fix: remove Ed25519 license signing — replace with UUID token placeholder
Drop JwtConfig dependency from LicenseService; generate license tokens as random UUIDs instead. Add findByToken to LicenseRepository and update verifyLicenseToken to do a DB lookup. Update LicenseServiceTest to match. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
hsiegeln
@@ -2,7 +2,6 @@ package net.siegeln.cameleer.saas.license;
|
||||
|
||||
import net.siegeln.cameleer.saas.audit.AuditAction;
|
||||
import net.siegeln.cameleer.saas.audit.AuditService;
|
||||
import net.siegeln.cameleer.saas.config.JwtConfig;
|
||||
import net.siegeln.cameleer.saas.tenant.Tier;
|
||||
import net.siegeln.cameleer.saas.tenant.TenantEntity;
|
||||
import net.siegeln.cameleer.saas.tenant.TenantStatus;
|
||||
@@ -14,6 +13,7 @@ import org.mockito.Mock;
|
||||
import org.mockito.junit.jupiter.MockitoExtension;
|
||||
|
||||
import java.time.Duration;
|
||||
import java.util.Optional;
|
||||
import java.util.UUID;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
@@ -30,14 +30,11 @@ class LicenseServiceTest {
|
||||
@Mock
|
||||
private AuditService auditService;
|
||||
|
||||
private JwtConfig jwtConfig;
|
||||
private LicenseService licenseService;
|
||||
|
||||
@BeforeEach
|
||||
void setUp() throws Exception {
|
||||
jwtConfig = new JwtConfig();
|
||||
jwtConfig.init(); // generates ephemeral keys for testing
|
||||
licenseService = new LicenseService(licenseRepository, jwtConfig, auditService);
|
||||
void setUp() {
|
||||
licenseService = new LicenseService(licenseRepository, auditService);
|
||||
}
|
||||
|
||||
private TenantEntity createTenant(Tier tier) {
|
||||
@@ -68,14 +65,15 @@ class LicenseServiceTest {
|
||||
}
|
||||
|
||||
@Test
|
||||
void generateLicense_producesValidSignedToken() {
|
||||
void generateLicense_producesUuidToken() {
|
||||
var tenant = createTenant(Tier.MID);
|
||||
when(licenseRepository.save(any(LicenseEntity.class))).thenAnswer(inv -> withGeneratedId(inv.getArgument(0)));
|
||||
|
||||
var license = licenseService.generateLicense(tenant, Duration.ofDays(365), UUID.randomUUID());
|
||||
|
||||
assertThat(license.getToken()).isNotBlank();
|
||||
assertThat(license.getToken().split("\\.")).hasSize(3);
|
||||
// Token must be a valid UUID string
|
||||
assertThat(UUID.fromString(license.getToken())).isNotNull();
|
||||
assertThat(license.getTier()).isEqualTo("MID");
|
||||
}
|
||||
|
||||
@@ -107,6 +105,9 @@ class LicenseServiceTest {
|
||||
when(licenseRepository.save(any(LicenseEntity.class))).thenAnswer(inv -> withGeneratedId(inv.getArgument(0)));
|
||||
|
||||
var license = licenseService.generateLicense(tenant, Duration.ofDays(30), UUID.randomUUID());
|
||||
|
||||
when(licenseRepository.findByToken(license.getToken())).thenReturn(Optional.of(license));
|
||||
|
||||
var payload = licenseService.verifyLicenseToken(license.getToken());
|
||||
|
||||
assertThat(payload).isPresent();
|
||||
@@ -115,14 +116,10 @@ class LicenseServiceTest {
|
||||
}
|
||||
|
||||
@Test
|
||||
void verifyLicenseToken_tamperedTokenReturnsEmpty() {
|
||||
var tenant = createTenant(Tier.MID);
|
||||
when(licenseRepository.save(any(LicenseEntity.class))).thenAnswer(inv -> withGeneratedId(inv.getArgument(0)));
|
||||
void verifyLicenseToken_unknownTokenReturnsEmpty() {
|
||||
when(licenseRepository.findByToken(any())).thenReturn(Optional.empty());
|
||||
|
||||
var license = licenseService.generateLicense(tenant, Duration.ofDays(30), UUID.randomUUID());
|
||||
String tampered = license.getToken() + "x";
|
||||
|
||||
var payload = licenseService.verifyLicenseToken(tampered);
|
||||
var payload = licenseService.verifyLicenseToken("unknown-token");
|
||||
|
||||
assertThat(payload).isEmpty();
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user