Merge remote-tracking branch 'origin/token-introspection' into signingkey

# Conflicts: # pkg/op/mock/storage.mock.go # pkg/op/storage.go
2021-02-12 13:02:04 +01:00 · 2021-02-12 13:02:04 +01:00 · 1049c44c3e
commit 1049c44c3e
parent b2f23dc5b7 5678693d44
48 changed files with 1696 additions and 578 deletions
--- a/example/internal/mock/storage.go
+++ b/example/internal/mock/storage.go
@ -181,22 +181,22 @@ func (s *AuthStorage) GetClientByClientID(_ context.Context, id string) (op.Clie
 		return nil, errors.New("not found")
 	}
 	var appType op.ApplicationType
-	var authMethod op.AuthMethod
+	var authMethod oidc.AuthMethod
 	var accessTokenType op.AccessTokenType
 	var responseTypes []oidc.ResponseType
 	if id == "web" {
 		appType = op.ApplicationTypeWeb
-		authMethod = op.AuthMethodBasic
+		authMethod = oidc.AuthMethodBasic
 		accessTokenType = op.AccessTokenTypeBearer
 		responseTypes = []oidc.ResponseType{oidc.ResponseTypeCode}
 	} else if id == "native" {
 		appType = op.ApplicationTypeNative
-		authMethod = op.AuthMethodNone
+		authMethod = oidc.AuthMethodNone
 		accessTokenType = op.AccessTokenTypeBearer
 		responseTypes = []oidc.ResponseType{oidc.ResponseTypeCode}
 	} else {
 		appType = op.ApplicationTypeUserAgent
-		authMethod = op.AuthMethodNone
+		authMethod = oidc.AuthMethodNone
 		accessTokenType = op.AccessTokenTypeJWT
 		responseTypes = []oidc.ResponseType{oidc.ResponseTypeIDToken, oidc.ResponseTypeIDTokenOnly}
 	}
@ -207,26 +207,37 @@ func (s *AuthStorage) AuthorizeClientIDSecret(_ context.Context, id string, _ st
 	return nil
 }

-func (s *AuthStorage) GetUserinfoFromToken(ctx context.Context, _, _, _ string) (oidc.UserInfo, error) {
-	return s.GetUserinfoFromScopes(ctx, "", "", []string{})
+func (s *AuthStorage) SetUserinfoFromToken(ctx context.Context, userinfo oidc.UserInfoSetter, _, _, _ string) error {
+	return s.SetUserinfoFromScopes(ctx, userinfo, "", "", []string{})
 }
-func (s *AuthStorage) GetUserinfoFromScopes(_ context.Context, _, _ string, _ []string) (oidc.UserInfo, error) {
-	userinfo := oidc.NewUserInfo()
+func (s *AuthStorage) SetUserinfoFromScopes(ctx context.Context, userinfo oidc.UserInfoSetter, _, _ string, _ []string) error {
 	userinfo.SetSubject(a.GetSubject())
 	userinfo.SetAddress(oidc.NewUserInfoAddress("Test 789\nPostfach 2", "", "", "", "", ""))
 	userinfo.SetEmail("test", true)
 	userinfo.SetPhone("0791234567", true)
 	userinfo.SetName("Test")
 	userinfo.AppendClaims("private_claim", "test")
-	return userinfo, nil
+	return nil
 }
 func (s *AuthStorage) GetPrivateClaimsFromScopes(_ context.Context, _, _ string, _ []string) (map[string]interface{}, error) {
 	return map[string]interface{}{"private_claim": "test"}, nil
 }

+func (s *AuthStorage) SetIntrospectionFromToken(ctx context.Context, introspect oidc.IntrospectionResponse, tokenID, subject, clientID string) error {
+	if err := s.SetUserinfoFromScopes(ctx, introspect, "", "", []string{}); err != nil {
+		return err
+	}
+	introspect.SetClientID(a.ClientID)
+	return nil
+}
+
+func (s *AuthStorage) ValidateJWTProfileScopes(ctx context.Context, userID string, scope oidc.Scopes) (oidc.Scopes, error) {
+	return scope, nil
+}
+
 type ConfClient struct {
 	applicationType op.ApplicationType
-	authMethod      op.AuthMethod
+	authMethod      oidc.AuthMethod
 	responseTypes   []oidc.ResponseType
 	ID              string
 	accessTokenType op.AccessTokenType
@ -259,7 +270,7 @@ func (c *ConfClient) ApplicationType() op.ApplicationType {
 	return c.applicationType
 }

-func (c *ConfClient) AuthMethod() op.AuthMethod {
+func (c *ConfClient) AuthMethod() oidc.AuthMethod {
 	return c.authMethod
 }