79ca1d7fb0
- If the upstream refresh fails, then fail the downstream refresh - If the upstream refresh returns an ID token, then validate it (we use its claims in the future, but not in this commit) - If the upstream refresh returns a new refresh token, then save it into the user's session in storage - Pass the provider cache into the token handler so it can use the cached providers to perform upstream refreshes - Handle unexpected errors in the token handler where the user's session does not contain the expected data. These should not be possible in practice unless someone is manually editing the storage, but handle them anyway just to be safe. - Refactor to share the refresh code between the CLI and the token endpoint by moving it into the UpstreamOIDCIdentityProviderI interface, since the token endpoint needed it to be part of that interface anyway
232 lines
9.6 KiB
Go
232 lines
9.6 KiB
Go
// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved.
|
|
// SPDX-License-Identifier: Apache-2.0
|
|
//
|
|
|
|
// Code generated by MockGen. DO NOT EDIT.
|
|
// Source: go.pinniped.dev/internal/oidc/provider (interfaces: UpstreamOIDCIdentityProviderI)
|
|
|
|
// Package mockupstreamoidcidentityprovider is a generated GoMock package.
|
|
package mockupstreamoidcidentityprovider
|
|
|
|
import (
|
|
context "context"
|
|
url "net/url"
|
|
reflect "reflect"
|
|
|
|
gomock "github.com/golang/mock/gomock"
|
|
nonce "go.pinniped.dev/pkg/oidcclient/nonce"
|
|
oidctypes "go.pinniped.dev/pkg/oidcclient/oidctypes"
|
|
pkce "go.pinniped.dev/pkg/oidcclient/pkce"
|
|
oauth2 "golang.org/x/oauth2"
|
|
types "k8s.io/apimachinery/pkg/types"
|
|
)
|
|
|
|
// MockUpstreamOIDCIdentityProviderI is a mock of UpstreamOIDCIdentityProviderI interface.
|
|
type MockUpstreamOIDCIdentityProviderI struct {
|
|
ctrl *gomock.Controller
|
|
recorder *MockUpstreamOIDCIdentityProviderIMockRecorder
|
|
}
|
|
|
|
// MockUpstreamOIDCIdentityProviderIMockRecorder is the mock recorder for MockUpstreamOIDCIdentityProviderI.
|
|
type MockUpstreamOIDCIdentityProviderIMockRecorder struct {
|
|
mock *MockUpstreamOIDCIdentityProviderI
|
|
}
|
|
|
|
// NewMockUpstreamOIDCIdentityProviderI creates a new mock instance.
|
|
func NewMockUpstreamOIDCIdentityProviderI(ctrl *gomock.Controller) *MockUpstreamOIDCIdentityProviderI {
|
|
mock := &MockUpstreamOIDCIdentityProviderI{ctrl: ctrl}
|
|
mock.recorder = &MockUpstreamOIDCIdentityProviderIMockRecorder{mock}
|
|
return mock
|
|
}
|
|
|
|
// EXPECT returns an object that allows the caller to indicate expected use.
|
|
func (m *MockUpstreamOIDCIdentityProviderI) EXPECT() *MockUpstreamOIDCIdentityProviderIMockRecorder {
|
|
return m.recorder
|
|
}
|
|
|
|
// AllowsPasswordGrant mocks base method.
|
|
func (m *MockUpstreamOIDCIdentityProviderI) AllowsPasswordGrant() bool {
|
|
m.ctrl.T.Helper()
|
|
ret := m.ctrl.Call(m, "AllowsPasswordGrant")
|
|
ret0, _ := ret[0].(bool)
|
|
return ret0
|
|
}
|
|
|
|
// AllowsPasswordGrant indicates an expected call of AllowsPasswordGrant.
|
|
func (mr *MockUpstreamOIDCIdentityProviderIMockRecorder) AllowsPasswordGrant() *gomock.Call {
|
|
mr.mock.ctrl.T.Helper()
|
|
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "AllowsPasswordGrant", reflect.TypeOf((*MockUpstreamOIDCIdentityProviderI)(nil).AllowsPasswordGrant))
|
|
}
|
|
|
|
// ExchangeAuthcodeAndValidateTokens mocks base method.
|
|
func (m *MockUpstreamOIDCIdentityProviderI) ExchangeAuthcodeAndValidateTokens(arg0 context.Context, arg1 string, arg2 pkce.Code, arg3 nonce.Nonce, arg4 string) (*oidctypes.Token, error) {
|
|
m.ctrl.T.Helper()
|
|
ret := m.ctrl.Call(m, "ExchangeAuthcodeAndValidateTokens", arg0, arg1, arg2, arg3, arg4)
|
|
ret0, _ := ret[0].(*oidctypes.Token)
|
|
ret1, _ := ret[1].(error)
|
|
return ret0, ret1
|
|
}
|
|
|
|
// ExchangeAuthcodeAndValidateTokens indicates an expected call of ExchangeAuthcodeAndValidateTokens.
|
|
func (mr *MockUpstreamOIDCIdentityProviderIMockRecorder) ExchangeAuthcodeAndValidateTokens(arg0, arg1, arg2, arg3, arg4 interface{}) *gomock.Call {
|
|
mr.mock.ctrl.T.Helper()
|
|
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ExchangeAuthcodeAndValidateTokens", reflect.TypeOf((*MockUpstreamOIDCIdentityProviderI)(nil).ExchangeAuthcodeAndValidateTokens), arg0, arg1, arg2, arg3, arg4)
|
|
}
|
|
|
|
// GetAdditionalAuthcodeParams mocks base method.
|
|
func (m *MockUpstreamOIDCIdentityProviderI) GetAdditionalAuthcodeParams() map[string]string {
|
|
m.ctrl.T.Helper()
|
|
ret := m.ctrl.Call(m, "GetAdditionalAuthcodeParams")
|
|
ret0, _ := ret[0].(map[string]string)
|
|
return ret0
|
|
}
|
|
|
|
// GetAdditionalAuthcodeParams indicates an expected call of GetAdditionalAuthcodeParams.
|
|
func (mr *MockUpstreamOIDCIdentityProviderIMockRecorder) GetAdditionalAuthcodeParams() *gomock.Call {
|
|
mr.mock.ctrl.T.Helper()
|
|
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetAdditionalAuthcodeParams", reflect.TypeOf((*MockUpstreamOIDCIdentityProviderI)(nil).GetAdditionalAuthcodeParams))
|
|
}
|
|
|
|
// GetAuthorizationURL mocks base method.
|
|
func (m *MockUpstreamOIDCIdentityProviderI) GetAuthorizationURL() *url.URL {
|
|
m.ctrl.T.Helper()
|
|
ret := m.ctrl.Call(m, "GetAuthorizationURL")
|
|
ret0, _ := ret[0].(*url.URL)
|
|
return ret0
|
|
}
|
|
|
|
// GetAuthorizationURL indicates an expected call of GetAuthorizationURL.
|
|
func (mr *MockUpstreamOIDCIdentityProviderIMockRecorder) GetAuthorizationURL() *gomock.Call {
|
|
mr.mock.ctrl.T.Helper()
|
|
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetAuthorizationURL", reflect.TypeOf((*MockUpstreamOIDCIdentityProviderI)(nil).GetAuthorizationURL))
|
|
}
|
|
|
|
// GetClientID mocks base method.
|
|
func (m *MockUpstreamOIDCIdentityProviderI) GetClientID() string {
|
|
m.ctrl.T.Helper()
|
|
ret := m.ctrl.Call(m, "GetClientID")
|
|
ret0, _ := ret[0].(string)
|
|
return ret0
|
|
}
|
|
|
|
// GetClientID indicates an expected call of GetClientID.
|
|
func (mr *MockUpstreamOIDCIdentityProviderIMockRecorder) GetClientID() *gomock.Call {
|
|
mr.mock.ctrl.T.Helper()
|
|
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetClientID", reflect.TypeOf((*MockUpstreamOIDCIdentityProviderI)(nil).GetClientID))
|
|
}
|
|
|
|
// GetGroupsClaim mocks base method.
|
|
func (m *MockUpstreamOIDCIdentityProviderI) GetGroupsClaim() string {
|
|
m.ctrl.T.Helper()
|
|
ret := m.ctrl.Call(m, "GetGroupsClaim")
|
|
ret0, _ := ret[0].(string)
|
|
return ret0
|
|
}
|
|
|
|
// GetGroupsClaim indicates an expected call of GetGroupsClaim.
|
|
func (mr *MockUpstreamOIDCIdentityProviderIMockRecorder) GetGroupsClaim() *gomock.Call {
|
|
mr.mock.ctrl.T.Helper()
|
|
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetGroupsClaim", reflect.TypeOf((*MockUpstreamOIDCIdentityProviderI)(nil).GetGroupsClaim))
|
|
}
|
|
|
|
// GetName mocks base method.
|
|
func (m *MockUpstreamOIDCIdentityProviderI) GetName() string {
|
|
m.ctrl.T.Helper()
|
|
ret := m.ctrl.Call(m, "GetName")
|
|
ret0, _ := ret[0].(string)
|
|
return ret0
|
|
}
|
|
|
|
// GetName indicates an expected call of GetName.
|
|
func (mr *MockUpstreamOIDCIdentityProviderIMockRecorder) GetName() *gomock.Call {
|
|
mr.mock.ctrl.T.Helper()
|
|
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetName", reflect.TypeOf((*MockUpstreamOIDCIdentityProviderI)(nil).GetName))
|
|
}
|
|
|
|
// GetResourceUID mocks base method.
|
|
func (m *MockUpstreamOIDCIdentityProviderI) GetResourceUID() types.UID {
|
|
m.ctrl.T.Helper()
|
|
ret := m.ctrl.Call(m, "GetResourceUID")
|
|
ret0, _ := ret[0].(types.UID)
|
|
return ret0
|
|
}
|
|
|
|
// GetResourceUID indicates an expected call of GetResourceUID.
|
|
func (mr *MockUpstreamOIDCIdentityProviderIMockRecorder) GetResourceUID() *gomock.Call {
|
|
mr.mock.ctrl.T.Helper()
|
|
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetResourceUID", reflect.TypeOf((*MockUpstreamOIDCIdentityProviderI)(nil).GetResourceUID))
|
|
}
|
|
|
|
// GetScopes mocks base method.
|
|
func (m *MockUpstreamOIDCIdentityProviderI) GetScopes() []string {
|
|
m.ctrl.T.Helper()
|
|
ret := m.ctrl.Call(m, "GetScopes")
|
|
ret0, _ := ret[0].([]string)
|
|
return ret0
|
|
}
|
|
|
|
// GetScopes indicates an expected call of GetScopes.
|
|
func (mr *MockUpstreamOIDCIdentityProviderIMockRecorder) GetScopes() *gomock.Call {
|
|
mr.mock.ctrl.T.Helper()
|
|
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetScopes", reflect.TypeOf((*MockUpstreamOIDCIdentityProviderI)(nil).GetScopes))
|
|
}
|
|
|
|
// GetUsernameClaim mocks base method.
|
|
func (m *MockUpstreamOIDCIdentityProviderI) GetUsernameClaim() string {
|
|
m.ctrl.T.Helper()
|
|
ret := m.ctrl.Call(m, "GetUsernameClaim")
|
|
ret0, _ := ret[0].(string)
|
|
return ret0
|
|
}
|
|
|
|
// GetUsernameClaim indicates an expected call of GetUsernameClaim.
|
|
func (mr *MockUpstreamOIDCIdentityProviderIMockRecorder) GetUsernameClaim() *gomock.Call {
|
|
mr.mock.ctrl.T.Helper()
|
|
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetUsernameClaim", reflect.TypeOf((*MockUpstreamOIDCIdentityProviderI)(nil).GetUsernameClaim))
|
|
}
|
|
|
|
// PasswordCredentialsGrantAndValidateTokens mocks base method.
|
|
func (m *MockUpstreamOIDCIdentityProviderI) PasswordCredentialsGrantAndValidateTokens(arg0 context.Context, arg1, arg2 string) (*oidctypes.Token, error) {
|
|
m.ctrl.T.Helper()
|
|
ret := m.ctrl.Call(m, "PasswordCredentialsGrantAndValidateTokens", arg0, arg1, arg2)
|
|
ret0, _ := ret[0].(*oidctypes.Token)
|
|
ret1, _ := ret[1].(error)
|
|
return ret0, ret1
|
|
}
|
|
|
|
// PasswordCredentialsGrantAndValidateTokens indicates an expected call of PasswordCredentialsGrantAndValidateTokens.
|
|
func (mr *MockUpstreamOIDCIdentityProviderIMockRecorder) PasswordCredentialsGrantAndValidateTokens(arg0, arg1, arg2 interface{}) *gomock.Call {
|
|
mr.mock.ctrl.T.Helper()
|
|
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "PasswordCredentialsGrantAndValidateTokens", reflect.TypeOf((*MockUpstreamOIDCIdentityProviderI)(nil).PasswordCredentialsGrantAndValidateTokens), arg0, arg1, arg2)
|
|
}
|
|
|
|
// PerformRefresh mocks base method.
|
|
func (m *MockUpstreamOIDCIdentityProviderI) PerformRefresh(arg0 context.Context, arg1 string) (*oauth2.Token, error) {
|
|
m.ctrl.T.Helper()
|
|
ret := m.ctrl.Call(m, "PerformRefresh", arg0, arg1)
|
|
ret0, _ := ret[0].(*oauth2.Token)
|
|
ret1, _ := ret[1].(error)
|
|
return ret0, ret1
|
|
}
|
|
|
|
// PerformRefresh indicates an expected call of PerformRefresh.
|
|
func (mr *MockUpstreamOIDCIdentityProviderIMockRecorder) PerformRefresh(arg0, arg1 interface{}) *gomock.Call {
|
|
mr.mock.ctrl.T.Helper()
|
|
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "PerformRefresh", reflect.TypeOf((*MockUpstreamOIDCIdentityProviderI)(nil).PerformRefresh), arg0, arg1)
|
|
}
|
|
|
|
// ValidateToken mocks base method.
|
|
func (m *MockUpstreamOIDCIdentityProviderI) ValidateToken(arg0 context.Context, arg1 *oauth2.Token, arg2 nonce.Nonce) (*oidctypes.Token, error) {
|
|
m.ctrl.T.Helper()
|
|
ret := m.ctrl.Call(m, "ValidateToken", arg0, arg1, arg2)
|
|
ret0, _ := ret[0].(*oidctypes.Token)
|
|
ret1, _ := ret[1].(error)
|
|
return ret0, ret1
|
|
}
|
|
|
|
// ValidateToken indicates an expected call of ValidateToken.
|
|
func (mr *MockUpstreamOIDCIdentityProviderIMockRecorder) ValidateToken(arg0, arg1, arg2 interface{}) *gomock.Call {
|
|
mr.mock.ctrl.T.Helper()
|
|
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "ValidateToken", reflect.TypeOf((*MockUpstreamOIDCIdentityProviderI)(nil).ValidateToken), arg0, arg1, arg2)
|
|
}
|