From 5d657ed9816a41d076e638e6cd030b296eff152a Mon Sep 17 00:00:00 2001 From: Hidetake Iwata Date: Fri, 8 Nov 2024 10:20:20 +0900 Subject: [PATCH] Extract service package (integration_test) (#1170) * Extract service package (integration_test) * Refactor * make generate * Rename * Comment * Refactor --- integration_test/credetial_plugin_test.go | 77 +-- .../oidcserver/handler/handler.go | 14 +- integration_test/oidcserver/http/http.go | 74 --- integration_test/oidcserver/oidcserver.go | 54 ++ integration_test/oidcserver/server.go | 216 -------- .../oidcserver/service/service.go | 183 +++++++ .../oidcserver/{handler => service}/types.go | 17 +- .../oidcserver/testconfig/types.go | 28 + integration_test/standalone_test.go | 53 +- .../mock_Provider.go | 94 ++-- .../oidcserver/service_mock/mock_Service.go | 487 ++++++++++++++++++ .../oidcserver_mock/mock_Server.go | 162 ------ 12 files changed, 888 insertions(+), 571 deletions(-) delete mode 100644 integration_test/oidcserver/http/http.go create mode 100644 integration_test/oidcserver/oidcserver.go delete mode 100644 integration_test/oidcserver/server.go create mode 100644 integration_test/oidcserver/service/service.go rename integration_test/oidcserver/{handler => service}/types.go (87%) create mode 100644 integration_test/oidcserver/testconfig/types.go rename mocks/github.com/int128/kubelogin/integration_test/oidcserver/{handler_mock => service_mock}/mock_Provider.go (73%) create mode 100644 mocks/github.com/int128/kubelogin/integration_test/oidcserver/service_mock/mock_Service.go delete mode 100644 mocks/github.com/int128/kubelogin/integration_test/oidcserver_mock/mock_Server.go diff --git a/integration_test/credetial_plugin_test.go b/integration_test/credetial_plugin_test.go index 890d4d5..97c189d 100644 --- a/integration_test/credetial_plugin_test.go +++ b/integration_test/credetial_plugin_test.go @@ -13,6 +13,7 @@ import ( "github.com/int128/kubelogin/integration_test/httpdriver" "github.com/int128/kubelogin/integration_test/keypair" "github.com/int128/kubelogin/integration_test/oidcserver" + "github.com/int128/kubelogin/integration_test/oidcserver/testconfig" "github.com/int128/kubelogin/pkg/di" "github.com/int128/kubelogin/pkg/infrastructure/browser" "github.com/int128/kubelogin/pkg/testing/clock" @@ -52,12 +53,12 @@ func TestCredentialPlugin(t *testing.T) { t.Parallel() ctx, cancel := context.WithTimeout(context.TODO(), timeout) defer cancel() - sv := oidcserver.New(t, tc.keyPair, oidcserver.Config{ - Want: oidcserver.Want{ + sv := oidcserver.New(t, tc.keyPair, testconfig.TestConfig{ + Want: testconfig.Want{ Scope: "openid", RedirectURIPrefix: "http://localhost:", }, - Response: oidcserver.Response{ + Response: testconfig.Response{ IDTokenExpiry: now.Add(time.Hour), }, }) @@ -77,14 +78,14 @@ func TestCredentialPlugin(t *testing.T) { t.Parallel() ctx, cancel := context.WithTimeout(context.TODO(), timeout) defer cancel() - sv := oidcserver.New(t, tc.keyPair, oidcserver.Config{ - Want: oidcserver.Want{ + sv := oidcserver.New(t, tc.keyPair, testconfig.TestConfig{ + Want: testconfig.Want{ Scope: "openid", RedirectURIPrefix: "http://localhost:", Username: "USER1", Password: "PASS1", }, - Response: oidcserver.Response{ + Response: testconfig.Response{ IDTokenExpiry: now.Add(time.Hour), }, }) @@ -107,15 +108,15 @@ func TestCredentialPlugin(t *testing.T) { t.Parallel() ctx, cancel := context.WithTimeout(context.TODO(), timeout) defer cancel() - sv := oidcserver.New(t, tc.keyPair, oidcserver.Config{}) + sv := oidcserver.New(t, tc.keyPair, testconfig.TestConfig{}) t.Run("NoCache", func(t *testing.T) { - sv.SetConfig(oidcserver.Config{ - Want: oidcserver.Want{ + sv.SetConfig(testconfig.TestConfig{ + Want: testconfig.Want{ Scope: "openid", RedirectURIPrefix: "http://localhost:", }, - Response: oidcserver.Response{ + Response: testconfig.Response{ IDTokenExpiry: now.Add(time.Hour), RefreshToken: "REFRESH_TOKEN_1", }, @@ -132,7 +133,7 @@ func TestCredentialPlugin(t *testing.T) { assertCredentialPluginStdout(t, &stdout, sv.LastTokenResponse().IDToken, now.Add(time.Hour)) }) t.Run("Valid", func(t *testing.T) { - sv.SetConfig(oidcserver.Config{}) + sv.SetConfig(testconfig.TestConfig{}) var stdout bytes.Buffer runGetToken(t, ctx, getTokenConfig{ tokenCacheDir: tokenCacheDir, @@ -145,13 +146,13 @@ func TestCredentialPlugin(t *testing.T) { assertCredentialPluginStdout(t, &stdout, sv.LastTokenResponse().IDToken, now.Add(time.Hour)) }) t.Run("Refresh", func(t *testing.T) { - sv.SetConfig(oidcserver.Config{ - Want: oidcserver.Want{ + sv.SetConfig(testconfig.TestConfig{ + Want: testconfig.Want{ Scope: "openid", RedirectURIPrefix: "http://localhost:", RefreshToken: "REFRESH_TOKEN_1", }, - Response: oidcserver.Response{ + Response: testconfig.Response{ IDTokenExpiry: now.Add(3 * time.Hour), RefreshToken: "REFRESH_TOKEN_2", }, @@ -168,13 +169,13 @@ func TestCredentialPlugin(t *testing.T) { assertCredentialPluginStdout(t, &stdout, sv.LastTokenResponse().IDToken, now.Add(3*time.Hour)) }) t.Run("RefreshAgain", func(t *testing.T) { - sv.SetConfig(oidcserver.Config{ - Want: oidcserver.Want{ + sv.SetConfig(testconfig.TestConfig{ + Want: testconfig.Want{ Scope: "openid", RedirectURIPrefix: "http://localhost:", RefreshToken: "REFRESH_TOKEN_2", }, - Response: oidcserver.Response{ + Response: testconfig.Response{ IDTokenExpiry: now.Add(5 * time.Hour), }, }) @@ -197,13 +198,13 @@ func TestCredentialPlugin(t *testing.T) { t.Parallel() ctx, cancel := context.WithTimeout(context.TODO(), timeout) defer cancel() - sv := oidcserver.New(t, keypair.None, oidcserver.Config{ - Want: oidcserver.Want{ + sv := oidcserver.New(t, keypair.None, testconfig.TestConfig{ + Want: testconfig.Want{ Scope: "openid", RedirectURIPrefix: "http://localhost:", CodeChallengeMethod: "S256", }, - Response: oidcserver.Response{ + Response: testconfig.Response{ IDTokenExpiry: now.Add(time.Hour), CodeChallengeMethodsSupported: []string{"plain", "S256"}, }, @@ -223,12 +224,12 @@ func TestCredentialPlugin(t *testing.T) { t.Parallel() ctx, cancel := context.WithTimeout(context.TODO(), timeout) defer cancel() - sv := oidcserver.New(t, keypair.Server, oidcserver.Config{ - Want: oidcserver.Want{ + sv := oidcserver.New(t, keypair.Server, testconfig.TestConfig{ + Want: testconfig.Want{ Scope: "openid", RedirectURIPrefix: "http://localhost:", }, - Response: oidcserver.Response{ + Response: testconfig.Response{ IDTokenExpiry: now.Add(time.Hour), }, }) @@ -248,12 +249,12 @@ func TestCredentialPlugin(t *testing.T) { t.Parallel() ctx, cancel := context.WithTimeout(context.TODO(), timeout) defer cancel() - sv := oidcserver.New(t, keypair.None, oidcserver.Config{ - Want: oidcserver.Want{ + sv := oidcserver.New(t, keypair.None, testconfig.TestConfig{ + Want: testconfig.Want{ Scope: "email profile openid", RedirectURIPrefix: "http://localhost:", }, - Response: oidcserver.Response{ + Response: testconfig.Response{ IDTokenExpiry: now.Add(time.Hour), }, }) @@ -276,12 +277,12 @@ func TestCredentialPlugin(t *testing.T) { t.Parallel() ctx, cancel := context.WithTimeout(context.TODO(), timeout) defer cancel() - sv := oidcserver.New(t, keypair.None, oidcserver.Config{ - Want: oidcserver.Want{ + sv := oidcserver.New(t, keypair.None, testconfig.TestConfig{ + Want: testconfig.Want{ Scope: "openid", RedirectURIPrefix: "http://localhost:", }, - Response: oidcserver.Response{ + Response: testconfig.Response{ IDTokenExpiry: now.Add(time.Hour), }, }) @@ -301,12 +302,12 @@ func TestCredentialPlugin(t *testing.T) { t.Parallel() ctx, cancel := context.WithTimeout(context.TODO(), timeout) defer cancel() - sv := oidcserver.New(t, keypair.None, oidcserver.Config{ - Want: oidcserver.Want{ + sv := oidcserver.New(t, keypair.None, testconfig.TestConfig{ + Want: testconfig.Want{ Scope: "openid", RedirectURIPrefix: "http://127.0.0.1:", }, - Response: oidcserver.Response{ + Response: testconfig.Response{ IDTokenExpiry: now.Add(time.Hour), }, }) @@ -326,12 +327,12 @@ func TestCredentialPlugin(t *testing.T) { t.Parallel() ctx, cancel := context.WithTimeout(context.TODO(), timeout) defer cancel() - sv := oidcserver.New(t, keypair.None, oidcserver.Config{ - Want: oidcserver.Want{ + sv := oidcserver.New(t, keypair.None, testconfig.TestConfig{ + Want: testconfig.Want{ Scope: "openid", RedirectURIPrefix: "https://localhost:", }, - Response: oidcserver.Response{ + Response: testconfig.Response{ IDTokenExpiry: now.Add(time.Hour), }, }) @@ -357,8 +358,8 @@ func TestCredentialPlugin(t *testing.T) { t.Parallel() ctx, cancel := context.WithTimeout(context.TODO(), timeout) defer cancel() - sv := oidcserver.New(t, keypair.None, oidcserver.Config{ - Want: oidcserver.Want{ + sv := oidcserver.New(t, keypair.None, testconfig.TestConfig{ + Want: testconfig.Want{ Scope: "openid", RedirectURIPrefix: "http://localhost:", ExtraParams: map[string]string{ @@ -366,7 +367,7 @@ func TestCredentialPlugin(t *testing.T) { "reauth": "false", }, }, - Response: oidcserver.Response{ + Response: testconfig.Response{ IDTokenExpiry: now.Add(time.Hour), }, }) diff --git a/integration_test/oidcserver/handler/handler.go b/integration_test/oidcserver/handler/handler.go index 7f27f38..ea91e83 100644 --- a/integration_test/oidcserver/handler/handler.go +++ b/integration_test/oidcserver/handler/handler.go @@ -7,9 +7,11 @@ import ( "fmt" "net/http" "testing" + + "github.com/int128/kubelogin/integration_test/oidcserver/service" ) -func New(t *testing.T, provider Provider) *Handler { +func New(t *testing.T, provider service.Provider) *Handler { return &Handler{t, provider} } @@ -18,7 +20,7 @@ func New(t *testing.T, provider Provider) *Handler { // Note that this skips some security checks and is only for testing. type Handler struct { t *testing.T - provider Provider + provider service.Provider } func (h *Handler) ServeHTTP(w http.ResponseWriter, r *http.Request) { @@ -28,7 +30,7 @@ func (h *Handler) ServeHTTP(w http.ResponseWriter, r *http.Request) { h.t.Logf("%d %s %s", wr.statusCode, r.Method, r.RequestURI) return } - if errResp := new(ErrorResponse); errors.As(err, &errResp) { + if errResp := new(service.ErrorResponse); errors.As(err, &errResp) { h.t.Logf("400 %s %s: %s", r.Method, r.RequestURI, err) w.Header().Add("Content-Type", "application/json") w.WriteHeader(400) @@ -73,7 +75,7 @@ func (h *Handler) serveHTTP(w http.ResponseWriter, r *http.Request) error { case m == "GET" && p == "/auth": q := r.URL.Query() redirectURI, state := q.Get("redirect_uri"), q.Get("state") - code, err := h.provider.AuthenticateCode(AuthenticationRequest{ + code, err := h.provider.AuthenticateCode(service.AuthenticationRequest{ RedirectURI: redirectURI, State: state, Scope: q.Get("scope"), @@ -94,7 +96,7 @@ func (h *Handler) serveHTTP(w http.ResponseWriter, r *http.Request) error { grantType := r.Form.Get("grant_type") switch grantType { case "authorization_code": - tokenResponse, err := h.provider.Exchange(TokenRequest{ + tokenResponse, err := h.provider.Exchange(service.TokenRequest{ Code: r.Form.Get("code"), CodeVerifier: r.Form.Get("code_verifier"), }) @@ -135,7 +137,7 @@ func (h *Handler) serveHTTP(w http.ResponseWriter, r *http.Request) error { default: // 5.2. Error Response // https://tools.ietf.org/html/rfc6749#section-5.2 - return &ErrorResponse{ + return &service.ErrorResponse{ Code: "invalid_grant", Description: fmt.Sprintf("unknown grant_type %s", grantType), } diff --git a/integration_test/oidcserver/http/http.go b/integration_test/oidcserver/http/http.go deleted file mode 100644 index eb751ba..0000000 --- a/integration_test/oidcserver/http/http.go +++ /dev/null @@ -1,74 +0,0 @@ -// Package http provides a http server running on localhost for testing. -package http - -import ( - "context" - "net" - "net/http" - "testing" - - "github.com/int128/kubelogin/integration_test/keypair" -) - -func Start(t *testing.T, h http.Handler, k keypair.KeyPair) string { - if k == keypair.None { - return startNoTLS(t, h) - } - return startTLS(t, h, k) -} - -func startNoTLS(t *testing.T, h http.Handler) string { - t.Helper() - l, port := newLocalhostListener(t) - url := "http://localhost:" + port - s := &http.Server{ - Handler: h, - } - go func() { - err := s.Serve(l) - if err != nil && err != http.ErrServerClosed { - t.Error(err) - } - }() - t.Cleanup(func() { - if err := s.Shutdown(context.TODO()); err != nil { - t.Errorf("could not shutdown the server: %s", err) - } - }) - return url -} - -func startTLS(t *testing.T, h http.Handler, k keypair.KeyPair) string { - t.Helper() - l, port := newLocalhostListener(t) - url := "https://localhost:" + port - s := &http.Server{ - Handler: h, - } - go func() { - err := s.ServeTLS(l, k.CertPath, k.KeyPath) - if err != nil && err != http.ErrServerClosed { - t.Error(err) - } - }() - t.Cleanup(func() { - if err := s.Shutdown(context.TODO()); err != nil { - t.Errorf("could not shutdown the server: %s", err) - } - }) - return url -} - -func newLocalhostListener(t *testing.T) (net.Listener, string) { - t.Helper() - l, err := net.Listen("tcp", "localhost:0") - if err != nil { - t.Fatalf("Could not create a listener: %s", err) - } - addr := l.Addr().String() - _, port, err := net.SplitHostPort(addr) - if err != nil { - t.Fatalf("Could not parse the address %s: %s", addr, err) - } - return l, port -} diff --git a/integration_test/oidcserver/oidcserver.go b/integration_test/oidcserver/oidcserver.go new file mode 100644 index 0000000..c4fdc89 --- /dev/null +++ b/integration_test/oidcserver/oidcserver.go @@ -0,0 +1,54 @@ +// Package oidcserver provides a stub of OpenID Connect provider. +package oidcserver + +import ( + "context" + "errors" + "fmt" + "net" + "net/http" + "net/http/httptest" + "testing" + + "github.com/int128/kubelogin/integration_test/keypair" + "github.com/int128/kubelogin/integration_test/oidcserver/handler" + "github.com/int128/kubelogin/integration_test/oidcserver/service" + "github.com/int128/kubelogin/integration_test/oidcserver/testconfig" +) + +// New starts a server for the OpenID Connect provider. +func New(t *testing.T, k keypair.KeyPair, c testconfig.TestConfig) service.Service { + mux := http.NewServeMux() + serverURL := startServer(t, mux, k) + + svc := service.New(t, serverURL, c) + mux.Handle("/", handler.New(t, svc)) + return svc +} + +func startServer(t *testing.T, h http.Handler, k keypair.KeyPair) string { + if k == keypair.None { + sv := httptest.NewServer(h) + t.Cleanup(sv.Close) + return sv.URL + } + + // Unfortunately, httptest package did not work with keypair.KeyPair. + // We use httptest package only for allocating a new port. + portAllocator := httptest.NewUnstartedServer(h) + t.Cleanup(portAllocator.Close) + serverURL := fmt.Sprintf("https://localhost:%d", portAllocator.Listener.Addr().(*net.TCPAddr).Port) + sv := &http.Server{Handler: h} + go func() { + err := sv.ServeTLS(portAllocator.Listener, k.CertPath, k.KeyPath) + if err != nil && !errors.Is(err, http.ErrServerClosed) { + t.Error(err) + } + }() + t.Cleanup(func() { + if err := sv.Shutdown(context.TODO()); err != nil { + t.Errorf("could not shutdown the server: %s", err) + } + }) + return serverURL +} diff --git a/integration_test/oidcserver/server.go b/integration_test/oidcserver/server.go deleted file mode 100644 index 807c37e..0000000 --- a/integration_test/oidcserver/server.go +++ /dev/null @@ -1,216 +0,0 @@ -// Package oidcserver provides a stub of OpenID Connect provider. -package oidcserver - -import ( - "crypto/sha256" - "encoding/base64" - "fmt" - "math/big" - "strings" - "testing" - "time" - - "github.com/golang-jwt/jwt/v5" - "github.com/int128/kubelogin/integration_test/keypair" - "github.com/int128/kubelogin/integration_test/oidcserver/handler" - "github.com/int128/kubelogin/integration_test/oidcserver/http" - testingJWT "github.com/int128/kubelogin/pkg/testing/jwt" -) - -type Server interface { - IssuerURL() string - SetConfig(Config) - LastTokenResponse() *handler.TokenResponse -} - -// Want represents a set of expected values. -type Want struct { - Scope string - RedirectURIPrefix string - CodeChallengeMethod string // optional - ExtraParams map[string]string // optional - Username string // optional - Password string // optional - RefreshToken string // optional -} - -// Response represents a set of response values. -type Response struct { - IDTokenExpiry time.Time - RefreshToken string - RefreshError string // if set, Refresh() will return the error - CodeChallengeMethodsSupported []string // optional -} - -// Config represents a configuration of the OpenID Connect provider. -type Config struct { - Want Want - Response Response -} - -// New starts a HTTP server for the OpenID Connect provider. -func New(t *testing.T, k keypair.KeyPair, c Config) Server { - sv := server{Config: c, t: t} - sv.issuerURL = http.Start(t, handler.New(t, &sv), k) - return &sv -} - -type server struct { - Config - t *testing.T - issuerURL string - lastAuthenticationRequest *handler.AuthenticationRequest - lastTokenResponse *handler.TokenResponse -} - -func (sv *server) IssuerURL() string { - return sv.issuerURL -} - -func (sv *server) SetConfig(cfg Config) { - sv.Config = cfg -} - -func (sv *server) LastTokenResponse() *handler.TokenResponse { - return sv.lastTokenResponse -} - -func (sv *server) Discovery() *handler.DiscoveryResponse { - // based on https://accounts.google.com/.well-known/openid-configuration - return &handler.DiscoveryResponse{ - Issuer: sv.issuerURL, - AuthorizationEndpoint: sv.issuerURL + "/auth", - TokenEndpoint: sv.issuerURL + "/token", - JwksURI: sv.issuerURL + "/certs", - UserinfoEndpoint: sv.issuerURL + "/userinfo", - RevocationEndpoint: sv.issuerURL + "/revoke", - ResponseTypesSupported: []string{"code id_token"}, - SubjectTypesSupported: []string{"public"}, - IDTokenSigningAlgValuesSupported: []string{"RS256"}, - ScopesSupported: []string{"openid", "email", "profile"}, - TokenEndpointAuthMethodsSupported: []string{"client_secret_post", "client_secret_basic"}, - CodeChallengeMethodsSupported: sv.Config.Response.CodeChallengeMethodsSupported, - ClaimsSupported: []string{"aud", "email", "exp", "iat", "iss", "name", "sub"}, - } -} - -func (sv *server) GetCertificates() *handler.CertificatesResponse { - idTokenKeyPair := testingJWT.PrivateKey - return &handler.CertificatesResponse{ - Keys: []*handler.CertificatesResponseKey{ - { - Kty: "RSA", - Alg: "RS256", - Use: "sig", - Kid: "dummy", - E: base64.RawURLEncoding.EncodeToString(big.NewInt(int64(idTokenKeyPair.E)).Bytes()), - N: base64.RawURLEncoding.EncodeToString(idTokenKeyPair.N.Bytes()), - }, - }, - } -} - -func (sv *server) AuthenticateCode(req handler.AuthenticationRequest) (code string, err error) { - if req.Scope != sv.Want.Scope { - sv.t.Errorf("scope wants `%s` but was `%s`", sv.Want.Scope, req.Scope) - } - if !strings.HasPrefix(req.RedirectURI, sv.Want.RedirectURIPrefix) { - sv.t.Errorf("redirectURI wants prefix `%s` but was `%s`", sv.Want.RedirectURIPrefix, req.RedirectURI) - } - if req.CodeChallengeMethod != sv.Want.CodeChallengeMethod { - sv.t.Errorf("code_challenge_method wants `%s` but was `%s`", sv.Want.CodeChallengeMethod, req.CodeChallengeMethod) - } - for k, v := range sv.Want.ExtraParams { - got := req.RawQuery.Get(k) - if got != v { - sv.t.Errorf("parameter %s wants `%s` but was `%s`", k, v, got) - } - } - sv.lastAuthenticationRequest = &req - return "YOUR_AUTH_CODE", nil -} - -func (sv *server) Exchange(req handler.TokenRequest) (*handler.TokenResponse, error) { - if req.Code != "YOUR_AUTH_CODE" { - return nil, fmt.Errorf("code wants %s but was %s", "YOUR_AUTH_CODE", req.Code) - } - if sv.lastAuthenticationRequest.CodeChallengeMethod == "S256" { - // https://tools.ietf.org/html/rfc7636#section-4.6 - challenge := computeS256Challenge(req.CodeVerifier) - if challenge != sv.lastAuthenticationRequest.CodeChallenge { - sv.t.Errorf("pkce S256 challenge did not match (want %s but was %s)", sv.lastAuthenticationRequest.CodeChallenge, challenge) - } - } - resp := &handler.TokenResponse{ - TokenType: "Bearer", - ExpiresIn: 3600, - AccessToken: "YOUR_ACCESS_TOKEN", - RefreshToken: sv.Response.RefreshToken, - IDToken: testingJWT.EncodeF(sv.t, func(claims *testingJWT.Claims) { - claims.Issuer = sv.issuerURL - claims.Subject = "SUBJECT" - claims.IssuedAt = jwt.NewNumericDate(sv.Response.IDTokenExpiry.Add(-time.Hour)) - claims.ExpiresAt = jwt.NewNumericDate(sv.Response.IDTokenExpiry) - claims.Audience = []string{"kubernetes"} - claims.Nonce = sv.lastAuthenticationRequest.Nonce - }), - } - sv.lastTokenResponse = resp - return resp, nil -} - -func computeS256Challenge(verifier string) string { - c := sha256.Sum256([]byte(verifier)) - return base64.URLEncoding.WithPadding(base64.NoPadding).EncodeToString(c[:]) -} - -func (sv *server) AuthenticatePassword(username, password, scope string) (*handler.TokenResponse, error) { - if scope != sv.Want.Scope { - sv.t.Errorf("scope wants `%s` but was `%s`", sv.Want.Scope, scope) - } - if username != sv.Want.Username { - sv.t.Errorf("username wants `%s` but was `%s`", sv.Want.Username, username) - } - if password != sv.Want.Password { - sv.t.Errorf("password wants `%s` but was `%s`", sv.Want.Password, password) - } - resp := &handler.TokenResponse{ - TokenType: "Bearer", - ExpiresIn: 3600, - AccessToken: "YOUR_ACCESS_TOKEN", - RefreshToken: sv.Response.RefreshToken, - IDToken: testingJWT.EncodeF(sv.t, func(claims *testingJWT.Claims) { - claims.Issuer = sv.issuerURL - claims.Subject = "SUBJECT" - claims.IssuedAt = jwt.NewNumericDate(sv.Response.IDTokenExpiry.Add(-time.Hour)) - claims.ExpiresAt = jwt.NewNumericDate(sv.Response.IDTokenExpiry) - claims.Audience = []string{"kubernetes"} - }), - } - sv.lastTokenResponse = resp - return resp, nil -} - -func (sv *server) Refresh(refreshToken string) (*handler.TokenResponse, error) { - if refreshToken != sv.Want.RefreshToken { - sv.t.Errorf("refreshToken wants %s but was %s", sv.Want.RefreshToken, refreshToken) - } - if sv.Response.RefreshError != "" { - return nil, &handler.ErrorResponse{Code: "invalid_request", Description: sv.Response.RefreshError} - } - resp := &handler.TokenResponse{ - TokenType: "Bearer", - ExpiresIn: 3600, - AccessToken: "YOUR_ACCESS_TOKEN", - RefreshToken: sv.Response.RefreshToken, - IDToken: testingJWT.EncodeF(sv.t, func(claims *testingJWT.Claims) { - claims.Issuer = sv.issuerURL - claims.Subject = "SUBJECT" - claims.IssuedAt = jwt.NewNumericDate(sv.Response.IDTokenExpiry.Add(-time.Hour)) - claims.ExpiresAt = jwt.NewNumericDate(sv.Response.IDTokenExpiry) - claims.Audience = []string{"kubernetes"} - }), - } - sv.lastTokenResponse = resp - return resp, nil -} diff --git a/integration_test/oidcserver/service/service.go b/integration_test/oidcserver/service/service.go new file mode 100644 index 0000000..fa10967 --- /dev/null +++ b/integration_test/oidcserver/service/service.go @@ -0,0 +1,183 @@ +package service + +import ( + "crypto/sha256" + "encoding/base64" + "fmt" + "math/big" + "strings" + "testing" + "time" + + "github.com/golang-jwt/jwt/v5" + "github.com/int128/kubelogin/integration_test/oidcserver/testconfig" + testingJWT "github.com/int128/kubelogin/pkg/testing/jwt" +) + +func New(t *testing.T, issuerURL string, config testconfig.TestConfig) Service { + return &service{ + config: config, + t: t, + issuerURL: issuerURL, + } +} + +type service struct { + config testconfig.TestConfig + t *testing.T + issuerURL string + lastAuthenticationRequest *AuthenticationRequest + lastTokenResponse *TokenResponse +} + +func (svc *service) IssuerURL() string { + return svc.issuerURL +} + +func (svc *service) SetConfig(cfg testconfig.TestConfig) { + svc.config = cfg +} + +func (svc *service) LastTokenResponse() *TokenResponse { + return svc.lastTokenResponse +} + +func (svc *service) Discovery() *DiscoveryResponse { + // based on https://accounts.google.com/.well-known/openid-configuration + return &DiscoveryResponse{ + Issuer: svc.issuerURL, + AuthorizationEndpoint: svc.issuerURL + "/auth", + TokenEndpoint: svc.issuerURL + "/token", + JwksURI: svc.issuerURL + "/certs", + UserinfoEndpoint: svc.issuerURL + "/userinfo", + RevocationEndpoint: svc.issuerURL + "/revoke", + ResponseTypesSupported: []string{"code id_token"}, + SubjectTypesSupported: []string{"public"}, + IDTokenSigningAlgValuesSupported: []string{"RS256"}, + ScopesSupported: []string{"openid", "email", "profile"}, + TokenEndpointAuthMethodsSupported: []string{"client_secret_post", "client_secret_basic"}, + CodeChallengeMethodsSupported: svc.config.Response.CodeChallengeMethodsSupported, + ClaimsSupported: []string{"aud", "email", "exp", "iat", "iss", "name", "sub"}, + } +} + +func (svc *service) GetCertificates() *CertificatesResponse { + idTokenKeyPair := testingJWT.PrivateKey + return &CertificatesResponse{ + Keys: []*CertificatesResponseKey{ + { + Kty: "RSA", + Alg: "RS256", + Use: "sig", + Kid: "dummy", + E: base64.RawURLEncoding.EncodeToString(big.NewInt(int64(idTokenKeyPair.E)).Bytes()), + N: base64.RawURLEncoding.EncodeToString(idTokenKeyPair.N.Bytes()), + }, + }, + } +} + +func (svc *service) AuthenticateCode(req AuthenticationRequest) (code string, err error) { + if req.Scope != svc.config.Want.Scope { + svc.t.Errorf("scope wants `%s` but was `%s`", svc.config.Want.Scope, req.Scope) + } + if !strings.HasPrefix(req.RedirectURI, svc.config.Want.RedirectURIPrefix) { + svc.t.Errorf("redirectURI wants prefix `%s` but was `%s`", svc.config.Want.RedirectURIPrefix, req.RedirectURI) + } + if req.CodeChallengeMethod != svc.config.Want.CodeChallengeMethod { + svc.t.Errorf("code_challenge_method wants `%s` but was `%s`", svc.config.Want.CodeChallengeMethod, req.CodeChallengeMethod) + } + for k, v := range svc.config.Want.ExtraParams { + got := req.RawQuery.Get(k) + if got != v { + svc.t.Errorf("parameter %s wants `%s` but was `%s`", k, v, got) + } + } + svc.lastAuthenticationRequest = &req + return "YOUR_AUTH_CODE", nil +} + +func (svc *service) Exchange(req TokenRequest) (*TokenResponse, error) { + if req.Code != "YOUR_AUTH_CODE" { + return nil, fmt.Errorf("code wants %s but was %s", "YOUR_AUTH_CODE", req.Code) + } + if svc.lastAuthenticationRequest.CodeChallengeMethod == "S256" { + // https://tools.ietf.org/html/rfc7636#section-4.6 + challenge := computeS256Challenge(req.CodeVerifier) + if challenge != svc.lastAuthenticationRequest.CodeChallenge { + svc.t.Errorf("pkce S256 challenge did not match (want %s but was %s)", svc.lastAuthenticationRequest.CodeChallenge, challenge) + } + } + resp := &TokenResponse{ + TokenType: "Bearer", + ExpiresIn: 3600, + AccessToken: "YOUR_ACCESS_TOKEN", + RefreshToken: svc.config.Response.RefreshToken, + IDToken: testingJWT.EncodeF(svc.t, func(claims *testingJWT.Claims) { + claims.Issuer = svc.issuerURL + claims.Subject = "SUBJECT" + claims.IssuedAt = jwt.NewNumericDate(svc.config.Response.IDTokenExpiry.Add(-time.Hour)) + claims.ExpiresAt = jwt.NewNumericDate(svc.config.Response.IDTokenExpiry) + claims.Audience = []string{"kubernetes"} + claims.Nonce = svc.lastAuthenticationRequest.Nonce + }), + } + svc.lastTokenResponse = resp + return resp, nil +} + +func computeS256Challenge(verifier string) string { + c := sha256.Sum256([]byte(verifier)) + return base64.URLEncoding.WithPadding(base64.NoPadding).EncodeToString(c[:]) +} + +func (svc *service) AuthenticatePassword(username, password, scope string) (*TokenResponse, error) { + if scope != svc.config.Want.Scope { + svc.t.Errorf("scope wants `%s` but was `%s`", svc.config.Want.Scope, scope) + } + if username != svc.config.Want.Username { + svc.t.Errorf("username wants `%s` but was `%s`", svc.config.Want.Username, username) + } + if password != svc.config.Want.Password { + svc.t.Errorf("password wants `%s` but was `%s`", svc.config.Want.Password, password) + } + resp := &TokenResponse{ + TokenType: "Bearer", + ExpiresIn: 3600, + AccessToken: "YOUR_ACCESS_TOKEN", + RefreshToken: svc.config.Response.RefreshToken, + IDToken: testingJWT.EncodeF(svc.t, func(claims *testingJWT.Claims) { + claims.Issuer = svc.issuerURL + claims.Subject = "SUBJECT" + claims.IssuedAt = jwt.NewNumericDate(svc.config.Response.IDTokenExpiry.Add(-time.Hour)) + claims.ExpiresAt = jwt.NewNumericDate(svc.config.Response.IDTokenExpiry) + claims.Audience = []string{"kubernetes"} + }), + } + svc.lastTokenResponse = resp + return resp, nil +} + +func (svc *service) Refresh(refreshToken string) (*TokenResponse, error) { + if refreshToken != svc.config.Want.RefreshToken { + svc.t.Errorf("refreshToken wants %s but was %s", svc.config.Want.RefreshToken, refreshToken) + } + if svc.config.Response.RefreshError != "" { + return nil, &ErrorResponse{Code: "invalid_request", Description: svc.config.Response.RefreshError} + } + resp := &TokenResponse{ + TokenType: "Bearer", + ExpiresIn: 3600, + AccessToken: "YOUR_ACCESS_TOKEN", + RefreshToken: svc.config.Response.RefreshToken, + IDToken: testingJWT.EncodeF(svc.t, func(claims *testingJWT.Claims) { + claims.Issuer = svc.issuerURL + claims.Subject = "SUBJECT" + claims.IssuedAt = jwt.NewNumericDate(svc.config.Response.IDTokenExpiry.Add(-time.Hour)) + claims.ExpiresAt = jwt.NewNumericDate(svc.config.Response.IDTokenExpiry) + claims.Audience = []string{"kubernetes"} + }), + } + svc.lastTokenResponse = resp + return resp, nil +} diff --git a/integration_test/oidcserver/handler/types.go b/integration_test/oidcserver/service/types.go similarity index 87% rename from integration_test/oidcserver/handler/types.go rename to integration_test/oidcserver/service/types.go index 6890641..c7cd622 100644 --- a/integration_test/oidcserver/handler/types.go +++ b/integration_test/oidcserver/service/types.go @@ -1,11 +1,24 @@ -package handler +package service import ( "fmt" "net/url" + + "github.com/int128/kubelogin/integration_test/oidcserver/testconfig" ) -// Provider provides discovery and authentication methods. +// Service represents the test service of OpenID Connect Provider. +// It provides the feature of Provider and additional methods for testing. +type Service interface { + Provider + + IssuerURL() string + SetConfig(config testconfig.TestConfig) + LastTokenResponse() *TokenResponse +} + +// Provider represents an OpenID Connect Provider. +// // If an implemented method returns an ErrorResponse, // the handler will respond 400 and corresponding json of the ErrorResponse. // Otherwise, the handler will respond 500 and fail the current test. diff --git a/integration_test/oidcserver/testconfig/types.go b/integration_test/oidcserver/testconfig/types.go new file mode 100644 index 0000000..c773a03 --- /dev/null +++ b/integration_test/oidcserver/testconfig/types.go @@ -0,0 +1,28 @@ +package testconfig + +import "time" + +// Want represents a set of expected values. +type Want struct { + Scope string + RedirectURIPrefix string + CodeChallengeMethod string // optional + ExtraParams map[string]string // optional + Username string // optional + Password string // optional + RefreshToken string // optional +} + +// Response represents a set of response values. +type Response struct { + IDTokenExpiry time.Time + RefreshToken string + RefreshError string // if set, Refresh() will return the error + CodeChallengeMethodsSupported []string // optional +} + +// TestConfig represents a configuration of the OpenID Connect provider. +type TestConfig struct { + Want Want + Response Response +} diff --git a/integration_test/standalone_test.go b/integration_test/standalone_test.go index 8f71302..7c57afe 100644 --- a/integration_test/standalone_test.go +++ b/integration_test/standalone_test.go @@ -10,6 +10,7 @@ import ( "github.com/int128/kubelogin/integration_test/keypair" "github.com/int128/kubelogin/integration_test/kubeconfig" "github.com/int128/kubelogin/integration_test/oidcserver" + "github.com/int128/kubelogin/integration_test/oidcserver/testconfig" "github.com/int128/kubelogin/pkg/di" "github.com/int128/kubelogin/pkg/infrastructure/browser" "github.com/int128/kubelogin/pkg/testing/clock" @@ -45,12 +46,12 @@ func TestStandalone(t *testing.T) { t.Parallel() ctx, cancel := context.WithTimeout(context.TODO(), timeout) defer cancel() - sv := oidcserver.New(t, tc.keyPair, oidcserver.Config{ - Want: oidcserver.Want{ + sv := oidcserver.New(t, tc.keyPair, testconfig.TestConfig{ + Want: testconfig.Want{ Scope: "openid", RedirectURIPrefix: "http://localhost:", }, - Response: oidcserver.Response{ + Response: testconfig.Response{ IDTokenExpiry: now.Add(time.Hour), }, }) @@ -74,14 +75,14 @@ func TestStandalone(t *testing.T) { t.Parallel() ctx, cancel := context.WithTimeout(context.TODO(), timeout) defer cancel() - sv := oidcserver.New(t, tc.keyPair, oidcserver.Config{ - Want: oidcserver.Want{ + sv := oidcserver.New(t, tc.keyPair, testconfig.TestConfig{ + Want: testconfig.Want{ Scope: "openid", RedirectURIPrefix: "http://localhost:", Username: "USER1", Password: "PASS1", }, - Response: oidcserver.Response{ + Response: testconfig.Response{ IDTokenExpiry: now.Add(time.Hour), }, }) @@ -109,19 +110,19 @@ func TestStandalone(t *testing.T) { t.Parallel() ctx, cancel := context.WithTimeout(context.TODO(), timeout) defer cancel() - sv := oidcserver.New(t, tc.keyPair, oidcserver.Config{}) + sv := oidcserver.New(t, tc.keyPair, testconfig.TestConfig{}) kubeConfigFilename := kubeconfig.Create(t, &kubeconfig.Values{ Issuer: sv.IssuerURL(), IDPCertificateAuthority: tc.keyPair.CACertPath, }) t.Run("NoToken", func(t *testing.T) { - sv.SetConfig(oidcserver.Config{ - Want: oidcserver.Want{ + sv.SetConfig(testconfig.TestConfig{ + Want: testconfig.Want{ Scope: "openid", RedirectURIPrefix: "http://localhost:", }, - Response: oidcserver.Response{ + Response: testconfig.Response{ IDTokenExpiry: now.Add(time.Hour), RefreshToken: "REFRESH_TOKEN_1", }, @@ -138,7 +139,7 @@ func TestStandalone(t *testing.T) { }) }) t.Run("Valid", func(t *testing.T) { - sv.SetConfig(oidcserver.Config{}) + sv.SetConfig(testconfig.TestConfig{}) runStandalone(t, ctx, standaloneConfig{ issuerURL: sv.IssuerURL(), kubeConfigFilename: kubeConfigFilename, @@ -151,13 +152,13 @@ func TestStandalone(t *testing.T) { }) }) t.Run("Refresh", func(t *testing.T) { - sv.SetConfig(oidcserver.Config{ - Want: oidcserver.Want{ + sv.SetConfig(testconfig.TestConfig{ + Want: testconfig.Want{ Scope: "openid", RedirectURIPrefix: "http://localhost:", RefreshToken: "REFRESH_TOKEN_1", }, - Response: oidcserver.Response{ + Response: testconfig.Response{ IDTokenExpiry: now.Add(3 * time.Hour), RefreshToken: "REFRESH_TOKEN_2", }, @@ -174,13 +175,13 @@ func TestStandalone(t *testing.T) { }) }) t.Run("RefreshAgain", func(t *testing.T) { - sv.SetConfig(oidcserver.Config{ - Want: oidcserver.Want{ + sv.SetConfig(testconfig.TestConfig{ + Want: testconfig.Want{ Scope: "openid", RedirectURIPrefix: "http://localhost:", RefreshToken: "REFRESH_TOKEN_2", }, - Response: oidcserver.Response{ + Response: testconfig.Response{ IDTokenExpiry: now.Add(5 * time.Hour), }, }) @@ -203,12 +204,12 @@ func TestStandalone(t *testing.T) { t.Parallel() ctx, cancel := context.WithTimeout(context.TODO(), timeout) defer cancel() - sv := oidcserver.New(t, keypair.Server, oidcserver.Config{ - Want: oidcserver.Want{ + sv := oidcserver.New(t, keypair.Server, testconfig.TestConfig{ + Want: testconfig.Want{ Scope: "openid", RedirectURIPrefix: "http://localhost:", }, - Response: oidcserver.Response{ + Response: testconfig.Response{ IDTokenExpiry: now.Add(time.Hour), }, }) @@ -231,12 +232,12 @@ func TestStandalone(t *testing.T) { t.Run("env_KUBECONFIG", func(t *testing.T) { ctx, cancel := context.WithTimeout(context.TODO(), timeout) defer cancel() - sv := oidcserver.New(t, keypair.None, oidcserver.Config{ - Want: oidcserver.Want{ + sv := oidcserver.New(t, keypair.None, testconfig.TestConfig{ + Want: testconfig.Want{ Scope: "openid", RedirectURIPrefix: "http://localhost:", }, - Response: oidcserver.Response{ + Response: testconfig.Response{ IDTokenExpiry: now.Add(time.Hour), }, }) @@ -259,12 +260,12 @@ func TestStandalone(t *testing.T) { t.Parallel() ctx, cancel := context.WithTimeout(context.TODO(), timeout) defer cancel() - sv := oidcserver.New(t, keypair.None, oidcserver.Config{ - Want: oidcserver.Want{ + sv := oidcserver.New(t, keypair.None, testconfig.TestConfig{ + Want: testconfig.Want{ Scope: "profile groups openid", RedirectURIPrefix: "http://localhost:", }, - Response: oidcserver.Response{ + Response: testconfig.Response{ IDTokenExpiry: now.Add(time.Hour), }, }) diff --git a/mocks/github.com/int128/kubelogin/integration_test/oidcserver/handler_mock/mock_Provider.go b/mocks/github.com/int128/kubelogin/integration_test/oidcserver/service_mock/mock_Provider.go similarity index 73% rename from mocks/github.com/int128/kubelogin/integration_test/oidcserver/handler_mock/mock_Provider.go rename to mocks/github.com/int128/kubelogin/integration_test/oidcserver/service_mock/mock_Provider.go index 2f23853..be54d69 100644 --- a/mocks/github.com/int128/kubelogin/integration_test/oidcserver/handler_mock/mock_Provider.go +++ b/mocks/github.com/int128/kubelogin/integration_test/oidcserver/service_mock/mock_Provider.go @@ -1,9 +1,9 @@ // Code generated by mockery v2.46.3. DO NOT EDIT. -package handler_mock +package service_mock import ( - handler "github.com/int128/kubelogin/integration_test/oidcserver/handler" + service "github.com/int128/kubelogin/integration_test/oidcserver/service" mock "github.com/stretchr/testify/mock" ) @@ -21,7 +21,7 @@ func (_m *MockProvider) EXPECT() *MockProvider_Expecter { } // AuthenticateCode provides a mock function with given fields: req -func (_m *MockProvider) AuthenticateCode(req handler.AuthenticationRequest) (string, error) { +func (_m *MockProvider) AuthenticateCode(req service.AuthenticationRequest) (string, error) { ret := _m.Called(req) if len(ret) == 0 { @@ -30,16 +30,16 @@ func (_m *MockProvider) AuthenticateCode(req handler.AuthenticationRequest) (str var r0 string var r1 error - if rf, ok := ret.Get(0).(func(handler.AuthenticationRequest) (string, error)); ok { + if rf, ok := ret.Get(0).(func(service.AuthenticationRequest) (string, error)); ok { return rf(req) } - if rf, ok := ret.Get(0).(func(handler.AuthenticationRequest) string); ok { + if rf, ok := ret.Get(0).(func(service.AuthenticationRequest) string); ok { r0 = rf(req) } else { r0 = ret.Get(0).(string) } - if rf, ok := ret.Get(1).(func(handler.AuthenticationRequest) error); ok { + if rf, ok := ret.Get(1).(func(service.AuthenticationRequest) error); ok { r1 = rf(req) } else { r1 = ret.Error(1) @@ -54,14 +54,14 @@ type MockProvider_AuthenticateCode_Call struct { } // AuthenticateCode is a helper method to define mock.On call -// - req handler.AuthenticationRequest +// - req service.AuthenticationRequest func (_e *MockProvider_Expecter) AuthenticateCode(req interface{}) *MockProvider_AuthenticateCode_Call { return &MockProvider_AuthenticateCode_Call{Call: _e.mock.On("AuthenticateCode", req)} } -func (_c *MockProvider_AuthenticateCode_Call) Run(run func(req handler.AuthenticationRequest)) *MockProvider_AuthenticateCode_Call { +func (_c *MockProvider_AuthenticateCode_Call) Run(run func(req service.AuthenticationRequest)) *MockProvider_AuthenticateCode_Call { _c.Call.Run(func(args mock.Arguments) { - run(args[0].(handler.AuthenticationRequest)) + run(args[0].(service.AuthenticationRequest)) }) return _c } @@ -71,29 +71,29 @@ func (_c *MockProvider_AuthenticateCode_Call) Return(code string, err error) *Mo return _c } -func (_c *MockProvider_AuthenticateCode_Call) RunAndReturn(run func(handler.AuthenticationRequest) (string, error)) *MockProvider_AuthenticateCode_Call { +func (_c *MockProvider_AuthenticateCode_Call) RunAndReturn(run func(service.AuthenticationRequest) (string, error)) *MockProvider_AuthenticateCode_Call { _c.Call.Return(run) return _c } // AuthenticatePassword provides a mock function with given fields: username, password, scope -func (_m *MockProvider) AuthenticatePassword(username string, password string, scope string) (*handler.TokenResponse, error) { +func (_m *MockProvider) AuthenticatePassword(username string, password string, scope string) (*service.TokenResponse, error) { ret := _m.Called(username, password, scope) if len(ret) == 0 { panic("no return value specified for AuthenticatePassword") } - var r0 *handler.TokenResponse + var r0 *service.TokenResponse var r1 error - if rf, ok := ret.Get(0).(func(string, string, string) (*handler.TokenResponse, error)); ok { + if rf, ok := ret.Get(0).(func(string, string, string) (*service.TokenResponse, error)); ok { return rf(username, password, scope) } - if rf, ok := ret.Get(0).(func(string, string, string) *handler.TokenResponse); ok { + if rf, ok := ret.Get(0).(func(string, string, string) *service.TokenResponse); ok { r0 = rf(username, password, scope) } else { if ret.Get(0) != nil { - r0 = ret.Get(0).(*handler.TokenResponse) + r0 = ret.Get(0).(*service.TokenResponse) } } @@ -126,30 +126,30 @@ func (_c *MockProvider_AuthenticatePassword_Call) Run(run func(username string, return _c } -func (_c *MockProvider_AuthenticatePassword_Call) Return(_a0 *handler.TokenResponse, _a1 error) *MockProvider_AuthenticatePassword_Call { +func (_c *MockProvider_AuthenticatePassword_Call) Return(_a0 *service.TokenResponse, _a1 error) *MockProvider_AuthenticatePassword_Call { _c.Call.Return(_a0, _a1) return _c } -func (_c *MockProvider_AuthenticatePassword_Call) RunAndReturn(run func(string, string, string) (*handler.TokenResponse, error)) *MockProvider_AuthenticatePassword_Call { +func (_c *MockProvider_AuthenticatePassword_Call) RunAndReturn(run func(string, string, string) (*service.TokenResponse, error)) *MockProvider_AuthenticatePassword_Call { _c.Call.Return(run) return _c } // Discovery provides a mock function with given fields: -func (_m *MockProvider) Discovery() *handler.DiscoveryResponse { +func (_m *MockProvider) Discovery() *service.DiscoveryResponse { ret := _m.Called() if len(ret) == 0 { panic("no return value specified for Discovery") } - var r0 *handler.DiscoveryResponse - if rf, ok := ret.Get(0).(func() *handler.DiscoveryResponse); ok { + var r0 *service.DiscoveryResponse + if rf, ok := ret.Get(0).(func() *service.DiscoveryResponse); ok { r0 = rf() } else { if ret.Get(0) != nil { - r0 = ret.Get(0).(*handler.DiscoveryResponse) + r0 = ret.Get(0).(*service.DiscoveryResponse) } } @@ -173,38 +173,38 @@ func (_c *MockProvider_Discovery_Call) Run(run func()) *MockProvider_Discovery_C return _c } -func (_c *MockProvider_Discovery_Call) Return(_a0 *handler.DiscoveryResponse) *MockProvider_Discovery_Call { +func (_c *MockProvider_Discovery_Call) Return(_a0 *service.DiscoveryResponse) *MockProvider_Discovery_Call { _c.Call.Return(_a0) return _c } -func (_c *MockProvider_Discovery_Call) RunAndReturn(run func() *handler.DiscoveryResponse) *MockProvider_Discovery_Call { +func (_c *MockProvider_Discovery_Call) RunAndReturn(run func() *service.DiscoveryResponse) *MockProvider_Discovery_Call { _c.Call.Return(run) return _c } // Exchange provides a mock function with given fields: req -func (_m *MockProvider) Exchange(req handler.TokenRequest) (*handler.TokenResponse, error) { +func (_m *MockProvider) Exchange(req service.TokenRequest) (*service.TokenResponse, error) { ret := _m.Called(req) if len(ret) == 0 { panic("no return value specified for Exchange") } - var r0 *handler.TokenResponse + var r0 *service.TokenResponse var r1 error - if rf, ok := ret.Get(0).(func(handler.TokenRequest) (*handler.TokenResponse, error)); ok { + if rf, ok := ret.Get(0).(func(service.TokenRequest) (*service.TokenResponse, error)); ok { return rf(req) } - if rf, ok := ret.Get(0).(func(handler.TokenRequest) *handler.TokenResponse); ok { + if rf, ok := ret.Get(0).(func(service.TokenRequest) *service.TokenResponse); ok { r0 = rf(req) } else { if ret.Get(0) != nil { - r0 = ret.Get(0).(*handler.TokenResponse) + r0 = ret.Get(0).(*service.TokenResponse) } } - if rf, ok := ret.Get(1).(func(handler.TokenRequest) error); ok { + if rf, ok := ret.Get(1).(func(service.TokenRequest) error); ok { r1 = rf(req) } else { r1 = ret.Error(1) @@ -219,42 +219,42 @@ type MockProvider_Exchange_Call struct { } // Exchange is a helper method to define mock.On call -// - req handler.TokenRequest +// - req service.TokenRequest func (_e *MockProvider_Expecter) Exchange(req interface{}) *MockProvider_Exchange_Call { return &MockProvider_Exchange_Call{Call: _e.mock.On("Exchange", req)} } -func (_c *MockProvider_Exchange_Call) Run(run func(req handler.TokenRequest)) *MockProvider_Exchange_Call { +func (_c *MockProvider_Exchange_Call) Run(run func(req service.TokenRequest)) *MockProvider_Exchange_Call { _c.Call.Run(func(args mock.Arguments) { - run(args[0].(handler.TokenRequest)) + run(args[0].(service.TokenRequest)) }) return _c } -func (_c *MockProvider_Exchange_Call) Return(_a0 *handler.TokenResponse, _a1 error) *MockProvider_Exchange_Call { +func (_c *MockProvider_Exchange_Call) Return(_a0 *service.TokenResponse, _a1 error) *MockProvider_Exchange_Call { _c.Call.Return(_a0, _a1) return _c } -func (_c *MockProvider_Exchange_Call) RunAndReturn(run func(handler.TokenRequest) (*handler.TokenResponse, error)) *MockProvider_Exchange_Call { +func (_c *MockProvider_Exchange_Call) RunAndReturn(run func(service.TokenRequest) (*service.TokenResponse, error)) *MockProvider_Exchange_Call { _c.Call.Return(run) return _c } // GetCertificates provides a mock function with given fields: -func (_m *MockProvider) GetCertificates() *handler.CertificatesResponse { +func (_m *MockProvider) GetCertificates() *service.CertificatesResponse { ret := _m.Called() if len(ret) == 0 { panic("no return value specified for GetCertificates") } - var r0 *handler.CertificatesResponse - if rf, ok := ret.Get(0).(func() *handler.CertificatesResponse); ok { + var r0 *service.CertificatesResponse + if rf, ok := ret.Get(0).(func() *service.CertificatesResponse); ok { r0 = rf() } else { if ret.Get(0) != nil { - r0 = ret.Get(0).(*handler.CertificatesResponse) + r0 = ret.Get(0).(*service.CertificatesResponse) } } @@ -278,34 +278,34 @@ func (_c *MockProvider_GetCertificates_Call) Run(run func()) *MockProvider_GetCe return _c } -func (_c *MockProvider_GetCertificates_Call) Return(_a0 *handler.CertificatesResponse) *MockProvider_GetCertificates_Call { +func (_c *MockProvider_GetCertificates_Call) Return(_a0 *service.CertificatesResponse) *MockProvider_GetCertificates_Call { _c.Call.Return(_a0) return _c } -func (_c *MockProvider_GetCertificates_Call) RunAndReturn(run func() *handler.CertificatesResponse) *MockProvider_GetCertificates_Call { +func (_c *MockProvider_GetCertificates_Call) RunAndReturn(run func() *service.CertificatesResponse) *MockProvider_GetCertificates_Call { _c.Call.Return(run) return _c } // Refresh provides a mock function with given fields: refreshToken -func (_m *MockProvider) Refresh(refreshToken string) (*handler.TokenResponse, error) { +func (_m *MockProvider) Refresh(refreshToken string) (*service.TokenResponse, error) { ret := _m.Called(refreshToken) if len(ret) == 0 { panic("no return value specified for Refresh") } - var r0 *handler.TokenResponse + var r0 *service.TokenResponse var r1 error - if rf, ok := ret.Get(0).(func(string) (*handler.TokenResponse, error)); ok { + if rf, ok := ret.Get(0).(func(string) (*service.TokenResponse, error)); ok { return rf(refreshToken) } - if rf, ok := ret.Get(0).(func(string) *handler.TokenResponse); ok { + if rf, ok := ret.Get(0).(func(string) *service.TokenResponse); ok { r0 = rf(refreshToken) } else { if ret.Get(0) != nil { - r0 = ret.Get(0).(*handler.TokenResponse) + r0 = ret.Get(0).(*service.TokenResponse) } } @@ -336,12 +336,12 @@ func (_c *MockProvider_Refresh_Call) Run(run func(refreshToken string)) *MockPro return _c } -func (_c *MockProvider_Refresh_Call) Return(_a0 *handler.TokenResponse, _a1 error) *MockProvider_Refresh_Call { +func (_c *MockProvider_Refresh_Call) Return(_a0 *service.TokenResponse, _a1 error) *MockProvider_Refresh_Call { _c.Call.Return(_a0, _a1) return _c } -func (_c *MockProvider_Refresh_Call) RunAndReturn(run func(string) (*handler.TokenResponse, error)) *MockProvider_Refresh_Call { +func (_c *MockProvider_Refresh_Call) RunAndReturn(run func(string) (*service.TokenResponse, error)) *MockProvider_Refresh_Call { _c.Call.Return(run) return _c } diff --git a/mocks/github.com/int128/kubelogin/integration_test/oidcserver/service_mock/mock_Service.go b/mocks/github.com/int128/kubelogin/integration_test/oidcserver/service_mock/mock_Service.go new file mode 100644 index 0000000..e36d97d --- /dev/null +++ b/mocks/github.com/int128/kubelogin/integration_test/oidcserver/service_mock/mock_Service.go @@ -0,0 +1,487 @@ +// Code generated by mockery v2.46.3. DO NOT EDIT. + +package service_mock + +import ( + service "github.com/int128/kubelogin/integration_test/oidcserver/service" + testconfig "github.com/int128/kubelogin/integration_test/oidcserver/testconfig" + mock "github.com/stretchr/testify/mock" +) + +// MockService is an autogenerated mock type for the Service type +type MockService struct { + mock.Mock +} + +type MockService_Expecter struct { + mock *mock.Mock +} + +func (_m *MockService) EXPECT() *MockService_Expecter { + return &MockService_Expecter{mock: &_m.Mock} +} + +// AuthenticateCode provides a mock function with given fields: req +func (_m *MockService) AuthenticateCode(req service.AuthenticationRequest) (string, error) { + ret := _m.Called(req) + + if len(ret) == 0 { + panic("no return value specified for AuthenticateCode") + } + + var r0 string + var r1 error + if rf, ok := ret.Get(0).(func(service.AuthenticationRequest) (string, error)); ok { + return rf(req) + } + if rf, ok := ret.Get(0).(func(service.AuthenticationRequest) string); ok { + r0 = rf(req) + } else { + r0 = ret.Get(0).(string) + } + + if rf, ok := ret.Get(1).(func(service.AuthenticationRequest) error); ok { + r1 = rf(req) + } else { + r1 = ret.Error(1) + } + + return r0, r1 +} + +// MockService_AuthenticateCode_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'AuthenticateCode' +type MockService_AuthenticateCode_Call struct { + *mock.Call +} + +// AuthenticateCode is a helper method to define mock.On call +// - req service.AuthenticationRequest +func (_e *MockService_Expecter) AuthenticateCode(req interface{}) *MockService_AuthenticateCode_Call { + return &MockService_AuthenticateCode_Call{Call: _e.mock.On("AuthenticateCode", req)} +} + +func (_c *MockService_AuthenticateCode_Call) Run(run func(req service.AuthenticationRequest)) *MockService_AuthenticateCode_Call { + _c.Call.Run(func(args mock.Arguments) { + run(args[0].(service.AuthenticationRequest)) + }) + return _c +} + +func (_c *MockService_AuthenticateCode_Call) Return(code string, err error) *MockService_AuthenticateCode_Call { + _c.Call.Return(code, err) + return _c +} + +func (_c *MockService_AuthenticateCode_Call) RunAndReturn(run func(service.AuthenticationRequest) (string, error)) *MockService_AuthenticateCode_Call { + _c.Call.Return(run) + return _c +} + +// AuthenticatePassword provides a mock function with given fields: username, password, scope +func (_m *MockService) AuthenticatePassword(username string, password string, scope string) (*service.TokenResponse, error) { + ret := _m.Called(username, password, scope) + + if len(ret) == 0 { + panic("no return value specified for AuthenticatePassword") + } + + var r0 *service.TokenResponse + var r1 error + if rf, ok := ret.Get(0).