authtest

package

v1.5.1 Latest Latest Go to latest Published: Sep 17, 2022 License: MIT Imports: 14 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/trisacrypto/directory

Links

Open Source Insights

Documentation ¶

Overview ¶

Package authtest provides a wrapped httptest.Server that will respond to auth0 requests. The most common request is related to authentication and token verification, to authenticate requests to the BFF server, use this package's token generation methods to create a token that will be validated by the authentication middleware. Note that you will have to configure the Authenticate middleware to use the correct TLS client.

This module also provides a singleton authtest.Server that can be used on demand from both tests and live server code by calling the package level functions authtest.Serve() and authtest.Close respectively. This ensures that tests do not require injection of the authentication mechanism. The first time that authtest.Serve is called a new server will be created; and the first time authtest.Close is called, the server will be closed. Note however that a new server will not be created on subsequent calls, so it's important to ensure that Close is not called before the tests are complete.

Index ¶

Constants
func Close()
func NewUsers() map[string]*management.User
type Claims
type Config
- func NewConfig() (conf Config, err error)
type OpenIDConfiguration
- func NewOpenIDConfiguration(u *url.URL) *OpenIDConfiguration
type Server
- func New() (s *Server, err error)
- func Serve() (*Server, error)

Constants ¶

View Source

const (
	KeyID        = "StyqeY8Kl4Eam28KsUs"
	ClientID     = "a5laOSr0NOX1L53yBaNtumKOoExFxptc"
	ClientSecret = "me4JZSvBvPSnBaM0h0AoXgXPn1VBiBMz0bL7E/sV1isndP9lZ5ptm5NWA9IkKwEb"
	Audience     = "http://localhost"
	Email        = "leopold.wentzel@gmail.com"
	UserID       = "test|abcdefg1234567890"
	OrgID        = "b1b9e9b1-9a44-4317-aefa-473971b4df42"
	MainNetVASP  = "87d92fd1-53cf-47d8-85b1-048e8a38ced9"
	TestNetVASP  = "d0082f55-d3ba-4726-a46d-85e3f5a2911f"
	Scope        = "openid profile email"
)

Variables ¶

This section is empty.

Functions ¶

func Close ¶

func Close()

Close shuts down the single authtest server and cleans it up. This method should only be called once when tests are completed. When the singleton server is shutdown it can no longer be created a second time because of the use of sync.Once.

func NewUsers ¶ added in v1.5.1

func NewUsers() map[string]*management.User

NewUsers creates some default users for testing.

Types ¶

type Claims ¶

type Claims struct {
	jwt.RegisteredClaims
	Email       string            `json:"https://vaspdirectory.net/email"`
	OrgID       string            `json:"https://vaspdirectory.net/orgid"`
	VASPs       map[string]string `json:"https://vaspdirectory.net/vasps"`
	Scope       string            `json:"scope"`
	Permissions []string          `json:"permissions"`
}

Claims must be defined here both to ensure we can use jwt and to ensure there are no recursive imports. That means this claims struct MUST be kept up to date with the auth.Claims struct that uses this package for testing.

type Config ¶

type Config struct {
	Domain       string `envconfig:"AUTH0_DOMAIN"`
	ClientID     string `envconfig:"AUTH0_CLIENT_ID"`
	ClientSecret string `envconfig:"AUTH0_CLIENT_SECRET"`
	TokenCache   string `envconfig:"AUTH0_TOKEN_CACHE"`
}

Config stores the client ID and secrets for accessing auth0 in order to conduct "live" tests against our actual development auth0 tenant. If this config is zero or invalid then the live tests should be skipped.

