Refactor: replace DTO with oidc.TokenSet type (#394)

* Refactor: remove IDTokenClaims from TokenSet and decode in use-cases * Refactor: use oidc.TokenSet for cache repository
2026-02-14 16:39:51 +00:00 · 2020-10-03 17:49:21 +09:00
parent 1dee4a354e
commit 5b2c82fc33
16 changed files with 186 additions and 232 deletions
--- a/pkg/usecases/authentication/authentication_test.go
+++ b/pkg/usecases/authentication/authentication_test.go
@@ -9,7 +9,6 @@ import (
 	"github.com/google/go-cmp/cmp"
 	"github.com/int128/kubelogin/pkg/adaptors/oidcclient"
 	"github.com/int128/kubelogin/pkg/adaptors/oidcclient/mock_oidcclient"
-	"github.com/int128/kubelogin/pkg/jwt"
 	"github.com/int128/kubelogin/pkg/oidc"
 	"github.com/int128/kubelogin/pkg/testing/clock"
 	testingJWT "github.com/int128/kubelogin/pkg/testing/jwt"
@@ -27,16 +26,11 @@ func TestAuthentication_Do(t *testing.T) {
 		ClientID:     "YOUR_CLIENT_ID",
 		ClientSecret: "YOUR_CLIENT_SECRET",
 	}
-	cachedIDToken := testingJWT.EncodeF(t, func(claims *testingJWT.Claims) {
-		claims.Issuer = "https://issuer.example.com"
-		claims.Subject = "SUBJECT"
+	issuedIDToken := testingJWT.EncodeF(t, func(claims *testingJWT.Claims) {
+		claims.Issuer = "https://accounts.google.com"
+		claims.Subject = "YOUR_SUBJECT"
 		claims.ExpiresAt = expiryTime.Unix()
 	})
-	dummyClaims := jwt.Claims{
-		Subject: "SUBJECT",
-		Expiry:  time.Date(2020, 1, 1, 0, 0, 0, 0, time.UTC),
-		Pretty:  "PRETTY_JSON",
-	}

 	t.Run("HasValidIDToken", func(t *testing.T) {
 		ctrl := gomock.NewController(t)
@@ -45,7 +39,9 @@ func TestAuthentication_Do(t *testing.T) {
 		defer cancel()
 		in := Input{
 			Provider: dummyProvider,
-			IDToken:  cachedIDToken,
+			CachedTokenSet: &oidc.TokenSet{
+				IDToken: issuedIDToken,
+			},
 		}
 		u := Authentication{
 			Logger: testingLogger.New(t),
@@ -58,16 +54,7 @@ func TestAuthentication_Do(t *testing.T) {
 		want := &Output{
 			AlreadyHasValidIDToken: true,
 			TokenSet: oidc.TokenSet{
-				IDToken: cachedIDToken,
-				IDTokenClaims: jwt.Claims{
-					Subject: "SUBJECT",
-					Expiry:  expiryTime,
-					Pretty: `{
-  "exp": 1577934245,
-  "iss": "https://issuer.example.com",
-  "sub": "SUBJECT"
-}`,
-				},
+				IDToken: issuedIDToken,
 			},
 		}
 		if diff := cmp.Diff(want, got); diff != "" {
@@ -81,17 +68,18 @@ func TestAuthentication_Do(t *testing.T) {
 		ctx, cancel := context.WithTimeout(context.TODO(), timeout)
 		defer cancel()
 		in := Input{
-			Provider:     dummyProvider,
-			IDToken:      cachedIDToken,
-			RefreshToken: "VALID_REFRESH_TOKEN",
+			Provider: dummyProvider,
+			CachedTokenSet: &oidc.TokenSet{
+				IDToken:      issuedIDToken,
+				RefreshToken: "VALID_REFRESH_TOKEN",
+			},
 		}
 		mockOIDCClient := mock_oidcclient.NewMockInterface(ctrl)
 		mockOIDCClient.EXPECT().
 			Refresh(ctx, "VALID_REFRESH_TOKEN").
