import javax.ws.rs.client.WebTarget;
|
||||
import javax.ws.rs.core.GenericType;
|
||||
import javax.ws.rs.core.HttpHeaders;
|
||||
import javax.ws.rs.core.Response;
|
||||
import javax.ws.rs.core.UriBuilder;
|
||||
import java.net.URL;
|
||||
import java.security.PublicKey;
|
||||
|
@ -280,4 +281,22 @@ public class AdapterTest {
|
|||
keycloakSession.getTransaction().commit();
|
||||
keycloakSession.close();
|
||||
}
|
||||
|
||||
/**
|
||||
* KEYCLOAK-518
|
||||
* @throws Exception
|
||||
*/
|
||||
@Test
|
||||
public void testNullBearerToken() throws Exception {
|
||||
Client client = ClientBuilder.newClient();
|
||||
WebTarget target = client.target("http://localhost:8081/customer-db");
|
||||
Response response = target.request().get();
|
||||
Assert.assertEquals(401, response.getStatus());
|
||||
response.close();
|
||||
response = target.request().header(HttpHeaders.AUTHORIZATION, "Bearer null").get();
|
||||
Assert.assertEquals(401, response.getStatus());
|
||||
response.close();
|
||||
client.close();
|
||||
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue