From 39fef3e7fb48ecebd28685d0a3ab6ed6e4d18c87 Mon Sep 17 00:00:00 2001
From: Livio Amstutz <livio.a@gmail.com>
Date: Mon, 21 Jun 2021 14:04:38 +0200
Subject: [PATCH] fix: simplify JWTProfileVerifier interface

---
 pkg/op/verifier_jwt_profile.go | 18 +++++++++++-------
 1 file changed, 11 insertions(+), 7 deletions(-)

diff --git a/pkg/op/verifier_jwt_profile.go b/pkg/op/verifier_jwt_profile.go
index f7939b5..1dc5c41 100644
--- a/pkg/op/verifier_jwt_profile.go
+++ b/pkg/op/verifier_jwt_profile.go
@@ -13,18 +13,18 @@ import (
 
 type JWTProfileVerifier interface {
 	oidc.Verifier
-	Storage() Storage
+	Storage() jwtProfileKeyStorage
 }
 
 type jwtProfileVerifier struct {
-	storage   Storage
+	storage   jwtProfileKeyStorage
 	issuer    string
 	maxAgeIAT time.Duration
 	offset    time.Duration
 }
 
 //NewJWTProfileVerifier creates a oidc.Verifier for JWT Profile assertions (authorization grant and client authentication)
-func NewJWTProfileVerifier(storage Storage, issuer string, maxAgeIAT, offset time.Duration) JWTProfileVerifier {
+func NewJWTProfileVerifier(storage jwtProfileKeyStorage, issuer string, maxAgeIAT, offset time.Duration) JWTProfileVerifier {
 	return &jwtProfileVerifier{
 		storage:   storage,
 		issuer:    issuer,
@@ -37,7 +37,7 @@ func (v *jwtProfileVerifier) Issuer() string {
 	return v.issuer
 }
 
-func (v *jwtProfileVerifier) Storage() Storage {
+func (v *jwtProfileVerifier) Storage() jwtProfileKeyStorage {
 	return v.storage
 }
 
@@ -84,9 +84,13 @@ func VerifyJWTAssertion(ctx context.Context, assertion string, v JWTProfileVerif
 	return request, nil
 }
 
+type jwtProfileKeyStorage interface {
+	GetKeyByIDAndUserID(ctx context.Context, keyID, userID string) (*jose.JSONWebKey, error)
+}
+
 type jwtProfileKeySet struct {
-	Storage
-	userID string
+	storage jwtProfileKeyStorage
+	userID  string
 }
 
 //VerifySignature implements oidc.KeySet by getting the public key from Storage implementation
@@ -96,7 +100,7 @@ func (k *jwtProfileKeySet) VerifySignature(ctx context.Context, jws *jose.JSONWe
 		keyID = sig.Header.KeyID
 		break
 	}
-	key, err := k.Storage.GetKeyByIDAndUserID(ctx, keyID, k.userID)
+	key, err := k.storage.GetKeyByIDAndUserID(ctx, keyID, k.userID)
 	if err != nil {
 		return nil, fmt.Errorf("error fetching keys: %w", err)
 	}