fix: simplify JWTProfileVerifier interface

2021-06-21 14:04:38 +02:00 · 2021-06-21 14:04:38 +02:00 · 39fef3e7fb
commit 39fef3e7fb
parent 400f5c4de4
1 changed files with 11 additions and 7 deletions
--- a/pkg/op/verifier_jwt_profile.go
+++ b/pkg/op/verifier_jwt_profile.go
@ -13,18 +13,18 @@ import (

 type JWTProfileVerifier interface {
 	oidc.Verifier
-	Storage() Storage
+	Storage() jwtProfileKeyStorage
 }

 type jwtProfileVerifier struct {
-	storage   Storage
+	storage   jwtProfileKeyStorage
 	issuer    string
 	maxAgeIAT time.Duration
 	offset    time.Duration
 }

 //NewJWTProfileVerifier creates a oidc.Verifier for JWT Profile assertions (authorization grant and client authentication)
-func NewJWTProfileVerifier(storage Storage, issuer string, maxAgeIAT, offset time.Duration) JWTProfileVerifier {
+func NewJWTProfileVerifier(storage jwtProfileKeyStorage, issuer string, maxAgeIAT, offset time.Duration) JWTProfileVerifier {
 	return &jwtProfileVerifier{
 		storage:   storage,
 		issuer:    issuer,
@ -37,7 +37,7 @@ func (v *jwtProfileVerifier) Issuer() string {
 	return v.issuer
 }

-func (v *jwtProfileVerifier) Storage() Storage {
+func (v *jwtProfileVerifier) Storage() jwtProfileKeyStorage {
 	return v.storage
 }

@ -84,8 +84,12 @@ func VerifyJWTAssertion(ctx context.Context, assertion string, v JWTProfileVerif
 	return request, nil
 }

+type jwtProfileKeyStorage interface {
+	GetKeyByIDAndUserID(ctx context.Context, keyID, userID string) (*jose.JSONWebKey, error)
+}
+
 type jwtProfileKeySet struct {
-	Storage
+	storage jwtProfileKeyStorage
 	userID  string
 }

@ -96,7 +100,7 @@ func (k *jwtProfileKeySet) VerifySignature(ctx context.Context, jws *jose.JSONWe
 		keyID = sig.Header.KeyID
 		break
 	}
-	key, err := k.Storage.GetKeyByIDAndUserID(ctx, keyID, k.userID)
+	key, err := k.storage.GetKeyByIDAndUserID(ctx, keyID, k.userID)
 	if err != nil {
 		return nil, fmt.Errorf("error fetching keys: %w", err)
 	}