-
Notifications
You must be signed in to change notification settings - Fork 1
/
uaa.go
135 lines (114 loc) · 3.5 KB
/
uaa.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
package testserver
import (
"net/http/httptest"
"github.com/gorilla/mux"
"github.com/pivotal-cf-experimental/warrant/internal/server/clients"
"github.com/pivotal-cf-experimental/warrant/internal/server/common"
"github.com/pivotal-cf-experimental/warrant/internal/server/domain"
"github.com/pivotal-cf-experimental/warrant/internal/server/groups"
"github.com/pivotal-cf-experimental/warrant/internal/server/tokens"
"github.com/pivotal-cf-experimental/warrant/internal/server/users"
)
var defaultScopes = []string{
"scim.read",
"cloudcontroller.admin",
"password.write",
"scim.write",
"openid",
"cloud_controller.write",
"cloud_controller.read",
"doppler.firehose",
"notification_preferences.write",
"notification_preferences.read",
}
// UAA is a fake implementation of the UAA HTTP service.
type UAA struct {
server *httptest.Server
users *domain.Users
clients *domain.Clients
groups *domain.Groups
tokens *domain.Tokens
publicKey string
privateKey string
}
// NewUAA returns a new UAA initialized with the given Config.
func NewUAA() *UAA {
privateKey := common.TestPrivateKey
publicKey := common.TestPublicKey
tokensCollection := domain.NewTokens(publicKey, privateKey, defaultScopes)
usersCollection := domain.NewUsers()
clientsCollection := domain.NewClients()
groupsCollection := domain.NewGroups()
router := mux.NewRouter()
uaa := &UAA{
server: httptest.NewUnstartedServer(router),
tokens: tokensCollection,
users: usersCollection,
clients: clientsCollection,
groups: groupsCollection,
privateKey: privateKey,
publicKey: publicKey,
}
tokenRouter := tokens.NewRouter(
tokensCollection,
usersCollection,
clientsCollection,
publicKey,
privateKey,
uaa)
router.Handle("/Users{a:.*}", users.NewRouter(usersCollection, tokensCollection))
router.Handle("/Groups{a:.*}", groups.NewRouter(groupsCollection, tokensCollection))
router.Handle("/oauth/clients{a:.*}", clients.NewRouter(clientsCollection, tokensCollection))
router.Handle("/oauth{a:.*}", tokenRouter)
router.Handle("/token_key{a:.*}", tokenRouter)
return uaa
}
func (s *UAA) PublicKey() string {
return s.publicKey
}
func (s *UAA) PrivateKey() string {
return s.privateKey
}
// Start will cause the HTTP server to bind to a port
// and start serving requests.
func (s *UAA) Start() {
s.server.Start()
}
// Close will cause the HTTP server to stop serving
// requests and close its connection.
func (s *UAA) Close() {
s.server.Close()
}
// Reset will clear all internal resource state within
// the server. This means that all users, clients, and
// groups will be deleted.
func (s *UAA) Reset() {
s.users.Clear()
s.clients.Clear()
s.groups.Clear()
}
// URL returns the url that the server is hosted on.
func (s *UAA) URL() string {
return s.server.URL
}
// SetDefaultScopes allows the default scopes applied to a
// user to be configured.
func (s *UAA) SetDefaultScopes(scopes []string) {
s.tokens.DefaultScopes = scopes
} // TODO: move this configuration onto the Config
// ResetDefaultScopes resets the default scopes back to their
// original values.
func (s *UAA) ResetDefaultScopes() {
s.tokens.DefaultScopes = defaultScopes
}
// UserTokenFor returns a user token with the given id,
// scopes, and audiences.
func (s *UAA) UserTokenFor(userID string, scopes, audiences []string) string {
// TODO: remove from API so that tokens are fetched like
// they would be with a real UAA server.
return s.tokens.Encrypt(domain.Token{
UserID: userID,
Scopes: scopes,
Audiences: audiences,
})
}