idptest

package
v0.18.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 29, 2025 License: MIT Imports: 22 Imported by: 0

Documentation

Overview

Package idptest provides helper primitives and functions required for testing signing and key generation and a simple HTTP server with JWKS, issuer and IDP configuration endpoints.

Index

Constants

View Source 
const (
	OpenIDConfigurationPath        = "/.well-known/openid-configuration"
	JWKSEndpointPath               = "/idp/keys"
	TokenEndpointPath              = "/idp/token"
	TokenIntrospectionEndpointPath = "/idp/introspect_token" // nolint:gosec // This server is used for testing purposes only.
)
View Source 
const TestKeyID = "fac01c070cd08ba08809762da6e4f74af14e4790"

TestKeyID is a key ID of the pre-defined key for testing.

View Source 
const TestPlainPrivateJWK = `` /* 1741-byte string literal not displayed */

TestPlainPrivateJWK is a plaintext representation of the pre-defined private key for testing. nolint: lll

Variables

View Source 
var ErrUnauthorized = errors.New("unauthorized")

Functions

func GetTestRSAPrivateKey 

func GetTestRSAPrivateKey() crypto.PrivateKey

GetTestRSAPrivateKey returns pre-defined RSA private key for testing.

func MakeTokenString 

func MakeTokenString(claims jwt.Claims, kid string, rsaPrivateKey interface{}) (string, error)

MakeTokenString create signed token with claims.

func MakeTokenStringSignedWithTestKey 

func MakeTokenStringSignedWithTestKey(claims jwt.Claims) (string, error)

MakeTokenStringSignedWithTestKey create test token signed with the pre-defined private key (TestKeyID) for testing.

func MakeTokenStringWithHeader 

func MakeTokenStringWithHeader(
	claims jwt.Claims, kid string, rsaPrivateKey interface{}, header map[string]interface{},
) (string, error)

MakeTokenStringWithHeader create test signed token with claims and headers.

func MustMakeTokenString 

func MustMakeTokenString(claims jwt.Claims, kid string, rsaPrivateKey interface{}) string

MustMakeTokenString create signed token with claims. It panics if error occurs.

func MustMakeTokenStringSignedWithTestKey 

func MustMakeTokenStringSignedWithTestKey(claims jwt.Claims) string

MustMakeTokenStringSignedWithTestKey create test token signed with the pre-defined private key (TestKeyID) for testing. It panics if error occurs.

func MustMakeTokenStringWithHeader 

func MustMakeTokenStringWithHeader(
	claims jwt.Claims, kid string, rsaPrivateKey interface{}, header map[string]interface{},
) string

MustMakeTokenStringWithHeader create test signed token with claims and headers. It panics if error occurs.

func MustSignToken added in v0.4.0 

func MustSignToken(token *jwtgo.Token, rsaPrivateKey interface{}) string

MustSignToken signs token with key. It panics if error occurs.

func SignToken 

func SignToken(token *jwtgo.Token, rsaPrivateKey interface{}) (string, error)

SignToken signs token with key.

Types

type GRPCServer 

type GRPCServer struct {
	pb.UnimplementedIDPTokenServiceServer
	*grpc.Server
	// contains filtered or unexported fields
}

GRPCServer is a gRPC server for IDP token service.

func NewGRPCServer 

func NewGRPCServer(
	opts ...GRPCServerOption,
) *GRPCServer

NewGRPCServer creates a new instance of GRPCServer.

func (*GRPCServer) Addr 

func (s *GRPCServer) Addr() string

Addr returns the server address.

func (*GRPCServer) CreateToken 

func (s *GRPCServer) CreateToken(ctx context.Context, req *pb.CreateTokenRequest) (*pb.CreateTokenResponse, error)

CreateToken is a gRPC method for creating tokens.

func (*GRPCServer) IntrospectToken 

func (s *GRPCServer) IntrospectToken(ctx context.Context, req *pb.IntrospectTokenRequest) (*pb.IntrospectTokenResponse, error)

IntrospectToken is a gRPC method for introspecting tokens.

func (*GRPCServer) Start 

func (s *GRPCServer) Start() error

Start starts the GRPC server

func (*GRPCServer) StartAndWaitForReady 

func (s *GRPCServer) StartAndWaitForReady(timeout time.Duration) error

StartAndWaitForReady starts the server waits for the server to start listening.

