fixes of conf testing

example/internal/mock/storage.go

@@ -34,6 +34,8 @@ type AuthRequest struct {
 	ID           string
 	ResponseType oidc.ResponseType
 	RedirectURI  string
+	Nonce        string
+	ClientID     string
 }
 
 func (a *AuthRequest) GetACR() string {
@@ -48,7 +50,7 @@ func (a *AuthRequest) GetAMR() []string {
 
 func (a *AuthRequest) GetAudience() []string {
 	return []string{
-		a.ID,
+		a.ClientID,
 	}
 }
 
@@ -57,7 +59,7 @@ func (a *AuthRequest) GetAuthTime() time.Time {
 }
 
 func (a *AuthRequest) GetClientID() string {
-	return a.ID
+	return a.ClientID
 }
 
 func (a *AuthRequest) GetCode() string {
@@ -69,11 +71,12 @@ func (a *AuthRequest) GetID() string {
 }
 
 func (a *AuthRequest) GetNonce() string {
-	return "nonce"
+	return a.Nonce
 }
 
 func (a *AuthRequest) GetRedirectURI() string {
-	return "http://localhost:5556/auth/callback"
+	return "https://op.certification.openid.net:62054/authz_cb"
+	// return "http://localhost:5556/auth/callback"
 }
 
 func (a *AuthRequest) GetResponseType() oidc.ResponseType {
@@ -96,8 +99,13 @@ func (a *AuthRequest) GetSubject() string {
 	return "sub"
 }
 
+var (
+	a = &AuthRequest{}
+)
+
 func (s *AuthStorage) CreateAuthRequest(authReq *oidc.AuthRequest) (op.AuthRequest, error) {
-	return &AuthRequest{ID: "id"}, nil
+	a = &AuthRequest{ID: "id", ClientID: authReq.ClientID, ResponseType: authReq.ResponseType, Nonce: authReq.Nonce}
+	return a, nil
 }
 func (s *OPStorage) GetClientByClientID(id string) (op.Client, error) {
 	if id == "none" {
@@ -114,7 +122,7 @@ func (s *OPStorage) GetClientByClientID(id string) (op.Client, error) {
 	return &ConfClient{applicationType: appType}, nil
 }
 func (s *AuthStorage) AuthRequestByCode(op.Client, string, string) (op.AuthRequest, error) {
-	return &AuthRequest{ID: "native"}, nil
+	return a, nil
 }
 func (s *OPStorage) AuthorizeClientIDSecret(string, string) (op.Client, error) {
 	return &ConfClient{}, nil

pkg/op/authrequest.go

@@ -79,6 +79,9 @@ func ValidateAuthRequest(authReq *oidc.AuthRequest, storage Storage) error {
 	if err := ValidateAuthReqRedirectURI(authReq.RedirectURI, authReq.ClientID, authReq.ResponseType, storage); err != nil {
 		return err
 	}
+	if err := ValidateAuthReqResponseType(authReq.ResponseType); err != nil {
+		return err
+	}
 	return nil
 	// return errors.New("Unimplemented") //TODO: impl https://openid.net/specs/openid-connect-core-1_0.html#rfc.section.3.1.2.2
 
@@ -133,6 +136,13 @@ func ValidateAuthReqRedirectURI(uri, client_id string, responseType oidc.Respons
 	return nil
 }
 
+func ValidateAuthReqResponseType(responseType oidc.ResponseType) error {
+	if responseType == "" {
+		return ErrInvalidRequest("response_type empty")
+	}
+	return nil
+}
+
 func RedirectToLogin(authReqID string, client Client, w http.ResponseWriter, r *http.Request) {
 	login := client.LoginURL(authReqID)
 	http.Redirect(w, r, login, http.StatusFound)

pkg/op/error.go

@@ -60,7 +60,8 @@ func AuthRequestError(w http.ResponseWriter, r *http.Request, authReq ErrAuthReq
 		return
 	}
 	url := authReq.GetRedirectURI()
-	if authReq.GetResponseType() == oidc.ResponseTypeCode {
+	responseType := authReq.GetResponseType()
+	if responseType == "" || responseType == oidc.ResponseTypeCode {
 		url += "?" + params
 	} else {
 		url += "#" + params