diff options
| author | mo khan <mo@mokhan.ca> | 2022-04-27 16:30:36 -0600 |
|---|---|---|
| committer | mo khan <mo@mokhan.ca> | 2022-04-27 16:30:36 -0600 |
| commit | 8ed9213ef822cb261b3029302e93c46ce096ee02 (patch) | |
| tree | 3a9066a0b2990d6279ada702f64f0cfeb13c6ac4 | |
| parent | 6098e9a2cff94664591b40aa8fc05cd4b96fc014 (diff) | |
add tests for .well-known/openid-configuration
| -rw-r--r-- | go.mod | 4 | ||||
| -rw-r--r-- | go.sum | 1 | ||||
| -rw-r--r-- | pkg/web/http_context.go | 17 | ||||
| -rw-r--r-- | pkg/web/mux.go | 13 | ||||
| -rw-r--r-- | pkg/web/well_known.go | 15 | ||||
| -rw-r--r-- | pkg/web/well_known_test.go | 55 |
6 files changed, 93 insertions, 12 deletions
@@ -6,9 +6,11 @@ require ( github.com/golang-jwt/jwt v3.2.2+incompatible github.com/hashicorp/uuid v0.0.0-20160311170451-ebb0a03e909c github.com/lestrrat-go/jwx/v2 v2.0.0-beta1 + github.com/stretchr/testify v1.7.1 ) require ( + github.com/davecgh/go-spew v1.1.0 // indirect github.com/decred/dcrd/dcrec/secp256k1/v4 v4.0.1 // indirect github.com/goccy/go-json v0.9.6 // indirect github.com/lestrrat-go/blackmagic v1.0.1 // indirect @@ -16,5 +18,7 @@ require ( github.com/lestrrat-go/httprc v1.0.1 // indirect github.com/lestrrat-go/iter v1.0.2 // indirect github.com/lestrrat-go/option v1.0.0 // indirect + github.com/pmezard/go-difflib v1.0.0 // indirect golang.org/x/crypto v0.0.0-20220214200702-86341886e292 // indirect + gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c // indirect ) @@ -36,6 +36,7 @@ golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= diff --git a/pkg/web/http_context.go b/pkg/web/http_context.go new file mode 100644 index 0000000..e104a48 --- /dev/null +++ b/pkg/web/http_context.go @@ -0,0 +1,17 @@ +package web + +import "log" + +type HttpContext struct { + issuer string + keyData []byte + log *log.Logger +} + +func NewHttpContext(issuer string, keyData []byte) *HttpContext { + return &HttpContext{ + issuer: issuer, + keyData: keyData, + log: log.Default(), + } +} diff --git a/pkg/web/mux.go b/pkg/web/mux.go index 7957bda..e3376cd 100644 --- a/pkg/web/mux.go +++ b/pkg/web/mux.go @@ -1,22 +1,11 @@ package web import ( - "log" "net/http" ) -type HttpContext struct { - issuer string - keyData []byte - log *log.Logger -} - func NewMux(issuer string, keyData []byte) http.Handler { - h := &HttpContext{ - issuer: issuer, - keyData: keyData, - log: log.Default(), - } + h := NewHttpContext(issuer, keyData) mux := http.NewServeMux() mux.Handle("/", http.HandlerFunc(h.Default)) mux.Handle("/.well-known/jwks.json", http.HandlerFunc(h.WellKnown)) diff --git a/pkg/web/well_known.go b/pkg/web/well_known.go index f5a2543..c6305f9 100644 --- a/pkg/web/well_known.go +++ b/pkg/web/well_known.go @@ -18,6 +18,21 @@ var ( tmpl = template.Must(template.New("").Parse(string(oidcConfig))) ) +type OpenIdConfiguration struct { + Issuer string `json:"issuer"` + AuthorizationEndpoint string `json:"authorization_endpoint"` + TokenEndpoint string `json:"token_endpoint"` + UserInfoEndpoint string `json:"userinfo_endpoint"` + JwksUri string `json:"jwks_uri"` + RevocationEndpoint string `json:"revocation_endpoint"` + ScopesSupported []string `json:"scopes_supported"` + ResponseTypesSupported []string `json:"response_types_supported"` + ResponseModesSupported []string `json:"response_modes_supported"` + SubjectTypesSupported []string `json:"subject_types_supported"` + IdTokenSigningAlgValuesSupported []string `json:"id_token_signing_alg_values_supported"` + ClaimsSupported []string `json:"claims_supported"` +} + func (h *HttpContext) WellKnown(w http.ResponseWriter, r *http.Request) { if r.URL.Path == "/.well-known/openid-configuration" { w.Header().Set("Content-Type", "application/json") diff --git a/pkg/web/well_known_test.go b/pkg/web/well_known_test.go new file mode 100644 index 0000000..a0cba6d --- /dev/null +++ b/pkg/web/well_known_test.go @@ -0,0 +1,55 @@ +package web + +import ( + "encoding/json" + "net/http/httptest" + "testing" + + "github.com/stretchr/testify/assert" +) + +func TestWellKnown(t *testing.T) { + h := NewHttpContext("https://example.org", []byte{}) + + t.Run(".well-known/openid-configuration", func(t *testing.T) { + w := httptest.NewRecorder() + r := httptest.NewRequest("GET", "/.well-known/openid-configuration", nil) + + h.WellKnown(w, r) + + assert.Equal(t, w.Header().Get("Content-Type"), "application/json") + + var c OpenIdConfiguration + json.NewDecoder(w.Body).Decode(&c) + + assert.Equal(t, c.Issuer, "https://example.org") + assert.Equal(t, c.AuthorizationEndpoint, "https://example.org/authorize") + assert.Equal(t, c.TokenEndpoint, "https://example.org/token") + assert.Equal(t, c.UserInfoEndpoint, "https://example.org/userinfo") + assert.Equal(t, c.JwksUri, "https://example.org/.well-known/jwks.json") + assert.Equal(t, c.RevocationEndpoint, "https://example.org/revoke") + assert.EqualValues(t, c.ScopesSupported, []string{"openid"}) + assert.EqualValues(t, c.ResponseTypesSupported, []string{ + "code id_token token", + "code id_token", + "code token", + "code", + "id_token token", + "id_token", + }) + assert.EqualValues(t, c.ResponseModesSupported, []string{ + "query", + "fragment", + "form_post", + }) + assert.EqualValues(t, c.SubjectTypesSupported, []string{"public"}) + assert.EqualValues(t, c.IdTokenSigningAlgValuesSupported, []string{"RS256"}) + assert.EqualValues(t, c.ClaimsSupported, []string{ + "aud", + "exp", + "iat", + "iss", + "sub", + }) + }) +} |