refactor and add access types

2020-01-28 14:29:25 +01:00 · 2020-01-28 14:29:25 +01:00 · 42099c8207
commit 42099c8207
parent be6737328c
12 changed files with 250 additions and 77 deletions
--- a/pkg/op/mock/authorizer.mock.impl.go
+++ b/pkg/op/mock/authorizer.mock.impl.go
@ -70,6 +70,9 @@ type Sig struct{}
 func (s *Sig) SignIDToken(*oidc.IDTokenClaims) (string, error) {
 	return "", nil
 }
+func (s *Sig) SignAccessToken(*oidc.AccessTokenClaims) (string, error) {
+	return "", nil
+}
 func (s *Sig) SignatureAlgorithm() jose.SignatureAlgorithm {
 	return jose.HS256
 }
--- a/pkg/op/mock/client.mock.go
+++ b/pkg/op/mock/client.mock.go
@ -8,6 +8,7 @@ import (
 	op "github.com/caos/oidc/pkg/op"
 	gomock "github.com/golang/mock/gomock"
 	reflect "reflect"
+	time "time"
 )

 // MockClient is a mock of Client interface
@ -33,6 +34,34 @@ func (m *MockClient) EXPECT() *MockClientMockRecorder {
 	return m.recorder
 }

+// AccessTokenLifetime mocks base method
+func (m *MockClient) AccessTokenLifetime() time.Duration {
+	m.ctrl.T.Helper()
+	ret := m.ctrl.Call(m, "AccessTokenLifetime")
+	ret0, _ := ret[0].(time.Duration)
+	return ret0
+}
+
+// AccessTokenLifetime indicates an expected call of AccessTokenLifetime
+func (mr *MockClientMockRecorder) AccessTokenLifetime() *gomock.Call {
+	mr.mock.ctrl.T.Helper()
+	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "AccessTokenLifetime", reflect.TypeOf((*MockClient)(nil).AccessTokenLifetime))
+}
+
+// AccessTokenType mocks base method
+func (m *MockClient) AccessTokenType() op.AccessTokenType {
+	m.ctrl.T.Helper()
+	ret := m.ctrl.Call(m, "AccessTokenType")
+	ret0, _ := ret[0].(op.AccessTokenType)
+	return ret0
+}
+
+// AccessTokenType indicates an expected call of AccessTokenType
+func (mr *MockClientMockRecorder) AccessTokenType() *gomock.Call {
+	mr.mock.ctrl.T.Helper()
+	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "AccessTokenType", reflect.TypeOf((*MockClient)(nil).AccessTokenType))
+}
+
 // ApplicationType mocks base method
 func (m *MockClient) ApplicationType() op.ApplicationType {
 	m.ctrl.T.Helper()
@ -75,6 +104,20 @@ func (mr *MockClientMockRecorder) GetID() *gomock.Call {
 	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetID", reflect.TypeOf((*MockClient)(nil).GetID))
 }

+// IDTokenLifetime mocks base method
+func (m *MockClient) IDTokenLifetime() time.Duration {
+	m.ctrl.T.Helper()
+	ret := m.ctrl.Call(m, "IDTokenLifetime")
+	ret0, _ := ret[0].(time.Duration)
+	return ret0
+}
+
+// IDTokenLifetime indicates an expected call of IDTokenLifetime
+func (mr *MockClientMockRecorder) IDTokenLifetime() *gomock.Call {
+	mr.mock.ctrl.T.Helper()
+	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "IDTokenLifetime", reflect.TypeOf((*MockClient)(nil).IDTokenLifetime))
+}
+
 // LoginURL mocks base method
 func (m *MockClient) LoginURL(arg0 string) string {
 	m.ctrl.T.Helper()
--- a/pkg/op/mock/signer.mock.go
+++ b/pkg/op/mock/signer.mock.go
@ -34,6 +34,21 @@ func (m *MockSigner) EXPECT() *MockSignerMockRecorder {
 	return m.recorder
 }

+// SignAccessToken mocks base method
+func (m *MockSigner) SignAccessToken(arg0 *oidc.AccessTokenClaims) (string, error) {
+	m.ctrl.T.Helper()
+	ret := m.ctrl.Call(m, "SignAccessToken", arg0)
+	ret0, _ := ret[0].(string)
+	ret1, _ := ret[1].(error)
+	return ret0, ret1
+}
+
+// SignAccessToken indicates an expected call of SignAccessToken
+func (mr *MockSignerMockRecorder) SignAccessToken(arg0 interface{}) *gomock.Call {
+	mr.mock.ctrl.T.Helper()
+	return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "SignAccessToken", reflect.TypeOf((*MockSigner)(nil).SignAccessToken), arg0)
+}
+
 // SignIDToken mocks base method
 func (m *MockSigner) SignIDToken(arg0 *oidc.IDTokenClaims) (string, error) {
 	m.ctrl.T.Helper()
--- a/pkg/op/mock/storage.mock.impl.go
+++ b/pkg/op/mock/storage.mock.impl.go
@ -4,6 +4,7 @@ import (
 	"context"
 	"errors"
 	"testing"
+	"time"

 	"gopkg.in/square/go-jose.v2"

@ -64,18 +65,22 @@ func ExpectValidClientID(s op.Storage) {
 		func(_ context.Context, id string) (op.Client, error) {
 			var appType op.ApplicationType
 			var authMethod op.AuthMethod
+			var accessTokenType op.AccessTokenType
 			switch id {
 			case "web_client":
 				appType = op.ApplicationTypeWeb
 				authMethod = op.AuthMethodBasic
+				accessTokenType = op.AccessTokenTypeBearer
 			case "native_client":
 				appType = op.ApplicationTypeNative
 				authMethod = op.AuthMethodNone
+				accessTokenType = op.AccessTokenTypeBearer
 			case "useragent_client":
 				appType = op.ApplicationTypeUserAgent
 				authMethod = op.AuthMethodBasic
+				accessTokenType = op.AccessTokenTypeJWT
 			}
-			return &ConfClient{id: id, appType: appType, authMethod: authMethod}, nil
+			return &ConfClient{id: id, appType: appType, authMethod: authMethod, accessTokenType: accessTokenType}, nil
 		})
 }

@ -95,9 +100,10 @@ func ExpectSigningKey(s op.Storage) {
 }

 type ConfClient struct {
-	id         string
-	appType    op.ApplicationType
-	authMethod op.AuthMethod
+	id              string
+	appType         op.ApplicationType
+	authMethod      op.AuthMethod
+	accessTokenType op.AccessTokenType
 }

 func (c *ConfClient) RedirectURIs() []string {
@ -124,3 +130,13 @@ func (c *ConfClient) GetAuthMethod() op.AuthMethod {
 func (c *ConfClient) GetID() string {
 	return c.id
 }
+
+func (c *ConfClient) AccessTokenLifetime() time.Duration {
+	return time.Duration(5 * time.Minute)
+}
+func (c *ConfClient) IDTokenLifetime() time.Duration {
+	return time.Duration(5 * time.Minute)
+}
+func (c *ConfClient) AccessTokenType() op.AccessTokenType {
+	return c.accessTokenType
+}