feat: add Ed25519 JWT signing and verification

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-30 10:25:27 +02:00
parent aff10704e0
commit 33c4a2991f
3 changed files with 246 additions and 3 deletions
--- a/src/test/java/net/siegeln/cameleer/saas/auth/JwtServiceTest.java
+++ b/src/test/java/net/siegeln/cameleer/saas/auth/JwtServiceTest.java
@@ -0,0 +1,104 @@
+package net.siegeln.cameleer.saas.auth;
+
+import net.siegeln.cameleer.saas.config.JwtConfig;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+
+import java.util.UUID;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertNotNull;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
+class JwtServiceTest {
+
+    private JwtService jwtService;
+
+    @BeforeEach
+    void setUp() throws Exception {
+        JwtConfig config = new JwtConfig();
+        config.init();
+        jwtService = new JwtService(config);
+    }
+
+    @Test
+    void generateToken_producesValidJwt() {
+        UserEntity user = createUser("test@example.com", "OWNER");
+
+        String token = jwtService.generateToken(user);
+
+        assertNotNull(token);
+        String[] parts = token.split("\\.");
+        assertEquals(3, parts.length, "JWT should have 3 parts separated by dots");
+    }
+
+    @Test
+    void extractEmail_returnsCorrectEmail() {
+        UserEntity user = createUser("test@example.com", "OWNER");
+
+        String token = jwtService.generateToken(user);
+        String email = jwtService.extractEmail(token);
+
+        assertEquals("test@example.com", email);
+    }
+
+    @Test
+    void isTokenValid_returnsTrueForValidToken() {
+        UserEntity user = createUser("test@example.com", "OWNER");
+
+        String token = jwtService.generateToken(user);
+
+        assertTrue(jwtService.isTokenValid(token));
+    }
+
+    @Test
+    void isTokenValid_returnsFalseForTamperedToken() {
+        UserEntity user = createUser("test@example.com", "OWNER");
+
+        String token = jwtService.generateToken(user);
+        // Tamper with the last 5 characters of the signature
+        String tampered = token.substring(0, token.length() - 5) + "XXXXX";
+
+        assertFalse(jwtService.isTokenValid(tampered));
+    }
+
+    @Test
+    void extractRoles_returnsUserRoles() {
+        UserEntity user = createUser("test@example.com", "OWNER");
+
+        String token = jwtService.generateToken(user);
+        var roles = jwtService.extractRoles(token);
+
+        assertNotNull(roles);
+        assertTrue(roles.contains("OWNER"));
+        assertEquals(1, roles.size());
+    }
+
+    @Test
+    void extractUserId_returnsCorrectId() {
+        UserEntity user = createUser("test@example.com", "OWNER");
+
+        String token = jwtService.generateToken(user);
+        UUID extractedId = jwtService.extractUserId(token);
+
+        assertEquals(user.getId(), extractedId);
+    }
+
+    private UserEntity createUser(String email, String roleName) {
+        var role = new RoleEntity();
+        role.setName(roleName);
+        var user = new UserEntity();
+        user.setEmail(email);
+        user.setName("Test User");
+        user.getRoles().add(role);
+        try {
+            var idField = UserEntity.class.getDeclaredField("id");
+            idField.setAccessible(true);
+            idField.set(user, UUID.randomUUID());
+        } catch (Exception e) {
+            throw new RuntimeException(e);
+        }
+        return user;
+    }
+}