func NewConfig ¶

func NewConfig() (conf Config, err error)

func (Config) AuthConfig ¶

func (c Config) AuthConfig() config.AuthConfig

func (Config) IsZero ¶

func (c Config) IsZero() bool

func (Config) Validate ¶

func (c Config) Validate() error

type OpenIDConfiguration ¶

type OpenIDConfiguration struct {
	Issuer                        string   `json:"issuer"`
	AuthorizationEP               string   `json:"authorization_endpoint"`
	TokenEP                       string   `json:"token_endpoint"`
	DeviceAuthorizationEP         string   `json:"device_authorization_endpoint"`
	UserInfoEP                    string   `json:"userinfo_endpoint"`
	MFAChallengeEP                string   `json:"mfa_challenge_endpoint"`
	JWKSURI                       string   `json:"jwks_uri"`
	RegistrationEP                string   `json:"registration_endpoint"`
	RevocationEP                  string   `json:"revocation_endpoint"`
	ScopesSupported               []string `json:"scopes_supported"`
	ResponseTypesSupported        []string `json:"response_types_supported"`
	CodeChallengeMethodsSupported []string `json:"code_challenge_methods_supported"`
	ResponseModesSupported        []string `json:"response_modes_supported"`
	SubjectTypesSupported         []string `json:"subject_types_supported"`
	IDTokenSigningAlgValues       []string `json:"id_token_signing_alg_values_supported"`
	TokenEndpointAuthMethods      []string `json:"token_endpoint_auth_methods_supported"`
	ClaimsSupported               []string `json:"claims_supported"`
	RequestURIPArameterSupported  bool     `json:"request_uri_parameter_supported"`
}

func NewOpenIDConfiguration ¶

func NewOpenIDConfiguration(u *url.URL) *OpenIDConfiguration

type Server ¶

type Server struct {
	URL *url.URL
	// contains filtered or unexported fields
}

Server wraps an httptest.Server to provide a default handler for auth0 requests.

func New ¶

func New() (s *Server, err error)

New starts and returns a new Auth0 server using TLS. The caller should call close when finished, to shut it down. The server can also issue tokens for authentication.

func Serve ¶

func Serve() (*Server, error)

Serve creates the singleton authtest server if it does not already exist and returns it for use in tests and test dependency injection. If creating the server resulted in an error then the error is returned. Once Close is called, this method will return nil since the server is a singleton and can only be created once. Ensure that Close is not called until the tests are complete.

func (*Server) Client ¶

func (s *Server) Client() *http.Client

Client returns the https configured client that can connect to this server.

func (*Server) Close ¶

func (s *Server) Close()

Close the server when you're done with your tests!

func (*Server) Config ¶

func (s *Server) Config() config.AuthConfig

Config returns an AuthConfig that can be used to setup middleware.

func (*Server) GetUser ¶ added in v1.5.1

func (s *Server) GetUser(w http.ResponseWriter, r *http.Request)

func (*Server) GetUserAppMetadata ¶ added in v1.5.1

func (s *Server) GetUserAppMetadata() map[string]interface{}

Expose the test user's app metadata to the tests.

func (*Server) JWKS ¶

func (s *Server) JWKS(w http.ResponseWriter, r *http.Request)

func (*Server) NewToken ¶

func (s *Server) NewToken(permissions ...string) (tks string, err error)

NewToken returns a valid token with the specified permissions.

func (*Server) NewTokenWithClaims ¶

func (s *Server) NewTokenWithClaims(claims *Claims) (tks string, err error)

NewTokenWithClaims allows test user to specifically configure their claims.

func (*Server) OpenIDConfiguration ¶

func (s *Server) OpenIDConfiguration(w http.ResponseWriter, r *http.Request)

func (*Server) PatchUserAppMetadata ¶ added in v1.5.1

func (s *Server) PatchUserAppMetadata(w http.ResponseWriter, r *http.Request)

func (*Server) UseAppMetadata ¶ added in v1.5.1

func (s *Server) UseAppMetadata(appdata map[string]interface{})

Update the test user with unstructured app metadata.

func (*Server) Users ¶ added in v1.5.1

func (s *Server) Users(w http.ResponseWriter, r *http.Request)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL