diff options
| author | mo khan <mo@mokhan.ca> | 2025-05-15 13:27:54 -0600 |
|---|---|---|
| committer | mo khan <mo@mokhan.ca> | 2025-05-15 13:27:54 -0600 |
| commit | 41415f6632cddb88371168e3968985295c33e6e1 (patch) | |
| tree | 3b05ff75ebbff2f05ca8c3900e01a47e3f2e15fa /app/middleware | |
| parent | 8dcd15bb387f4db746af2ac2bc40f008a6218911 (diff) | |
refactor: decouple from oauth config
Diffstat (limited to 'app/middleware')
| -rw-r--r-- | app/middleware/id_token.go | 5 | ||||
| -rw-r--r-- | app/middleware/id_token_test.go | 12 |
2 files changed, 4 insertions, 13 deletions
diff --git a/app/middleware/id_token.go b/app/middleware/id_token.go index bfc6289..8084af0 100644 --- a/app/middleware/id_token.go +++ b/app/middleware/id_token.go @@ -9,16 +9,15 @@ import ( xcfg "gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/cfg" "gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/pls" "gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/web" - "golang.org/x/oauth2" ) -func IDToken(provider *oidc.Provider, config *oauth2.Config, parsers ...TokenParser) func(http.Handler) http.Handler { +func IDToken(provider *oidc.Provider, config *oidc.Config, parsers ...TokenParser) func(http.Handler) http.Handler { return func(next http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { for _, parser := range parsers { rawIDToken := parser(r) if x.IsPresent(rawIDToken) { - verifier := provider.VerifierContext(r.Context(), &oidc.Config{ClientID: config.ClientID}) + verifier := provider.VerifierContext(r.Context(), config) idToken, err := verifier.Verify(r.Context(), rawIDToken.String()) if err != nil { diff --git a/app/middleware/id_token_test.go b/app/middleware/id_token_test.go index 9b96a50..5487ada 100644 --- a/app/middleware/id_token_test.go +++ b/app/middleware/id_token_test.go @@ -4,7 +4,7 @@ import ( "net/http" "testing" - xoidc "github.com/coreos/go-oidc/v3/oidc" + "github.com/coreos/go-oidc/v3/oidc" "github.com/oauth2-proxy/mockoidc" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" @@ -12,21 +12,13 @@ import ( "gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/cfg" xcfg "gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/cfg" "gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/web" - "golang.org/x/oauth2" ) func TestIDToken(t *testing.T) { srv := web.NewOIDCServer(t) defer srv.Close() - config := &oauth2.Config{ - ClientID: srv.MockOIDC.ClientID, - ClientSecret: srv.MockOIDC.ClientSecret, - RedirectURL: "https://example.com/oauth/callback", - Endpoint: srv.Provider.Endpoint(), - Scopes: []string{xoidc.ScopeOpenID, "profile", "email"}, - } - middleware := IDToken(srv.Provider, config, FromCookie(cfg.IDTokenCookie)) + middleware := IDToken(srv.Provider, &oidc.Config{ClientID: srv.MockOIDC.ClientID}, FromCookie(cfg.IDTokenCookie)) t.Run("when an active id_token cookie is provided", func(t *testing.T) { t.Run("attaches the token to the request context", func(t *testing.T) { |