| 2501 | } |
| 2502 | |
| 2503 | func generateBadJWE(t *testing.T, claims interface{}) string { |
| 2504 | t.Helper() |
| 2505 | var buf [32]byte |
| 2506 | _, err := rand.Read(buf[:]) |
| 2507 | require.NoError(t, err) |
| 2508 | encrypt, err := jose.NewEncrypter( |
| 2509 | jose.A256GCM, |
| 2510 | jose.Recipient{ |
| 2511 | Algorithm: jose.A256GCMKW, |
| 2512 | Key: buf[:], |
| 2513 | }, &jose.EncrypterOptions{ |
| 2514 | Compression: jose.DEFLATE, |
| 2515 | }, |
| 2516 | ) |
| 2517 | require.NoError(t, err) |
| 2518 | payload, err := json.Marshal(claims) |
| 2519 | require.NoError(t, err) |
| 2520 | signed, err := encrypt.Encrypt(payload) |
| 2521 | require.NoError(t, err) |
| 2522 | compact, err := signed.CompactSerialize() |
| 2523 | require.NoError(t, err) |
| 2524 | return compact |
| 2525 | } |
| 2526 | |
| 2527 | // generateBadJWT generates a JWT with a random key. It's intended to emulate the old-style JWT's we generated. |
| 2528 | func generateBadJWT(t *testing.T, claims interface{}) string { |