[WASH-1124] add AgentToken to SDK

The AgentToken is named as such to emulate the js-sdk. It is a jwt for the tozid-realm-idp agent client which is returned in the final redirect response of the login flow when logging into the account client. An auth pattern exists in keycloak to use it to maintain a user's session across API calls. It will be needed for automated testing of WebAuthn MFA and for supporting FIDO2 devices in TODA.
tozny · Feb 11, 2022 · 53c6a0b · 53c6a0b
1 parent 03ec238
commit 53c6a0b
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 6 deletions.
diff --git a/client.go b/client.go
@@ -692,8 +692,11 @@ type ToznySDKV3 struct {
 	// Tozny server defined globally unique id for this Client.
 	ClientID        string
 	CurrentIdentity TozIDSessionIdentityData
-	config          e3dbClients.ClientConfig
-	akCache         map[akCacheKey]e3dbClients.SymmetricKey
+	// AgentToken is the tozid-realm-idp jwt given by final redirect of login flow.
+	// because it expires, it is not saved to the config file, and so can be empty.
+	AgentToken *string
+	config     e3dbClients.ClientConfig
+	akCache    map[akCacheKey]e3dbClients.SymmetricKey
 }
 
 // LoggedInIdentityData represents data about the identity session of a given user. Currently that is just realm and
@@ -710,6 +713,7 @@ type ToznySDKConfig struct {
 	AccountUsername          string `json:"account_username"`
 	AccountPassword          string `json:"account_password"`
 	APIEndpoint              string `json:"api_url"`
+	AgentToken               *string
 }
 
 // NewToznySDK returns a new instance of the ToznySDK initialized with the provided
@@ -732,6 +736,7 @@ func NewToznySDKV3(config ToznySDKConfig) (*ToznySDKV3, error) {
 		APIEndpoint:         config.APIEndpoint,
 		ClientID:            config.ClientID,
 		CurrentIdentity:     config.TozIDSessionIdentityData,
+		AgentToken:          config.AgentToken,
 		config:              config.ClientConfig,
 	}, nil
 }
@@ -778,6 +783,7 @@ func sdkV3FromConfig(config ToznySDKJSONConfig) (*ToznySDKV3, error) {
 		AccountUsername: config.AccountUsername,
 		AccountPassword: config.AccountPassword,
 		APIEndpoint:     config.APIBaseURL,
+		AgentToken:      config.AgentToken,
 		TozIDSessionIdentityData: TozIDSessionIdentityData{
 			Username: config.Username,
 			Realm:    config.Realm,
@@ -920,6 +926,7 @@ func GetSDKV3ForTozIDUser(login TozIDLoginRequest) (*ToznySDKV3, error) {
 	if err != nil {
 		return nil, err
 	}
+	config.AgentToken = &redirect.AccessToken
 	config.Realm = realmInfo.Name
 	config.Username = username
 	return sdkV3FromConfig(config)

diff --git a/config.go b/config.go
@@ -203,10 +203,11 @@ type ToznySDKJSONConfig struct {
 	// Embed all config for v1 and v2 clients
 	ConfigFile
 	TozIDSessionIdentityData `json:"toz_id_session_identity_data"`
-	PublicSigningKey  string `json:"public_signing_key"`
-	PrivateSigningKey string `json:"private_signing_key"`
-	AccountUsername   string `json:"account_user_name"`
-	AccountPassword   string `json:"account_password"`
+	PublicSigningKey         string  `json:"public_signing_key"`
+	PrivateSigningKey        string  `json:"private_signing_key"`
+	AccountUsername          string  `json:"account_user_name"`
+	AccountPassword          string  `json:"account_password"`
+	AgentToken               *string // the tozid-realm-idp client jwt
 }
 
 // LoadConfigFile loads JSON configuration for a Tozny SDK from the file