mirror of
https://github.com/nais/wonderwall.git
synced 2026-05-06 00:17:27 +00:00
deps: migrate from lestrrat-go/jwx to lestrrat-go/jwx/v2
This commit is contained in:
Trong Huu Nguyen
5
go.mod
5
go.mod
@@ -8,7 +8,7 @@ require (
|
||||
github.com/go-chi/httplog v0.2.4
|
||||
github.com/go-redis/redis/v8 v8.11.5
|
||||
github.com/google/uuid v1.3.0
|
||||
github.com/lestrrat-go/jwx v1.2.24
|
||||
github.com/lestrrat-go/jwx/v2 v2.0.0
|
||||
github.com/nais/liberator v0.0.0-20220505083635-84398d40ee40
|
||||
github.com/prometheus/client_golang v1.12.1
|
||||
github.com/rs/zerolog v1.26.1
|
||||
@@ -30,9 +30,9 @@ require (
|
||||
github.com/goccy/go-json v0.9.7 // indirect
|
||||
github.com/golang/protobuf v1.5.2 // indirect
|
||||
github.com/hashicorp/hcl v1.0.0 // indirect
|
||||
github.com/lestrrat-go/backoff/v2 v2.0.8 // indirect
|
||||
github.com/lestrrat-go/blackmagic v1.0.1 // indirect
|
||||
github.com/lestrrat-go/httpcc v1.0.1 // indirect
|
||||
github.com/lestrrat-go/httprc v1.0.1 // indirect
|
||||
github.com/lestrrat-go/iter v1.0.2 // indirect
|
||||
github.com/lestrrat-go/option v1.0.0 // indirect
|
||||
github.com/magiconair/properties v1.8.6 // indirect
|
||||
@@ -41,7 +41,6 @@ require (
|
||||
github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e // indirect
|
||||
github.com/pelletier/go-toml v1.9.5 // indirect
|
||||
github.com/pelletier/go-toml/v2 v2.0.0 // indirect
|
||||
github.com/pkg/errors v0.9.1 // indirect
|
||||
github.com/pmezard/go-difflib v1.0.0 // indirect
|
||||
github.com/prometheus/client_model v0.2.0 // indirect
|
||||
github.com/prometheus/common v0.34.0 // indirect
|
||||
|
||||
13
go.sum
13
go.sum
@@ -68,7 +68,6 @@ github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs
|
||||
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
|
||||
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||
github.com/decred/dcrd/crypto/blake256 v1.0.0/go.mod h1:sQl2p6Y26YV+ZOcSTP6thNdn47hh8kt6rqSlvmrXFAc=
|
||||
github.com/decred/dcrd/dcrec/secp256k1/v4 v4.0.0-20210816181553-5444fa50b93d/go.mod h1:tmAIfUFEirG/Y8jhZ9M+h36obRZAk/1fcSpXwAVlfqE=
|
||||
github.com/decred/dcrd/dcrec/secp256k1/v4 v4.0.1 h1:YLtO71vCjJRCBcrPMtQ9nqBsqpA1m5sE92cU+pd5Mcc=
|
||||
github.com/decred/dcrd/dcrec/secp256k1/v4 v4.0.1/go.mod h1:hyedUtir6IdtD/7lIxGeCxkaw7y45JueMRL4DIyJDKs=
|
||||
github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f h1:lO4WD4F/rVNCu3HqELle0jiPLLBs70cWOduZpkS1E78=
|
||||
@@ -190,18 +189,16 @@ github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORN
|
||||
github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
|
||||
github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE=
|
||||
github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
|
||||
github.com/lestrrat-go/backoff/v2 v2.0.8 h1:oNb5E5isby2kiro9AgdHLv5N5tint1AnDVVf2E2un5A=
|
||||
github.com/lestrrat-go/backoff/v2 v2.0.8/go.mod h1:rHP/q/r9aT27n24JQLa7JhSQZCKBBOiM/uP402WwN8Y=
|
||||
github.com/lestrrat-go/blackmagic v1.0.0/go.mod h1:TNgH//0vYSs8VXDCfkZLgIrVTTXQELZffUV0tz3MtdQ=
|
||||
github.com/lestrrat-go/blackmagic v1.0.1 h1:lS5Zts+5HIC/8og6cGHb0uCcNCa3OUt1ygh3Qz2Fe80=
|
||||
github.com/lestrrat-go/blackmagic v1.0.1/go.mod h1:UrEqBzIR2U6CnzVyUtfM6oZNMt/7O7Vohk2J0OGSAtU=
|
||||
github.com/lestrrat-go/httpcc v1.0.1 h1:ydWCStUeJLkpYyjLDHihupbn2tYmZ7m22BGkcvZZrIE=
|
||||
github.com/lestrrat-go/httpcc v1.0.1/go.mod h1:qiltp3Mt56+55GPVCbTdM9MlqhvzyuL6W/NMDA8vA5E=
|
||||
github.com/lestrrat-go/iter v1.0.1/go.mod h1:zIdgO1mRKhn8l9vrZJZz9TUMMFbQbLeTsbqPDrJ/OJc=
|
||||
github.com/lestrrat-go/httprc v1.0.1 h1:Cnc4NxIySph38pQPzKbjg5OkKsGR/Cf5xcWt5OlSUDI=
|
||||
github.com/lestrrat-go/httprc v1.0.1/go.mod h1:5Ml+nB++j6IC0e6LzefJnrpMQDKgDwDCaIQQzhbqhJM=
|
||||
github.com/lestrrat-go/iter v1.0.2 h1:gMXo1q4c2pHmC3dn8LzRhJfP1ceCbgSiT9lUydIzltI=
|
||||
github.com/lestrrat-go/iter v1.0.2/go.mod h1:Momfcq3AnRlRjI5b5O8/G5/BvpzrhoFTZcn06fEOPt4=
|
||||
github.com/lestrrat-go/jwx v1.2.24 h1:N6Qsn6TUsDzz+qgS/1xcfBtkQfnbwW01fLFJpuYgKsg=
|
||||
github.com/lestrrat-go/jwx v1.2.24/go.mod h1:zoNuZymNl5lgdcu6P7K6ie2QRll5HVfF4xwxBBK1NxY=
|
||||
github.com/lestrrat-go/jwx/v2 v2.0.0 h1:P0ufz+eqGrKDSIdcTQXRbtOhBZ8gTXG6zlnoc/AH7hM=
|
||||
github.com/lestrrat-go/jwx/v2 v2.0.0/go.mod h1:6JfwCE7IwHTaUBdNgNUmTYN8Cxi557CjJM764daXDao=
|
||||
github.com/lestrrat-go/option v1.0.0 h1:WqAWL8kh8VcSoD6xjSH34/1m8yxluXQbDeKNfvFeEO4=
|
||||
github.com/lestrrat-go/option v1.0.0/go.mod h1:5ZHFbivi4xwXxhxY9XHDe2FHo6/Z7WWmtT7T5nBBp3I=
|
||||
github.com/magiconair/properties v1.8.6 h1:5ibWZ6iY0NctNGWo87LalDlEZ6R41TqbbDamhfG/Qzo=
|
||||
@@ -231,7 +228,6 @@ github.com/pelletier/go-toml/v2 v2.0.0 h1:P7Bq0SaI8nsexyay5UAyDo+ICWy5MQPgEZ5+l8
|
||||
github.com/pelletier/go-toml/v2 v2.0.0/go.mod h1:r9LEWfGN8R5k0VXJ+0BkIe7MYkRdwZOjgMj2KwnJFUo=
|
||||
github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
|
||||
github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
|
||||
github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
|
||||
github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
|
||||
github.com/pkg/sftp v1.13.1/go.mod h1:3HaPG6Dq1ILlpPZRO0HVMrsydcdLt6HRDccSgb87qRg=
|
||||
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
|
||||
@@ -315,6 +311,7 @@ golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPh
|
||||
golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4=
|
||||
golang.org/x/crypto v0.0.0-20211108221036-ceb1ce70b4fa/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
|
||||
golang.org/x/crypto v0.0.0-20211215165025-cf75a172585e/go.mod h1:P+XmwS30IXTQdn5tA2iutPOUgjI07+tq3H3K9MVA1s8=
|
||||
golang.org/x/crypto v0.0.0-20220214200702-86341886e292/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
|
||||
golang.org/x/crypto v0.0.0-20220427172511-eb4f295cb31f h1:OeJjE6G4dgCY4PIXvIRQbE8+RX+uXZyGhUy/ksMGJoc=
|
||||
golang.org/x/crypto v0.0.0-20220427172511-eb4f295cb31f/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
|
||||
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
|
||||
|
||||
