(t *testing.T)
| 153 | } |
| 154 | |
| 155 | func TestClientAccessToken(t *testing.T) { |
| 156 | Convey("EncodeClientAccessToken", t, func() { |
| 157 | now := time.Date(2020, 1, 1, 0, 0, 0, 0, time.UTC) |
| 158 | |
| 159 | jwkSet, err := jwk.Parse([]byte(PrivateKeyPEM), jwk.WithPEM(true)) |
| 160 | So(err, ShouldBeNil) |
| 161 | jwkKey, _ := jwkSet.Key(0) |
| 162 | _ = jwkKey.Set(jwk.KeyIDKey, uuid.New()) |
| 163 | _ = jwkKey.Set(jwk.AlgorithmKey, "RS256") |
| 164 | |
| 165 | secrets := &config.OAuthKeyMaterials{ |
| 166 | Set: jwkSet, |
| 167 | } |
| 168 | |
| 169 | mockCtrl := gomock.NewController(t) |
| 170 | defer mockCtrl.Finish() |
| 171 | mockIDTokenIssuer := NewMockIDTokenIssuer(mockCtrl) |
| 172 | mockIDTokenIssuer.EXPECT().Iss().Return("http://test1.authgear.com") |
| 173 | |
| 174 | encoding := &AccessTokenEncoding{ |
| 175 | Secrets: secrets, |
| 176 | Clock: clock.NewMockClockAtTime(now), |
| 177 | IDTokenIssuer: mockIDTokenIssuer, |
| 178 | BaseURL: &endpoints.Endpoints{ |
| 179 | OAuthEndpoints: &endpoints.OAuthEndpoints{ |
| 180 | HTTPHost: "test1.authgear.com", |
| 181 | HTTPProto: "http", |
| 182 | }, |
| 183 | }, |
| 184 | } |
| 185 | |
| 186 | client := &config.OAuthClientConfig{ |
| 187 | IssueJWTAccessToken: true, |
| 188 | ClientID: "client-id", |
| 189 | AccessTokenLifetime: 3600, |
| 190 | } |
| 191 | resourceURI := "https://api.example.com/" |
| 192 | scope := "read write" |
| 193 | createdAt := now |
| 194 | expireAt := now.Add(client.AccessTokenLifetime.Duration()) |
| 195 | originalToken := "opaque-token" // #nosec G101 |
| 196 | |
| 197 | options := EncodeClientAccessTokenOptions{ |
| 198 | OriginalToken: originalToken, |
| 199 | ClientConfig: client, |
| 200 | ResourceURI: resourceURI, |
| 201 | Scope: scope, |
| 202 | CreatedAt: createdAt, |
| 203 | ExpireAt: expireAt, |
| 204 | } |
| 205 | |
| 206 | accessToken, err := encoding.EncodeClientAccessToken(context.Background(), options) |
| 207 | So(err, ShouldBeNil) |
| 208 | |
| 209 | // Peek token payload |
| 210 | keys, err := jwk.PublicSetOf(encoding.Secrets.Set) |
| 211 | So(err, ShouldBeNil) |
| 212 |
nothing calls this directly
no test coverage detected