diff --git a/example/client/app/app.go b/example/client/app/app.go
index ea1e6e7..3a96830 100644
--- a/example/client/app/app.go
+++ b/example/client/app/app.go
@@ -86,7 +86,8 @@ func main() {
})
http.HandleFunc("/jwt-profile", func(w http.ResponseWriter, r *http.Request) {
- tpl := `
+ if r.Method == "GET" {
+ tpl := `
@@ -94,51 +95,54 @@ func main() {
Login
-
`
- t, err := template.New("login").Parse(tpl)
- if err != nil {
- http.Error(w, err.Error(), http.StatusInternalServerError)
- return
- }
- err = t.Execute(w, nil)
- if err != nil {
- http.Error(w, err.Error(), http.StatusInternalServerError)
- }
- })
+ t, err := template.New("login").Parse(tpl)
+ if err != nil {
+ http.Error(w, err.Error(), http.StatusInternalServerError)
+ return
+ }
+ err = t.Execute(w, nil)
+ if err != nil {
+ http.Error(w, err.Error(), http.StatusInternalServerError)
+ }
+ } else {
+ err := r.ParseMultipartForm(4 << 10)
+ if err != nil {
+ http.Error(w, err.Error(), http.StatusInternalServerError)
+ return
+ }
+ file, handler, err := r.FormFile("key")
+ if err != nil {
+ http.Error(w, err.Error(), http.StatusInternalServerError)
+ return
+ }
+ defer file.Close()
- http.HandleFunc("/jwt-profile-assertion", func(w http.ResponseWriter, r *http.Request) {
- r.ParseMultipartForm(32 << 20)
- file, handler, err := r.FormFile("key")
- if err != nil {
- http.Error(w, err.Error(), http.StatusInternalServerError)
- return
+ key, err := ioutil.ReadAll(file)
+ fmt.Println(handler.Header)
+ assertion, err := oidc.NewJWTProfileAssertionFromFileData(key, []string{issuer})
+ if err != nil {
+ http.Error(w, err.Error(), http.StatusInternalServerError)
+ return
+ }
+ token, err := rp.JWTProfileExchange(ctx, assertion, provider)
+ if err != nil {
+ http.Error(w, err.Error(), http.StatusInternalServerError)
+ return
+ }
+ data, err := json.Marshal(token)
+ if err != nil {
+ http.Error(w, err.Error(), http.StatusInternalServerError)
+ return
+ }
+ w.Write(data)
}
- defer file.Close()
-
- key, err := ioutil.ReadAll(file)
- fmt.Println(handler.Header)
- assertion, err := oidc.NewJWTProfileAssertionFromFileData(key, []string{issuer})
- if err != nil {
- http.Error(w, err.Error(), http.StatusInternalServerError)
- return
- }
- token, err := rp.JWTProfileExchange(ctx, assertion, provider)
- if err != nil {
- http.Error(w, err.Error(), http.StatusInternalServerError)
- return
- }
- data, err := json.Marshal(token)
- if err != nil {
- http.Error(w, err.Error(), http.StatusInternalServerError)
- return
- }
- w.Write(data)
})
lis := fmt.Sprintf("127.0.0.1:%s", port)
logrus.Infof("listening on http://%s/", lis)
diff --git a/example/internal/mock/storage.go b/example/internal/mock/storage.go
index 74e0ed7..1c33906 100644
--- a/example/internal/mock/storage.go
+++ b/example/internal/mock/storage.go
@@ -210,31 +210,18 @@ func (s *AuthStorage) AuthorizeClientIDSecret(_ context.Context, id string, _ st
return nil
}
-func (s *AuthStorage) GetUserinfoFromToken(ctx context.Context, _, _ string) (*oidc.userinfo, error) {