@@ -4,8 +4,8 @@ import (
|
||||
"crypto/rand"
|
||||
"crypto/rsa"
|
||||
|
||||
"github.com/lestrrat-go/jwx/jwa"
|
||||
"github.com/lestrrat-go/jwx/jwk"
|
||||
"github.com/lestrrat-go/jwx/v2/jwa"
|
||||
"github.com/lestrrat-go/jwx/v2/jwk"
|
||||
)
|
||||
|
||||
func NewJwk() (jwk.Key, error) {
|
||||
@@ -14,7 +14,7 @@ func NewJwk() (jwk.Key, error) {
|
||||
panic(err)
|
||||
}
|
||||
|
||||
key, err := jwk.New(privateKey)
|
||||
key, err := jwk.FromRaw(privateKey)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
package crypto
|
||||
|
||||
import (
|
||||
"github.com/lestrrat-go/jwx/jwk"
|
||||
"github.com/lestrrat-go/jwx/v2/jwk"
|
||||
)
|
||||
|
||||
type JwkSet struct {
|
||||
@@ -16,7 +16,7 @@ func NewJwkSet() (*JwkSet, error) {
|
||||
}
|
||||
|
||||
privateKeys := jwk.NewSet()
|
||||
privateKeys.Add(key)
|
||||
privateKeys.AddKey(key)
|
||||
|
||||
publicKeys, err := jwk.PublicSetOf(privateKeys)
|
||||
if err != nil {
|
||||
|
||||
@@ -4,8 +4,13 @@ import (
|
||||
"fmt"
|
||||
"time"
|
||||
|
||||
"github.com/lestrrat-go/jwx/jwk"
|
||||
"github.com/lestrrat-go/jwx/jwt"
|
||||
"github.com/lestrrat-go/jwx/v2/jwk"
|
||||
"github.com/lestrrat-go/jwx/v2/jws"
|
||||
"github.com/lestrrat-go/jwx/v2/jwt"
|
||||
)
|
||||
|
||||
const (
|
||||
AcceptableClockSkew = 10 * time.Second
|
||||
)
|
||||
|
||||
type Token interface {
|
||||
@@ -78,8 +83,10 @@ func NewToken(raw string, jwtToken jwt.Token) Token {
|
||||
|
||||
func Parse(raw string, jwks jwk.Set) (jwt.Token, error) {
|
||||
parseOpts := []jwt.ParseOption{
|
||||
jwt.WithKeySet(jwks),
|
||||
jwt.InferAlgorithmFromKey(true),
|
||||
jwt.WithKeySet(jwks,
|
||||
jws.WithInferAlgorithmFromKey(true),
|
||||
),
|
||||
jwt.WithAcceptableSkew(AcceptableClockSkew),
|
||||
}
|
||||
token, err := jwt.ParseString(raw, parseOpts...)
|
||||
if err != nil {
|
||||
|
||||
@@ -1,8 +1,8 @@
|
||||
package jwt
|
||||
|
||||
import (
|
||||
"github.com/lestrrat-go/jwx/jwk"
|
||||
"github.com/lestrrat-go/jwx/jwt"
|
||||
"github.com/lestrrat-go/jwx/v2/jwk"
|
||||
"github.com/lestrrat-go/jwx/v2/jwt"
|
||||
)
|
||||
|
||||
type AccessToken struct {
|
||||
|
||||
@@ -3,8 +3,8 @@ package jwt
|
||||
import (
|
||||
"time"
|
||||
|
||||
"github.com/lestrrat-go/jwx/jwk"
|
||||
"github.com/lestrrat-go/jwx/jwt"
|
||||
"github.com/lestrrat-go/jwx/v2/jwk"
|
||||
"github.com/lestrrat-go/jwx/v2/jwt"
|
||||
|
||||
"github.com/nais/wonderwall/pkg/openid"
|
||||
)
|
||||
|
||||
@@ -3,7 +3,7 @@ package jwt
|
||||
import (
|
||||
"fmt"
|
||||
|
||||
"github.com/lestrrat-go/jwx/jwk"
|
||||
"github.com/lestrrat-go/jwx/v2/jwk"
|
||||
"golang.org/x/oauth2"
|
||||
)
|
||||
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
package mock
|
||||
|
||||
import (
|
||||
"github.com/lestrrat-go/jwx/jwk"
|
||||
"github.com/lestrrat-go/jwx/v2/jwk"
|
||||
|
||||
"github.com/nais/wonderwall/pkg/crypto"
|
||||
"github.com/nais/wonderwall/pkg/openid/scopes"
|
||||
|
||||
@@ -8,9 +8,9 @@ import (
|
||||
"time"
|
||||
|
||||
"github.com/google/uuid"
|
||||
"github.com/lestrrat-go/jwx/jwa"
|
||||
"github.com/lestrrat-go/jwx/jwk"
|
||||
"github.com/lestrrat-go/jwx/jwt"
|
||||
"github.com/lestrrat-go/jwx/v2/jwa"
|
||||
"github.com/lestrrat-go/jwx/v2/jwk"
|
||||
"github.com/lestrrat-go/jwx/v2/jwt"
|
||||
)
|
||||
|
||||
type identityProviderHandler struct {
|
||||
@@ -44,12 +44,12 @@ type tokenResponse struct {
|
||||
|
||||
func (ip *identityProviderHandler) signToken(token jwt.Token) (string, error) {
|
||||
privateJwkSet := *ip.Provider.PrivateJwkSet()
|
||||
signer, ok := privateJwkSet.Get(0)
|
||||
signer, ok := privateJwkSet.Key(0)
|
||||
if !ok {
|
||||
return "", fmt.Errorf("could not get signer")
|
||||
}
|
||||
|
||||
signedToken, err := jwt.Sign(token, jwa.RS256, signer)
|
||||
signedToken, err := jwt.Sign(token, jwt.WithKey(jwa.RS256, signer))
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
@@ -147,7 +147,7 @@ func (ip *identityProviderHandler) Token(w http.ResponseWriter, r *http.Request)
|
||||
|
||||
clientJwk := ip.Provider.GetClientConfiguration().GetClientJWK()
|
||||
clientJwkSet := jwk.NewSet()
|
||||
clientJwkSet.Add(clientJwk)
|
||||
clientJwkSet.AddKey(clientJwk)
|
||||
publicClientJwkSet, err := jwk.PublicSetOf(clientJwkSet)
|
||||
if err != nil {
|
||||
w.WriteHeader(http.StatusInternalServerError)
|
||||
|
||||
@@ -3,7 +3,7 @@ package mock
|
||||
import (
|
||||
"context"
|
||||
|
||||
"github.com/lestrrat-go/jwx/jwk"
|
||||
"github.com/lestrrat-go/jwx/v2/jwk"
|
||||
log "github.com/sirupsen/logrus"
|
||||
|
||||
"github.com/nais/wonderwall/pkg/crypto"
|
||||
|
||||
@@ -5,8 +5,7 @@ import (
|
||||
"time"
|
||||
|
||||
"github.com/google/uuid"
|
||||
"github.com/lestrrat-go/jwx/jwa"
|
||||
"github.com/lestrrat-go/jwx/jwt"
|
||||
"github.com/lestrrat-go/jwx/v2/jwt"
|
||||
)
|
||||
|
||||
func ClientAssertion(provider Provider, expiration time.Duration) (string, error) {
|
||||
@@ -33,7 +32,7 @@ func ClientAssertion(provider Provider, expiration time.Duration) (string, error
|
||||
}
|
||||
}
|
||||
|
||||
encoded, err := jwt.Sign(tok, jwa.SignatureAlgorithm(key.Algorithm()), key)
|
||||
encoded, err := jwt.Sign(tok, jwt.WithKey(key.Algorithm(), key))
|
||||
if err != nil {
|
||||
return "", fmt.Errorf("signing client assertion: %w", err)
|
||||
}
|
||||
|
||||
@@ -4,8 +4,7 @@ import (
|
||||
"testing"
|
||||
"time"
|
||||
|
||||
"github.com/lestrrat-go/jwx/jwa"
|
||||
"github.com/lestrrat-go/jwx/jwt"
|
||||
"github.com/lestrrat-go/jwx/v2/jwt"
|
||||
"github.com/stretchr/testify/assert"
|
||||
|
||||
"github.com/nais/wonderwall/pkg/mock"
|
||||
@@ -27,8 +26,7 @@ func TestAssertion(t *testing.T) {
|
||||
publicKey, err := key.PublicKey()
|
||||
assert.NoError(t, err)
|
||||
opts := []jwt.ParseOption{
|
||||
jwt.WithValidate(true),
|
||||
jwt.WithVerify(jwa.SignatureAlgorithm(publicKey.Algorithm()), publicKey),
|
||||
jwt.WithKey(publicKey.Algorithm(), publicKey),
|
||||
jwt.WithRequiredClaim(jwt.IssuedAtKey),
|
||||
jwt.WithRequiredClaim(jwt.ExpirationKey),
|
||||
