Skip to content

Commit

Permalink
add support for ES algorithms (#118)
Browse files Browse the repository at this point in the history
Signed-off-by: Stephan Wurm <stephan.wurm@a-eberle.de>
swaeberle authored Mar 18, 2024

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
1 parent 736a95a commit 032fa5c
Showing 10 changed files with 202 additions and 3 deletions.
6 changes: 3 additions & 3 deletions src/ngx_http_auth_jwt_module.c
Original file line number Diff line number Diff line change
@@ -337,7 +337,7 @@ static ngx_int_t handle_request(ngx_http_request_t *r)
return redirect(r, jwtcf);
}
}
else if (algorithm.len == 5 && ngx_strncmp(algorithm.data, "RS", 2) == 0)
else if (algorithm.len == 5 && (ngx_strncmp(algorithm.data, "RS", 2) == 0 || ngx_strncmp(algorithm.data, "ES", 2) == 0))
{
if (jwtcf->use_keyfile == 1)
{
@@ -394,7 +394,7 @@ static int validate_alg(auth_jwt_conf_t *jwtcf, jwt_t *jwt)
{
const jwt_alg_t alg = jwt_get_alg(jwt);

if (alg != JWT_ALG_HS256 && alg != JWT_ALG_HS384 && alg != JWT_ALG_HS512 && alg != JWT_ALG_RS256 && alg != JWT_ALG_RS384 && alg != JWT_ALG_RS512)
if (alg != JWT_ALG_HS256 && alg != JWT_ALG_HS384 && alg != JWT_ALG_HS512 && alg != JWT_ALG_RS256 && alg != JWT_ALG_RS384 && alg != JWT_ALG_RS512 && alg != JWT_ALG_ES256 && alg != JWT_ALG_ES384 && alg != JWT_ALG_ES512)
{
return 1;
}
@@ -633,7 +633,7 @@ static char *get_jwt(ngx_http_request_t *r, ngx_str_t jwt_location)
if (ngx_strncmp(jwtHeaderVal->value.data, BEARER_PREFIX, strlen(BEARER_PREFIX)) == 0)
{
ngx_str_t jwtHeaderValWithoutBearer = jwtHeaderVal->value;

jwtHeaderValWithoutBearer.data += strlen(BEARER_PREFIX);
jwtHeaderValWithoutBearer.len -= strlen(BEARER_PREFIX);

3 changes: 3 additions & 0 deletions test/Dockerfile-test-nginx
Original file line number Diff line number Diff line change
@@ -9,4 +9,7 @@ RUN echo "Config Hash: ${CONFIG_HASH}"
COPY /docker-entrypoint.d/* /docker-entrypoint.d/
COPY /etc/nginx/conf.d/test.conf /etc/nginx/conf.d/test.conf
COPY /etc/nginx/rsa_key_2048-pub.pem /etc/nginx/rsa-key.conf
COPY /etc/nginx/ec_key_256-pub.pem /etc/nginx/ec-256-key.conf
COPY /etc/nginx/ec_key_384-pub.pem /etc/nginx/ec-384-key.conf
COPY /etc/nginx/ec_key_521-pub.pem /etc/nginx/ec-521-key.conf
RUN sed -i "s|%{PORT}|${PORT}|" /etc/nginx/conf.d/test.conf
5 changes: 5 additions & 0 deletions test/ec_key_256.pem
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
-----BEGIN PRIVATE KEY-----
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgOlEBGcZxxhv8FkN0
YIvax6fnhJbMeotzIEBxIglkNu6hRANCAATP1NpDzvZmKd2Mw6hIrv4nzUfNu7OK
mT5VuL5LhvUgzTqVGuxwevA7DlFsNVSfCljIBG3geio3fcd4k0Z9SygL
-----END PRIVATE KEY-----
6 changes: 6 additions & 0 deletions test/ec_key_384.pem
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
-----BEGIN PRIVATE KEY-----
MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDADyrL6llSQoQOZ/PF/
l761kAbrTwn4vu30Kr34ScW6bRKVXLq3cT3QssJ1nF9B63qhZANiAAQ48dOfIEd3
0TCVE0JT4ZU0Db7Ftz+ex7lojP7uqTY9OI59yoMB01zUN4JK30BRXS9Yv0A9Bu1z
fgLu93FSn0kd0zIPMvuu5LUt60M/miSt2lA0OrqFhKjx6FFdN/lNh64=
-----END PRIVATE KEY-----
8 changes: 8 additions & 0 deletions test/ec_key_521.pem
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
-----BEGIN PRIVATE KEY-----
MIHuAgEAMBAGByqGSM49AgEGBSuBBAAjBIHWMIHTAgEBBEIAKkag6aVn4XAbaALo
0b3pypdP5RBX7uKxHmKlkNCcpA0oVTdgjnM5NpJP8ZOM6NjVhEzsn6c/Tdn8hL8w
SI55hFWhgYkDgYYABABpTipSvbs8fq44u4fA+v7DTNYViA58sqbrxjxdzwWZ8eEj
CXsH7yzSGx3Y19NSyrX8HbjWmrj5uxiKeFCB8mGzTwDcFIKCMeMkHjZs/fmVOumR
a2XSpj7BP6wqcN6Pf+UqECivGAZGRHoabo/dm5zF9M3gO+G9eOrf3G1wgFFM7Vzb
Ow==
-----END PRIVATE KEY-----
123 changes: 123 additions & 0 deletions test/etc/nginx/conf.d/test.conf
Original file line number Diff line number Diff line change
@@ -72,6 +72,51 @@ server {
try_files index.html =404;
}

