Documentation
¶
Overview ¶
Package mock provides a convenient mock of JWT token and JWKS response to use in your tests. The mock does not require a private key and will create one if necessary.
Example:
require "github.com/dsggregory/jwtv/pkg/mock" // a mock JWT token signer mj, err := mock.NewJWT("") So(err, ShouldBeNil) // a mock JWKS service to return our mock signing key jwkts := mj.NewJWKService() defer jwkts.Close() // create and sign a token token := mj.SignClaims(jwt.MapClaims{}, time.Now().Add(time.Minute)) ... // use token in your http request req.Header.Set("Authorization", "Bearer " + token)
Index ¶
- func B64UrlUintToPub(ns, es string) (*rsa.PublicKey, error)
- func PubToB64UrlUint(pk *rsa.PublicKey) (encN, encE string)
- type JWKService
- type JWKey
- type JWKeys
- type JWT
- func (m *JWT) CertB64() (string, error)
- func (m *JWT) E() string
- func (m *JWT) N() string
- func (m *JWT) NewJWKService() *JWKService
- func (m *JWT) NewToken(data jwt.MapClaims, expires time.Time, keyID string) *jwt.Token
- func (m *JWT) PubPEM() string
- func (m *JWT) PubString() string
- func (m *JWT) SignClaims(data jwt.MapClaims, expires time.Time) string
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func B64UrlUintToPub ¶
B64UrlUintToPub converts Base64UrlUint-encoded strings to an RSA public key
func PubToB64UrlUint ¶
PubToB64UrlUint converts RSA public key to Base64UrlUint-encoded modulus and exponent strings, for testing
Types ¶
type JWKService ¶
type JWKService struct { // Server a mock JWK server Server *httptest.Server // FetchCounter number of times it has hit the JWK service for keys FetchCounter int // KeyResponse the key to respond with in the JWK Set KeyResponse JWKey }
JWKService an instance of a mock JWK service to respond with well-known keys
func (*JWKService) URL ¶
func (mjwk *JWKService) URL() string
URL returns URL of the httptest server
func (*JWKService) WriteResponse ¶
func (mjwk *JWKService) WriteResponse(w http.ResponseWriter, r *http.Request)
WriteResponse write the KeyResponse data as a JWK Set in JSON
type JWKey ¶
type JWKey struct { // N RSA public key modulus, Base64urlUInt-encoded N string `json:"n"` // E RSA public key exponent, Base64urlUInt-encoded E string `json:"e"` // KID the key ID known to the OIDC server KID string `json:"kid"` // X5c RawStdEncoding Base64 DER of RSA signing cert chain. Supersedes N and E. X5c []string `json:"x5c"` // Use should be "sig" Use string `json:"use"` // Alg signature algorithm (RS256) Alg string `json:"alg"` // Kty key type (RSA) Kty string `json:"kty"` }
JWKey an RSA JWKS struct
type JWKeys ¶
type JWKeys struct {
Keys []JWKey `json:"keys"`
}
JWKeys the response from a call to a well-known JWKS endpoint that returns a list of the OIDC's signing certs
type JWT ¶
type JWT struct { RsaPrivateKey *rsa.PrivateKey RsaPubkey *rsa.PublicKey PrivKeyDer []byte PubKeyDer []byte // Cert X509 certificate (in DER) signed by the private key Cert []byte CertPEM string // contains filtered or unexported fields }
JWT a mock interface to JWT signing
func NewJWT ¶
NewJWT creates an instance to mock a JWT to be signed by a known key file or generated key if keyPath is empty
func (*JWT) CertB64 ¶
CertB64 return the test certificate Base64 of DER to be used for example, the 'x5c' JWK response
func (*JWT) NewJWKService ¶
func (m *JWT) NewJWKService() *JWKService
NewJWKService creates a new HTTP test server to respond with JWKS well-known keys. Remember to call the Close() method on the returned server.
func (*JWT) NewToken ¶
NewToken just create a token without signing it into an accessToken. See SignClaims for the latter.