dynamiccodec.Codec uses securecookie.JSONEncoder
Signed-off-by: aram price <pricear@vmware.com>
This commit is contained in:
Andrew Keesler
aram price
parent
ccac124b7a
commit
1291380611
|
|
@ -23,7 +23,9 @@ type Codec struct {
|
||||||
encryptionKeyFunc KeyFunc
|
encryptionKeyFunc KeyFunc
|
||||||
}
|
}
|
||||||
|
|
||||||
// New creates a new Codec that will use the provided keyFuncs for its key source.
|
// New creates a new Codec that will use the provided keyFuncs for its key source, and
|
||||||
|
// use the securecookie.JSONEncoder. The securecookie.JSONEncoder is used because the default
|
||||||
|
// securecookie.GobEncoder is less compact and more difficult to make forward compatible.
|
||||||
func New(signingKeyFunc, encryptionKeyFunc KeyFunc) *Codec {
|
func New(signingKeyFunc, encryptionKeyFunc KeyFunc) *Codec {
|
||||||
return &Codec{
|
return &Codec{
|
||||||
signingKeyFunc: signingKeyFunc,
|
signingKeyFunc: signingKeyFunc,
|
||||||
|
|
@ -33,10 +35,14 @@ func New(signingKeyFunc, encryptionKeyFunc KeyFunc) *Codec {
|
||||||
|
|
||||||
// Encode implements oidc.Encode().
|
// Encode implements oidc.Encode().
|
||||||
func (c *Codec) Encode(name string, value interface{}) (string, error) {
|
func (c *Codec) Encode(name string, value interface{}) (string, error) {
|
||||||
return securecookie.New(c.signingKeyFunc(), c.encryptionKeyFunc()).Encode(name, value)
|
encoder := securecookie.New(c.signingKeyFunc(), c.encryptionKeyFunc())
|
||||||
|
encoder.SetSerializer(securecookie.JSONEncoder{})
|
||||||
|
return encoder.Encode(name, value)
|
||||||
}
|
}
|
||||||
|
|
||||||
// Decode implements oidc.Decode().
|
// Decode implements oidc.Decode().
|
||||||
func (c *Codec) Decode(name string, value string, into interface{}) error {
|
func (c *Codec) Decode(name string, value string, into interface{}) error {
|
||||||
return securecookie.New(c.signingKeyFunc(), c.encryptionKeyFunc()).Decode(name, value, into)
|
decoder := securecookie.New(c.signingKeyFunc(), c.encryptionKeyFunc())
|
||||||
|
decoder.SetSerializer(securecookie.JSONEncoder{})
|
||||||
|
return decoder.Decode(name, value, into)
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -4,6 +4,7 @@
|
||||||
package dynamiccodec
|
package dynamiccodec
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"strings"
|
||||||
"testing"
|
"testing"
|
||||||
|
|
||||||
"github.com/stretchr/testify/require"
|
"github.com/stretchr/testify/require"
|
||||||
|
|
@ -13,7 +14,7 @@ func TestCodec(t *testing.T) {
|
||||||
tests := []struct {
|
tests := []struct {
|
||||||
name string
|
name string
|
||||||
keys func(encoderSigningKey, encoderEncryptionKey, decoderSigningKey, decoderEncryptionKey *[]byte)
|
keys func(encoderSigningKey, encoderEncryptionKey, decoderSigningKey, decoderEncryptionKey *[]byte)
|
||||||
wantEncoderError string
|
wantEncoderErrorPrefix string
|
||||||
wantDecoderError string
|
wantDecoderError string
|
||||||
}{
|
}{
|
||||||
{
|
{
|
||||||
|
|
@ -31,7 +32,7 @@ func TestCodec(t *testing.T) {
|
||||||
keys: func(encoderSigningKey, encoderEncryptionKey, decoderSigningKey, decoderEncryptionKey *[]byte) {
|
keys: func(encoderSigningKey, encoderEncryptionKey, decoderSigningKey, decoderEncryptionKey *[]byte) {
|
||||||
*encoderEncryptionKey = []byte("this-secret-is-not-16-bytes")
|
*encoderEncryptionKey = []byte("this-secret-is-not-16-bytes")
|
||||||
},
|
},
|
||||||
wantEncoderError: "securecookie: error - caused by: crypto/aes: invalid key size 27",
|
wantEncoderErrorPrefix: "securecookie: error - caused by: crypto/aes: invalid key size 27",
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
name: "good signing keys and bad decoding encryption key",
|
name: "good signing keys and bad decoding encryption key",
|
||||||
|
|
@ -45,7 +46,7 @@ func TestCodec(t *testing.T) {
|
||||||
keys: func(encoderSigningKey, encoderEncryptionKey, decoderSigningKey, decoderEncryptionKey *[]byte) {
|
keys: func(encoderSigningKey, encoderEncryptionKey, decoderSigningKey, decoderEncryptionKey *[]byte) {
|
||||||
*encoderSigningKey = nil
|
*encoderSigningKey = nil
|
||||||
},
|
},
|
||||||
wantEncoderError: "securecookie: hash key is not set",
|
wantEncoderErrorPrefix: "securecookie: hash key is not set",
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
name: "bad decoder signing key",
|
name: "bad decoder signing key",
|
||||||
|
|
@ -66,7 +67,7 @@ func TestCodec(t *testing.T) {
|
||||||
keys: func(encoderSigningKey, encoderEncryptionKey, decoderSigningKey, decoderEncryptionKey *[]byte) {
|
keys: func(encoderSigningKey, encoderEncryptionKey, decoderSigningKey, decoderEncryptionKey *[]byte) {
|
||||||
*encoderEncryptionKey = []byte("16-byte-no-match")
|
*encoderEncryptionKey = []byte("16-byte-no-match")
|
||||||
},
|
},
|
||||||
wantDecoderError: "securecookie: error - caused by: securecookie: error - caused by: gob: encoded unsigned integer out of range",
|
wantDecoderError: "securecookie: error - caused by: securecookie: error - caused by: invalid character '",
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
for _, test := range tests {
|
for _, test := range tests {
|
||||||
|
|
@ -85,8 +86,8 @@ func TestCodec(t *testing.T) {
|
||||||
func() []byte { return encoderEncryptionKey })
|
func() []byte { return encoderEncryptionKey })
|
||||||
|
|
||||||
encoded, err := encoder.Encode("some-name", "some-message")
|
encoded, err := encoder.Encode("some-name", "some-message")
|
||||||
if test.wantEncoderError != "" {
|
if test.wantEncoderErrorPrefix != "" {
|
||||||
require.EqualError(t, err, test.wantEncoderError)
|
require.EqualError(t, err, test.wantEncoderErrorPrefix)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
require.NoError(t, err)
|
require.NoError(t, err)
|
||||||
|
|
@ -97,7 +98,8 @@ func TestCodec(t *testing.T) {
|
||||||
var decoded string
|
var decoded string
|
||||||
err = decoder.Decode("some-name", encoded, &decoded)
|
err = decoder.Decode("some-name", encoded, &decoded)
|
||||||
if test.wantDecoderError != "" {
|
if test.wantDecoderError != "" {
|
||||||
require.EqualError(t, err, test.wantDecoderError)
|
require.Error(t, err)
|
||||||
|
require.True(t, strings.HasPrefix(err.Error(), test.wantDecoderError))
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
require.NoError(t, err)
|
require.NoError(t, err)
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue