devstack/authorizer
4
0
Fork 0
Code Pull Requests Actions Activity

fix: session invalidation

Browse Source
This commit is contained in:
Lakhan Samani
2022-06-11 19:10:39 +05:30
parent 7a2dbea019
commit 926ab07c07
29 changed files with 401 additions and 285 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
server/test/jwt_test.go
View File

@@ -52,7 +52,7 @@ func TestJwt(t *testing.T) {
}
jwtToken, err := token.SignJWTToken(expiredClaims)
assert.NoError(t, err)
_, err = token.ParseJWTToken(jwtToken, hostname, nonce, subject)
_, err = token.ParseJWTToken(jwtToken)
assert.Error(t, err, err.Error(), "Token is expired")
})
t.Run("HMAC algorithms", func(t *testing.T) {
@@ -62,27 +62,36 @@ func TestJwt(t *testing.T) {
jwtToken, err := token.SignJWTToken(claims)
assert.NoError(t, err)
assert.NotEmpty(t, jwtToken)
c, err := token.ParseJWTToken(jwtToken, hostname, nonce, subject)
c, err := token.ParseJWTToken(jwtToken)
assert.NoError(t, err)
assert.Equal(t, c["email"].(string), claims["email"])
valid, err := token.ValidateJWTClaims(c, hostname, nonce, subject)
assert.NoError(t, err)
assert.True(t, valid)
})
t.Run("HS384", func(t *testing.T) {
memorystore.Provider.UpdateEnvVariable(constants.EnvKeyJwtType, "HS384")
jwtToken, err := token.SignJWTToken(claims)
assert.NoError(t, err)
assert.NotEmpty(t, jwtToken)
c, err := token.ParseJWTToken(jwtToken, hostname, nonce, subject)
c, err := token.ParseJWTToken(jwtToken)
assert.NoError(t, err)
assert.Equal(t, c["email"].(string), claims["email"])
valid, err := token.ValidateJWTClaims(c, hostname, nonce, subject)
assert.NoError(t, err)
assert.True(t, valid)
})
t.Run("HS512", func(t *testing.T) {
memorystore.Provider.UpdateEnvVariable(constants.EnvKeyJwtType, "HS512")
jwtToken, err := token.SignJWTToken(claims)
assert.NoError(t, err)
assert.NotEmpty(t, jwtToken)
c, err := token.ParseJWTToken(jwtToken, hostname, nonce, subject)
c, err := token.ParseJWTToken(jwtToken)
assert.NoError(t, err)
assert.Equal(t, c["email"].(string), claims["email"])
valid, err := token.ValidateJWTClaims(c, hostname, nonce, subject)
assert.NoError(t, err)
assert.True(t, valid)
})
})
@@ -96,9 +105,12 @@ func TestJwt(t *testing.T) {
jwtToken, err := token.SignJWTToken(claims)
assert.NoError(t, err)
assert.NotEmpty(t, jwtToken)
c, err := token.ParseJWTToken(jwtToken, hostname, nonce, subject)
c, err := token.ParseJWTToken(jwtToken)
assert.NoError(t, err)
assert.Equal(t, c["email"].(string), claims["email"])
valid, err := token.ValidateJWTClaims(c, hostname, nonce, subject)
assert.NoError(t, err)
assert.True(t, valid)
})
t.Run("RS384", func(t *testing.T) {
_, privateKey, publickKey, _, err := crypto.NewRSAKey("RS384", clientID)
@@ -109,9 +121,12 @@ func TestJwt(t *testing.T) {
jwtToken, err := token.SignJWTToken(claims)
assert.NoError(t, err)
assert.NotEmpty(t, jwtToken)
c, err := token.ParseJWTToken(jwtToken, hostname, nonce, subject)
c, err := token.ParseJWTToken(jwtToken)
assert.NoError(t, err)
assert.Equal(t, c["email"].(string), claims["email"])
valid, err := token.ValidateJWTClaims(c, hostname, nonce, subject)
assert.NoError(t, err)
assert.True(t, valid)
})
t.Run("RS512", func(t *testing.T) {
_, privateKey, publickKey, _, err := crypto.NewRSAKey("RS512", clientID)
@@ -122,9 +137,12 @@ func TestJwt(t *testing.T) {
jwtToken, err := token.SignJWTToken(claims)
assert.NoError(t, err)
assert.NotEmpty(t, jwtToken)
c, err := token.ParseJWTToken(jwtToken, hostname, nonce, subject)
c, err := token.ParseJWTToken(jwtToken)
assert.NoError(t, err)
assert.Equal(t, c["email"].(string), claims["email"])
valid, err := token.ValidateJWTClaims(c, hostname, nonce, subject)
assert.NoError(t, err)
assert.True(t, valid)
})
})
@@ -138,9 +156,12 @@ func TestJwt(t *testing.T) {
jwtToken, err := token.SignJWTToken(claims)
assert.NoError(t, err)
assert.NotEmpty(t, jwtToken)
c, err := token.ParseJWTToken(jwtToken, hostname, nonce, subject)
c, err := token.ParseJWTToken(jwtToken)
assert.NoError(t, err)
assert.Equal(t, c["email"].(string), claims["email"])
valid, err := token.ValidateJWTClaims(c, hostname, nonce, subject)
assert.NoError(t, err)
assert.True(t, valid)
})
t.Run("ES384", func(t *testing.T) {
_, privateKey, publickKey, _, err := crypto.NewECDSAKey("ES384", clientID)
@@ -151,9 +172,12 @@ func TestJwt(t *testing.T) {
jwtToken, err := token.SignJWTToken(claims)
assert.NoError(t, err)
assert.NotEmpty(t, jwtToken)
c, err := token.ParseJWTToken(jwtToken, hostname, nonce, subject)
c, err := token.ParseJWTToken(jwtToken)
assert.NoError(t, err)
assert.Equal(t, c["email"].(string), claims["email"])
valid, err := token.ValidateJWTClaims(c, hostname, nonce, subject)
assert.NoError(t, err)
assert.True(t, valid)
})
t.Run("ES512", func(t *testing.T) {
_, privateKey, publickKey, _, err := crypto.NewECDSAKey("ES512", clientID)
@@ -164,9 +188,12 @@ func TestJwt(t *testing.T) {
jwtToken, err := token.SignJWTToken(claims)
assert.NoError(t, err)
assert.NotEmpty(t, jwtToken)
c, err := token.ParseJWTToken(jwtToken, hostname, nonce, subject)
c, err := token.ParseJWTToken(jwtToken)
assert.NoError(t, err)
assert.Equal(t, c["email"].(string), claims["email"])
valid, err := token.ValidateJWTClaims(c, hostname, nonce, subject)
assert.NoError(t, err)
assert.True(t, valid)
})
})