feat: add helper to generate a test JWT (#392)

* feat: add helper to generate a test JWT

lib/zaikio/jwt_auth.rb

@@ -75,6 +75,12 @@ def self.extract(authorization_header_string, **options)
       TokenData.new(payload)
     end
 
+    def self.decode_jwt(token, **options)
+      options = options.reverse_merge(algorithms: ["RS256"], jwks: JWK.loader)
+      payload, = JWT.decode(token, nil, true, **options)
+      TokenData.new(payload)
+    end
+
     module ClassMethods
       def authorize_by_jwt_subject_type(type = :_not_given_)
         if type != :_not_given_

lib/zaikio/jwt_auth/configuration.rb

@@ -11,14 +11,15 @@ class Configuration
         production: "https://hub.zaikio.com"
       }.freeze
 
-      attr_accessor :app_name, :cache, :host
+      attr_accessor :app_name, :cache, :host, :test_mode
       attr_reader :environment
       attr_writer :logger, :revoked_token_ids, :keys
 
       def initialize
         @environment = :sandbox
         @revoked_token_ids = nil
         @keys = nil
+        @test_mode = false
       end
 
       def logger

lib/zaikio/jwt_auth/jwk.rb

@@ -10,7 +10,10 @@ class JWK
       class << self
         def loader
           lambda do |options|
+            return TestHelper.jwk_set if JWTAuth.configuration.test_mode
+
             reload_keys if options[:invalidate]
+
             {
               keys: keys.map do |key_data|
                 JWT::JWK.import(key_data.with_indifferent_access).export

lib/zaikio/jwt_auth/test_helper.rb

@@ -1,13 +1,36 @@
 module Zaikio
   module JWTAuth
     module TestHelper
+      def self.jwk
+        @jwk ||= JWT::JWK.new(OpenSSL::PKey::RSA.new(2048), { kid: "test-kid", use: "sig", alg: "RS256" })
+      end
+
+      def self.jwk_set
+        @jwk_set ||= JWT::JWK::Set.new(jwk).export
+      end
+
+
+
       def after_teardown
         Zaikio::JWTAuth.mocked_jwt_payload = nil
         super
       end
 
-      def mock_jwt(extra_payload)
-        Zaikio::JWTAuth.mocked_jwt_payload = {
+      def mock_jwt(params)
+        Zaikio::JWTAuth.mocked_jwt_payload = generate_token_payload(params)
+      end
+
+      def issue_mock_jwt_token(params)
+        JWT.encode(
+          generate_token_payload(params),
+          jwk.signing_key,
+          jwk[:alg],
+          kid: jwk[:kid]
+        )
+      end
+
+      def generate_token_payload(params)
+        {
           iss: "ZAI",
           sub: nil,
           aud: %w[test_app],
@@ -16,8 +39,10 @@ def mock_jwt(extra_payload)
           exp: 1.hour.from_now.to_i,
           jku: "http://hub.zaikio.test/api/v1/jwt_public_keys.json",
           scope: []
-        }.merge(extra_payload).stringify_keys
+        }.merge(params).stringify_keys
       end
+
+      def jwk = Zaikio::JWTAuth::TestHelper.jwk
     end
   end
 end

lib/zaikio/jwt_auth/version.rb

@@ -1,5 +1,5 @@
 module Zaikio
   module JWTAuth
-    VERSION = "2.7.0".freeze
+    VERSION = "2.7.1".freeze
   end
 end

zaikio-jwt_auth.gemspec

@@ -10,8 +10,8 @@ Gem::Specification.new do |spec|
   spec.authors     = ["crispymtn", "Jalyna Schröder", "Martin Spickermann"]
   spec.email       = ["op@crispymtn.com", "js@crispymtn.com", "spickermann@gmail.com"]
   spec.homepage    = "https://github.com/zaikio/zaikio-jwt_auth"
-  spec.summary     = "JWT-Based authentication and authorization with zaikio"
-  spec.description = "JWT-Based authentication and authorization with zaikio."
+  spec.summary     = "JWT-Based authentication and authorization with Zaikio"
+  spec.description = "JWT-Based authentication and authorization with Zaikio."
   spec.license     = "MIT"
 
   if spec.respond_to?(:metadata)