type GRPCServerOption 

type GRPCServerOption func(*GRPCServer)

GRPCServerOption is an option for GRPCServer.

func WithGRPCAddr 

func WithGRPCAddr(addr string) GRPCServerOption

WithGRPCAddr is an option to set gRPC server address.

func WithGRPCServerOptions 

func WithGRPCServerOptions(opts ...grpc.ServerOption) GRPCServerOption

WithGRPCServerOptions is an option to set gRPC server options.

func WithGRPCTokenCreator 

func WithGRPCTokenCreator(tokenCreator GRPCTokenCreator) GRPCServerOption

WithGRPCTokenCreator is an option to set token creator for the server.

func WithGRPCTokenIntrospector 

func WithGRPCTokenIntrospector(tokenIntrospector GRPCTokenIntrospector) GRPCServerOption

WithGRPCTokenIntrospector is an option to set token introspector for the server.

type GRPCTokenCreator 

type GRPCTokenCreator interface {
	CreateToken(ctx context.Context, req *pb.CreateTokenRequest) (*pb.CreateTokenResponse, error)
}

GRPCTokenCreator is an interface for creating tokens using gRPC.

type GRPCTokenCreatorFunc added in v0.6.0 

type GRPCTokenCreatorFunc func(ctx context.Context, req *pb.CreateTokenRequest) (*pb.CreateTokenResponse, error)

GRPCTokenCreatorFunc is a function that implements GRPCTokenCreator interface.

func (GRPCTokenCreatorFunc) CreateToken added in v0.6.0 

func (f GRPCTokenCreatorFunc) CreateToken(ctx context.Context, req *pb.CreateTokenRequest) (*pb.CreateTokenResponse, error)

CreateToken implements GRPCTokenCreator interface.

type GRPCTokenIntrospector 

type GRPCTokenIntrospector interface {
	IntrospectToken(ctx context.Context, req *pb.IntrospectTokenRequest) (*pb.IntrospectTokenResponse, error)
}

GRPCTokenIntrospector is an interface for introspecting tokens using gRPC.

type GRPCTokenIntrospectorFunc added in v0.6.0 

type GRPCTokenIntrospectorFunc func(ctx context.Context, req *pb.IntrospectTokenRequest) (*pb.IntrospectTokenResponse, error)

GRPCTokenIntrospectorFunc is a function that implements GRPCTokenIntrospector interface.

func (GRPCTokenIntrospectorFunc) IntrospectToken added in v0.6.0 

func (f GRPCTokenIntrospectorFunc) IntrospectToken(
	ctx context.Context, req *pb.IntrospectTokenRequest,
) (*pb.IntrospectTokenResponse, error)

IntrospectToken implements GRPCTokenIntrospector interface.

type HTTPClaimsProvider 

type HTTPClaimsProvider interface {
	Provide(r *http.Request) (jwt.Claims, error)
}

HTTPClaimsProvider is an interface for providing JWT claims for an issuing token request via HTTP.

type HTTPClaimsProviderFunc added in v0.6.0 

type HTTPClaimsProviderFunc func(r *http.Request) (jwt.Claims, error)

HTTPClaimsProviderFunc is a function that implements HTTPClaimsProvider interface.

func (HTTPClaimsProviderFunc) Provide added in v0.6.0 

func (f HTTPClaimsProviderFunc) Provide(r *http.Request) (jwt.Claims, error)

Provide implements HTTPClaimsProvider interface.

type HTTPPaths added in v0.6.0 

type HTTPPaths struct {
	OpenIDConfiguration string
	Token               string
	TokenIntrospection  string
	JWKS                string
}

HTTPPaths contains paths for different IDP endpoints.

type HTTPServer 

type HTTPServer struct {
	*http.Server

	KeysHandler                http.Handler
	TokenHandler               http.Handler
	TokenIntrospectionHandler  http.Handler
	OpenIDConfigurationHandler http.Handler
	Router                     *http.ServeMux
	// contains filtered or unexported fields
}

HTTPServer is a mock IDP server for testing purposes.

func NewHTTPServer 

func NewHTTPServer(options ...HTTPServerOption) *HTTPServer

NewHTTPServer creates a new IDPMockServer with provided options.

