oidcauthtest

package
v1.16.109 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 14, 2023 License: MPL-2.0 Imports: 21 Imported by: 0

Documentation

Overview

package oidcauthtest exposes tools to assist in writing unit tests of OIDC and JWT authentication workflows.

When the package is loaded it will randomly generate an ECDSA signing keypair used to sign JWTs both via the Server and the SignJWT method.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GenerateKey 

func GenerateKey() (pub, priv string, err error)

func SignJWT 

func SignJWT(privKey string, claims jwt.Claims, privateClaims interface{}) (string, error)

SignJWT will bundle the provided claims into a signed JWT. The provided key is assumed to be ECDSA.

If no private key is provided, the default package keys are used. These can be retrieved via the SigningKeys() method.

func SigningKeys 

func SigningKeys() (pub, priv string)

SigningKeys returns the pem-encoded keys used to sign JWTs by default.

Types

type Server 

type Server struct {
	// contains filtered or unexported fields
}

Server is local server the mocks the endpoints used by the OIDC and JWKS process.

func Start 

func Start(t TestingT) *Server

Start creates a disposable Server. If the port provided is zero it will bind to a random free port, otherwise the provided port is used.

func (*Server) Addr 

func (s *Server) Addr() string

Addr returns the current base URL for the running webserver.

func (*Server) CACert 

func (s *Server) CACert() string

CACert returns the pem-encoded CA certificate used by the HTTPS server.

func (*Server) DisableUserInfo 

func (s *Server) DisableUserInfo()

DisableUserInfo makes the userinfo endpoint return 404 and omits it from the discovery config.

func (*Server) OmitIDTokens 

func (s *Server) OmitIDTokens()

OmitIDTokens forces an error state where the /token endpoint does not return id_token.

func (*Server) ServeHTTP 

func (s *Server) ServeHTTP(w http.ResponseWriter, req *http.Request)

ServeHTTP implements http.Handler.

func (*Server) SetAllowedRedirectURIs 

func (s *Server) SetAllowedRedirectURIs(uris []string)

SetAllowedRedirectURIs allows you to configure the allowed redirect URIs for the OIDC workflow. If not configured a sample of "https://example.com" is used.

func (*Server) SetClientCreds 

func (s *Server) SetClientCreds(clientID, clientSecret string)

SetClientCreds is for configuring the client information required for the OIDC workflows.

func (*Server) SetCustomAudience 

func (s *Server) SetCustomAudience(customAudience string)

SetCustomAudience configures what audience value to embed in the JWT issued by the OIDC workflow.

func (*Server) SetCustomClaims 

func (s *Server) SetCustomClaims(customClaims map[string]interface{})

SetCustomClaims lets you set claims to return in the JWT issued by the OIDC workflow.

func (*Server) SetExpectedAuthCode 

func (s *Server) SetExpectedAuthCode(code string)

SetExpectedAuthCode configures the auth code to return from /auth and the allowed auth code for /token.

func (*Server) SetExpectedAuthNonce 

func (s *Server) SetExpectedAuthNonce(nonce string)

SetExpectedAuthNonce configures the nonce value required for /auth.

func (*Server) SigningKeys 

func (s *Server) SigningKeys() (pub, priv string)

SigningKeys returns the pem-encoded keys used to sign JWTs.

func (*Server) Stop 

func (s *Server) Stop()

Stop stops the running Server.

type TestingT 

type TestingT interface {
	require.TestingT
	Helper()
	Cleanup(func())
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.