location /secure/cookie/es256 {
auth_jwt_enabled on;
auth_jwt_redirect on;
auth_jwt_location COOKIE=jwt;
auth_jwt_algorithm ES256;
auth_jwt_key "-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEz9TaQ872ZindjMOoSK7+J81Hzbuz
ipk+Vbi+S4b1IM06lRrscHrwOw5RbDVUnwpYyARt4HoqN33HeJNGfUsoCw==
-----END PUBLIC KEY-----";

alias /usr/share/nginx/html/;
try_files index.html =404;
}

location /secure/cookie/es384 {
auth_jwt_enabled on;
auth_jwt_redirect on;
auth_jwt_location COOKIE=jwt;
auth_jwt_algorithm ES384;
auth_jwt_key "-----BEGIN PUBLIC KEY-----
MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEOPHTnyBHd9EwlRNCU+GVNA2+xbc/nse5
aIz+7qk2PTiOfcqDAdNc1DeCSt9AUV0vWL9APQbtc34C7vdxUp9JHdMyDzL7ruS1
LetDP5okrdpQNDq6hYSo8ehRXTf5TYeu
-----END PUBLIC KEY-----";

alias /usr/share/nginx/html/;
try_files index.html =404;
}

location /secure/cookie/es512 {
auth_jwt_enabled on;
auth_jwt_redirect on;
auth_jwt_location COOKIE=jwt;
auth_jwt_algorithm ES512;
auth_jwt_key "-----BEGIN PUBLIC KEY-----
MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAaU4qUr27PH6uOLuHwPr+w0zWFYgO
fLKm68Y8Xc8FmfHhIwl7B+8s0hsd2NfTUsq1/B241pq4+bsYinhQgfJhs08A3BSC
gjHjJB42bP35lTrpkWtl0qY+wT+sKnDej3/lKhAorxgGRkR6Gm6P3ZucxfTN4Dvh
vXjq39xtcIBRTO1c2zs=
-----END PUBLIC KEY-----";

alias /usr/share/nginx/html/;
try_files index.html =404;
}

location /secure/auth-header/default {
auth_jwt_enabled on;
auth_jwt_redirect on;
@@ -119,6 +164,48 @@ BwIDAQAB
try_files index.html =404;
}

location /secure/auth-header/es256 {
auth_jwt_enabled on;
auth_jwt_redirect on;
auth_jwt_location HEADER=Authorization;
auth_jwt_key "-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEz9TaQ872ZindjMOoSK7+J81Hzbuz
ipk+Vbi+S4b1IM06lRrscHrwOw5RbDVUnwpYyARt4HoqN33HeJNGfUsoCw==
-----END PUBLIC KEY-----";

alias /usr/share/nginx/html/;
try_files index.html =404;
}

location /secure/auth-header/es384 {
auth_jwt_enabled on;
auth_jwt_redirect on;
auth_jwt_location HEADER=Authorization;
auth_jwt_key "-----BEGIN PUBLIC KEY-----
MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEOPHTnyBHd9EwlRNCU+GVNA2+xbc/nse5
aIz+7qk2PTiOfcqDAdNc1DeCSt9AUV0vWL9APQbtc34C7vdxUp9JHdMyDzL7ruS1
LetDP5okrdpQNDq6hYSo8ehRXTf5TYeu
-----END PUBLIC KEY-----";

alias /usr/share/nginx/html/;
try_files index.html =404;
}

location /secure/auth-header/es512 {
auth_jwt_enabled on;
auth_jwt_redirect on;
auth_jwt_location HEADER=Authorization;
auth_jwt_key "-----BEGIN PUBLIC KEY-----
MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAaU4qUr27PH6uOLuHwPr+w0zWFYgO
fLKm68Y8Xc8FmfHhIwl7B+8s0hsd2NfTUsq1/B241pq4+bsYinhQgfJhs08A3BSC
gjHjJB42bP35lTrpkWtl0qY+wT+sKnDej3/lKhAorxgGRkR6Gm6P3ZucxfTN4Dvh
vXjq39xtcIBRTO1c2zs=
-----END PUBLIC KEY-----";

alias /usr/share/nginx/html/;
try_files index.html =404;
}

location /secure/auth-header/rs256/file {
auth_jwt_enabled on;
auth_jwt_redirect on;
@@ -155,6 +242,42 @@ BwIDAQAB
try_files index.html =404;
}

location /secure/auth-header/es256/file {
auth_jwt_enabled on;
auth_jwt_redirect on;
auth_jwt_location HEADER=Authorization;
auth_jwt_algorithm ES256;
auth_jwt_use_keyfile on;
auth_jwt_keyfile_path "/etc/nginx/ec-256-key.conf";

alias /usr/share/nginx/html/;
try_files index.html =404;
}

location /secure/auth-header/es384/file {
auth_jwt_enabled on;
auth_jwt_redirect on;
auth_jwt_location HEADER=Authorization;
auth_jwt_algorithm ES384;
auth_jwt_use_keyfile on;
auth_jwt_keyfile_path "/etc/nginx/ec-384-key.conf";

alias /usr/share/nginx/html/;
try_files index.html =404;
}

location /secure/auth-header/es512/file {
auth_jwt_enabled on;
auth_jwt_redirect on;
auth_jwt_location HEADER=Authorization;
auth_jwt_algorithm ES512;
auth_jwt_use_keyfile on;
auth_jwt_keyfile_path "/etc/nginx/ec-521-key.conf";

alias /usr/share/nginx/html/;
try_files index.html =404;
}

location /secure/custom-header/hs256 {
auth_jwt_enabled on;
auth_jwt_redirect on;
4 changes: 4 additions & 0 deletions test/etc/nginx/ec_key_256-pub.pem
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
-----BEGIN PUBLIC KEY-----
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEz9TaQ872ZindjMOoSK7+J81Hzbuz
ipk+Vbi+S4b1IM06lRrscHrwOw5RbDVUnwpYyARt4HoqN33HeJNGfUsoCw==
-----END PUBLIC KEY-----
5 changes: 5 additions & 0 deletions test/etc/nginx/ec_key_384-pub.pem
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
-----BEGIN PUBLIC KEY-----
MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEOPHTnyBHd9EwlRNCU+GVNA2+xbc/nse5
aIz+7qk2PTiOfcqDAdNc1DeCSt9AUV0vWL9APQbtc34C7vdxUp9JHdMyDzL7ruS1
LetDP5okrdpQNDq6hYSo8ehRXTf5TYeu
-----END PUBLIC KEY-----
6 changes: 6 additions & 0 deletions test/etc/nginx/ec_key_521-pub.pem
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
-----BEGIN PUBLIC KEY-----
MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQAaU4qUr27PH6uOLuHwPr+w0zWFYgO
fLKm68Y8Xc8FmfHhIwl7B+8s0hsd2NfTUsq1/B241pq4+bsYinhQgfJhs08A3BSC
gjHjJB42bP35lTrpkWtl0qY+wT+sKnDej3/lKhAorxgGRkR6Gm6P3ZucxfTN4Dvh
vXjq39xtcIBRTO1c2zs=
-----END PUBLIC KEY-----
39 changes: 39 additions & 0 deletions test/test.sh
Original file line number Diff line number Diff line change
@@ -100,6 +100,10 @@ main() {
local JWT_RS256_INVALID=eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJzb21lLWxvbmctdXVpZCIsImZpcnN0TmFtZSI6ImhlbGxvIiwibGFzdE5hbWUiOiJ3b3JsZCIsImVtYWlsQWRkcmVzcyI6ImhlbGxvd29ybGRAZXhhbXBsZS5jb20iLCJyb2xlcyI6WyJ0aGlzIiwidGhhdCIsInRoZW90aGVyIl0sImlzcyI6Imlzc3VlciIsInBlcnNvbklkIjoiNzViYjNjYzctYjkzMy00NGYwLTkzYzYtMTQ3YjA4MmZhZGI1IiwiZXhwIjoxOTA4ODM1MjAwLCJpYXQiOjE0ODg4MTk2MDAsInVzZXJuYW1lIjoiaGVsbG8ud29ybGQifQ._aQmIBL4CVBxU1fNMOHp0kkagFaaX2TvAEenizytwd0
local JWT_RS384_VALID=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzM4NCJ9.eyJzdWIiOiJzb21lLWxvbmctdXVpZCIsImZpcnN0TmFtZSI6ImhlbGxvIiwibGFzdE5hbWUiOiJ3b3JsZCIsImVtYWlsQWRkcmVzcyI6ImhlbGxvd29ybGRAZXhhbXBsZS5jb20iLCJyb2xlcyI6WyJ0aGlzIiwidGhhdCIsInRoZW90aGVyIl0sImlzcyI6Imlzc3VlciIsInBlcnNvbklkIjoiNzViYjNjYzctYjkzMy00NGYwLTkzYzYtMTQ3YjA4MmZhZGI1IiwiZXhwIjoxOTA4ODM1MjAwLCJpYXQiOjE0ODg4MTk2MDAsInVzZXJuYW1lIjoiaGVsbG8ud29ybGQifQ.H35bTcZRhepWIoa8pKCbUMRuAOkVX9K5hJjc6tPmQwWmTw8lrktsvmMzJg_rgqnJLnAkciSIQw5EDj7fngS5zX2ThyRxrkPuE2Uiyw2Ect-mo9Kg1lrWgnyZCuCgq-Up9HQRAv0160mePlm8Gs4TOY6CPr38zwTcDZsy_Keq93igDQV8WuuWAGICaGd5ZyUOPjjzGShRjTU8Szz7fnpZpTtYRCYVo0pc5yfRWYm0fdn-4AseyGvd8JJ2xfnAEe4kZOkz7X1MLKtL0slKg3m2PH1lD7HwxIawXRTPWxArhJ9dcTNiDUrqtde2juGwOuMD_zTsb2Jj0_rmRb0Q6aljNw
