diff --git a/gradle/wrapper/gradle-wrapper.jar b/gradle/wrapper/gradle-wrapper.jar new file mode 100644 index 0000000..5c2d1cf Binary files /dev/null and b/gradle/wrapper/gradle-wrapper.jar differ diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties index 655836e..f4d7b2b 100644 --- a/gradle/wrapper/gradle-wrapper.properties +++ b/gradle/wrapper/gradle-wrapper.properties @@ -1,6 +1,5 @@ -#Thu Apr 25 21:34:06 BST 2019 distributionBase=GRADLE_USER_HOME distributionPath=wrapper/dists +distributionUrl=https\://services.gradle.org/distributions/gradle-5.4.1-bin.zip zipStoreBase=GRADLE_USER_HOME zipStorePath=wrapper/dists -distributionUrl=https\://services.gradle.org/distributions/gradle-5.1.1-all.zip diff --git a/gradlew b/gradlew index cccdd3d..b0d6d0a 100755 --- a/gradlew +++ b/gradlew @@ -1,5 +1,21 @@ #!/usr/bin/env sh +# +# Copyright 2015 the original author or authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + ############################################################################## ## ## Gradle start up script for UN*X @@ -28,7 +44,7 @@ APP_NAME="Gradle" APP_BASE_NAME=`basename "$0"` # Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. -DEFAULT_JVM_OPTS="" +DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"' # Use the maximum available, or set MAX_FD != -1 to use that value. MAX_FD="maximum" diff --git a/gradlew.bat b/gradlew.bat index e95643d..15e1ee3 100644 --- a/gradlew.bat +++ b/gradlew.bat @@ -1,3 +1,19 @@ +@rem +@rem Copyright 2015 the original author or authors. +@rem +@rem Licensed under the Apache License, Version 2.0 (the "License"); +@rem you may not use this file except in compliance with the License. +@rem You may obtain a copy of the License at +@rem +@rem http://www.apache.org/licenses/LICENSE-2.0 +@rem +@rem Unless required by applicable law or agreed to in writing, software +@rem distributed under the License is distributed on an "AS IS" BASIS, +@rem WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +@rem See the License for the specific language governing permissions and +@rem limitations under the License. +@rem + @if "%DEBUG%" == "" @echo off @rem ########################################################################## @rem @@ -14,7 +30,7 @@ set APP_BASE_NAME=%~n0 set APP_HOME=%DIRNAME% @rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. -set DEFAULT_JVM_OPTS= +set DEFAULT_JVM_OPTS="-Xmx64m" "-Xms64m" @rem Find java.exe if defined JAVA_HOME goto findJavaFromJavaHome diff --git a/lib/.gitignore b/library/.gitignore similarity index 100% rename from lib/.gitignore rename to library/.gitignore diff --git a/lib/build.gradle b/library/build.gradle similarity index 95% rename from lib/build.gradle rename to library/build.gradle index dbe4bba..4de8ece 100644 --- a/lib/build.gradle +++ b/library/build.gradle @@ -4,6 +4,7 @@ apply plugin: 'kotlin-android' android { compileSdkVersion 28 + testOptions.unitTests.includeAndroidResources = true defaultConfig { minSdkVersion 21 diff --git a/lib/proguard-rules.pro b/library/proguard-rules.pro similarity index 100% rename from lib/proguard-rules.pro rename to library/proguard-rules.pro diff --git a/lib/src/main/AndroidManifest.xml b/library/src/main/AndroidManifest.xml similarity index 100% rename from lib/src/main/AndroidManifest.xml rename to library/src/main/AndroidManifest.xml diff --git a/lib/src/main/java/com/iterativelylabs/simplejwt/JWT.kt b/library/src/main/java/com/iterativelylabs/simplejwt/JWT.kt similarity index 76% rename from lib/src/main/java/com/iterativelylabs/simplejwt/JWT.kt rename to library/src/main/java/com/iterativelylabs/simplejwt/JWT.kt index 7b9897a..6f487b5 100644 --- a/lib/src/main/java/com/iterativelylabs/simplejwt/JWT.kt +++ b/library/src/main/java/com/iterativelylabs/simplejwt/JWT.kt @@ -4,6 +4,7 @@ import android.util.Base64 import com.google.gson.Gson import com.google.gson.GsonBuilder import com.google.gson.reflect.TypeToken +import com.iterativelylabs.simplejwt.internal.JWTPayloadDeserializer import java.lang.reflect.Type class JWT(private val token: String) { @@ -26,17 +27,23 @@ class JWT(private val token: String) { } init { - gson = GsonBuilder().registerTypeAdapter(JWTPayload::class.java, JWTPayloadDeserializer()).create() + gson = GsonBuilder().registerTypeAdapter(JWTPayload::class.java, + JWTPayloadDeserializer() + ).create() decodeToken() } + @Throws(IllegalArgumentException::class) private fun decodeToken() { - val parts = arrayOf("","","") + if (token.isEmpty() || token.count { it == '.' } != 2) throw IllegalArgumentException("Token is empty or formatted incorrectly") + val parts = arrayOf("","","") token.split(".").forEachIndexed { index, part -> parts[index] = part } + if (parts[2].isEmpty()) throw IllegalArgumentException("Signature is missing from Token") + header = decodeToType(parts[0], stringMapType) ?: mapOf() payload = decodeToType(parts[1], JWTPayload::class.java) as? JWTPayload signature = parts[2] diff --git a/lib/src/main/java/com/iterativelylabs/simplejwt/JWTPayload.kt b/library/src/main/java/com/iterativelylabs/simplejwt/JWTPayload.kt similarity index 100% rename from lib/src/main/java/com/iterativelylabs/simplejwt/JWTPayload.kt rename to library/src/main/java/com/iterativelylabs/simplejwt/JWTPayload.kt diff --git a/lib/src/main/java/com/iterativelylabs/simplejwt/JWTPayloadDeserializer.kt b/library/src/main/java/com/iterativelylabs/simplejwt/internal/JWTPayloadDeserializer.kt similarity index 79% rename from lib/src/main/java/com/iterativelylabs/simplejwt/JWTPayloadDeserializer.kt rename to library/src/main/java/com/iterativelylabs/simplejwt/internal/JWTPayloadDeserializer.kt index 9f96e9b..90836cd 100644 --- a/lib/src/main/java/com/iterativelylabs/simplejwt/JWTPayloadDeserializer.kt +++ b/library/src/main/java/com/iterativelylabs/simplejwt/internal/JWTPayloadDeserializer.kt @@ -1,14 +1,16 @@ -package com.iterativelylabs.simplejwt +package com.iterativelylabs.simplejwt.internal import com.google.gson.JsonDeserializationContext import com.google.gson.JsonDeserializer import com.google.gson.JsonElement import java.lang.reflect.Type import com.google.gson.JsonObject +import com.iterativelylabs.simplejwt.JWTClaim +import com.iterativelylabs.simplejwt.JWTPayload import java.util.* -class JWTPayloadDeserializer : JsonDeserializer { +internal class JWTPayloadDeserializer : JsonDeserializer { private val RegisteredClaimNames = listOf("iss", "sub", "exp", "nbf", "iat", "jti", "aud") @@ -35,7 +37,16 @@ class JWTPayloadDeserializer : JsonDeserializer { } } - payload = JWTPayload(issuer, subject, expiresAt, notBefore, issuedAt, tokenId, listOf(), claims.toMap()) + payload = JWTPayload( + issuer, + subject, + expiresAt, + notBefore, + issuedAt, + tokenId, + listOf(), + claims.toMap() + ) } return payload diff --git a/lib/src/test/java/com/iterativelylabs/simplejwt/JWTTest.kt b/library/src/test/java/com/iterativelylabs/simplejwt/JWTTest.kt similarity index 85% rename from lib/src/test/java/com/iterativelylabs/simplejwt/JWTTest.kt rename to library/src/test/java/com/iterativelylabs/simplejwt/JWTTest.kt index 36d0953..a5d7529 100644 --- a/lib/src/test/java/com/iterativelylabs/simplejwt/JWTTest.kt +++ b/library/src/test/java/com/iterativelylabs/simplejwt/JWTTest.kt @@ -9,6 +9,21 @@ import java.util.* @RunWith(AndroidJUnit4::class) class JWTTest { + @Test(expected = IllegalArgumentException::class) + fun `test empty token handling`() { + JWT("") + } + + @Test(expected = IllegalArgumentException::class) + fun `test token with incorrect format handling`() { + JWT(".") + } + + @Test(expected = IllegalArgumentException::class) + fun `test token with missing signature handling`() { + JWT("eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI3ZjcyN2ZjNy05OWE2LTRiOTMtYTljZi1mYTg0MTc2Mjk2ZmEiLCJpYXQiOjE1NTc0Nzk4ODB9.") + } + @Test fun `test HS256 JWT token with no private claims`() { val tokenString = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI3ZjcyN2ZjNy05OWE2LTRiOTMtYTljZi1mYTg0MTc2Mjk2ZmEiLCJpYXQiOjE1NTc0Nzk4ODB9.qdwAtmsTuo87rOOIX73Ea07JdvH8y6B6_RsOjrN0R9I" diff --git a/settings.gradle b/settings.gradle index 8c2a2e0..d8f14a1 100644 --- a/settings.gradle +++ b/settings.gradle @@ -1 +1 @@ -include ':lib' +include ':library'