authtest

package
v1.6.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 12, 2022 License: MIT Imports: 14 Imported by: 0

Documentation

Overview

Package authtest provides a wrapped httptest.Server that will respond to auth0 requests. The most common request is related to authentication and token verification, to authenticate requests to the BFF server, use this package's token generation methods to create a token that will be validated by the authentication middleware. Note that you will have to configure the Authenticate middleware to use the correct TLS client.

This module also provides a singleton authtest.Server that can be used on demand from both tests and live server code by calling the package level functions authtest.Serve() and authtest.Close respectively. This ensures that tests do not require injection of the authentication mechanism. The first time that authtest.Serve is called a new server will be created; and the first time authtest.Close is called, the server will be closed. Note however that a new server will not be created on subsequent calls, so it's important to ensure that Close is not called before the tests are complete.

Index

Constants

View Source 
const (
	KeyID          = "StyqeY8Kl4Eam28KsUs"
	ClientID       = "a5laOSr0NOX1L53yBaNtumKOoExFxptc"
	ClientSecret   = "me4JZSvBvPSnBaM0h0AoXgXPn1VBiBMz0bL7E/sV1isndP9lZ5ptm5NWA9IkKwEb"
	Audience       = "http://localhost"
	ConnectionName = "Username-Password-Authentication"
	RedirectURL    = "https://localhost/auth/callback"
	Name           = "Leopold Wentzel"
	Email          = "leopold.wentzel@gmail.com"
	UserID         = "test|abcdefg1234567890"
	UserRole       = "Organization Collaborator"
	OrgID          = "b1b9e9b1-9a44-4317-aefa-473971b4df42"
	MainNetVASP    = "87d92fd1-53cf-47d8-85b1-048e8a38ced9"
	TestNetVASP    = "d0082f55-d3ba-4726-a46d-85e3f5a2911f"
	Scope          = "openid profile email"
)

Variables

This section is empty.

Functions

func Close 

func Close()

Close shuts down the single authtest server and cleans it up. This method should only be called once when tests are completed. When the singleton server is shutdown it can no longer be created a second time because of the use of sync.Once.

func NewRoleList added in v1.5.4 

func NewRoleList(names []string) *management.RoleList

NewRoleList initializes a role list with the given role names.

func NewRoles added in v1.5.4 

func NewRoles() *management.RoleList

NewRoles creates some default roles for testing.

func NewUserRoles added in v1.5.4 

func NewUserRoles() map[string]*management.RoleList

NewUserRoles creates some default user roles for testing.

func NewUsers added in v1.5.1 

func NewUsers() map[string]*management.User

NewUsers creates some default users for testing.

Types

type Claims 

type Claims struct {
	jwt.RegisteredClaims
	Email         string            `json:"https://vaspdirectory.net/email"`
	OrgID         string            `json:"https://vaspdirectory.net/orgid"`
	VASPs         map[string]string `json:"https://vaspdirectory.net/vasps"`
	Organizations []string          `json:"https://vaspdirectory.net/organizations"`
	Scope         string            `json:"scope"`
	Permissions   []string          `json:"permissions"`
}

Claims must be defined here both to ensure we can use jwt and to ensure there are no recursive imports. That means this claims struct MUST be kept up to date with the auth.Claims struct that uses this package for testing.

type Config 

type Config struct {
	Domain       string `envconfig:"AUTH0_DOMAIN"`
	ClientID     string `envconfig:"AUTH0_CLIENT_ID"`
	ClientSecret string `envconfig:"AUTH0_CLIENT_SECRET"`
	TokenCache   string `envconfig:"AUTH0_TOKEN_CACHE"`
}

Config stores the client ID and secrets for accessing auth0 in order to conduct "live" tests against our actual development auth0 tenant. If this config is zero or invalid then the live tests should be skipped.

func NewConfig 

func NewConfig() (conf Config, err error)

func (Config) AuthConfig 

func (c Config) AuthConfig() config.AuthConfig

func (Config) IsZero 

func (c Config) IsZero() bool

func (Config) Validate 

func (c Config) Validate() error

type OpenIDConfiguration 

type OpenIDConfiguration struct {
	Issuer                        string   `json:"issuer"`
	AuthorizationEP               string   `json:"authorization_endpoint"`
	TokenEP                       string   `json:"token_endpoint"`
	DeviceAuthorizationEP         string   `json:"device_authorization_endpoint"`
	UserInfoEP                    string   `json:"userinfo_endpoint"`
	MFAChallengeEP                string   `json:"mfa_challenge_endpoint"`
	JWKSURI                       string   `json:"jwks_uri"`
	RegistrationEP                string   `json:"registration_endpoint"`
	RevocationEP                  string   `json:"revocation_endpoint"`
	ScopesSupported               []string `json:"scopes_supported"`
	ResponseTypesSupported        []string `json:"response_types_supported"`
	CodeChallengeMethodsSupported []string `json:"code_challenge_methods_supported"`
	ResponseModesSupported        []string `json:"response_modes_supported"`
	SubjectTypesSupported         []string `json:"subject_types_supported"`
	IDTokenSigningAlgValues       []string `json:"id_token_signing_alg_values_supported"`
	TokenEndpointAuthMethods      []string `json:"token_endpoint_auth_methods_supported"`
	ClaimsSupported               []string `json:"claims_supported"`
	RequestURIPArameterSupported  bool     `json:"request_uri_parameter_supported"`
}

func NewOpenIDConfiguration 

func NewOpenIDConfiguration(u *url.URL) *OpenIDConfiguration

type RoleParams added in v1.6.0 

type RoleParams struct {
	Roles []string `json:"roles"`
}

type Server 

type Server struct {
	URL *url.URL
	// contains filtered or unexported fields
}

Server wraps an httptest.Server to provide a default handler for auth0 requests.

func New 

func New() (s *Server, err error)

New starts and returns a new Auth0 server using TLS. The caller should call close when finished, to shut it down. The server can also issue tokens for authentication.

func Serve 

func Serve() (*Server, error)

Serve creates the singleton authtest server if it does not already exist and returns it for use in tests and test dependency injection. If creating the server resulted in an error then the error is returned. Once Close is called, this method will return nil since the server is a singleton and can only be created once. Ensure that Close is not called until the tests are complete.

func (*Server) AssignUserRoles added in v1.5.4 

func (s *Server) AssignUserRoles(w http.ResponseWriter, r *http.Request)

func (*Server) Client 

func (s *Server) Client() *http.Client

Client returns the https configured client that can connect to this server.

func (*Server) Close 

func (s *Server) Close()

Close the server when you're done with your tests!

func (*Server) Config 

func (s *Server) Config() config.AuthConfig

Config returns an AuthConfig that can be used to setup middleware.

func (*Server) CreateUser added in v1.6.0 

func (s *Server) CreateUser(w http.ResponseWriter, r *http.Request)

func (*Server) GenerateTicket added in v1.6.0 

func (s *Server) GenerateTicket(w http.ResponseWriter, r *http.Request)

func (*Server) GetRoles added in v1.5.4 

func (s *Server) GetRoles(w http.ResponseWriter, r *http.Request)

func (*Server) GetUser added in v1.5.1 

func (s *Server) GetUser() *management.User

Expose the user record to the tests.

func (*Server) GetUserAppMetadata added in v1.5.1 

func (s *Server) GetUserAppMetadata() map[string]interface{}

Expose the test user's app metadata to the tests.

func (*Server) GetUserRoles added in v1.6.0 

func (s *Server) GetUserRoles() (names []string)

Get the current user's roles.

func (*Server) JWKS 

func (s *Server) JWKS(w http.ResponseWriter, r *http.Request)

func (*Server) ListUserRoles added in v1.5.4 

func (s *Server) ListUserRoles(w http.ResponseWriter, r *http.Request)

func (*Server) ListUsers added in v1.6.0 

func (s *Server) ListUsers(w http.ResponseWriter, r *http.Request)

func (*Server) NewToken 

func (s *Server) NewToken(permissions ...string) (tks string, err error)

NewToken returns a valid token with the specified permissions.

func (*Server) NewTokenWithClaims 

func (s *Server) NewTokenWithClaims(claims *Claims) (tks string, err error)

NewTokenWithClaims allows test user to specifically configure their claims.

func (*Server) OpenIDConfiguration 

func (s *Server) OpenIDConfiguration(w http.ResponseWriter, r *http.Request)

func (*Server) PatchUser added in v1.6.1 

func (s *Server) PatchUser(w http.ResponseWriter, r *http.Request)

func (*Server) RemoveUserRoles added in v1.5.4 

func (s *Server) RemoveUserRoles(w http.ResponseWriter, r *http.Request)

func (*Server) ResetUserAppMetadata added in v1.6.0 

func (s *Server) ResetUserAppMetadata()

Reset the test user's app metadata to the default.

func (*Server) ResetUserEmail added in v1.6.0 

func (s *Server) ResetUserEmail()

Reset the current user email to the default.

func (*Server) RetrieveUser added in v1.6.1 

func (s *Server) RetrieveUser(w http.ResponseWriter, r *http.Request)

func (*Server) Roles added in v1.5.4 

func (s *Server) Roles(w http.ResponseWriter, r *http.Request)

func (*Server) SetUserAppMetadata added in v1.6.0 

func (s *Server) SetUserAppMetadata(appdata map[string]interface{})

Update the test user with unstructured app metadata.

func (*Server) SetUserEmail added in v1.6.0 

func (s *Server) SetUserEmail(email string)

Set the current user email.

func (*Server) SetUserRoles added in v1.6.0 

func (s *Server) SetUserRoles(roles []string)

Set the current user's roles.

func (*Server) UserRoles added in v1.5.4 

func (s *Server) UserRoles(w http.ResponseWriter, r *http.Request)

func (*Server) Users added in v1.5.1 

func (s *Server) Users(w http.ResponseWriter, r *http.Request)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.