local JWT_RS512_VALID=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiJ9.eyJzdWIiOiJzb21lLWxvbmctdXVpZCIsImZpcnN0TmFtZSI6ImhlbGxvIiwibGFzdE5hbWUiOiJ3b3JsZCIsImVtYWlsQWRkcmVzcyI6ImhlbGxvd29ybGRAZXhhbXBsZS5jb20iLCJyb2xlcyI6WyJ0aGlzIiwidGhhdCIsInRoZW90aGVyIl0sImlzcyI6Imlzc3VlciIsInBlcnNvbklkIjoiNzViYjNjYzctYjkzMy00NGYwLTkzYzYtMTQ3YjA4MmZhZGI1IiwiZXhwIjoxOTA4ODM1MjAwLCJpYXQiOjE0ODg4MTk2MDAsInVzZXJuYW1lIjoiaGVsbG8ud29ybGQifQ.iUupyKypfXJ5aZWfItSW-mOmx9a4C4X7Yr5p5Fk8W75ZhkOq0EeNfstTxx870brhkdPovBhO2LYI44_HoH9XicQNL6JnFprE0r61eJFngbuzlhRQiWpq0xYrazJWc9zB7_GgL2ZCwtw-Ts3G23Q0632wVm6-d7MKvG7RS8aEjN-MuVGdtLglH3forpItmFxw-if40EQsBL7hncN_XNcQTO4KPHkqmlpac_oKXRrLFDIIt2tB6OOpvY4QcpERoxexp4pi2f-JoINnWX_dU5JnIs3ypVJLQPfoJvxg8fsg3zYrOvMYnfsqOCYoHtZGK0O7jyfFmcGo5v2hLT-CpoF3Zw
local JWT_ES256_VALID=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJzdWIiOiJzb21lLWxvbmctdXVpZCIsImZpcnN0TmFtZSI6ImhlbGxvIiwibGFzdE5hbWUiOiJ3b3JsZCIsImVtYWlsQWRkcmVzcyI6ImhlbGxvd29ybGRAZXhhbXBsZS5jb20iLCJyb2xlcyI6WyJ0aGlzIiwidGhhdCIsInRoZW90aGVyIl0sImlzcyI6Imlzc3VlciIsInBlcnNvbklkIjoiNzViYjNjYzctYjkzMy00NGYwLTkzYzYtMTQ3YjA4MmZhZGI1IiwiZXhwIjoxOTA4ODM1MjAwLCJpYXQiOjE0ODg4MTk2MDAsInVzZXJuYW1lIjoiaGVsbG8ud29ybGQifQ.WFfJXGr5whKHB7arjsTXPTJ6TAsS1LoRxu7Vj2_HrLaIQphWJM6BICf-M3cv52tFzt-XTZb6GxlDgAbHo8z9Zg
local JWT_ES256_INVALID=eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJzb21lLWxvbmctdXVpZCIsImZpcnN0TmFtZSI6ImhlbGxvIiwibGFzdE5hbWUiOiJ3b3JsZCIsImVtYWlsQWRkcmVzcyI6ImhlbGxvd29ybGRAZXhhbXBsZS5jb20iLCJyb2xlcyI6WyJ0aGlzIiwidGhhdCIsInRoZW90aGVyIl0sImlzcyI6Imlzc3VlciIsInBlcnNvbklkIjoiNzViYjNjYzctYjkzMy00NGYwLTkzYzYtMTQ3YjA4MmZhZGI1IiwiZXhwIjoxOTA4ODM1MjAwLCJpYXQiOjE0ODg4MTk2MDAsInVzZXJuYW1lIjoiaGVsbG8ud29ybGQifQ._aQmIBL4CVBxU1fNMOHp0kkagFaaX2TvAEenizytwd0
local JWT_ES384_VALID=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzM4NCJ9.eyJzdWIiOiJzb21lLWxvbmctdXVpZCIsImZpcnN0TmFtZSI6ImhlbGxvIiwibGFzdE5hbWUiOiJ3b3JsZCIsImVtYWlsQWRkcmVzcyI6ImhlbGxvd29ybGRAZXhhbXBsZS5jb20iLCJyb2xlcyI6WyJ0aGlzIiwidGhhdCIsInRoZW90aGVyIl0sImlzcyI6Imlzc3VlciIsInBlcnNvbklkIjoiNzViYjNjYzctYjkzMy00NGYwLTkzYzYtMTQ3YjA4MmZhZGI1IiwiZXhwIjoxOTA4ODM1MjAwLCJpYXQiOjE0ODg4MTk2MDAsInVzZXJuYW1lIjoiaGVsbG8ud29ybGQifQ._EFxXYOTAfT3gB3xUfgGR2UyXHeRTlDWqA94oZbB0DDa7YPZTEX9T4C_0ylnOFKZ6irGHZA8vxjgXDH3DZKWwBWcZ-XaQ_Q4Ws2J-AEeLqcl7_CS6q9mFo0Y7vUNEn-W
local JWT_ES512_VALID=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzUxMiJ9.eyJzdWIiOiJzb21lLWxvbmctdXVpZCIsImZpcnN0TmFtZSI6ImhlbGxvIiwibGFzdE5hbWUiOiJ3b3JsZCIsImVtYWlsQWRkcmVzcyI6ImhlbGxvd29ybGRAZXhhbXBsZS5jb20iLCJyb2xlcyI6WyJ0aGlzIiwidGhhdCIsInRoZW90aGVyIl0sImlzcyI6Imlzc3VlciIsInBlcnNvbklkIjoiNzViYjNjYzctYjkzMy00NGYwLTkzYzYtMTQ3YjA4MmZhZGI1IiwiZXhwIjoxOTA4ODM1MjAwLCJpYXQiOjE0ODg4MTk2MDAsInVzZXJuYW1lIjoiaGVsbG8ud29ybGQifQ.AFY4gNCtZNYkrTiijDkV4eKIt2UPMIuJBfZIk69jgI8FSGCQyUIMmIVg0fTvbaSiaryXzcjbG5TCm8a9Vu3KFJutAHGrgvZqcdklxx6Fbk3an3r_CH68n_ncwS3SUV58mDjf0OX8jRuNdudU1L5xYNQdodo-fxPIb1oHXfMJ0CmULDR9

