test: extract test helper to convert and verify raw id token

author: mo khan <mo@mokhan.ca> 2025-04-17 13:44:25 -0600
committer: mo khan <mo@mokhan.ca> 2025-04-17 13:44:25 -0600
commit: 493d1e35a7f88451f07a9a3711d6bfd071174b5f (patch)
tree: 24a34ef3921818f7b139ced49e73859c4194a3f6 /app/controllers/sessions/controller_test.go
parent: 59efce75d79046988bc63d6e7de13be8bc104f74 (diff)
1 files changed, 8 insertions, 3 deletions
diff --git a/app/controllers/sessions/controller_test.go b/app/controllers/sessions/controller_test.go
index 160594b..8f2118f 100644
--- a/app/controllers/sessions/controller_test.go
+++ b/app/controllers/sessions/controller_test.go
@@ -19,11 +19,13 @@ func TestSessions(t *testing.T) {
 	srv := test.NewOIDCServer(t)
 	defer srv.Close()
 
+	clientID := srv.MockOIDC.Config().ClientID
+	clientSecret := srv.MockOIDC.Config().ClientSecret
 	cfg, err := oidc.New(
 		t.Context(),
 		srv.Issuer(),
-		srv.MockOIDC.Config().ClientID,
-		srv.MockOIDC.Config().ClientSecret,
+		clientID,
+		clientSecret,
 		"callback_url",
 	)
 	require.NoError(t, err)
@@ -88,7 +90,10 @@ func TestSessions(t *testing.T) {
 			require.NoError(t, json.Unmarshal(data, &tokens))
 
 			t.Run("stores the id token in a session cookie", func(t *testing.T) {
-				assert.NotEmpty(t, tokens["id_token"])
+				require.NotEmpty(t, tokens["id_token"])
+
+				idToken := srv.Verify(tokens["id_token"].(string))
+				assert.Equal(t, user.Subject, idToken.Subject)
 			})
 
 			t.Run("stores the access token in a session cookie", func(t *testing.T) {
author	mo khan <mo@mokhan.ca>	2025-04-17 13:44:25 -0600
committer	mo khan <mo@mokhan.ca>	2025-04-17 13:44:25 -0600
commit	493d1e35a7f88451f07a9a3711d6bfd071174b5f (patch)
tree	24a34ef3921818f7b139ced49e73859c4194a3f6 /app/controllers/sessions/controller_test.go
parent	59efce75d79046988bc63d6e7de13be8bc104f74 (diff)