Skip to content

MOSIP-44098 - Move common JWT decode utilities from EsignetUtil to AdminTestUtil #1908

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
mohanachandran-s merged 4 commits into from
Mar 9, 2026
Merged

MOSIP-44098 - Move common JWT decode utilities from EsignetUtil to AdminTestUtil #1908

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
b497117
MOSIP-44098 - Move common JWT decode utilities from EsignetUtil to Ad…
prathmeshj12 Mar 6, 2026
f48f613
MOSIP-44098 - Move common JWT decode utilities from EsignetUtil to Ad…
prathmeshj12 Mar 6, 2026
14fbb0f
Merge branch 'mosip:develop' into develop
prathmeshj12 Mar 9, 2026
5a6f67c
MOSIP-44098 - Move common JWT decode utilities from EsignetUtil to Ad…
prathmeshj12 Mar 9, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
82 changes: 82 additions & 0 deletions apitest-commons/src/main/java/io/mosip/testrig/apirig/utils/AdminTestUtil.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -96,6 +96,7 @@
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.node.ObjectNode;
import com.github.jknack.handlebars.Context;
import com.github.jknack.handlebars.Handlebars;
import com.github.jknack.handlebars.Template;
Expand Down Expand Up @@ -7740,5 +7741,86 @@ private static String checkKeys(JSONObject jsonObject, String[] keys) {
}
return null;
}

protected Response patchWithPathParamsBodyHeaderWithBearerToken(String url, String jsonInput, String cookieName, String role,
String testCaseName, String pathParams) throws SecurityXSSException {
Comment thread
prathmeshj12 marked this conversation as resolved.
Response response = null;
String inputJson = inputJsonKeyWordHandeler(jsonInput, testCaseName);
JSONObject req = new JSONObject(inputJson);
HashMap<String, String> pathParamsMap = new HashMap<>();
String[] params = pathParams.split(",");
for (String param : params) {
if (req.has(param)) {
pathParamsMap.put(param, req.get(param).toString());
req.remove(param);
} else
logger.error(GlobalConstants.ERROR_STRING_2 + param + GlobalConstants.IN_STRING + inputJson);
}

token = kernelAuthLib.getAuthTokenByRole(role);

logger.info(GlobalConstants.PUT_REQ_STRING + url);
GlobalMethods.reportRequest(null, req.toString(), url);
try {
response = RestClient.patchWithPathParamsBodyHeaderWithBearerToken(url, pathParamsMap, req.toString(),
MediaType.APPLICATION_JSON, MediaType.APPLICATION_JSON, cookieName, token);
Comment thread
prathmeshj12 marked this conversation as resolved.
// check if X-XSS-Protection is enabled or not
GlobalMethods.checkXSSProtectionHeader(response, url);
GlobalMethods.reportResponse(response.getHeaders().asList().toString(), url, response);
return response;
} catch (SecurityXSSException se) {
String responseHeadersString = (response == null) ? "No response"
: response.getHeaders().asList().toString();
String errorMessageString = "XSS check failed for URL: " + url + "\nHeaders: " + responseHeadersString
+ "\nError: " + se.getMessage();
logger.error(errorMessageString, se);
throw se;
} catch (Exception e) {
logger.error(GlobalConstants.EXCEPTION_STRING_2 + e);
return response;
}
}

public static String decodeBase64Url(String value) {
Comment thread
prathmeshj12 marked this conversation as resolved.
try {
byte[] decodedBytes = Base64.getUrlDecoder().decode(value);
return new String(decodedBytes, StandardCharsets.UTF_8);
} catch (Exception e) {
logger.error("Error decoding Base64Url: " + value, e);
return null;
Comment thread
prathmeshj12 marked this conversation as resolved.
}
}

public static String decodeAndCombineJwt(String jwtString) {
try {

if (jwtString == null || jwtString.isEmpty()) {
logger.error("JWT string is empty");
return null;
}

DecodedJWT jwt = JWT.decode(jwtString);