run_test -n 'when auth disabled, should return 200' \
-p '/' \
@@ -173,6 +177,21 @@ main() {
-c '200' \
-x ' --cookie "jwt=${JWT_RS256_VALID}"'

run_test -n 'when auth enabled with ES256 algorithm and valid JWT cookie, returns 200' \
-p '/secure/cookie/es256' \
-c '200' \
-x ' --cookie "jwt=${JWT_ES256_VALID}"'

run_test -n 'when auth enabled with ES384 algorithm and valid JWT cookie, returns 200' \
-p '/secure/cookie/es384' \
-c '200' \
-x ' --cookie "jwt=${JWT_ES384_VALID}"'

run_test -n 'when auth enabled with ES512 algorithm and valid JWT cookie, returns 200' \
-p '/secure/cookie/es512' \
-c '200' \
-x ' --cookie "jwt=${JWT_ES512_VALID}"'

run_test -n 'when auth enabled with RS256 algorithm via file and valid JWT in Authorization header, returns 200' \
-p '/secure/auth-header/rs256/file' \
-c '200' \
@@ -193,6 +212,26 @@ main() {
-c '200' \
-x '--header "Authorization: Bearer ${JWT_RS256_VALID}"'

run_test -n 'when auth enabled with ES256 algorithm via file and valid JWT in Authorization header, returns 200' \
-p '/secure/auth-header/es256/file' \
-c '200' \
-x '--header "Authorization: Bearer ${JWT_ES256_VALID}"'

run_test -n 'when auth enabled with ES256 algorithm via file and invalid JWT in Authorization header, returns 401' \
-p '/secure/auth-header/es256/file' \
-c '302' \
-x '--header "Authorization: Bearer ${JWT_ES256_INVALID}"'

run_test -n 'when auth enabled with ES384 algorithm via file and valid JWT in Authorization header, returns 200' \
-p '/secure/auth-header/es384/file' \
-c '200' \
-x '--header "Authorization: Bearer ${JWT_ES384_VALID}"'

run_test -n 'when auth enabled with ES512 algorithm via file and valid JWT in Authorization header, returns 200' \
-p '/secure/auth-header/es512/file' \
-c '200' \
-x '--header "Authorization: Bearer ${JWT_ES512_VALID}"'

run_test -n 'when auth enabled with HS256 algorithm and valid JWT in custom header without bearer, returns 200' \
-p '/secure/custom-header/hs256/' \
-c '200' \

0 comments on commit 032fa5c

Please sign in to comment.