jwt.WithRequiredClaim(jwt.JwtIDKey),
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
package clients
|
||||
|
||||
import (
|
||||
"github.com/lestrrat-go/jwx/jwk"
|
||||
"github.com/lestrrat-go/jwx/v2/jwk"
|
||||
|
||||
"github.com/nais/wonderwall/pkg/openid/scopes"
|
||||
)
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
package clients
|
||||
|
||||
import (
|
||||
"github.com/lestrrat-go/jwx/jwk"
|
||||
"github.com/lestrrat-go/jwx/v2/jwk"
|
||||
|
||||
"github.com/nais/wonderwall/pkg/config"
|
||||
"github.com/nais/wonderwall/pkg/openid/scopes"
|
||||
|
||||
@@ -6,7 +6,7 @@ import (
|
||||
"sync"
|
||||
"time"
|
||||
|
||||
"github.com/lestrrat-go/jwx/jwk"
|
||||
"github.com/lestrrat-go/jwx/v2/jwk"
|
||||
log "github.com/sirupsen/logrus"
|
||||
|
||||
"github.com/nais/wonderwall/pkg/config"
|
||||
@@ -27,7 +27,7 @@ type Provider interface {
|
||||
type provider struct {
|
||||
clientConfiguration clients.Configuration
|
||||
configuration *Configuration
|
||||
jwks *jwk.AutoRefresh
|
||||
jwksCache *jwk.Cache
|
||||
jwksLock *jwksLock
|
||||
}
|
||||
|
||||
@@ -46,7 +46,7 @@ func (p provider) GetOpenIDConfiguration() *Configuration {
|
||||
|
||||
func (p provider) GetPublicJwkSet(ctx context.Context) (*jwk.Set, error) {
|
||||
url := p.configuration.JwksURI
|
||||
set, err := p.jwks.Fetch(ctx, url)
|
||||
set, err := p.jwksCache.Get(ctx, url)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("provider: fetching jwks: %w", err)
|
||||
}
|
||||
@@ -67,7 +67,7 @@ func (p provider) RefreshPublicJwkSet(ctx context.Context) (*jwk.Set, error) {
|
||||
p.jwksLock.lastRefresh = time.Now()
|
||||
|
||||
url := p.configuration.JwksURI
|
||||
set, err := p.jwks.Refresh(ctx, url)
|
||||
set, err := p.jwksCache.Refresh(ctx, url)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("provider: refreshing jwks: %w", err)
|
||||
}
|
||||
@@ -135,9 +135,15 @@ func NewProvider(ctx context.Context, cfg *config.Config) (Provider, error) {
|
||||
}
|
||||
|
||||
uri := configuration.JwksURI
|
||||
jwksAutoRefresh := jwk.NewAutoRefresh(ctx)
|
||||
jwksAutoRefresh.Configure(uri)
|
||||
_, err = jwksAutoRefresh.Fetch(ctx, uri)
|
||||
cache := jwk.NewCache(ctx)
|
||||
|
||||
err = cache.Register(uri)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("registering jwks provider uri to cache: %w", err)
|
||||
}
|
||||
|
||||
// trigger initial fetch and cache of jwk set
|
||||
_, err = cache.Refresh(ctx, uri)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("initial fetch of jwks from provider: %w", err)
|
||||
}
|
||||
@@ -145,7 +151,7 @@ func NewProvider(ctx context.Context, cfg *config.Config) (Provider, error) {
|
||||
return &provider{
|
||||
clientConfiguration: clientConfig,
|
||||
configuration: configuration,
|
||||
jwks: jwksAutoRefresh,
|
||||
jwksCache: cache,
|
||||
jwksLock: &jwksLock{},
|
||||
}, nil
|
||||
}
|
||||
|
||||
@@ -1,14 +1,15 @@
|
||||
package router_test
|
||||
|
||||
import (
|
||||
"context"
|
||||
"encoding/base64"
