oidcauthtest

package
v1.16.103 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 14, 2023 License: MPL-2.0 Imports: 21 Imported by: 0

Documentation

Overview

package oidcauthtest exposes tools to assist in writing unit tests of OIDC and JWT authentication workflows.

When the package is loaded it will randomly generate an ECDSA signing keypair used to sign JWTs both via the Server and the SignJWT method.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GenerateKey

func GenerateKey() (pub, priv string, err error)

func SignJWT

func SignJWT(privKey string, claims jwt.Claims, privateClaims interface{}) (string, error)

SignJWT will bundle the provided claims into a signed JWT. The provided key is assumed to be ECDSA.

If no private key is provided, the default package keys are used. These can be retrieved via the SigningKeys() method.

func SigningKeys

func SigningKeys() (pub, priv string)

SigningKeys returns the pem-encoded keys used to sign JWTs by default.

Types

type Server

type Server struct {
	// contains filtered or unexported fields
}

Server is local server the mocks the endpoints used by the OIDC and JWKS process.

func Start

func Start(t TestingT) *Server

Start creates a disposable Server. If the port provided is zero it will bind to a random free port, otherwise the provided port is used.

func (*Server) Addr

func (s *Server) Addr() string

Addr returns the current base URL for the running webserver.

func (*Server) CACert

func (s *Server) CACert() string

CACert returns the pem-encoded CA certificate used by the HTTPS server.

func (*Server) DisableUserInfo

func (s *Server) DisableUserInfo()

DisableUserInfo makes the userinfo endpoint return 404 and omits it from the discovery config.

func (*Server) OmitIDTokens

func (s *Server) OmitIDTokens()

OmitIDTokens forces an error state where the /token endpoint does not return id_token.

func (*Server) ServeHTTP

func (s *Server) ServeHTTP(w http.ResponseWriter, req *http.Request)

ServeHTTP implements http.Handler.

func (*Server) SetAllowedRedirectURIs

func (s *Server) SetAllowedRedirectURIs(uris []string)

SetAllowedRedirectURIs allows you to configure the allowed redirect URIs for the OIDC workflow. If not configured a sample of "https://example.com" is used.

func (*Server) SetClientCreds

func (s *Server) SetClientCreds(clientID, clientSecret string)

SetClientCreds is for configuring the client information required for the OIDC workflows.

func (*Server) SetCustomAudience

func (s *Server) SetCustomAudience(customAudience string)

SetCustomAudience configures what audience value to embed in the JWT issued by the OIDC workflow.

func (*Server) SetCustomClaims

func (s *Server) SetCustomClaims(customClaims map[string]interface{})

SetCustomClaims lets you set claims to return in the JWT issued by the OIDC workflow.

func (*Server) SetExpectedAuthCode

func (s *Server) SetExpectedAuthCode(code string)

SetExpectedAuthCode configures the auth code to return from /auth and the allowed auth code for /token.

func (*Server) SetExpectedAuthNonce

func (s *Server) SetExpectedAuthNonce(nonce string)

SetExpectedAuthNonce configures the nonce value required for /auth.

func (*Server) SigningKeys

func (s *Server) SigningKeys() (pub, priv string)

SigningKeys returns the pem-encoded keys used to sign JWTs.

func (*Server) Stop

func (s *Server) Stop()

Stop stops the running Server.

type TestingT

type TestingT interface {
	require.TestingT
	Helper()
	Cleanup(func())
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL