diff options
| author | mo khan <mo@mokhan.ca> | 2025-06-09 14:55:03 -0600 |
|---|---|---|
| committer | mo khan <mo@mokhan.ca> | 2025-06-09 14:55:03 -0600 |
| commit | c3527d0ecea1dbc005f11d1912b0451b2660c889 (patch) | |
| tree | 4929769d3c6201dc37868ef990218d36671eefc5 | |
| parent | f22f53a71ef972684b7d8f9a18ee871467beed7d (diff) | |
refactor: remove non-essential metadata
| -rw-r--r-- | spec/integration/server_spec.rb | 43 | ||||
| -rw-r--r-- | src/lib.rs | 8 | ||||
| -rw-r--r-- | src/main.rs | 17 |
3 files changed, 52 insertions, 16 deletions
diff --git a/spec/integration/server_spec.rb b/spec/integration/server_spec.rb index 93d2bfd..6a041fb 100644 --- a/spec/integration/server_spec.rb +++ b/spec/integration/server_spec.rb @@ -3,7 +3,8 @@ require 'spec_helper' RSpec.describe "Server" do - let(:base_url) { "http://#{RSpec.configuration.bind_addr}" } + let(:host) { RSpec.configuration.bind_addr } + let(:base_url) { "http://#{host}" } let(:client) { RSpec.configuration.http } describe "GET /" do @@ -22,10 +23,42 @@ RSpec.describe "Server" do # https://datatracker.ietf.org/doc/html/rfc8414#section-3.1 describe "GET /.well-known/oauth-authorization-server" do - it 'returns OK' do - response = client.get(base_url + "/.well-known/oauth-authorization-server") - expect(response.code).to eq("200") - expect(response["Content-Type"]).to eq("application/json") + let(:response) { client.get(base_url + "/.well-known/oauth-authorization-server") } + let(:json) { JSON.parse(response.body, symbolize_names: true) } + + it { expect(response.code).to eq("200") } + it { expect(response["Content-Type"]).to eq("application/json") } + + it 'returns required fields' do + expect(json[:issuer]).to eq("#{base_url}") + expect(json[:authorization_endpoint]).to eq("#{base_url}/authorize") + expect(json[:token_endpoint]).to eq("#{base_url}/token") + expect(json[:response_types_supported]).to match_array(["code"]) + end + + it 'returns recommended fields' do + expect(json[:scopes_supported]).to match_array(["openid", "profile", "email"]) + end + + pending 'returns optional fields' do + expect(json[:response_modes_supported]).to eq("") + expect(json[:jwks_uri]).to eq("#{base_url}/jwks.json") + expect(json[:registration_endpoint]).to eq("#{base_url}/register") + expect(json[:token_endpoint_auth_methods_supported]).to match_array(["client_secret_basic"]) + expect(json[:token_endpoint_auth_signing_alg_values_supported]).to match_array(["RS256"]) + expect(json[:service_documentation]).to eq("#{base_url}/service_documentation.html") + expect(json[:ui_locales_supported]).to match_array(["en-US"]) + expect(json[:op_policy_uri]).to eq("") + expect(json[:op_tos_uri]).to eq("") + expect(json[:revocation_endpoint]).to eq("") + expect(json[:revocation_endpoint_auth_methods_supported]).to eq("") + expect(json[:revocation_endpoint_auth_signing_alg_values_supported]).to eq("") + expect(json[:introspection_endpoint]).to eq("") + expect(json[:introspection_endpoint_auth_methods_supported]).to eq("") + expect(json[:introspection_endpoint_auth_signing_alg_values_supported]).to eq("") + expect(json[:code_challenge_methods_supported]).to eq("") + expect(json[:signed_metadata]).to eq("") + expect(json[:grant_types_supported]).to match_array(["authorization_code"]) end end @@ -55,7 +55,7 @@ pub mod http { pub fn start(&self) { let listener = TcpListener::bind(self.config.bind_addr.clone()).unwrap(); - println!("OAuth2 STS Server listening on {}", self.config.bind_addr); + println!("Listening on {}", self.config.bind_addr); for stream in listener.incoming() { match stream { @@ -168,14 +168,8 @@ pub mod http { "issuer": self.config.issuer_url, "authorization_endpoint": format!("{}/authorize", self.config.issuer_url), "token_endpoint": format!("{}/token", self.config.issuer_url), - "jwks_uri": format!("{}/jwks", self.config.issuer_url), "scopes_supported": ["openid", "profile", "email"], "response_types_supported": ["code"], - "response_modes_supported": ["query"], - "grant_types_supported": ["authorization_code"], - "subject_types_supported": ["public"], - "id_token_signing_alg_values_supported": ["RS256"], - "token_endpoint_auth_methods_supported": ["client_secret_basic", "client_secret_post"] }); self.send_json_response(stream, 200, "OK", &metadata.to_string()); } diff --git a/src/main.rs b/src/main.rs index 64f8fa3..47bd1ff 100644 --- a/src/main.rs +++ b/src/main.rs @@ -28,13 +28,16 @@ mod tests { let oauth_server = sts::OAuthServer::new(&config); let mut params = HashMap::new(); params.insert("client_id".to_string(), "test_client".to_string()); - params.insert("redirect_uri".to_string(), "http://localhost:3000/callback".to_string()); + params.insert( + "redirect_uri".to_string(), + "http://localhost:3000/callback".to_string(), + ); params.insert("response_type".to_string(), "code".to_string()); params.insert("state".to_string(), "test_state".to_string()); let result = oauth_server.handle_authorize(¶ms); assert!(result.is_ok()); - + let redirect_url = result.unwrap(); assert!(redirect_url.contains("code=")); assert!(redirect_url.contains("state=test_state")); @@ -45,7 +48,10 @@ mod tests { let config = sts::Config::from_env(); let oauth_server = sts::OAuthServer::new(&config); let mut params = HashMap::new(); - params.insert("redirect_uri".to_string(), "http://localhost:3000/callback".to_string()); + params.insert( + "redirect_uri".to_string(), + "http://localhost:3000/callback".to_string(), + ); params.insert("response_type".to_string(), "code".to_string()); let result = oauth_server.handle_authorize(¶ms); @@ -59,7 +65,10 @@ mod tests { let oauth_server = sts::OAuthServer::new(&config); let mut params = HashMap::new(); params.insert("client_id".to_string(), "test_client".to_string()); - params.insert("redirect_uri".to_string(), "http://localhost:3000/callback".to_string()); + params.insert( + "redirect_uri".to_string(), + "http://localhost:3000/callback".to_string(), + ); params.insert("response_type".to_string(), "token".to_string()); let result = oauth_server.handle_authorize(¶ms); |