test: generate test data

Signed-off-by: Ink33 <[email protected]>
alibaba · May 14, 2024 · 671c9e0 · 671c9e0
1 parent 0225b38
commit 671c9e0
Show file tree

Hide file tree

Showing 3 changed files with 185 additions and 0 deletions.
diff --git a/plugins/wasm-go/extensions/jwt-auth/test/jwt_test.go b/plugins/wasm-go/extensions/jwt-auth/test/jwt_test.go
@@ -0,0 +1,144 @@
+package test
+
+import (
+	"crypto/ecdsa"
+	"crypto/elliptic"
+	"crypto/rand"
+	"crypto/rsa"
+	"encoding/json"
+	"os"
+	"testing"
+	"time"
+
+	"github.com/go-jose/go-jose/v4"
+	"github.com/go-jose/go-jose/v4/jwt"
+)
+
+type keySet struct {
+	Name       string
+	PrivateKey any
+	PublicKey  any
+}
+
+type jwts struct {
+	JWTs []struct {
+		Algorithm string `json:"alg"`
+		Token     string `json:"token"`
+		Type      string `json:"type"`
+	} `json:"jwts"`
+}
+
+func genPrivateKey() (keySets map[string]keySet) {
+	keySets = map[string]keySet{}
+	rsaPri, _ := rsa.GenerateKey(rand.Reader, 2048)
+	keySets["rsa"] = keySet{Name: "rsa", PrivateKey: rsaPri, PublicKey: &rsaPri.PublicKey}
+
+	// ed25519pri, ed25519pub, _ := ed25519.GenerateKey(rand.Reader)
+	// keySets["ed25519"] = keySet{Name: "ed25519", PrivateKey: ed25519pri, PublicKey: ed25519pub}
+
+	p256Pri, _ := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
+	keySets["p256"] = keySet{Name: "p256", PrivateKey: p256Pri, PublicKey: &p256Pri.PublicKey}
+
+	// p384Pri, _ := ecdsa.GenerateKey(elliptic.P384(), rand.Reader)
+	// keySets = append(keySets, keySet{Name: "p384", PrivateKey: p384Pri, PublicKey: &p384Pri.PublicKey})
+
+	// p521Pri, _ := ecdsa.GenerateKey(elliptic.P521(), rand.Reader)
+	// keySets = append(keySets, keySet{Name: "p521", PrivateKey: p521Pri, PublicKey: &p521Pri.PublicKey})
+	return
+}
+
+func genJWKs(keySets map[string]keySet) (keys jose.JSONWebKeySet) {
+	for k := range keySets {
+		k := jose.JSONWebKey{
+			Key:   keySets[k].PublicKey,
+			KeyID: keySets[k].Name,
+		}
+		keys.Keys = append(keys.Keys, k)
+	}
+	return
+}
+
+func genJWTs(keySets map[string]keySet) (jwts jwts) {
+	claims := map[string]jwt.Claims{
+		"normal": {
+			Issuer:    "higress-test",
+			Subject:   "higress-test",
+			Audience:  []string{"foo", "bar"},
+			Expiry:    jwt.NewNumericDate(time.Date(2034, 1, 1, 0, 0, 0, 0, time.UTC)),
+			NotBefore: jwt.NewNumericDate(time.Date(2024, 1, 1, 0, 0, 0, 0, time.UTC)),
+		},
+		"expried": {
+			Issuer:    "higress-test",
+			Subject:   "higress-test",
+			Audience:  []string{"foo", "bar"},
+			Expiry:    jwt.NewNumericDate(time.Date(2024, 1, 1, 0, 0, 0, 1, time.UTC)),
+			NotBefore: jwt.NewNumericDate(time.Date(2024, 1, 1, 0, 0, 0, 0, time.UTC)),
+		},
+	}
+
+	sigrsa, err := jose.NewSigner(jose.SigningKey{
+		Algorithm: jose.RS256,
+		Key:       keySets["rsa"].PrivateKey,
+	}, (&jose.SignerOptions{}).WithType("JWT"))
+	if err != nil {
+		panic(err)
+	}
+
+	sigp256, err := jose.NewSigner(jose.SigningKey{
+		Algorithm: jose.ES256,
+		Key:       keySets["p256"].PrivateKey,
+	}, (&jose.SignerOptions{}).WithType("JWT"))
+	if err != nil {
+		panic(err)
+	}
+
+	sigs := map[string]jose.Signer{
+		"RS256": sigrsa,
+		"ES256": sigp256,
+	}
+
+	for k1, v1 := range sigs {
+		for k2, v2 := range claims {
+			raw, _ := jwt.Signed(v1).Claims(v2).Serialize()
+			jwts.JWTs = append(jwts.JWTs, struct {
+				Algorithm string "json:\"alg\""
+				Token     string "json:\"token\""
+				Type      string "json:\"type\""
+			}{
+				Algorithm: k1,
+				Token:     raw,
+				Type:      k2,
+			})
+		}
+	}
+	return
+}
+
+func TestMain(m *testing.M) {
+	keySets := genPrivateKey()
+	keys := genJWKs(keySets)
+	jwts := genJWTs(keySets)
+
+	jwks, err := json.Marshal(keys)
+	if err != nil {
+		panic(err)
+	}
+	f, _ := os.Create("keys.json")
+	if err != nil {
+		panic(err)
+	}
+	defer f.Close()
+	f.WriteString(string(jwks))
+
+	jwtsm, err := json.Marshal(&jwts)
+	if err != nil {
+		panic(err)
+	}
+	f, _ = os.Create("jwts.json")
+	if err != nil {
+		panic(err)
+	}
+	defer f.Close()
+	f.WriteString(string(jwtsm))
+	m.Run()
+}
diff --git a/plugins/wasm-go/extensions/jwt-auth/test/jwts.json b/plugins/wasm-go/extensions/jwt-auth/test/jwts.json
@@ -0,0 +1,24 @@
+{
+    "jwts": [
+        {
+            "alg": "ES256",
+            "token": "eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOlsiZm9vIiwiYmFyIl0sImV4cCI6MjAxOTY4NjQwMCwiaXNzIjoiaGlncmVzcy10ZXN0IiwibmJmIjoxNzA0MDY3MjAwLCJzdWIiOiJoaWdyZXNzLXRlc3QifQ.17EI6w57ed6OTehKcVxCCGGMNPUVTHvDmMZTh8TrMPkz6sromkqWO94kT7atQ6YEnDrfNVvtaoNnqp7h05S3jg",
+            "type": "normal"
+        },
+        {
+            "alg": "ES256",
+            "token": "eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOlsiZm9vIiwiYmFyIl0sImV4cCI6MTcwNDA2NzIwMCwiaXNzIjoiaGlncmVzcy10ZXN0IiwibmJmIjoxNzA0MDY3MjAwLCJzdWIiOiJoaWdyZXNzLXRlc3QifQ.rGRgauThdjWWiysXzr8XkF9vweXjykSqRsvGv5YyZsIHYSXsD6v1A5MydCZUTuKp51ZOUNzTZjs_UTMSVZyVLQ",
+            "type": "expried"
+        },
+        {
+            "alg": "RS256",
+            "token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOlsiZm9vIiwiYmFyIl0sImV4cCI6MjAxOTY4NjQwMCwiaXNzIjoiaGlncmVzcy10ZXN0IiwibmJmIjoxNzA0MDY3MjAwLCJzdWIiOiJoaWdyZXNzLXRlc3QifQ.x3EpAXqywW3nw_cjM7jVV7Ic7hVlOsrUCdSQbfICMCoejMIAjQyR6svftrYuAZhSXI7fv8Gphti_-xMLQUXH7F01ZpI52dHjwtrkNfMzHArnIfgLVLpkUEQlUOgGyzsvyOK-CA7d3zEYwRIlu2NBN4twG5BGofwqwBCQaEmiZhfpRZK14dqHb0hf9Z0Ez8Jrt96KNUTZBXt5XY4RlLmTrUPAKo9DCcOnzb1SQqddWn74WM39jh3IE3cYrErPR1ARYPWcsNiyl058BTkHKol-qe8zfMO4bYgy9VafYKsX-e6WsSnwMcJN_M-rOBImMISh69aj4nx3-znCQyvTAskgBw",
+            "type": "normal"
+        },
+        {
+            "alg": "RS256",
+            "token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOlsiZm9vIiwiYmFyIl0sImV4cCI6MTcwNDA2NzIwMCwiaXNzIjoiaGlncmVzcy10ZXN0IiwibmJmIjoxNzA0MDY3MjAwLCJzdWIiOiJoaWdyZXNzLXRlc3QifQ.Y_zNhjb14XQXpZRJLG3rHzzkSAww_5rkM1b5BRIiGdJyNqoeUvIBcIekxqDUIWMCOU6dFmW0eG3xg1l5hOkebqJintAu0MlQG6BJ8eCMlUh4YVukPr419e9u1_8e7E1KpkbpbRIaaTb5OtOHLQk-qfTcYn-zTiiuyJ1MfpWuZaCkZyKfaKGtC4NOajw_FpOJ3VwC3Ts38IJBUVrr_OVzk386EKUdh11rmfEpupwFYUrxSekHiHGSSrQ372p30Wvg4JwC4sE0fmOB-bfXzDRLSxJsTXaxT-4MaHeBdJ394YG9uUhNO4ILX_9RafiM4bGkglZ4APzOA4-QxL8ZrVV9rA",
+            "type": "expried"
+        }
+    ]
+}
diff --git a/plugins/wasm-go/extensions/jwt-auth/test/keys.json b/plugins/wasm-go/extensions/jwt-auth/test/keys.json
@@ -0,0 +1,17 @@
+{
+    "keys": [
+        {
+            "kty": "EC",
+            "kid": "p256",
+            "crv": "P-256",
+            "x": "Ds10dk0bxj_F86YhEM6xnYKv9NDNNDxmh4_V-fCLzRg",
+            "y": "JRP1OkQE80i_gU8pLCsyhuuL3H5QHDFETFEfErgacpE"
+        },
+        {
+            "kty": "RSA",
+            "kid": "rsa",
+            "n": "-SnN2XT6GcfO_dSAp8txrfglFtwMe86sY_GgedT-tMJ0sROmejSY3fEuit0OO-q1XleN4w9h5nzBeBHj4armSPKzboWyQTreaH9lV-IoyMO9bXroRvkD0IOIJuaCWqigRzGFZ2lWYI5V_L0tW9N6yp0S95vk0IuIYNIqWAK8cWGGgr7QWG5h23pYLmw9QBnZW_UkT5RNtrUpYmDAcA9psVwNgegef5Z4LS_CCMpMAWNNEWsarWQCe_C8ryujpubZuDDMUeWe_1rlItEiXigfaZUgmRKEQise_sOZUvPmZR6eP7Vf5DlnXgz9zLtPvh-TvOzi_f11QVUoIg9XZClyMw",
+            "e": "AQAB"
+        }
+    ]
+}