|
| 1 | +# frozen_string_literal: true |
| 2 | + |
| 3 | +RSpec.describe JWT::EncodedNestedToken do |
| 4 | + let(:inner_secret) { 'inner_secret_key' } |
| 5 | + let(:outer_secret) { 'outer_secret_key' } |
| 6 | + let(:inner_payload) { { 'user_id' => 123, 'role' => 'admin' } } |
| 7 | + |
| 8 | + def create_signed_jwt(payload: inner_payload, algorithm: 'HS256', key: inner_secret) |
| 9 | + token = JWT::Token.new(payload: payload) |
| 10 | + token.sign!(algorithm: algorithm, key: key) |
| 11 | + token.jwt |
| 12 | + end |
| 13 | + |
| 14 | + def create_nested(inner, algorithm:, key:) |
| 15 | + JWT::NestedToken.new(inner).tap { |n| n.sign!(algorithm: algorithm, key: key) }.jwt |
| 16 | + end |
| 17 | + |
| 18 | + let(:inner_jwt) { create_signed_jwt } |
| 19 | + |
| 20 | + describe 'Enumerable interface' do |
| 21 | + let(:nested_jwt) { create_nested(inner_jwt, algorithm: 'HS256', key: outer_secret) } |
| 22 | + |
| 23 | + it 'has the correct number of tokens' do |
| 24 | + nested = described_class.new(nested_jwt) |
| 25 | + expect(nested.count).to eq(2) |
| 26 | + end |
| 27 | + |
| 28 | + it 'orders tokens from outermost to innermost' do |
| 29 | + nested = described_class.new(nested_jwt) |
| 30 | + headers = nested.map(&:header) |
| 31 | + |
| 32 | + expect(headers.first['cty']).to eq('JWT') |
| 33 | + expect(headers.last).not_to have_key('cty') |
| 34 | + end |
| 35 | + |
| 36 | + it 'returns a single token for a non-nested JWT' do |
| 37 | + nested = described_class.new(inner_jwt) |
| 38 | + expect(nested.count).to eq(1) |
| 39 | + end |
| 40 | + |
| 41 | + it 'supports three nesting levels' do |
| 42 | + level2 = create_nested(inner_jwt, algorithm: 'HS256', key: 'key2') |
| 43 | + level3 = create_nested(level2, algorithm: 'HS384', key: 'key3') |
| 44 | + |
| 45 | + nested = described_class.new(level3) |
| 46 | + expect(nested.count).to eq(3) |
| 47 | + |
| 48 | + algorithms = nested.map { |t| t.header['alg'] } |
| 49 | + expect(algorithms).to eq(%w[HS384 HS256 HS256]) |
| 50 | + end |
| 51 | + end |
| 52 | + |
| 53 | + describe '#last' do |
| 54 | + it 'returns the innermost token' do |
| 55 | + nested_jwt = create_nested(inner_jwt, algorithm: 'HS256', key: outer_secret) |
| 56 | + nested = described_class.new(nested_jwt) |
| 57 | + |
| 58 | + expect(nested.last.unverified_payload).to eq(inner_payload) |
| 59 | + end |
| 60 | + end |
| 61 | + |
| 62 | + describe '#verify!' do |
| 63 | + let(:nested_jwt) { create_nested(inner_jwt, algorithm: 'HS256', key: outer_secret) } |
| 64 | + |
| 65 | + it 'verifies signatures and returns self' do |
| 66 | + nested = described_class.new(nested_jwt) |
| 67 | + result = nested.verify!( |
| 68 | + keys: [ |
| 69 | + { algorithm: 'HS256', key: outer_secret }, |
| 70 | + { algorithm: 'HS256', key: inner_secret } |
| 71 | + ] |
| 72 | + ) |
| 73 | + |
| 74 | + expect(result).to eq(nested) |
| 75 | + end |
| 76 | + |
| 77 | + it 'allows accessing innermost payload after verification' do |
| 78 | + nested = described_class.new(nested_jwt) |
| 79 | + nested.verify!( |
| 80 | + keys: [ |
| 81 | + { algorithm: 'HS256', key: outer_secret }, |
| 82 | + { algorithm: 'HS256', key: inner_secret } |
| 83 | + ] |
| 84 | + ) |
| 85 | + |
| 86 | + expect(nested.last.payload).to eq(inner_payload) |
| 87 | + end |
| 88 | + |
| 89 | + it 'raises VerificationError for invalid outer signature' do |
| 90 | + nested = described_class.new(nested_jwt) |
| 91 | + |
| 92 | + expect do |
| 93 | + nested.verify!( |
| 94 | + keys: [ |
| 95 | + { algorithm: 'HS256', key: 'wrong_key' }, |
| 96 | + { algorithm: 'HS256', key: inner_secret } |
| 97 | + ] |
| 98 | + ) |
| 99 | + end.to raise_error(JWT::VerificationError, 'Signature verification failed') |
| 100 | + end |
| 101 | + |
| 102 | + it 'raises VerificationError for invalid inner signature' do |
| 103 | + nested = described_class.new(nested_jwt) |
| 104 | + |
| 105 | + expect do |
| 106 | + nested.verify!( |
| 107 | + keys: [ |
| 108 | + { algorithm: 'HS256', key: outer_secret }, |
