github/wonderwall
1
0
Fork 0
mirror of https://github.com/nais/wonderwall.git synced 2026-05-21 07:42:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

refactor(openid/client): scope is not required for client assertions

Browse Source
This commit is contained in:
Trong Huu Nguyen
2022-07-14 09:17:29 +02:00
parent 1f59173266
commit 2b730f1c32
2 changed files with 0 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
pkg/openid/client/client.go
View File

@@ -114,7 +114,6 @@ func (c client) MakeAssertion(expiration time.Duration) (string, error) {
errs = append(errs, tok.Set(jwt.IssuerKey, clientCfg.GetClientID()))
errs = append(errs, tok.Set(jwt.SubjectKey, clientCfg.GetClientID()))
errs = append(errs, tok.Set(jwt.AudienceKey, providerCfg.Issuer))
errs = append(errs, tok.Set("scope", clientCfg.GetScopes().String()))
errs = append(errs, tok.Set(jwt.IssuedAtKey, iat))
errs = append(errs, tok.Set(jwt.ExpirationKey, exp))
errs = append(errs, tok.Set(jwt.JwtIDKey, uuid.New().String()))

4
pkg/openid/client/client_test.go
View File

@@ -40,10 +40,6 @@ func TestMakeAssertion(t *testing.T) {
assert.Equal(t, "some-client-id", assertion.Issuer())
assert.Equal(t, "some-client-id", assertion.Subject())
scps, ok := assertion.Get("scope")
assert.True(t, ok)
assert.Equal(t, "openid", scps)
assert.True(t, assertion.IssuedAt().Before(time.Now()))
assert.True(t, assertion.Expiration().After(time.Now()))
assert.True(t, assertion.Expiration().Before(time.Now().Add(expiry)))