+func (s *AuthStorage) GetUserinfoFromToken(ctx context.Context, _, _ string) (oidc.UserInfoSetter, error) {
return s.GetUserinfoFromScopes(ctx, "", []string{})
}
-func (s *AuthStorage) GetUserinfoFromScopes(_ context.Context, _ string, _ []string) (*oidc.userinfo, error) {
- return &oidc.userinfo{
- Subject: a.GetSubject(),
- Address: &oidc.UserinfoAddress{
- StreetAddress: "Hjkhkj 789\ndsf",
- },
- userinfoEmail: oidc.userinfoEmail{
- Email: "test",
- EmailVerified: true,
- },
- userinfoPhone: oidc.userinfoPhone{
- PhoneNumber: "sadsa",
- PhoneNumberVerified: true,
- },
- userinfoProfile: oidc.userinfoProfile{
- UpdatedAt: time.Now(),
- },
- // Claims: map[string]interface{}{
- // "test": "test",
- // "hkjh": "",
- // },
- }, nil
+func (s *AuthStorage) GetUserinfoFromScopes(_ context.Context, _ string, _ []string) (oidc.UserInfoSetter, error) {
+ userinfo := oidc.NewUserInfo()
+ userinfo.SetSubject(a.GetSubject())
+ userinfo.SetAddress(oidc.NewUserInfoAddress("Test 789\nPostfach 2", "", "", "", "", ""))
+ userinfo.SetEmail("test", true)
+ userinfo.SetPhone("0791234567", true)
+ userinfo.SetName("Test")
+ userinfo.AppendClaims("private_claim", "test")
+ return userinfo, nil
}
type ConfClient struct {
diff --git a/pkg/op/mock/authorizer.mock.impl.go b/pkg/op/mock/authorizer.mock.impl.go
index 7dfcfff..a481a8b 100644
--- a/pkg/op/mock/authorizer.mock.impl.go
+++ b/pkg/op/mock/authorizer.mock.impl.go
@@ -72,18 +72,18 @@ func (v *Verifier) VerifyIDToken(ctx context.Context, idToken string) (*oidc.IDT
return nil, nil
}
-type Sig struct{}
+type Sig struct {
+ signer jose.Signer
+}
+
+func (s *Sig) Signer() jose.Signer {
+ return s.signer
+}
func (s *Sig) Health(ctx context.Context) error {
return nil
}
-func (s *Sig) SignIDToken(*oidc.IDTokenClaims) (string, error) {
- return "", nil
-}
-func (s *Sig) SignAccessToken(*oidc.accessTokenClaims) (string, error) {
- return "", nil
-}
func (s *Sig) SignatureAlgorithm() jose.SignatureAlgorithm {
return jose.HS256
}
@@ -92,9 +92,3 @@ func ExpectStorage(a op.Authorizer, t *testing.T) {
mockA := a.(*MockAuthorizer)
mockA.EXPECT().Storage().AnyTimes().Return(NewMockStorageAny(t))
}
-
-// func NewMockSignerAny(t *testing.T) op.Signer {
-// m := NewMockSigner(gomock.NewController(t))
-// m.EXPECT().Sign(gomock.Any()).AnyTimes().Return("", nil)
-// return m
-// }
diff --git a/pkg/op/mock/signer.mock.go b/pkg/op/mock/signer.mock.go
index 16592a7..b52f9d4 100644
--- a/pkg/op/mock/signer.mock.go
+++ b/pkg/op/mock/signer.mock.go
@@ -6,7 +6,6 @@ package mock
import (
context "context"
- oidc "github.com/caos/oidc/pkg/oidc"
gomock "github.com/golang/mock/gomock"
jose "gopkg.in/square/go-jose.v2"
reflect "reflect"
@@ -49,36 +48,6 @@ func (mr *MockSignerMockRecorder) Health(arg0 interface{}) *gomock.Call {
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Health", reflect.TypeOf((*MockSigner)(nil).Health), arg0)
}
-// SignAccessToken mocks base method
-func (m *MockSigner) SignAccessToken(arg0 *oidc.accessTokenClaims) (string, error) {
- m.ctrl.T.Helper()