(func(string, string, string) (*service.TokenResponse, error)); ok { + return rf(username, password, scope) + } + if rf, ok := ret.Get(0).(func(string, string, string) *service.TokenResponse); ok { + r0 = rf(username, password, scope) + } else { + if ret.Get(0) != nil { + r0 = ret.Get(0).(*service.TokenResponse) + } + } + + if rf, ok := ret.Get(1).(func(string, string, string) error); ok { + r1 = rf(username, password, scope) + } else { + r1 = ret.Error(1) + } + + return r0, r1 +} + +// MockService_AuthenticatePassword_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'AuthenticatePassword' +type MockService_AuthenticatePassword_Call struct { + *mock.Call +} + +// AuthenticatePassword is a helper method to define mock.On call +// - username string +// - password string +// - scope string +func (_e *MockService_Expecter) AuthenticatePassword(username interface{}, password interface{}, scope interface{}) *MockService_AuthenticatePassword_Call { + return &MockService_AuthenticatePassword_Call{Call: _e.mock.On("AuthenticatePassword", username, password, scope)} +} + +func (_c *MockService_AuthenticatePassword_Call) Run(run func(username string, password string, scope string)) *MockService_AuthenticatePassword_Call { + _c.Call.Run(func(args mock.Arguments) { + run(args[0].(string), args[1].(string), args[2].(string)) + }) + return _c +} + +func (_c *MockService_AuthenticatePassword_Call) Return(_a0 *service.TokenResponse, _a1 error) *MockService_AuthenticatePassword_Call { + _c.Call.Return(_a0, _a1) + return _c +} + +func (_c *MockService_AuthenticatePassword_Call) RunAndReturn(run func(string, string, string) (*service.TokenResponse, error)) *MockService_AuthenticatePassword_Call { + _c.Call.Return(run) + return _c +} + +// Discovery provides a mock function with given fields: +func (_m *MockService) Discovery() *service.DiscoveryResponse { + ret := _m.Called() + + if len(ret) == 0 { + panic("no return value specified for Discovery") + } + + var r0 *service.DiscoveryResponse + if rf, ok := ret.Get(0).(func() *service.DiscoveryResponse); ok { + r0 = rf() + } else { + if ret.Get(0) != nil { + r0 = ret.Get(0).(*service.DiscoveryResponse) + } + } + + return r0 +} + +// MockService_Discovery_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'Discovery' +type MockService_Discovery_Call struct { + *mock.Call +} + +// Discovery is a helper method to define mock.On call +func (_e *MockService_Expecter) Discovery() *MockService_Discovery_Call { + return &MockService_Discovery_Call{Call: _e.mock.On("Discovery")} +} + +func (_c *MockService_Discovery_Call) Run(run func()) *MockService_Discovery_Call { + _c.Call.Run(func(args mock.Arguments) { + run() + }) + return _c +} + +func (_c *MockService_Discovery_Call) Return(_a0 *service.DiscoveryResponse) *MockService_Discovery_Call { + _c.Call.Return(_a0) + return _c +} + +func (_c *MockService_Discovery_Call) RunAndReturn(run func() *service.DiscoveryResponse) *MockService_Discovery_Call { + _c.Call.Return(run) + return _c +} + +// Exchange provides a mock function with given fields: req +func (_m *MockService) Exchange(req service.TokenRequest) (*service.TokenResponse, error) { + ret := _m.Called(req) + + if len(ret) == 0 { + panic("no return value specified for Exchange") + } + + var r0 *service.TokenResponse + var r1 error + if rf, ok := ret.Get(0).(func(service.TokenRequest) (*service.TokenResponse, error)); ok { + return rf(req) + } + if rf, ok := ret.Get(0).(func(service.TokenRequest) *service.TokenResponse); ok { + r0 = rf(req) + } else { + if ret.Get(0) != nil { + r0 = ret.Get(0).(*service.TokenResponse) + } + } + + if rf, ok := ret.Get(1).(func(service.TokenRequest) error); ok { + r1 = rf(req) + } else { + r1 = ret.Error(1) + } + + return r0, r1 +} + +// MockService_Exchange_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'Exchange' +type MockService_Exchange_Call struct { + *mock.Call +} + +// Exchange is a helper method to define mock.On call +// - req service.TokenRequest +func (_e *MockService_Expecter) Exchange(req interface{}) *MockService_Exchange_Call { + return &MockService_Exchange_Call{Call: _e.mock.On("Exchange", req)} +} + +func (_c *MockService_Exchange_Call) Run(run func(req service.TokenRequest)) *MockService_Exchange_Call { + _c.Call.Run(func(args mock.Arguments) { + run(args[0].(service.TokenRequest)) + }) + return _c +} + +func (_c *MockService_Exchange_Call) Return(_a0 *service.TokenResponse, _a1 error) *MockService_Exchange_Call { + _c.Call.Return(_a0, _a1) + return _c +} + +func (_c *MockService_Exchange_Call) RunAndReturn(run func(service.TokenRequest) (*service.TokenResponse, error)) *MockService_Exchange_Call { + _c.Call.Return(run) + return _c +} + +// GetCertificates provides a mock function with given fields: +func (_m *MockService) GetCertificates() *service.CertificatesResponse { + ret := _m.Called() + + if len(ret) == 0 { + panic("no return value specified for GetCertificates") + } + + var r0 *service.CertificatesResponse + if rf, ok := ret.Get(0).(func() *service.CertificatesResponse); ok { + r0 = rf() + } else { + if ret.Get(0) != nil { + r0 = ret.Get(0).(*service.CertificatesResponse) + } + } + + return r0 +} + +// MockService_GetCertificates_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'GetCertificates' +type MockService_GetCertificates_Call struct { + *mock.Call +} + +// GetCertificates is a helper method to define mock.On call +func (_e *MockService_Expecter) GetCertificates() *MockService_GetCertificates_Call { + return &MockService_GetCertificates_Call{Call: _e.mock.On("GetCertificates")} +} + +func (_c *MockService_GetCertificates_Call) Run(run func()) *MockService_GetCertificates_Call { + _c.Call.Run(func(args mock.Arguments) { + run() + }) + return _c +} + +func (_c *MockService_GetCertificates_Call) Return(_a0 *service.CertificatesResponse) *MockService_GetCertificates_Call { + _c.Call.Return(_a0) + return _c +} + +func (_c *MockService_GetCertificates_Call) RunAndReturn(run func() *service.CertificatesResponse) *MockService_GetCertificates_Call { + _c.Call.Return(run) + return _c +} + +// IssuerURL provides a mock function with given fields: +func (_m *MockService) IssuerURL() string { + ret := _m.Called() + + if len(ret) == 0 { + panic("no return value specified for IssuerURL") + } + + var r0 string + if rf, ok := ret.Get(0).(func() string); ok { + r0 = rf() + } else { + r0 = ret.Get(0).(string) + } + + return r0 +} + +// MockService_IssuerURL_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'IssuerURL' +type MockService_IssuerURL_Call struct { + *mock.Call +} + +// IssuerURL is a helper method to define mock.On call +func (_e *MockService_Expecter) IssuerURL() *MockService_IssuerURL_Call { + return &MockService_IssuerURL_Call{Call: _e.mock.On("IssuerURL")} +} + +func (_c *MockService_IssuerURL_Call) Run(run func()) *MockService_IssuerURL_Call { + _c.Call.Run(func(args mock.Arguments) { + run() + }) + return _c +} + +func (_c *MockService_IssuerURL_Call) Return(_a0 string) *MockService_IssuerURL_Call { + _c.Call.Return(_a0) + return _c +} + +func (_c *MockService_IssuerURL_Call) RunAndReturn(run func() string) *MockService_IssuerURL_Call { + _c.Call.Return(run) + return _c +} + +// LastTokenResponse provides a mock function with given fields: +func (_m *MockService) LastTokenResponse() *service.TokenResponse { + ret := _m.Called() + + if len(ret) == 0 { + panic("no return value specified for LastTokenResponse") + } + + var r0 *service.TokenResponse + if rf, ok := ret.Get(0).(func() *service.TokenResponse); ok { + r0 = rf() + } else { + if ret.Get(0) != nil { + r0 = ret.Get(0).