feat: merge the verifier types

BREAKING CHANGE: - The various verifier types are merged into a oidc.Verifir. - oidc.Verfier became a struct with exported fields
2023-03-17 16:10:42 +02:00 · 2023-03-17 16:10:42 +02:00 · aad76b0d91
commit aad76b0d91
parent c8cf15e266
22 changed files with 188 additions and 343 deletions
--- a/pkg/client/rp/verifier_test.go
+++ b/pkg/client/rp/verifier_test.go
@ -13,16 +13,16 @@ import (
 )

 func TestVerifyTokens(t *testing.T) {
-	verifier := &idTokenVerifier{
-		issuer:            tu.ValidIssuer,
-		maxAgeIAT:         2 * time.Minute,
-		offset:            time.Second,
-		supportedSignAlgs: []string{string(tu.SignatureAlgorithm)},
-		keySet:            tu.KeySet{},
-		maxAge:            2 * time.Minute,
-		acr:               tu.ACRVerify,
-		nonce:             func(context.Context) string { return tu.ValidNonce },
-		clientID:          tu.ValidClientID,
+	verifier := &oidc.Verifier{
+		Issuer:            tu.ValidIssuer,
+		MaxAgeIAT:         2 * time.Minute,
+		Offset:            time.Second,
+		SupportedSignAlgs: []string{string(tu.SignatureAlgorithm)},
+		KeySet:            tu.KeySet{},
+		MaxAge:            2 * time.Minute,
+		ACR:               tu.ACRVerify,
+		Nonce:             func(context.Context) string { return tu.ValidNonce },
+		ClientID:          tu.ValidClientID,
 	}
 	accessToken, _ := tu.ValidAccessToken()
 	atHash, err := oidc.ClaimHash(accessToken, tu.SignatureAlgorithm)
@ -91,15 +91,15 @@ func TestVerifyTokens(t *testing.T) {
 }

 func TestVerifyIDToken(t *testing.T) {
-	verifier := &idTokenVerifier{
-		issuer:            tu.ValidIssuer,
-		maxAgeIAT:         2 * time.Minute,
-		offset:            time.Second,
-		supportedSignAlgs: []string{string(tu.SignatureAlgorithm)},
-		keySet:            tu.KeySet{},
-		maxAge:            2 * time.Minute,
-		acr:               tu.ACRVerify,
-		nonce:             func(context.Context) string { return tu.ValidNonce },
+	verifier := &oidc.Verifier{
+		Issuer:            tu.ValidIssuer,
+		MaxAgeIAT:         2 * time.Minute,
+		Offset:            time.Second,
+		SupportedSignAlgs: []string{string(tu.SignatureAlgorithm)},
+		KeySet:            tu.KeySet{},
+		MaxAge:            2 * time.Minute,
+		ACR:               tu.ACRVerify,
+		Nonce:             func(context.Context) string { return tu.ValidNonce },
 	}

 	tests := []struct {
@ -219,7 +219,7 @@ func TestVerifyIDToken(t *testing.T) {
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			token, want := tt.tokenClaims()
-			verifier.clientID = tt.clientID
+			verifier.ClientID = tt.clientID
 			got, err := VerifyIDToken[*oidc.IDTokenClaims](context.Background(), token, verifier)
 			if tt.wantErr {
 				assert.Error(t, err)
@ -300,7 +300,7 @@ func TestNewIDTokenVerifier(t *testing.T) {
 	tests := []struct {
 		name string
 		args args
-		want IDTokenVerifier
+		want *oidc.Verifier
 	}{
 		{
 			name: "nil nonce", // otherwise assert.Equal will fail on the function
@ -317,16 +317,16 @@ func TestNewIDTokenVerifier(t *testing.T) {
 					WithSupportedSigningAlgorithms("ABC", "DEF"),
 				},
 			},
-			want: &idTokenVerifier{
-				issuer:            tu.ValidIssuer,
-				offset:            time.Minute,
-				maxAgeIAT:         time.Hour,
-				clientID:          tu.ValidClientID,
-				keySet:            tu.KeySet{},
-				nonce:             nil,
-				acr:               nil,
-				maxAge:            2 * time.Hour,
-				supportedSignAlgs: []string{"ABC", "DEF"},
+			want: &oidc.Verifier{
+				Issuer:            tu.ValidIssuer,
+				Offset:            time.Minute,
+				MaxAgeIAT:         time.Hour,
+				ClientID:          tu.ValidClientID,
+				KeySet:            tu.KeySet{},
+				Nonce:             nil,
+				ACR:               nil,
+				MaxAge:            2 * time.Hour,
+				SupportedSignAlgs: []string{"ABC", "DEF"},
 			},
 		},
 	}