cim/zitadel-oidc
5
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

refactoring

Browse source
This commit is contained in:
Livio Amstutz 2020-09-28 09:07:46 +02:00
parent d7ed59db2b
commit d368b2d950
7 changed files with 77 additions and 211 deletions
Download patch file Download diff file Expand all files Collapse all files

14
example/client/app/app.go
View file

@ -86,6 +86,7 @@ func main() {
}) })
http.HandleFunc("/jwt-profile", func(w http.ResponseWriter, r *http.Request) { http.HandleFunc("/jwt-profile", func(w http.ResponseWriter, r *http.Request) {
if r.Method == "GET" {
tpl := ` tpl := `
<!DOCTYPE html> <!DOCTYPE html>
<html> <html>
@ -94,7 +95,7 @@ func main() {
<title>Login</title> <title>Login</title>
</head> </head>
<body> <body>
<form method="POST" action="/jwt-profile-assertion" enctype="multipart/form-data"> <form method="POST" action="/jwt-profile" enctype="multipart/form-data">
<label for="key">Select a key file:</label> <label for="key">Select a key file:</label>
<input type="file" id="key" name="key"> <input type="file" id="key" name="key">
<button type="submit">Upload</button> <button type="submit">Upload</button>
@ -110,10 +111,12 @@ func main() {
if err != nil { if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError) http.Error(w, err.Error(), http.StatusInternalServerError)
} }
}) } else {
err := r.ParseMultipartForm(4 << 10)
http.HandleFunc("/jwt-profile-assertion", func(w http.ResponseWriter, r *http.Request) { if err != nil {
r.ParseMultipartForm(32 << 20) http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
file, handler, err := r.FormFile("key") file, handler, err := r.FormFile("key")
if err != nil { if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError) http.Error(w, err.Error(), http.StatusInternalServerError)
@ -139,6 +142,7 @@ func main() {
return return
} }
w.Write(data) w.Write(data)
}
}) })
lis := fmt.Sprintf("127.0.0.1:%s", port) lis := fmt.Sprintf("127.0.0.1:%s", port)
logrus.Infof("listening on http://%s/", lis) logrus.Infof("listening on http://%s/", lis)

33
example/internal/mock/storage.go
View file

@ -210,31 +210,18 @@ func (s *AuthStorage) AuthorizeClientIDSecret(_ context.Context, id string, _ st
return nil return nil
} }
func (s *AuthStorage) GetUserinfoFromToken(ctx context.Context, _, _ string) (*oidc.userinfo, error) { func (s *AuthStorage) GetUserinfoFromToken(ctx context.Context, _, _ string) (oidc.UserInfoSetter, error) {
return s.GetUserinfoFromScopes(ctx, "", []string{}) return s.GetUserinfoFromScopes(ctx, "", []string{})
} }
func (s *AuthStorage) GetUserinfoFromScopes(_ context.Context, _ string, _ []string) (*oidc.userinfo, error) { func (s *AuthStorage) GetUserinfoFromScopes(_ context.Context, _ string, _ []string) (oidc.UserInfoSetter, error) {
return &oidc.userinfo{ userinfo := oidc.NewUserInfo()
Subject: a.GetSubject(), userinfo.SetSubject(a.GetSubject())
Address: &oidc.UserinfoAddress{ userinfo.SetAddress(oidc.NewUserInfoAddress("Test 789\nPostfach 2", "", "", "", "", ""))
StreetAddress: "Hjkhkj 789\ndsf", userinfo.SetEmail("test", true)
}, userinfo.SetPhone("0791234567", true)
userinfoEmail: oidc.userinfoEmail{ userinfo.SetName("Test")
Email: "test", userinfo.AppendClaims("private_claim", "test")
EmailVerified: true, return userinfo, nil
},
userinfoPhone: oidc.userinfoPhone{
PhoneNumber: "sadsa",
PhoneNumberVerified: true,
},
userinfoProfile: oidc.userinfoProfile{
UpdatedAt: time.Now(),
},
// Claims: map[string]interface{}{
// "test": "test",
// "hkjh": "",
// },
}, nil
} }
type ConfClient struct { type ConfClient struct {

20
pkg/op/mock/authorizer.mock.impl.go
View file

@ -72,18 +72,18 @@ func (v *Verifier) VerifyIDToken(ctx context.Context, idToken string) (*oidc.IDT
return nil, nil return nil, nil
} }
type Sig struct{} type Sig struct {
signer jose.Signer
}
func (s *Sig) Signer() jose.Signer {
return s.signer
}
func (s *Sig) Health(ctx context.Context) error { func (s *Sig) Health(ctx context.Context) error {
return nil return nil
} }
func (s *Sig) SignIDToken(*oidc.IDTokenClaims) (string, error) {
return "", nil
}
func (s *Sig) SignAccessToken(*oidc.accessTokenClaims) (string, error) {
return "", nil
}
func (s *Sig) SignatureAlgorithm() jose.SignatureAlgorithm { func (s *Sig) SignatureAlgorithm() jose.SignatureAlgorithm {
return jose.HS256 return jose.HS256
} }
@ -92,9 +92,3 @@ func ExpectStorage(a op.Authorizer, t *testing.T) {
mockA := a.(*MockAuthorizer) mockA := a.(*MockAuthorizer)
mockA.EXPECT().Storage().AnyTimes().Return(NewMockStorageAny(t)) mockA.EXPECT().Storage().AnyTimes().Return(NewMockStorageAny(t))
} }
// func NewMockSignerAny(t *testing.T) op.Signer {
// m := NewMockSigner(gomock.NewController(t))
// m.EXPECT().Sign(gomock.Any()).AnyTimes().Return("", nil)
// return m
// }

45
pkg/op/mock/signer.mock.go
View file

@ -6,7 +6,6 @@ package mock
import ( import (
context "context" context "context"
oidc "github.com/caos/oidc/pkg/oidc"
gomock "github.com/golang/mock/gomock" gomock "github.com/golang/mock/gomock"
jose "gopkg.in/square/go-jose.v2" jose "gopkg.in/square/go-jose.v2"
reflect "reflect" reflect "reflect"
@ -49,36 +48,6 @@ func (mr *MockSignerMockRecorder) Health(arg0 interface{}) *gomock.Call {
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Health", reflect.TypeOf((*MockSigner)(nil).Health), arg0) return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Health", reflect.TypeOf((*MockSigner)(nil).Health), arg0)
} }
// SignAccessToken mocks base method
func (m *MockSigner) SignAccessToken(arg0 *oidc.accessTokenClaims) (string, error) {
m.ctrl.T.Helper()
ret := m.ctrl.Call(m, "SignAccessToken", arg0)
ret0, _ := ret[0].(string)
ret1, _ := ret[1].(error)
return ret0, ret1
}
// SignAccessToken indicates an expected call of SignAccessToken
func (mr *MockSignerMockRecorder) SignAccessToken(arg0 interface{}) *gomock.Call {
mr.mock.ctrl.T.Helper()
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "SignAccessToken", reflect.TypeOf((*MockSigner)(nil).SignAccessToken), arg0)
}
// SignIDToken mocks base method
func (m *MockSigner) SignIDToken(arg0 *oidc.IDTokenClaims) (string, error) {
m.ctrl.T.Helper()
ret := m.ctrl.Call(m, "SignIDToken", arg0)
ret0, _ := ret[0].(string)
ret1, _ := ret[1].(error)
return ret0, ret1
}
// SignIDToken indicates an expected call of SignIDToken
func (mr *MockSignerMockRecorder) SignIDToken(arg0 interface{}) *gomock.Call {
mr.mock.ctrl.T.Helper()
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "SignIDToken", reflect.TypeOf((*MockSigner)(nil).SignIDToken), arg0)
}
// SignatureAlgorithm mocks base method // SignatureAlgorithm mocks base method
func (m *MockSigner) SignatureAlgorithm() jose.SignatureAlgorithm { func (m *MockSigner) SignatureAlgorithm() jose.SignatureAlgorithm {
m.ctrl.T.Helper() m.ctrl.T.Helper()
@ -92,3 +61,17 @@ func (mr *MockSignerMockRecorder) SignatureAlgorithm() *gomock.Call {
mr.mock.ctrl.T.Helper() mr.mock.ctrl.T.Helper()
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "SignatureAlgorithm", reflect.TypeOf((*MockSigner)(nil).SignatureAlgorithm)) return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "SignatureAlgorithm", reflect.TypeOf((*MockSigner)(nil).SignatureAlgorithm))
} }
// Signer mocks base method
func (m *MockSigner) Signer() jose.Signer {
m.ctrl.T.Helper()
ret := m.ctrl.Call(m, "Signer")
ret0, _ := ret[0].(jose.Signer)
return ret0
}
// Signer indicates an expected call of Signer
func (mr *MockSignerMockRecorder) Signer() *gomock.Call {
mr.mock.ctrl.T.Helper()
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Signer", reflect.TypeOf((*MockSigner)(nil).Signer))
}

8
pkg/op/mock/storage.mock.go
View file

@ -184,10 +184,10 @@ func (mr *MockStorageMockRecorder) GetSigningKey(arg0, arg1, arg2, arg3 interfac
} }
// GetUserinfoFromScopes mocks base method // GetUserinfoFromScopes mocks base method
func (m *MockStorage) GetUserinfoFromScopes(arg0 context.Context, arg1 string, arg2 []string) (*oidc.userinfo, error) { func (m *MockStorage) GetUserinfoFromScopes(arg0 context.Context, arg1 string, arg2 []string) (oidc.UserInfoSetter, error) {
m.ctrl.T.Helper() m.ctrl.T.Helper()
ret := m.ctrl.Call(m, "GetUserinfoFromScopes", arg0, arg1, arg2) ret := m.ctrl.Call(m, "GetUserinfoFromScopes", arg0, arg1, arg2)
ret0, _ := ret[0].(*oidc.userinfo) ret0, _ := ret[0].(oidc.UserInfoSetter)
ret1, _ := ret[1].(error) ret1, _ := ret[1].(error)
return ret0, ret1 return ret0, ret1
} }
@ -199,10 +199,10 @@ func (mr *MockStorageMockRecorder) GetUserinfoFromScopes(arg0, arg1, arg2 interf
} }
// GetUserinfoFromToken mocks base method // GetUserinfoFromToken mocks base method
func (m *MockStorage) GetUserinfoFromToken(arg0 context.Context, arg1, arg2 string) (*oidc.userinfo, error) { func (m *MockStorage) GetUserinfoFromToken(arg0 context.Context, arg1, arg2 string) (oidc.UserInfoSetter, error) {
m.ctrl.T.Helper() m.ctrl.T.Helper()
ret := m.ctrl.Call(m, "GetUserinfoFromToken", arg0, arg1, arg2) ret := m.ctrl.Call(m, "GetUserinfoFromToken", arg0, arg1, arg2)
ret0, _ := ret[0].(*oidc.userinfo) ret0, _ := ret[0].(oidc.UserInfoSetter)
ret1, _ := ret[1].(error) ret1, _ := ret[1].(error)
return ret0, ret1 return ret0, ret1
} }

7
pkg/op/signer.go
View file

@ -10,8 +10,6 @@ import (
type Signer interface { type Signer interface {
Health(ctx context.Context) error Health(ctx context.Context) error
//SignIDToken(claims *oidc.IDTokenClaims) (string, error)
//SignAccessToken(claims *oidc.AccessTokenClaims) (string, error)
Signer() jose.Signer Signer() jose.Signer
SignatureAlgorithm() jose.SignatureAlgorithm SignatureAlgorithm() jose.SignatureAlgorithm
} }
@ -43,11 +41,6 @@ func (s *tokenSigner) Signer() jose.Signer {
return s.signer return s.signer
} }
//
//func (s *tokenSigner) Sign(payload []byte) (*jose.JSONWebSignature, error) {
// return s.signer.Sign(payload)
//}
func (s *tokenSigner) refreshSigningKey(ctx context.Context, keyCh <-chan jose.SigningKey) { func (s *tokenSigner) refreshSigningKey(ctx context.Context, keyCh <-chan jose.SigningKey) {
for { for {
select { select {

95
pkg/op/signer_test.go
View file

@ -1,95 +0,0 @@
package op
import (
"testing"
"github.com/stretchr/testify/require"
"gopkg.in/square/go-jose.v2"
)
// func TestNewDefaultSigner(t *testing.T) {
// type args struct {
// storage Storage
// }
// tests := []struct {
// name string
// args args
// want Signer
// wantErr bool
// }{
// {
// "err initialize storage fails",
// args{mock.NewMockStorageSigningKeyError(t)},
// nil,
// true,
// },
// {
// "err initialize storage fails",
// args{mock.NewMockStorageSigningKeyInvalid(t)},
// nil,
// true,
// },
// {
// "initialize ok",
// args{mock.NewMockStorageSigningKey(t)},
// &idTokenSigner{Storage: mock.NewMockStorageSigningKey(t)},
// false,
// },
// }
// for _, tt := range tests {
// t.Run(tt.name, func(t *testing.T) {
// got, err := op.NewSigner(tt.args.storage)
// if (err != nil) != tt.wantErr {
// t.Errorf("NewSigner() error = %v, wantErr %v", err, tt.wantErr)
// return
// }
// if !reflect.DeepEqual(got, tt.want) {
// t.Errorf("NewSigner() = %v, want %v", got, tt.want)
// }
// })
// }
// }
func Test_idTokenSigner_Sign(t *testing.T) {
signer, err := jose.NewSigner(jose.SigningKey{Algorithm: jose.HS256, Key: []byte("key")}, &jose.SignerOptions{})
require.NoError(t, err)
type fields struct {
signer jose.Signer
storage Storage
}
type args struct {
payload []byte
}
tests := []struct {
name string
fields fields
args args
want string
wantErr bool
}{
{
"ok",
fields{signer, nil},
args{[]byte("test")},
"eyJhbGciOiJIUzI1NiJ9.dGVzdA.SxYZRsvB_Dr4F7SEFuYXvkMZqCCwzpsPOQXl-vLPEww",
false,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
s := &tokenSigner{
signer: tt.fields.signer,
storage: tt.fields.storage,
}
got, err := s.Sign(tt.args.payload)
if (err != nil) != tt.wantErr {
t.Errorf("idTokenSigner.Sign() error = %v, wantErr %v", err, tt.wantErr)
return
}
if got != tt.want {
t.Errorf("idTokenSigner.Sign() = %v, want %v", got, tt.want)
}
})
}
}