eden-emu/cpp-jwt
14
0
Fork 0
mirror of https://github.com/arun11299/cpp-jwt.git synced 2025-05-15 01:08:31 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Added exception handling and test for key/secret not present

Browse source
This commit is contained in:
Arun M 2017-12-26 20:35:51 +05:30
parent 99f3c1db86
commit a5e18cc4f4
4 changed files with 42 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

18
include/jwt/exceptions.hpp
View file

@ -58,17 +58,31 @@ public:
/** /**
*/ */
class SignatureFormatError final : public std::runtime_error class SignatureFormatError final : public DecodeError
{ {
public: public:
/** /**
*/ */
SignatureFormatError(std::string msg) SignatureFormatError(std::string msg)
: std::runtime_error(std::move(msg)) : DecodeError(std::move(msg))
{ {
} }
}; };
/**
*/
class KeyNotPresentError final : public DecodeError
{
public:
/**
*/
KeyNotPresentError(std::string msg)
: DecodeError(std::move(msg))
{
}
};
/** /**
*/ */
class VerificationError : public std::runtime_error class VerificationError : public std::runtime_error

20
include/jwt/impl/jwt.ipp
View file

@ -581,15 +581,6 @@ jwt_object decode(const string_view enc_str,
ec = DecodeErrc::SignatureFormatError; ec = DecodeErrc::SignatureFormatError;
return obj; return obj;
} }
if (!dparams.has_secret) {
ec = DecodeErrc::KeyNotPresent;
return obj;
}
} else {
if (dparams.has_secret) {
ec = DecodeErrc::KeyNotRequiredForNoneAlg;
}
} }
//throws decode error //throws decode error
@ -607,7 +598,12 @@ jwt_object decode(const string_view enc_str,
} }
//Verify the signature only if some algorithm was used //Verify the signature only if some algorithm was used
if (obj.header().algo() != algorithm::NONE) { if (obj.header().algo() != algorithm::NONE)
{
if (!dparams.has_secret) {
ec = DecodeErrc::KeyNotPresent;
return obj;
}
jwt_signature jsign{dparams.secret}; jwt_signature jsign{dparams.secret};
// Length of the encoded header and payload only. // Length of the encoded header and payload only.
@ -698,6 +694,10 @@ void jwt_throw_exception(const std::error_code& ec)
{ {
throw SignatureFormatError(ec.message()); throw SignatureFormatError(ec.message());
} }
case DecodeErrc::KeyNotPresent:
{
throw KeyNotPresentError(ec.message());
}
case DecodeErrc::KeyNotRequiredForNoneAlg: case DecodeErrc::KeyNotRequiredForNoneAlg:
{ {
// Not an error. Just to be ignored. // Not an error. Just to be ignored.

BIN
tests/test_jwt_decode
View file

Binary file not shown.

16
tests/test_jwt_decode.cc
View file

@ -99,6 +99,22 @@ TEST (DecodeTest, DecodeHS256)
EXPECT_FALSE (obj.payload().has_claim_with_value(jwt::registered_claims::issued_at, 1513862372)); EXPECT_FALSE (obj.payload().has_claim_with_value(jwt::registered_claims::issued_at, 1513862372));
} }
TEST (DecodeTest, SecretKeyNotPassed)
{
using namespace jwt::params;
const char* enc_str =
"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9."
"eyJpYXQiOjE1MTM4NjIzNzEsImlkIjoiYS1iLWMtZC1lLWYtMS0yLTMiLCJpc3MiOiJhcnVuLm11cmFsaWRoYXJhbiIsInN1YiI6ImFkbWluIn0."
"jk7bRQKTLvs1RcuvMc2B_rt6WBYPoVPirYi_QRBPiuk";
std::error_code ec;
auto obj = jwt::decode(enc_str, algorithms({"none", "hs256"}), ec, verify(false));
ASSERT_TRUE (ec);
EXPECT_EQ (ec.value(), static_cast<int>(jwt::DecodeErrc::KeyNotPresent));
}
TEST (DecodeTest, DecodeHS384) TEST (DecodeTest, DecodeHS384)
{ {
using namespace jwt::params; using namespace jwt::params;