|
||||
"net/http"
|
||||
"net/http/httptest"
|
||||
"testing"
|
||||
"time"
|
||||
|
||||
"github.com/lestrrat-go/jwx/jwa"
|
||||
jwtlib "github.com/lestrrat-go/jwx/jwt"
|
||||
"github.com/lestrrat-go/jwx/v2/jwa"
|
||||
jwtlib "github.com/lestrrat-go/jwx/v2/jwt"
|
||||
log "github.com/sirupsen/logrus"
|
||||
"github.com/stretchr/testify/assert"
|
||||
|
||||
@@ -152,30 +153,37 @@ func assertCookieExists(t *testing.T, h *router.Handler, cookieName, expectedVal
|
||||
|
||||
func makeTokens(provider mock.TestProvider) *jwt.Tokens {
|
||||
jwks := *provider.PrivateJwkSet()
|
||||
jwksPublic, err := provider.GetPublicJwkSet(context.TODO())
|
||||
if err != nil {
|
||||
log.Fatalf("getting public jwk set: %+v", err)
|
||||
}
|
||||
|
||||
signer, ok := jwks.Get(0)
|
||||
signer, ok := jwks.Key(0)
|
||||
if !ok {
|
||||
log.Fatalf("getting signer")
|
||||
}
|
||||
|
||||
idToken := jwtlib.New()
|
||||
idToken.Set("jti", "id-token-jti")
|
||||
signedIdToken, err := jwtlib.Sign(idToken, jwa.RS256, signer)
|
||||
|
||||
signedIdToken, err := jwtlib.Sign(idToken, jwtlib.WithKey(jwa.RS256, signer))
|
||||
if err != nil {
|
||||
log.Fatalf("signing id_token: %+v", err)
|
||||
}
|
||||
parsedIdToken, err := jwtlib.Parse(signedIdToken)
|
||||
|
||||
parsedIdToken, err := jwtlib.Parse(signedIdToken, jwtlib.WithKeySet(*jwksPublic))
|
||||
if err != nil {
|
||||
log.Fatalf("parsing signed id_token: %+v", err)
|
||||
}
|
||||
|
||||
accessToken := jwtlib.New()
|
||||
accessToken.Set("jti", "access-token-jti")
|
||||
signedAccessToken, err := jwtlib.Sign(accessToken, jwa.RS256, signer)
|
||||
|
||||
signedAccessToken, err := jwtlib.Sign(accessToken, jwtlib.WithKey(jwa.RS256, signer))
|
||||
if err != nil {
|
||||
log.Fatalf("signing access_token: %+v", err)
|
||||
}
|
||||
parsedAccessToken, err := jwtlib.Parse(signedAccessToken)
|
||||
parsedAccessToken, err := jwtlib.Parse(signedAccessToken, jwtlib.WithKeySet(*jwksPublic))
|
||||
if err != nil {
|
||||
log.Fatalf("parsing signed access_token: %+v", err)
|
||||
}
|
||||
|
||||
@@ -5,7 +5,7 @@ import (
|
||||
"testing"
|
||||
"time"
|
||||
|
||||
jwtlib "github.com/lestrrat-go/jwx/jwt"
|
||||
jwtlib "github.com/lestrrat-go/jwx/v2/jwt"
|
||||
"github.com/stretchr/testify/assert"
|
||||
|
||||
"github.com/nais/wonderwall/pkg/jwt"
|
||||
|
||||
File diff suppressed because one or more lines are too long
@@ -5,7 +5,7 @@ import (
|
||||
"testing"
|
||||
"time"
|
||||
|
||||
jwtlib "github.com/lestrrat-go/jwx/jwt"
|
||||
jwtlib "github.com/lestrrat-go/jwx/v2/jwt"
|
||||
"github.com/nais/liberator/pkg/keygen"
|
||||
"github.com/stretchr/testify/assert"
|
||||
|
||||
|
||||
@@ -7,7 +7,7 @@ import (
|
||||
|
||||
"github.com/alicebob/miniredis/v2"
|
||||
"github.com/go-redis/redis/v8"
|
||||
jwtlib "github.com/lestrrat-go/jwx/jwt"
|
||||
jwtlib "github.com/lestrrat-go/jwx/v2/jwt"
|
||||
"github.com/nais/liberator/pkg/keygen"
|
||||
"github.com/stretchr/testify/assert"
|
||||
|
||||
|
||||
Reference in New Issue
Block a user