Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewIDPListGetter

func NewIDPListGetter(upstreamOIDCIdentityProviders ...*TestUpstreamOIDCIdentityProvider) provider.DynamicUpstreamIDPProvider

func VerifyECDSAIDToken

func VerifyECDSAIDToken(
	t *testing.T,
	issuer, clientID string,
	jwtSigningKey *ecdsa.PrivateKey,
	idToken string,
) *coreosoidc.IDToken

    VerifyECDSAIDToken verifies that the provided idToken was issued via the provided jwtSigningKey. It also performs some light validation on the claims, i.e., it makes sure the provided idToken has the provided issuer and clientID.

    Further validation can be done via callers via the returned coreosoidc.IDToken.

    Types

    type ExchangeAuthcodeAndValidateTokenArgs

    type ExchangeAuthcodeAndValidateTokenArgs struct {
    	Ctx                  context.Context
    	Authcode             string
    	PKCECodeVerifier     pkce.Code
    	ExpectedIDTokenNonce nonce.Nonce
    	RedirectURI          string
    }

      ExchangeAuthcodeAndValidateTokenArgs is a POGO (plain old go object?) used to spy on calls to TestUpstreamOIDCIdentityProvider.ExchangeAuthcodeAndValidateTokensFunc().

      type ExpectedUpstreamStateParamFormat

      type ExpectedUpstreamStateParamFormat struct {
      	P string `json:"p"`
      	U string `json:"u"`
      	N string `json:"n"`
      	C string `json:"c"`
      	K string `json:"k"`
      	V string `json:"v"`
      }

        Declare a separate type from the production code to ensure that the state param's contents was serialized in the format that we expect, with the json keys that we expect, etc. This also ensure that the order of the serialized fields is the same, which doesn't really matter expect that we can make simpler equality assertions about the redirect URL in this test.

        type TestUpstreamOIDCIdentityProvider

        type TestUpstreamOIDCIdentityProvider struct {
        	Name                                  string
        	ClientID                              string
        	AuthorizationURL                      url.URL
        	UsernameClaim                         string
        	GroupsClaim                           string
        	Scopes                                []string
        	ExchangeAuthcodeAndValidateTokensFunc func(
        		ctx context.Context,
        		authcode string,
        		pkceCodeVerifier pkce.Code,
        		expectedIDTokenNonce nonce.Nonce,
        	) (*oidctypes.Token, error)
        	// contains filtered or unexported fields
        }

        func (*TestUpstreamOIDCIdentityProvider) ExchangeAuthcodeAndValidateTokens

        func (u *TestUpstreamOIDCIdentityProvider) ExchangeAuthcodeAndValidateTokens(
        	ctx context.Context,
        	authcode string,
        	pkceCodeVerifier pkce.Code,
        	expectedIDTokenNonce nonce.Nonce,
        	redirectURI string,
        ) (*oidctypes.Token, error)

        func (*TestUpstreamOIDCIdentityProvider) ExchangeAuthcodeAndValidateTokensArgs

        func (u *TestUpstreamOIDCIdentityProvider) ExchangeAuthcodeAndValidateTokensArgs(call int) *ExchangeAuthcodeAndValidateTokenArgs

        func (*TestUpstreamOIDCIdentityProvider) ExchangeAuthcodeAndValidateTokensCallCount

        func (u *TestUpstreamOIDCIdentityProvider) ExchangeAuthcodeAndValidateTokensCallCount() int

        func (*TestUpstreamOIDCIdentityProvider) GetAuthorizationURL

        func (u *TestUpstreamOIDCIdentityProvider) GetAuthorizationURL() *url.URL

        func (*TestUpstreamOIDCIdentityProvider) GetClientID

        func (u *TestUpstreamOIDCIdentityProvider) GetClientID() string

        func (*TestUpstreamOIDCIdentityProvider) GetGroupsClaim

        func (u *TestUpstreamOIDCIdentityProvider) GetGroupsClaim() string

        func (*TestUpstreamOIDCIdentityProvider) GetName

        func (*TestUpstreamOIDCIdentityProvider) GetScopes

        func (u *TestUpstreamOIDCIdentityProvider) GetScopes() []string

        func (*TestUpstreamOIDCIdentityProvider) GetUsernameClaim

        func (u *TestUpstreamOIDCIdentityProvider) GetUsernameClaim() string

        func (*TestUpstreamOIDCIdentityProvider) ValidateToken

        Source Files