djpbessems/ContainerImage.Pinniped
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2,434 Commits 30 Branches 34 Tags 22 MiB
6e41c10584
Commit Graph

67 Commits

Author SHA1 Message Date
Andrew Keesler
b49d37ca54
callback_handler.go: test invalid upstream ID token username/groups 
Signed-off-by: Ryan Richard <richardry@vmware.com>
 2020-11-19 15:53:21 -05:00
Ryan Richard
83101eefce
callback_handler.go: start to test upstream token corner cases 
Also refactor to get rid of duplicate test structs.

Also also don't default groups ID token claim because there is no standard one.

Also also also add some logging that will hopefully help us in debugging in the
future.

Signed-off-by: Andrew Keesler <akeesler@vmware.com>
 2020-11-19 14:19:01 -05:00
Ryan Richard
a47617cad0 callback_handler.go: Add JWT Audience claim to storage 2020-11-19 08:53:53 -08:00
Ryan Richard
ee84f31f42 callback_handler.go: Add JWT Issuer claim to storage 2020-11-19 08:35:23 -08:00
Andrew Keesler
ace861f722
callback_handler.go: get some thoughts down about default upstream claims 
Signed-off-by: Andrew Keesler <akeesler@vmware.com>
 2020-11-19 11:08:21 -05:00
Andrew Keesler
2e62be3ebb
callback_handler.go: assert correct args are passed to token exchange 
Signed-off-by: Andrew Keesler <akeesler@vmware.com>
 2020-11-19 10:20:46 -05:00
Andrew Keesler
48e0250649
callback_handler.go: test that we request openid scope correctly 
Also add some testing.T.Log() calls to make debugging handler test failures
easier.

Signed-off-by: Andrew Keesler <akeesler@vmware.com>
 2020-11-19 09:28:56 -05:00
Andrew Keesler
6c72507bca
callback_handler.go: add test for failed upstream exchange/validation 
Signed-off-by: Andrew Keesler <akeesler@vmware.com>
 2020-11-19 09:00:41 -05:00
Andrew Keesler
63b8c6e4b2
callback_handler.go: test when state missing a needed param 
Signed-off-by: Andrew Keesler <akeesler@vmware.com>
 2020-11-19 08:51:23 -05:00
Andrew Keesler
ffdb7fa795
callback_handler.go: add a test for invalid state auth params 
Signed-off-by: Andrew Keesler <akeesler@vmware.com>
 2020-11-19 08:41:44 -05:00
Ryan Richard
652ea6bd2a Start using fosite in the Supervisor's callback handler 2020-11-18 17:15:01 -08:00
Ryan Richard
227fbd63aa Use an interface instead of a concrete type for UpstreamOIDCIdentityProvider 
Because we want it to implement an AuthcodeExchanger interface and
do it in a way that will be more unit test-friendly than the underlying
library that we intend to use inside its implementation.
 2020-11-18 13:38:13 -08:00
Andrew Keesler
1c7601a2b5
callback_handler.go: start happy path test with redirect 
Next steps: fosite storage?

Signed-off-by: Ryan Richard <richardry@vmware.com>
 2020-11-16 17:07:34 -05:00
Ryan Richard
052cdc40dc
callback_handler.go: add CSRF and version state validations 
Signed-off-by: Andrew Keesler <akeesler@vmware.com>
 2020-11-16 14:41:00 -05:00
Andrew Keesler
4138c9244f
callback_handler.go: write 2 invalid cookie tests 
Also common-ize some more constants shared between the auth and callback
endpoints.

Signed-off-by: Andrew Keesler <akeesler@vmware.com>
 2020-11-16 11:47:49 -05:00
Andrew Keesler
3ef1171667 Tiny bit more code for Supervisor's callback_handler.go 
Signed-off-by: Ryan Richard <richardry@vmware.com>
 2020-11-13 15:59:51 -08:00
Andrew Keesler
81b9a48437
callback_handler.go: initial API/test shape with 1 test 
Signed-off-by: Andrew Keesler <akeesler@vmware.com>
 2020-11-13 12:32:35 -05:00