| 109 | + { algorithm: 'HS256', key: 'wrong_key' } |
| 110 | + ] |
| 111 | + ) |
| 112 | + end.to raise_error(JWT::VerificationError, 'Signature verification failed') |
| 113 | + end |
| 114 | + |
| 115 | + it 'raises DecodeError when key count does not match nesting depth' do |
| 116 | + nested = described_class.new(nested_jwt) |
| 117 | + |
| 118 | + expect do |
| 119 | + nested.verify!(keys: [{ algorithm: 'HS256', key: outer_secret }]) |
| 120 | + end.to raise_error(JWT::DecodeError, 'Expected 2 key configurations, got 1') |
| 121 | + end |
| 122 | + |
| 123 | + it 'handles case-insensitive cty header' do |
| 124 | + signer = JWT::JWA.create_signer(algorithm: 'HS256', key: outer_secret) |
| 125 | + header = { 'cty' => 'jwt' }.merge(signer.jwa.header) { |_k, old, _new| old } |
| 126 | + encoded_header = JWT::Base64.url_encode(JWT::JSON.generate(header)) |
| 127 | + encoded_payload = JWT::Base64.url_encode(inner_jwt) |
| 128 | + signature = signer.sign(data: "#{encoded_header}.#{encoded_payload}") |
| 129 | + lowercase_nested = "#{encoded_header}.#{encoded_payload}.#{JWT::Base64.url_encode(signature)}" |
| 130 | + |
| 131 | + nested = described_class.new(lowercase_nested) |
| 132 | + nested.verify!( |
| 133 | + keys: [ |
| 134 | + { algorithm: 'HS256', key: outer_secret }, |
| 135 | + { algorithm: 'HS256', key: inner_secret } |
| 136 | + ] |
| 137 | + ) |
| 138 | + |
| 139 | + expect(nested.last.payload).to eq(inner_payload) |
| 140 | + end |
| 141 | + |
| 142 | + context 'with different algorithms at each level' do |
| 143 | + let(:rsa_private) { test_pkey('rsa-2048-private.pem') } |
| 144 | + let(:rsa_public) { rsa_private.public_key } |
| 145 | + |
| 146 | + it 'supports HS256 inner with RS256 outer' do |
| 147 | + nested_jwt = create_nested(inner_jwt, algorithm: 'RS256', key: rsa_private) |
| 148 | + nested = described_class.new(nested_jwt) |
| 149 | + |
| 150 | + nested.verify!( |
| 151 | + keys: [ |
| 152 | + { algorithm: 'RS256', key: rsa_public }, |
| 153 | + { algorithm: 'HS256', key: inner_secret } |
| 154 | + ] |
| 155 | + ) |
| 156 | + |
| 157 | + expect(nested.last.payload).to eq(inner_payload) |
| 158 | + end |
| 159 | + |
| 160 | + it 'supports RS256 inner with HS256 outer' do |
| 161 | + rsa_inner_jwt = create_signed_jwt(algorithm: 'RS256', key: rsa_private) |
| 162 | + nested_jwt = create_nested(rsa_inner_jwt, algorithm: 'HS256', key: outer_secret) |
| 163 | + nested = described_class.new(nested_jwt) |
| 164 | + |
| 165 | + nested.verify!( |
| 166 | + keys: [ |
| 167 | + { algorithm: 'HS256', key: outer_secret }, |
| 168 | + { algorithm: 'RS256', key: rsa_public } |
| 169 | + ] |
| 170 | + ) |
| 171 | + |
| 172 | + expect(nested.last.payload).to eq(inner_payload) |
| 173 | + end |
| 174 | + end |
| 175 | + |
| 176 | + context 'with multiple nesting levels' do |
| 177 | + it 'verifies all levels' do |
| 178 | + level2 = create_nested(inner_jwt, algorithm: 'HS384', key: 'key2') |
| 179 | + level3 = create_nested(level2, algorithm: 'HS512', key: 'key3') |
| 180 | + |
| 181 | + nested = described_class.new(level3) |
| 182 | + nested.verify!( |
| 183 | + keys: [ |
| 184 | + { algorithm: 'HS512', key: 'key3' }, |
| 185 | + { algorithm: 'HS384', key: 'key2' }, |
| 186 | + { algorithm: 'HS256', key: inner_secret } |
| 187 | + ] |
| 188 | + ) |
| 189 | + |
| 190 | + expect(nested.last.payload).to eq(inner_payload) |
| 191 | + end |
| 192 | + end |
| 193 | + end |
| 194 | + |
| 195 | + describe 'max depth protection' do |
| 196 | + it 'raises DecodeError when nesting exceeds MAX_DEPTH' do |
| 197 | + current = inner_jwt |
| 198 | + (described_class::MAX_DEPTH + 1).times do |i| |
| 199 | + current = create_nested(current, algorithm: 'HS256', key: "key_#{i}") |
| 200 | + end |
| 201 | + |
| 202 | + expect do |
| 203 | + described_class.new(current) |
| 204 | + end.to raise_error(JWT::DecodeError, /exceeds maximum depth/) |
| 205 | + end |
| 206 | + end |
| 207 | +end |
0 commit comments