- ret := m.ctrl.Call(m, "SignAccessToken", arg0)
- ret0, _ := ret[0].(string)
- ret1, _ := ret[1].(error)
- return ret0, ret1
-}
-
-// SignAccessToken indicates an expected call of SignAccessToken
-func (mr *MockSignerMockRecorder) SignAccessToken(arg0 interface{}) *gomock.Call {
- mr.mock.ctrl.T.Helper()
- return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "SignAccessToken", reflect.TypeOf((*MockSigner)(nil).SignAccessToken), arg0)
-}
-
-// SignIDToken mocks base method
-func (m *MockSigner) SignIDToken(arg0 *oidc.IDTokenClaims) (string, error) {
- m.ctrl.T.Helper()
- ret := m.ctrl.Call(m, "SignIDToken", arg0)
- ret0, _ := ret[0].(string)
- ret1, _ := ret[1].(error)
- return ret0, ret1
-}
-
-// SignIDToken indicates an expected call of SignIDToken
-func (mr *MockSignerMockRecorder) SignIDToken(arg0 interface{}) *gomock.Call {
- mr.mock.ctrl.T.Helper()
- return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "SignIDToken", reflect.TypeOf((*MockSigner)(nil).SignIDToken), arg0)
-}
-
// SignatureAlgorithm mocks base method
func (m *MockSigner) SignatureAlgorithm() jose.SignatureAlgorithm {
m.ctrl.T.Helper()
@@ -92,3 +61,17 @@ func (mr *MockSignerMockRecorder) SignatureAlgorithm() *gomock.Call {
mr.mock.ctrl.T.Helper()
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "SignatureAlgorithm", reflect.TypeOf((*MockSigner)(nil).SignatureAlgorithm))
}
+
+// Signer mocks base method
+func (m *MockSigner) Signer() jose.Signer {
+ m.ctrl.T.Helper()
+ ret := m.ctrl.Call(m, "Signer")
+ ret0, _ := ret[0].(jose.Signer)
+ return ret0
+}
+
+// Signer indicates an expected call of Signer
+func (mr *MockSignerMockRecorder) Signer() *gomock.Call {
+ mr.mock.ctrl.T.Helper()
+ return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Signer", reflect.TypeOf((*MockSigner)(nil).Signer))
+}
diff --git a/pkg/op/mock/storage.mock.go b/pkg/op/mock/storage.mock.go
index bcc04da..1bcd1a6 100644
--- a/pkg/op/mock/storage.mock.go
+++ b/pkg/op/mock/storage.mock.go
@@ -184,10 +184,10 @@ func (mr *MockStorageMockRecorder) GetSigningKey(arg0, arg1, arg2, arg3 interfac
}
// GetUserinfoFromScopes mocks base method
-func (m *MockStorage) GetUserinfoFromScopes(arg0 context.Context, arg1 string, arg2 []string) (*oidc.userinfo, error) {
+func (m *MockStorage) GetUserinfoFromScopes(arg0 context.Context, arg1 string, arg2 []string) (oidc.UserInfoSetter, error) {
m.ctrl.T.Helper()
ret := m.ctrl.Call(m, "GetUserinfoFromScopes", arg0, arg1, arg2)
- ret0, _ := ret[0].(*oidc.userinfo)
+ ret0, _ := ret[0].(oidc.UserInfoSetter)
ret1, _ := ret[1].(error)
return ret0, ret1
}
@@ -199,10 +199,10 @@ func (mr *MockStorageMockRecorder) GetUserinfoFromScopes(arg0, arg1, arg2 interf
}
// GetUserinfoFromToken mocks base method
-func (m *MockStorage) GetUserinfoFromToken(arg0 context.Context, arg1, arg2 string) (*oidc.userinfo, error) {
+func (m *MockStorage) GetUserinfoFromToken(arg0 context.Context, arg1, arg2 string) (oidc.UserInfoSetter, error) {
m.ctrl.T.Helper()
ret := m.ctrl.Call(m, "GetUserinfoFromToken", arg0, arg1, arg2)
- ret0, _ := ret[0].(*oidc.userinfo)
+ ret0, _ := ret[0].(oidc.UserInfoSetter)
ret1, _ := ret[1].(error)
return ret0, ret1
}
diff --git a/pkg/op/signer.go b/pkg/op/signer.go
index 5cf585e..76bb9c7 100644
--- a/pkg/op/signer.go
+++ b/pkg/op/signer.go
@@ -10,8 +10,6 @@ import (
type Signer interface {
Health(ctx context.Context) error
- //SignIDToken(claims *oidc.IDTokenClaims) (string, error)
- //SignAccessToken(claims *oidc.AccessTokenClaims) (string, error)
Signer() jose.Signer
SignatureAlgorithm() jose.SignatureAlgorithm
}
@@ -43,11 +41,6 @@ func (s *tokenSigner) Signer() jose.Signer {
return s.signer
}
-//
-//func (s *tokenSigner) Sign(payload []byte) (*jose.JSONWebSignature, error) {
-// return s.signer.Sign(payload)
-//}
-
func (s *tokenSigner) refreshSigningKey(ctx context.Context, keyCh <-chan jose.SigningKey) {
for {
select {
diff --git a/pkg/op/signer_test.go b/pkg/op/signer_test.go
deleted file mode 100644
index c751c76..0000000
--- a/pkg/op/signer_test.go
+++ /dev/null
@@ -1,95 +0,0 @@
-package op
-
-import (
- "testing"
-
- "github.com/stretchr/testify/require"
- "gopkg.in/square/go-jose.v2"
-)
-
-// func TestNewDefaultSigner(t *testing.T) {
-// type args struct {
-// storage Storage
-// }
-// tests := []struct {
-// name string
-// args args
-// want Signer
-// wantErr bool
-// }{
-// {
-// "err initialize storage fails",
-// args{mock.NewMockStorageSigningKeyError(t)},
-// nil,
-// true,
-// },
-// {
-// "err initialize storage fails",
-// args{mock.NewMockStorageSigningKeyInvalid(t)},
-// nil,
-// true,
-// },
-// {
-// "initialize ok",
-// args{mock.NewMockStorageSigningKey(t)},
-// &idTokenSigner{Storage: mock.NewMockStorageSigningKey(t)},
-// false,
-// },
-// }
-// for _, tt := range tests {
-// t.Run(tt.name, func(t *testing.T) {
-// got, err := op.NewSigner(tt.args.storage)
-// if (err != nil) != tt.wantErr {
-// t.Errorf("NewSigner() error = %v, wantErr %v", err, tt.wantErr)
-// return
-// }
-// if !reflect.DeepEqual(got, tt.want) {
-// t.Errorf("NewSigner() = %v, want %v", got, tt.want)
-// }
-// })
-// }
-// }
-
-func Test_idTokenSigner_Sign(t *testing.T) {
- signer, err := jose.NewSigner(jose.SigningKey{Algorithm: jose.HS256, Key: []byte("key")}, &jose.SignerOptions{})
- require.NoError(t, err)
-
- type fields struct {
- signer jose.Signer
- storage Storage
- }
- type args struct {
- payload []byte
- }
- tests := []struct {
- name string
- fields fields
- args args
- want string
- wantErr bool
- }{
- {
- "ok",
- fields{signer, nil},
- args{[]byte("test")},
- "eyJhbGciOiJIUzI1NiJ9.dGVzdA.SxYZRsvB_Dr4F7SEFuYXvkMZqCCwzpsPOQXl-vLPEww",
- false,
- },
- }
- for _, tt := range tests {
- t.Run(tt.name, func(t *testing.T) {
- s := &tokenSigner{
- signer: tt.fields.signer,
- storage: tt.fields.storage,
- }
- got, err := s.Sign(tt.args.payload)
- if (err != nil) != tt.wantErr {
- t.Errorf("idTokenSigner.Sign() error = %v, wantErr %v", err, tt.wantErr)
- return
- }
- if got != tt.want {
- t.Errorf("idTokenSigner.Sign() = %v, want %v", got, tt.want)
- }
- })
- }
-}