MCPcopy
hub / github.com/yusing/godoxy / TestCheckToken

Function TestCheckToken

internal/auth/oidc_test.go:316–456  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

314}
315
316func TestCheckToken(t *testing.T) {
317 provider := setupProvider(t)
318
319 tests := []struct {
320 name string
321 allowedUsers []string
322 allowedGroups []string
323 claims jwt.Claims
324 wantErr error
325 }{
326 {
327 name: "Success - Valid token with allowed user",
328 allowedUsers: []string{"user1"},
329 claims: jwt.MapClaims{
330 "iss": provider.ts.URL,
331 "aud": clientID,
332 "exp": time.Now().Add(time.Hour).Unix(),
333 "preferred_username": "user1",
334 "groups": []string{"group1"},
335 },
336 },
337 {
338 name: "Success - Valid token with allowed group",
339 allowedGroups: []string{"group1"},
340 claims: jwt.MapClaims{
341 "iss": provider.ts.URL,
342 "aud": clientID,
343 "exp": time.Now().Add(time.Hour).Unix(),
344 "preferred_username": "user1",
345 "groups": []string{"group1"},
346 },
347 },
348 {
349 name: "Success - Server omits groups, but user is allowed",
350 allowedUsers: []string{"user1"},
351 claims: jwt.MapClaims{
352 "iss": provider.ts.URL,
353 "aud": clientID,
354 "exp": time.Now().Add(time.Hour).Unix(),
355 "preferred_username": "user1",
356 },
357 },
358 {
359 name: "Success - Server omits preferred_username, but group is allowed",
360 allowedGroups: []string{"group1"},
361 claims: jwt.MapClaims{
362 "iss": provider.ts.URL,
363 "aud": clientID,
364 "exp": time.Now().Add(time.Hour).Unix(),
365 "groups": []string{"group1"},
366 },
367 },
368 {
369 name: "Success - Valid token with allowed user and group",
370 allowedUsers: []string{"user1"},
371 allowedGroups: []string{"group1"},
372 claims: jwt.MapClaims{
373 "iss": provider.ts.URL,

Callers

nothing calls this directly

Calls 5

CheckTokenMethod · 0.95
setupProviderFunction · 0.85
SignClaimsMethod · 0.80
AddMethod · 0.65

Tested by

no test coverage detected