Documentation
¶
Index ¶
- func NewIDPListGetter(upstreamOIDCIdentityProviders ...*TestUpstreamOIDCIdentityProvider) provider.DynamicUpstreamIDPProvider
- func VerifyECDSAIDToken(t *testing.T, issuer, clientID string, jwtSigningKey *ecdsa.PrivateKey, ...) *coreosoidc.IDToken
- type ExchangeAuthcodeAndValidateTokenArgs
- type ExpectedUpstreamStateParamFormat
- type TestUpstreamOIDCIdentityProvider
- func (u *TestUpstreamOIDCIdentityProvider) ExchangeAuthcodeAndValidateTokens(ctx context.Context, authcode string, pkceCodeVerifier pkce.Code, ...) (*oidctypes.Token, error)
- func (u *TestUpstreamOIDCIdentityProvider) ExchangeAuthcodeAndValidateTokensArgs(call int) *ExchangeAuthcodeAndValidateTokenArgs
- func (u *TestUpstreamOIDCIdentityProvider) ExchangeAuthcodeAndValidateTokensCallCount() int
- func (u *TestUpstreamOIDCIdentityProvider) GetAuthorizationURL() *url.URL
- func (u *TestUpstreamOIDCIdentityProvider) GetClientID() string
- func (u *TestUpstreamOIDCIdentityProvider) GetGroupsClaim() string
- func (u *TestUpstreamOIDCIdentityProvider) GetName() string
- func (u *TestUpstreamOIDCIdentityProvider) GetScopes() []string
- func (u *TestUpstreamOIDCIdentityProvider) GetUsernameClaim() string
- func (u *TestUpstreamOIDCIdentityProvider) ValidateToken(_ context.Context, _ *oauth2.Token, _ nonce.Nonce) (*oidctypes.Token, error)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func NewIDPListGetter ¶
func NewIDPListGetter(upstreamOIDCIdentityProviders ...*TestUpstreamOIDCIdentityProvider) provider.DynamicUpstreamIDPProvider
func VerifyECDSAIDToken ¶
func VerifyECDSAIDToken( t *testing.T, issuer, clientID string, jwtSigningKey *ecdsa.PrivateKey, idToken string, ) *coreosoidc.IDToken
VerifyECDSAIDToken verifies that the provided idToken was issued via the provided jwtSigningKey. It also performs some light validation on the claims, i.e., it makes sure the provided idToken has the provided issuer and clientID.
Further validation can be done via callers via the returned coreosoidc.IDToken.
Types ¶
type ExchangeAuthcodeAndValidateTokenArgs ¶
type ExchangeAuthcodeAndValidateTokenArgs struct {
Ctx context.Context
Authcode string
PKCECodeVerifier pkce.Code
ExpectedIDTokenNonce nonce.Nonce
RedirectURI string
}
ExchangeAuthcodeAndValidateTokenArgs is a POGO (plain old go object?) used to spy on calls to TestUpstreamOIDCIdentityProvider.ExchangeAuthcodeAndValidateTokensFunc().
type ExpectedUpstreamStateParamFormat ¶
type ExpectedUpstreamStateParamFormat struct {
P string `json:"p"`
U string `json:"u"`
N string `json:"n"`
C string `json:"c"`
K string `json:"k"`
V string `json:"v"`
}
Declare a separate type from the production code to ensure that the state param's contents was serialized in the format that we expect, with the json keys that we expect, etc. This also ensure that the order of the serialized fields is the same, which doesn't really matter expect that we can make simpler equality assertions about the redirect URL in this test.
type TestUpstreamOIDCIdentityProvider ¶
type TestUpstreamOIDCIdentityProvider struct {
Name string
ClientID string
AuthorizationURL url.URL
UsernameClaim string
GroupsClaim string
Scopes []string
ExchangeAuthcodeAndValidateTokensFunc func(
ctx context.Context,
authcode string,
pkceCodeVerifier pkce.Code,
expectedIDTokenNonce nonce.Nonce,
) (*oidctypes.Token, error)
// contains filtered or unexported fields
}
func (*TestUpstreamOIDCIdentityProvider) ExchangeAuthcodeAndValidateTokens ¶
func (*TestUpstreamOIDCIdentityProvider) ExchangeAuthcodeAndValidateTokensArgs ¶
func (u *TestUpstreamOIDCIdentityProvider) ExchangeAuthcodeAndValidateTokensArgs(call int) *ExchangeAuthcodeAndValidateTokenArgs
func (*TestUpstreamOIDCIdentityProvider) ExchangeAuthcodeAndValidateTokensCallCount ¶
func (u *TestUpstreamOIDCIdentityProvider) ExchangeAuthcodeAndValidateTokensCallCount() int
func (*TestUpstreamOIDCIdentityProvider) GetAuthorizationURL ¶
func (u *TestUpstreamOIDCIdentityProvider) GetAuthorizationURL() *url.URL
func (*TestUpstreamOIDCIdentityProvider) GetClientID ¶
func (u *TestUpstreamOIDCIdentityProvider) GetClientID() string
func (*TestUpstreamOIDCIdentityProvider) GetGroupsClaim ¶
func (u *TestUpstreamOIDCIdentityProvider) GetGroupsClaim() string
func (*TestUpstreamOIDCIdentityProvider) GetName ¶
func (u *TestUpstreamOIDCIdentityProvider) GetName() string
func (*TestUpstreamOIDCIdentityProvider) GetScopes ¶
func (u *TestUpstreamOIDCIdentityProvider) GetScopes() []string
func (*TestUpstreamOIDCIdentityProvider) GetUsernameClaim ¶
func (u *TestUpstreamOIDCIdentityProvider) GetUsernameClaim() string
Source Files
Click to show internal directories.
Click to hide internal directories.