func (*HTTPServer) ResetServedCounts added in v0.8.0 

func (s *HTTPServer) ResetServedCounts()

ResetServedCounts resets the number of requests served by each handler.

func (*HTTPServer) ServedCounts added in v0.8.0 

func (s *HTTPServer) ServedCounts() map[string]uint64

ServedCounts returns the number of requests served by each handler.

func (*HTTPServer) Start 

func (s *HTTPServer) Start() error

Start starts the HTTPServer.

func (*HTTPServer) StartAndWaitForReady 

func (s *HTTPServer) StartAndWaitForReady(timeout time.Duration) error

StartAndWaitForReady starts the server waits for the server to start listening.

func (*HTTPServer) URL 

func (s *HTTPServer) URL() string

URL method returns the URL of the server.

type HTTPServerOption 

type HTTPServerOption func(s *HTTPServer)

HTTPServerOption is an option for HTTPServer.

func WithHTTPAddress 

func WithHTTPAddress(addr string) HTTPServerOption

WithHTTPAddress is an option to set HTTP server address.

func WithHTTPClaimsProvider 

func WithHTTPClaimsProvider(claimsProvider HTTPClaimsProvider) HTTPServerOption

WithHTTPClaimsProvider is an option to set ClaimsProvider for TokenHandler which will be used for POST /idp/token.

func WithHTTPEndpointPaths added in v0.6.0 

func WithHTTPEndpointPaths(paths HTTPPaths) HTTPServerOption

WithHTTPEndpointPaths is an option to set custom paths for different IDP endpoints.

func WithHTTPIntrospectTokenHandler 

func WithHTTPIntrospectTokenHandler(handler http.Handler) HTTPServerOption

WithHTTPIntrospectTokenHandler is an option to set custom handler for POST /idp/introspect_token.

func WithHTTPKeysHandler 

func WithHTTPKeysHandler(handler http.Handler) HTTPServerOption

WithHTTPKeysHandler is an option to set custom handler for GET /idp/keys. Otherwise, JWKSHandler will be used.

func WithHTTPMiddleware added in v0.2.0 

func WithHTTPMiddleware(mw func(http.Handler) http.Handler) HTTPServerOption

func WithHTTPPublicJWKS 

func WithHTTPPublicJWKS(keys []PublicJWK) HTTPServerOption

WithHTTPPublicJWKS is an option to set public JWKS for JWKSHandler which will be used for GET /idp/keys.

func WithHTTPTokenHandler 

func WithHTTPTokenHandler(handler http.Handler) HTTPServerOption

WithHTTPTokenHandler is an option to set custom handler for POST /idp/token.

func WithHTTPTokenIntrospector 

func WithHTTPTokenIntrospector(introspector HTTPTokenIntrospector) HTTPServerOption

WithHTTPTokenIntrospector is an option to set TokenIntrospector for TokenIntrospectionHandler which will be used for POST /idp/introspect_token.

type HTTPTokenIntrospector 

type HTTPTokenIntrospector interface {
	IntrospectToken(r *http.Request, token string) (idptoken.IntrospectionResult, error)
}

HTTPTokenIntrospector is an interface for introspecting tokens via HTTP.

type HTTPTokenIntrospectorFunc added in v0.6.0 

type HTTPTokenIntrospectorFunc func(r *http.Request, token string) (idptoken.IntrospectionResult, error)

HTTPTokenIntrospectorFunc is a function that implements HTTPTokenIntrospector interface.

func (HTTPTokenIntrospectorFunc) IntrospectToken added in v0.6.0 

func (f HTTPTokenIntrospectorFunc) IntrospectToken(r *http.Request, token string) (idptoken.IntrospectionResult, error)

IntrospectToken implements HTTPTokenIntrospector interface.

type JWKSHandler 

type JWKSHandler struct {
	PublicJWKS []PublicJWK
	// contains filtered or unexported fields
}

JWKSHandler is an HTTP handler that responds JWKS.

func (*JWKSHandler) ResetServedCount added in v0.8.0 

func (h *JWKSHandler) ResetServedCount()

ResetServedCount resets the number of times JWKS handler has been served.

