This repository has been archived by the owner on Apr 5, 2024. It is now read-only.
/
testing.go
114 lines (93 loc) · 2.19 KB
/
testing.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
package auth
import (
"crypto/rand"
"crypto/rsa"
"fmt"
"time"
"github.com/lestrrat-go/jwx/jwa"
"github.com/lestrrat-go/jwx/jwk"
"github.com/lestrrat-go/jwx/jwt"
)
const Algorithm = jwa.PS256
// CreateJWTResult is a result of CreateJWT
type CreateJWTResult struct {
Token string
IssuedAt time.Time
ExpireIn time.Duration
PublicKeySet jwk.Set
}
var privateKey *rsa.PrivateKey
func init() {
var err error
privateKey, err = rsa.GenerateKey(rand.Reader, 2048)
if err != nil {
panic(err)
}
}
func GetPrivateJWK() (jwk.Key, error) {
key, err := jwk.New(privateKey)
if err != nil {
return nil, err
}
// set kid
key.Set(jwk.KeyIDKey, "test-kid")
// key.Set(jwk.AlgorithmKey, auth.JWAAlg)
return key, nil
}
func GetJWKKeys() (jwk.Key, jwk.Key, error) {
privKey, err := GetPrivateJWK()
if err != nil {
return nil, nil, err
}
// create jwk key set from rsa public
pubKey, err := jwk.PublicKeyOf(privKey)
if err != nil {
return nil, nil, err
}
return privKey, pubKey, nil
}
// CreateJWT creates a jwt for testing
// uid means user ID
func CreateJWT(user User) (*CreateJWTResult, error) {
privKey, pubKey, err := GetJWKKeys()
if err != nil {
return nil, err
}
set := jwk.NewSet()
set.Add(pubKey)
now := time.Now()
token, err := CreateJWTWithUser(user, privKey)
if err != nil {
return nil, err
}
return &CreateJWTResult{
Token: string(token),
IssuedAt: now,
ExpireIn: expireIn,
PublicKeySet: set,
}, nil
}
const expireIn = time.Hour
const nbf = -time.Hour
func CreateJWTWithUser(user User, privateKey interface{}) (string, error) {
t := jwt.New()
now := time.Now()
t.Set(jwt.IssuerKey, issuerKey)
t.Set(jwt.ExpirationKey, now.Add(expireIn))
t.Set(jwt.NotBeforeKey, now.Add(nbf))
t.Set(jwt.IssuedAtKey, now.Add(-time.Minute))
t.Set("user", user)
raw, err := jwt.Sign(t, Algorithm, privateKey)
if err != nil {
return "", fmt.Errorf("failed to sign jwt: %w", err)
}
return string(raw), nil
}
var _ PublicKeyGetter = (*StaticPublicKeyGetter)(nil)
// StaticPublicKeyGetter is public key getter as static
type StaticPublicKeyGetter struct {
PublicKey jwk.Set
}
func (s *StaticPublicKeyGetter) GetPublicKey() jwk.Set {
return s.PublicKey
}