Test default JWT

opentok · Nov 11, 2024 · d9cacfe · d9cacfe
1 parent b69d5fb
commit d9cacfe
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 2 deletions.
diff --git a/src/main/java/com/opentok/Session.java b/src/main/java/com/opentok/Session.java
@@ -109,7 +109,7 @@ public String generateToken(TokenOptions tokenOptions) throws OpenTokException {
         Role role = tokenOptions.getRole();
         String data = tokenOptions.getData();
         int nonce = new Random().nextInt();
-        long iat = System.currentTimeMillis() / 1000L;
+        long iat = System.currentTimeMillis() / 1000;
         long exp = tokenOptions.getExpireTime();
 
         if (exp == 0) {

diff --git a/src/test/java/com/opentok/test/OpenTokTest.java b/src/test/java/com/opentok/test/OpenTokTest.java
@@ -21,6 +21,7 @@
 import com.opentok.exception.OpenTokException;
 import com.opentok.exception.RequestException;
 import io.jsonwebtoken.JwtParserBuilder;
+import io.jsonwebtoken.Jwts;
 import org.apache.commons.lang.StringUtils;
 import org.jose4j.jwt.consumer.JwtConsumer;
 import org.jose4j.jwt.consumer.JwtConsumerBuilder;
@@ -31,12 +32,16 @@
 import java.io.UnsupportedEncodingException;
 import java.net.*;
 import java.security.InvalidKeyException;
+import java.security.KeyFactory;
 import java.security.NoSuchAlgorithmException;
 import java.security.SignatureException;
+import java.security.spec.X509EncodedKeySpec;
+import java.time.Instant;
 import java.util.*;
 
 import static com.github.tomakehurst.wiremock.client.WireMock.*;
 import static org.junit.Assert.*;
+import javax.crypto.spec.SecretKeySpec;
 
 public class OpenTokTest {
     private final String SESSION_CREATE = "/session/create";
@@ -468,9 +473,25 @@ public void testCreateInvalidE2eeSessionDefault() {
 
     @Test
     public void testTokenDefault() throws Exception {
+        long nowSeconds = Instant.now().getEpochSecond();
         String token = sdk.generateToken(sessionId);
         assertNotNull(token);
-
+        var key = new SecretKeySpec(apiSecret.getBytes(), "HmacSHA256");
+        var claims = Jwts.parser().verifyWith(key).build().parseSignedClaims(token).getPayload();
+        assertNotNull(claims);
+        assertEquals(Integer.class, claims.get("nonce").getClass());
+        assertEquals(sessionId, claims.get("session_id"));
+        assertEquals("publisher", claims.get("role"));
+        assertEquals("session.connect", claims.get("scope"));
+        assertEquals(apiKey + "", claims.get("iss"));
+        assertEquals("project", claims.get("ist"));
+        assertNotNull(claims.get("jti"));
+        long iat = claims.getIssuedAt().toInstant().getEpochSecond();
+        assertTrue(iat >= nowSeconds);
+        assertTrue(iat <= nowSeconds + 5);
+        long exp = claims.getExpiration().toInstant().getEpochSecond();
+        assertTrue(exp >= iat + 86400);
+        assertTrue(exp <= iat + 86405);
     }
 
     @Test