New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Verify distributed claim endpoints #173
Conversation
verify_test.go
Outdated
@@ -358,10 +452,45 @@ type verificationTest struct { | |||
// testing invalid signatures. | |||
verificationKey *signingKey | |||
|
|||
config Config | |||
config Config | |||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
please remove this whitespace
verify_test.go
Outdated
{ | ||
test: resolverTest{ | ||
name: "noAccessToken", | ||
payload: `{"iss":"","aud":"client1","email":"janedoe@email.com"}`, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
include an issuer in these tests
verify_test.go
Outdated
@@ -342,6 +345,97 @@ func TestDistributedClaims(t *testing.T) { | |||
} | |||
} | |||
|
|||
func TestDistClaimResolver(t *testing.T) { | |||
tests := []struct { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This should just be
tests := []resolverTest{
// ...
}
We had the test.test
in the other ones as a hack :)
verify_test.go
Outdated
|
||
t.Run(test.test.name, func(t *testing.T) { | ||
|
||
endpoint, err := test.test.testEndpoint(t) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this doesn't return an endpoint? does it? Need to rename it as "claims"
Also please remove the whitespace in the two lines above.
verify.go
Outdated
@@ -118,6 +120,54 @@ func contains(sli []string, ele string) bool { | |||
return false | |||
} | |||
|
|||
// Returns the Claims from the distributed JWT token | |||
func resolveDistributedClaim(ctx context.Context, verifier *IDTokenVerifier, src claimSource) ([]byte, error) { | |||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
no whitespace to start an indented block.
verify.go
Outdated
|
||
req, err := http.NewRequest("GET", src.Endpoint, nil) | ||
if err != nil { | ||
return nil, fmt.Errorf("oidc: malformed request: %v", err) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: this function isn't exported, so something else in the package going to prefix these errors with oidc:
, we can remove this here.
return token.claims, nil | ||
} | ||
|
||
func parseClaim(raw []byte, name string, v interface{}) error { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
add a test for this method?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm
Updates #171