func (*JWKSHandler) ServeHTTP 

func (h *JWKSHandler) ServeHTTP(rw http.ResponseWriter, r *http.Request)

func (*JWKSHandler) ServedCount 

func (h *JWKSHandler) ServedCount() uint64

ServedCount returns the number of times JWKS handler has been served.

type OpenIDConfigurationHandler 

type OpenIDConfigurationHandler struct {
	JWKSURL                  string
	TokenEndpointURL         string
	IntrospectionEndpointURL string
	// contains filtered or unexported fields
}

OpenIDConfigurationHandler is an HTTP handler that responds token's issuer OpenID configuration.

func (*OpenIDConfigurationHandler) ResetServedCount added in v0.8.0 

func (h *OpenIDConfigurationHandler) ResetServedCount()

ResetServedCount resets the number of times the handler has been served.

func (*OpenIDConfigurationHandler) ServeHTTP 

func (h *OpenIDConfigurationHandler) ServeHTTP(rw http.ResponseWriter, r *http.Request)

func (*OpenIDConfigurationHandler) ServedCount 

func (h *OpenIDConfigurationHandler) ServedCount() uint64

ServedCount returns the number of times the handler has been served.

type OpenIDConfigurationResponse added in v0.6.0 

type OpenIDConfigurationResponse struct {
	TokenEndpoint         string `json:"token_endpoint"`
	IntrospectionEndpoint string `json:"introspection_endpoint"`
	JWKSURI               string `json:"jwks_uri"`
}

OpenIDConfigurationResponse is a response for .well-known/openid-configuration endpoint.

type PublicJWK 

type PublicJWK struct {
	Alg string `json:"alg"`
	E   string `json:"e"`
	Kid string `json:"kid"`
	Kty string `json:"kty"`
	N   string `json:"n"`
	Use string `json:"use"`
}

func GetTestPublicJWKS 

func GetTestPublicJWKS() []PublicJWK

type PublicJWKSResponse 

type PublicJWKSResponse struct {
	Keys []PublicJWK `json:"keys"`
}

type SimpleTokenProvider 

type SimpleTokenProvider struct {
	// contains filtered or unexported fields
}

func NewSimpleTokenProvider 

func NewSimpleTokenProvider(token string) *SimpleTokenProvider

func (*SimpleTokenProvider) GetToken 

func (m *SimpleTokenProvider) GetToken(ctx context.Context, scope ...string) (string, error)

func (*SimpleTokenProvider) Invalidate 

func (m *SimpleTokenProvider) Invalidate()

func (*SimpleTokenProvider) SetToken 

func (m *SimpleTokenProvider) SetToken(token string)

type TokenHandler 

type TokenHandler struct {
	Issuer         string
	ClaimsProvider HTTPClaimsProvider
	// contains filtered or unexported fields
}

TokenHandler is an implementation of a handler responding with IDP token.

func (*TokenHandler) ResetServedCount added in v0.8.0 

func (h *TokenHandler) ResetServedCount()

ResetServedCount resets the number of times the handler has been served.

func (*TokenHandler) ServeHTTP 

func (h *TokenHandler) ServeHTTP(rw http.ResponseWriter, r *http.Request)

func (*TokenHandler) ServedCount 

func (h *TokenHandler) ServedCount() uint64

ServedCount returns the number of times the handler has been served.

type TokenIntrospectionHandler 

type TokenIntrospectionHandler struct {
	JWTParser         *jwt.Parser
	TokenIntrospector HTTPTokenIntrospector
	// contains filtered or unexported fields
}

func (*TokenIntrospectionHandler) ResetServedCount added in v0.8.0 

func (h *TokenIntrospectionHandler) ResetServedCount()

ResetServedCount resets the number of times the handler has been served.

func (*TokenIntrospectionHandler) ServeHTTP 

func (h *TokenIntrospectionHandler) ServeHTTP(rw http.ResponseWriter, r *http.Request)

func (*TokenIntrospectionHandler) ServedCount 

func (h *TokenIntrospectionHandler) ServedCount() uint64

ServedCount returns the number of times the handler has been served.

type TokenResponse added in v0.6.0 

type TokenResponse struct {
	AccessToken string `json:"access_token"`
	TokenType   string `json:"token_type"`
	ExpiresIn   int64  `json:"expires_in"`
}

TokenResponse is a response for POST /idp/token endpoint.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.