String headerJson = decodeBase64Url(jwt.getHeader());
String payloadJson = decodeBase64Url(jwt.getPayload());

if (headerJson == null || payloadJson == null) {
logger.error("Failed to decode JWT parts");
return null;
}

ObjectMapper mapper = new ObjectMapper();
ObjectNode combinedJson = mapper.createObjectNode();

combinedJson.set("header", mapper.readTree(headerJson));
combinedJson.set("payload", mapper.readTree(payloadJson));

return mapper.writeValueAsString(combinedJson);

} catch (Exception e) {
logger.error("Error decoding JWT: " + e.getMessage(), e);
return null;
}
}

}
64 changes: 64 additions & 0 deletions apitest-commons/src/main/java/io/mosip/testrig/apirig/utils/KernelAuthentication.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -76,6 +76,17 @@ public class KernelAuthentication extends BaseTestCase {
protected static final String ESIGNETUINCOOKIESRESPONSE = "ESignetUINCookiesResponse";
protected static final String ESIGNETVIDCOOKIESRESPONSE = "ESignetVIDCookiesResponse";

private static final String TOKEN_URL = ConfigManager.getproperty("keycloak-external-url")
+ ConfigManager.getproperty("keycloakAuthTokenEndPoint");
Comment thread
prathmeshj12 marked this conversation as resolved.
private static final String GRANT_TYPE = "client_credentials";
private static final String CLIENT_ID = "client_id";
private static final String CLIENT_SECRET = "client_secret";
private static final String GRANT_TYPE_KEY = "grant_type";
private static final String ACCESS_TOKEN = "access_token";

private static String partnerKeycloakToken = null;
private static String mobileAuthKeycloakCookie = null;

public static void setLogLevel() {
if (ConfigManager.IsDebugEnabled())
logger.setLevel(Level.ALL);
Expand Down Expand Up @@ -247,6 +258,59 @@ public String getTokenByRole(String role, String tokenType) {

}

public static String getAuthTokenFromKeyCloak(String clientId, String clientSecret) {
Map<String, String> params = new HashMap<>();
params.put(CLIENT_ID, clientId);
params.put(CLIENT_SECRET, clientSecret);
params.put(GRANT_TYPE_KEY, GRANT_TYPE);

Response response = null;

try {
response = RestClient.postRequestWithFormDataBody(TOKEN_URL, params);
} catch (Exception e) {
logger.error("Error sending POST request to Keycloak token URL: " + TOKEN_URL, e);
return "";
}

if (response == null) {
logger.error("Keycloak token request returned null response");
return "";
}
int statusCode = response.getStatusCode();
if (statusCode < 200 || statusCode >= 300) {
logger.error("Keycloak token request failed with status code: " + statusCode);
return "";
}
logger.info("Keycloak token request successful");

org.json.JSONObject responseJson = new org.json.JSONObject(response.getBody().asString());
return responseJson.optString(ACCESS_TOKEN, "");
Comment thread
prathmeshj12 marked this conversation as resolved.
}

public static String getAuthTokenByRole(String role) {
if (role == null)
return "";

String roleLowerCase = role.toLowerCase();
switch (roleLowerCase) {
case "partner":
if (!AdminTestUtil.isValidToken(partnerKeycloakToken)) {
partnerKeycloakToken = getAuthTokenFromKeyCloak(ConfigManager.getPmsClientId(),
ConfigManager.getPmsClientSecret());
}
return partnerKeycloakToken;
case "mobileauth":
if (!AdminTestUtil.isValidToken(mobileAuthKeycloakCookie)) {
mobileAuthKeycloakCookie = getAuthTokenFromKeyCloak(ConfigManager.getMPartnerMobileClientId(),
ConfigManager.getMPartnerMobileClientSecret());
}
return mobileAuthKeycloakCookie;
default:
return "";
}
}

@SuppressWarnings("unchecked")
public HashMap<String, String> getAuthFromEsignet(String keyName) {
HashMap<String, String> tokens = new HashMap<>();
Expand Down
Loading