test: verify log behavior on missing JWT field 'alg'

cf0a7cc5 · Jujube Orange · f02c7f18 · cf0a7cc5
Commit cf0a7cc5 authored 2 years ago by Jujube Orange
--- a/src/test/kotlin/fr/gouv/stopc/submissioncode/controller/VerifyControllerTest.kt
+++ b/src/test/kotlin/fr/gouv/stopc/submissioncode/controller/VerifyControllerTest.kt
@@ -311,6 +311,16 @@ class VerifyControllerTest {
                    givenJwt(kid = "AnotherKID"),
                    "JWT signature is invalid:"
                ),
+                Arguments.of(
+                    "the alg field is missing",
+                    givenJwt().replaceBefore(".", Base64.getEncoder().encodeToString("""{"kid": "TousAntiCovidKID","typ":"JWT"}""".toByteArray())),
+                    "JWT could not be parsed: Invalid JWS header: Missing \"alg\" in header JSON object,"
+                ),
+                Arguments.of(
+                    "the JWT header is corrupt",
+                    givenJwt().replaceBefore(".", "Z"),
+                    "JWT could not be parsed: NullPointerException,"
+                ),
            )
        }