(*service.TokenResponse) + } + } + + return r0 +} + +// MockService_LastTokenResponse_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'LastTokenResponse' +type MockService_LastTokenResponse_Call struct { + *mock.Call +} + +// LastTokenResponse is a helper method to define mock.On call +func (_e *MockService_Expecter) LastTokenResponse() *MockService_LastTokenResponse_Call { + return &MockService_LastTokenResponse_Call{Call: _e.mock.On("LastTokenResponse")} +} + +func (_c *MockService_LastTokenResponse_Call) Run(run func()) *MockService_LastTokenResponse_Call { + _c.Call.Run(func(args mock.Arguments) { + run() + }) + return _c +} + +func (_c *MockService_LastTokenResponse_Call) Return(_a0 *service.TokenResponse) *MockService_LastTokenResponse_Call { + _c.Call.Return(_a0) + return _c +} + +func (_c *MockService_LastTokenResponse_Call) RunAndReturn(run func() *service.TokenResponse) *MockService_LastTokenResponse_Call { + _c.Call.Return(run) + return _c +} + +// Refresh provides a mock function with given fields: refreshToken +func (_m *MockService) Refresh(refreshToken string) (*service.TokenResponse, error) { + ret := _m.Called(refreshToken) + + if len(ret) == 0 { + panic("no return value specified for Refresh") + } + + var r0 *service.TokenResponse + var r1 error + if rf, ok := ret.Get(0).(func(string) (*service.TokenResponse, error)); ok { + return rf(refreshToken) + } + if rf, ok := ret.Get(0).(func(string) *service.TokenResponse); ok { + r0 = rf(refreshToken) + } else { + if ret.Get(0) != nil { + r0 = ret.Get(0).(*service.TokenResponse) + } + } + + if rf, ok := ret.Get(1).(func(string) error); ok { + r1 = rf(refreshToken) + } else { + r1 = ret.Error(1) + } + + return r0, r1 +} + +// MockService_Refresh_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'Refresh' +type MockService_Refresh_Call struct { + *mock.Call +} + +// Refresh is a helper method to define mock.On call +// - refreshToken string +func (_e *MockService_Expecter) Refresh(refreshToken interface{}) *MockService_Refresh_Call { + return &MockService_Refresh_Call{Call: _e.mock.On("Refresh", refreshToken)} +} + +func (_c *MockService_Refresh_Call) Run(run func(refreshToken string)) *MockService_Refresh_Call { + _c.Call.Run(func(args mock.Arguments) { + run(args[0].(string)) + }) + return _c +} + +func (_c *MockService_Refresh_Call) Return(_a0 *service.TokenResponse, _a1 error) *MockService_Refresh_Call { + _c.Call.Return(_a0, _a1) + return _c +} + +func (_c *MockService_Refresh_Call) RunAndReturn(run func(string) (*service.TokenResponse, error)) *MockService_Refresh_Call { + _c.Call.Return(run) + return _c +} + +// SetConfig provides a mock function with given fields: config +func (_m *MockService) SetConfig(config testconfig.TestConfig) { + _m.Called(config) +} + +// MockService_SetConfig_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'SetConfig' +type MockService_SetConfig_Call struct { + *mock.Call +} + +// SetConfig is a helper method to define mock.On call +// - config testconfig.TestConfig +func (_e *MockService_Expecter) SetConfig(config interface{}) *MockService_SetConfig_Call { + return &MockService_SetConfig_Call{Call: _e.mock.On("SetConfig", config)} +} + +func (_c *MockService_SetConfig_Call) Run(run func(config testconfig.TestConfig)) *MockService_SetConfig_Call { + _c.Call.Run(func(args mock.Arguments) { + run(args[0].(testconfig.TestConfig)) + }) + return _c +} + +func (_c *MockService_SetConfig_Call) Return() *MockService_SetConfig_Call { + _c.Call.Return() + return _c +} + +func (_c *MockService_SetConfig_Call) RunAndReturn(run func(testconfig.TestConfig)) *MockService_SetConfig_Call { + _c.Call.Return(run) + return _c +} + +// NewMockService creates a new instance of MockService. It also registers a testing interface on the mock and a cleanup function to assert the mocks expectations. +// The first argument is typically a *testing.T value. +func NewMockService(t interface { + mock.TestingT + Cleanup(func()) +}) *MockService { + mock := &MockService{} + mock.Mock.Test(t) + + t.Cleanup(func() { mock.AssertExpectations(t) }) + + return mock +} diff --git a/mocks/github.com/int128/kubelogin/integration_test/oidcserver_mock/mock_Server.go b/mocks/github.com/int128/kubelogin/integration_test/oidcserver_mock/mock_Server.go deleted file mode 100644 index d62a9c3..0000000 --- a/mocks/github.com/int128/kubelogin/integration_test/oidcserver_mock/mock_Server.go +++ /dev/null @@ -1,162 +0,0 @@ -// Code generated by mockery v2.46.3. DO NOT EDIT. - -package oidcserver_mock - -import ( - handler "github.com/int128/kubelogin/integration_test/oidcserver/handler" - mock "github.com/stretchr/testify/mock" - - oidcserver "github.com/int128/kubelogin/integration_test/oidcserver" -) - -// MockServer is an autogenerated mock type for the Server type -type MockServer struct { - mock.Mock -} - -type MockServer_Expecter struct { - mock *mock.Mock -} - -func (_m *MockServer) EXPECT() *MockServer_Expecter { - return &MockServer_Expecter{mock: &_m.Mock} -} - -// IssuerURL provides a mock function with given fields: -func (_m *MockServer) IssuerURL() string { - ret := _m.Called() - - if len(ret) == 0 { - panic("no return value specified for IssuerURL") - } - - var r0 string - if rf, ok := ret.Get(0).(func() string); ok { - r0 = rf() - } else { - r0 = ret.Get(0).(string) - } - - return r0 -} - -// MockServer_IssuerURL_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'IssuerURL' -type MockServer_IssuerURL_Call struct { - *mock.Call -} - -// IssuerURL is a helper method to define mock.On call -func (_e *MockServer_Expecter) IssuerURL() *MockServer_IssuerURL_Call { - return &MockServer_IssuerURL_Call{Call: _e.mock.On("IssuerURL")} -} - -func (_c *MockServer_IssuerURL_Call) Run(run func()) *MockServer_IssuerURL_Call { - _c.Call.Run(func(args mock.Arguments) { - run() - }) - return _c -} - -func (_c *MockServer_IssuerURL_Call) Return(_a0 string) *MockServer_IssuerURL_Call { - _c.Call.Return(_a0) - return _c -} - -func (_c *MockServer_IssuerURL_Call) RunAndReturn(run func() string) *MockServer_IssuerURL_Call { - _c.Call.Return(run) - return _c -} - -// LastTokenResponse provides a mock function with given fields: -func (_m *MockServer) LastTokenResponse() *handler.TokenResponse { - ret := _m.Called() - - if len(ret) == 0 { - panic("no return value specified for LastTokenResponse") - } - - var r0 *handler.TokenResponse - if rf, ok := ret.Get(0).(func() *handler.TokenResponse); ok { - r0 = rf() - } else { - if ret.Get(0) != nil { - r0 = ret.Get(0).(*handler.TokenResponse) - } - } - - return r0 -} - -// MockServer_LastTokenResponse_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'LastTokenResponse' -type MockServer_LastTokenResponse_Call struct { - *mock.Call -} - -// LastTokenResponse is a helper method to define mock.On call -func (_e *MockServer_Expecter) LastTokenResponse() *MockServer_LastTokenResponse_Call { - return &MockServer_LastTokenResponse_Call{Call: _e.mock.On("LastTokenResponse")} -} - -func (_c *MockServer_LastTokenResponse_Call) Run(run func()) *MockServer_LastTokenResponse_Call { - _c.Call.Run(func(args mock.Arguments) { - run() - }) - return _c -} - -func (_c *MockServer_LastTokenResponse_Call) Return(_a0 *handler.TokenResponse) *MockServer_LastTokenResponse_Call { - _c.Call.Return(_a0) - return _c -} - -func (_c *MockServer_LastTokenResponse_Call) RunAndReturn(run func() *handler.TokenResponse) *MockServer_LastTokenResponse_Call { - _c.Call.Return(run) - return _c -} - -// SetConfig provides a mock function with given fields: _a0 -func (_m *MockServer) SetConfig(_a0 oidcserver.Config) { - _m.Called(_a0) -} - -// MockServer_SetConfig_Call is a *mock.Call that shadows Run/Return methods with type explicit version for method 'SetConfig' -type MockServer_SetConfig_Call struct { - *mock.Call -} - -// SetConfig is a helper method to define mock.On call -// - _a0 oidcserver.Config -func (_e *MockServer_Expecter) SetConfig(_a0 interface{}) *MockServer_SetConfig_Call { - return &MockServer_SetConfig_Call{Call: _e.mock.On("SetConfig", _a0)} -} - -func (_c *MockServer_SetConfig_Call) Run(run func(_a0 oidcserver.Config)) *MockServer_SetConfig_Call { - _c.Call.Run(func(args mock.Arguments) { - run(args[0].(oidcserver.Config)) - }) - return _c -} - -func (_c *MockServer_SetConfig_Call) Return() *MockServer_SetConfig_Call { - _c.Call.Return() - return _c -} - -func (_c *MockServer_SetConfig_Call) RunAndReturn(run func(oidcserver.Config)) *MockServer_SetConfig_Call { - _c.Call.Return(run) - return _c -} - -// NewMockServer creates a new instance of MockServer. It also registers a testing interface on the mock and a cleanup function to assert the mocks expectations. -// The first argument is typically a *testing.T value. -func NewMockServer(t interface { - mock.TestingT - Cleanup(func()) -}) *MockServer { - mock := &MockServer{} - mock.Mock.Test(t) - - t.Cleanup(func() { mock.AssertExpectations(t) }) - - return mock -}