 			Return(&oidc.TokenSet{
-				IDToken:       "NEW_ID_TOKEN",
-				RefreshToken:  "NEW_REFRESH_TOKEN",
-				IDTokenClaims: dummyClaims,
+				IDToken:      "NEW_ID_TOKEN",
+				RefreshToken: "NEW_REFRESH_TOKEN",
 			}, nil)
 		u := Authentication{
 			OIDCClient: &oidcclientFactory{
@@ -112,9 +100,8 @@ func TestAuthentication_Do(t *testing.T) {
 		}
 		want := &Output{
 			TokenSet: oidc.TokenSet{
-				IDToken:       "NEW_ID_TOKEN",
-				RefreshToken:  "NEW_REFRESH_TOKEN",
-				IDTokenClaims: dummyClaims,
+				IDToken:      "NEW_ID_TOKEN",
+				RefreshToken: "NEW_REFRESH_TOKEN",
 			},
 		}
 		if diff := cmp.Diff(want, got); diff != "" {
@@ -128,6 +115,7 @@ func TestAuthentication_Do(t *testing.T) {
 		ctx, cancel := context.WithTimeout(context.TODO(), timeout)
 		defer cancel()
 		in := Input{
+			Provider: dummyProvider,
 			GrantOptionSet: GrantOptionSet{
 				AuthCodeBrowserOption: &authcode.BrowserOption{
 					BindAddress:           []string{"127.0.0.1:8000"},
@@ -135,9 +123,10 @@ func TestAuthentication_Do(t *testing.T) {
 					AuthenticationTimeout: 10 * time.Second,
 				},
 			},
-			Provider:     dummyProvider,
-			IDToken:      cachedIDToken,
-			RefreshToken: "EXPIRED_REFRESH_TOKEN",
+			CachedTokenSet: &oidc.TokenSet{
+				IDToken:      issuedIDToken,
+				RefreshToken: "EXPIRED_REFRESH_TOKEN",
+			},
 		}
 		mockOIDCClient := mock_oidcclient.NewMockInterface(ctrl)
 		mockOIDCClient.EXPECT().SupportedPKCEMethods()
@@ -150,9 +139,8 @@ func TestAuthentication_Do(t *testing.T) {
 				readyChan <- "LOCAL_SERVER_URL"
 			}).
 			Return(&oidc.TokenSet{
-				IDToken:       "NEW_ID_TOKEN",
-				RefreshToken:  "NEW_REFRESH_TOKEN",
-				IDTokenClaims: dummyClaims,
+				IDToken:      "NEW_ID_TOKEN",
+				RefreshToken: "NEW_REFRESH_TOKEN",
 			}, nil)
 		u := Authentication{
 			OIDCClient: &oidcclientFactory{
@@ -176,9 +164,8 @@ func TestAuthentication_Do(t *testing.T) {
 		}
 		want := &Output{
 			TokenSet: oidc.TokenSet{
-				IDToken:       "NEW_ID_TOKEN",
-				RefreshToken:  "NEW_REFRESH_TOKEN",
-				IDTokenClaims: dummyClaims,
+				IDToken:      "NEW_ID_TOKEN",
+				RefreshToken: "NEW_REFRESH_TOKEN",
 			},
 		}
 		if diff := cmp.Diff(want, got); diff != "" {
@@ -204,9 +191,8 @@ func TestAuthentication_Do(t *testing.T) {
 		mockOIDCClient.EXPECT().
 			GetTokenByROPC(gomock.Any(), "USER", "PASS").
 			Return(&oidc.TokenSet{
-				IDToken:       "YOUR_ID_TOKEN",
-				RefreshToken:  "YOUR_REFRESH_TOKEN",
-				IDTokenClaims: dummyClaims,
+				IDToken:      "YOUR_ID_TOKEN",
+				RefreshToken: "YOUR_REFRESH_TOKEN",
 			}, nil)
 		u := Authentication{
 			OIDCClient: &oidcclientFactory{
@@ -229,9 +215,8 @@ func TestAuthentication_Do(t *testing.T) {
 		}
 		want := &Output{
 			TokenSet: oidc.TokenSet{
-				IDToken:       "YOUR_ID_TOKEN",
-				RefreshToken:  "YOUR_REFRESH_TOKEN",
-				IDTokenClaims: dummyClaims,
+				IDToken:      "YOUR_ID_TOKEN",
+				RefreshToken: "YOUR_REFRESH_TOKEN",
 			},
 		}
 		if diff := cmp.Diff(want, got); diff != "" {