From 5f94e430d68f99dc3315ae23ee907b1d60c4d38e Mon Sep 17 00:00:00 2001 From: mo khan Date: Thu, 15 May 2025 12:59:39 -0600 Subject: refactor: rename TestServer to OIDCServer --- app/middleware/id_token_test.go | 3 +- pkg/oidc/test_server.go | 84 -------------------------------------- pkg/web/oidc_server.go | 84 ++++++++++++++++++++++++++++++++++++++ test/integration/container_test.go | 6 +-- 4 files changed, 88 insertions(+), 89 deletions(-) delete mode 100644 pkg/oidc/test_server.go create mode 100644 pkg/web/oidc_server.go diff --git a/app/middleware/id_token_test.go b/app/middleware/id_token_test.go index 015ef0d..9b96a50 100644 --- a/app/middleware/id_token_test.go +++ b/app/middleware/id_token_test.go @@ -11,13 +11,12 @@ import ( "github.com/xlgmokha/x/pkg/test" "gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/cfg" xcfg "gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/cfg" - "gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/oidc" "gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/web" "golang.org/x/oauth2" ) func TestIDToken(t *testing.T) { - srv := oidc.NewTestServer(t) + srv := web.NewOIDCServer(t) defer srv.Close() config := &oauth2.Config{ diff --git a/pkg/oidc/test_server.go b/pkg/oidc/test_server.go deleted file mode 100644 index 80f2c9a..0000000 --- a/pkg/oidc/test_server.go +++ /dev/null @@ -1,84 +0,0 @@ -package oidc - -import ( - "net/http" - "strconv" - "testing" - "time" - - "github.com/coreos/go-oidc/v3/oidc" - "github.com/oauth2-proxy/mockoidc" - "github.com/stretchr/testify/require" - "golang.org/x/oauth2" -) - -type TestServer struct { - *mockoidc.MockOIDC - *oauth2.Config - *oidc.Provider - *testing.T -} - -func NewTestServer(t *testing.T) *TestServer { - srv, err := mockoidc.Run() - require.NoError(t, err) - - srv.AddMiddleware(func(next http.Handler) http.Handler { - return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - t.Logf("%v %v %v\n", r.Method, r.URL.Path, r.URL.Query()) - next.ServeHTTP(w, r) - }) - }) - provider, err := oidc.NewProvider(t.Context(), srv.Issuer()) - require.NoError(t, err) - - return &TestServer{ - srv, - &oauth2.Config{ - ClientID: srv.ClientID, - ClientSecret: srv.ClientSecret, - RedirectURL: "https://example.com/oauth/callback", - Endpoint: provider.Endpoint(), - Scopes: []string{oidc.ScopeOpenID, "profile", "email"}, - }, - provider, - t, - } -} - -func (srv *TestServer) CreateAuthorizationCodeFor(user mockoidc.User) string { - code := strconv.FormatInt(time.Now().Unix(), 10) - srv.QueueUser(user) - srv.QueueCode(code) - - http.Get(srv.AuthCodeURL("state")) - - return code -} - -func (srv *TestServer) CreateTokenFor(user mockoidc.User) *oauth2.Token { - code := srv.CreateAuthorizationCodeFor(user) - token, err := srv.Exchange(srv.Context(), code) - require.NoError(srv, err) - return token -} - -func (srv *TestServer) CreateTokensFor(user mockoidc.User) (*oauth2.Token, string) { - token := srv.CreateTokenFor(user) - rawIDToken, ok := token.Extra("id_token").(string) - require.True(srv, ok) - return token, rawIDToken -} - -func (srv *TestServer) Verify(rawIDToken string) *oidc.IDToken { - idToken, err := srv. - Verifier(&oidc.Config{ClientID: srv.MockOIDC.Config().ClientID}). - Verify(srv.Context(), rawIDToken) - require.NoError(srv, err) - - return idToken -} - -func (s *TestServer) Close() { - s.Shutdown() -} diff --git a/pkg/web/oidc_server.go b/pkg/web/oidc_server.go new file mode 100644 index 0000000..31ef572 --- /dev/null +++ b/pkg/web/oidc_server.go @@ -0,0 +1,84 @@ +package web + +import ( + "net/http" + "strconv" + "testing" + "time" + + "github.com/coreos/go-oidc/v3/oidc" + "github.com/oauth2-proxy/mockoidc" + "github.com/stretchr/testify/require" + "golang.org/x/oauth2" +) + +type OIDCServer struct { + *mockoidc.MockOIDC + *oauth2.Config + *oidc.Provider + *testing.T +} + +func NewOIDCServer(t *testing.T) *OIDCServer { + srv, err := mockoidc.Run() + require.NoError(t, err) + + srv.AddMiddleware(func(next http.Handler) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + t.Logf("%v %v %v\n", r.Method, r.URL.Path, r.URL.Query()) + next.ServeHTTP(w, r) + }) + }) + provider, err := oidc.NewProvider(t.Context(), srv.Issuer()) + require.NoError(t, err) + + return &OIDCServer{ + srv, + &oauth2.Config{ + ClientID: srv.ClientID, + ClientSecret: srv.ClientSecret, + RedirectURL: "https://example.com/oauth/callback", + Endpoint: provider.Endpoint(), + Scopes: []string{oidc.ScopeOpenID, "profile", "email"}, + }, + provider, + t, + } +} + +func (srv *OIDCServer) CreateAuthorizationCodeFor(user mockoidc.User) string { + code := strconv.FormatInt(time.Now().Unix(), 10) + srv.QueueUser(user) + srv.QueueCode(code) + + http.Get(srv.AuthCodeURL("state")) + + return code +} + +func (srv *OIDCServer) CreateTokenFor(user mockoidc.User) *oauth2.Token { + code := srv.CreateAuthorizationCodeFor(user) + token, err := srv.Exchange(srv.Context(), code) + require.NoError(srv, err) + return token +} + +func (srv *OIDCServer) CreateTokensFor(user mockoidc.User) (*oauth2.Token, string) { + token := srv.CreateTokenFor(user) + rawIDToken, ok := token.Extra("id_token").(string) + require.True(srv, ok) + return token, rawIDToken +} + +func (srv *OIDCServer) Verify(rawIDToken string) *oidc.IDToken { + idToken, err := srv. + Verifier(&oidc.Config{ClientID: srv.MockOIDC.Config().ClientID}). + Verify(srv.Context(), rawIDToken) + require.NoError(srv, err) + + return idToken +} + +func (s *OIDCServer) Close() { + s.Shutdown() +} diff --git a/test/integration/container_test.go b/test/integration/container_test.go index 4768c98..73724fb 100644 --- a/test/integration/container_test.go +++ b/test/integration/container_test.go @@ -14,10 +14,10 @@ import ( "github.com/stretchr/testify/require" "github.com/testcontainers/testcontainers-go" "github.com/xlgmokha/x/pkg/env" - "gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/oidc" + "gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/web" ) -func environmentVariables(srv *oidc.TestServer) map[string]string { +func environmentVariables(srv *web.OIDCServer) map[string]string { return map[string]string{ "APP_ENV": "test", "DEBUG": env.Fetch("DEBUG", ""), @@ -32,7 +32,7 @@ func TestContainer(t *testing.T) { ctx, cancel := context.WithTimeout(context.Background(), 60*time.Second) defer cancel() - srv := oidc.NewTestServer(t) + srv := web.NewOIDCServer(t) defer srv.Close() container := NewContainer(t, ctx, environmentVariables(srv)) -- cgit v1.2.3