From abc8bd18357086660fc473fac86c6ed600eba024 Mon Sep 17 00:00:00 2001 From: ybelMekk Date: Tue, 25 Jan 2022 12:08:42 +0100 Subject: [PATCH] fix: clean up tests and fix name --- pkg/mock/handler.go | 4 ++-- pkg/mock/openid.go | 3 +++ pkg/router/handler_callback.go | 10 +++++----- pkg/router/router_test.go | 13 ++++++++++--- 4 files changed, 20 insertions(+), 10 deletions(-) diff --git a/pkg/mock/handler.go b/pkg/mock/handler.go index 9f6abe1..7f5baab 100644 --- a/pkg/mock/handler.go +++ b/pkg/mock/handler.go @@ -255,6 +255,6 @@ func NewSHA256(data []byte) []byte { return hash[:] } -func (ip *identityProviderHandler) GetCurrentSessionState(clientID string) string { - return ip.SessionStates[clientID] +func (ip *identityProviderHandler) GetClientID(sessionID string) string { + return ip.Sessions[sessionID] } diff --git a/pkg/mock/openid.go b/pkg/mock/openid.go index fad6820..73d4ac9 100644 --- a/pkg/mock/openid.go +++ b/pkg/mock/openid.go @@ -20,6 +20,9 @@ func IdentityProviderServer(iframe bool) (*httptest.Server, TestProvider, *ident if iframe { provider.OpenIDConfiguration.CheckSessionIframe = server.URL + "/checksession" + } else { + provider.OpenIDConfiguration.FrontchannelLogoutSupported = true + provider.OpenIDConfiguration.FrontchannelLogoutSessionSupported = true } return server, provider, handler diff --git a/pkg/router/handler_callback.go b/pkg/router/handler_callback.go index 4525609..ac7072a 100644 --- a/pkg/router/handler_callback.go +++ b/pkg/router/handler_callback.go @@ -120,23 +120,23 @@ func (h *Handler) validateIDToken(idToken *openid.IDToken, loginCookie *openid.L func (h *Handler) SessionId(idToken *openid.IDToken, params url.Values) (string, error) { var openIDconfig = h.Provider.GetOpenIDConfiguration() - var externalSessionID string + var sessionID string var err error switch { case openIDconfig.SidClaimRequired(): - externalSessionID, err = idToken.GetStringClaim("sid") + sessionID, err = idToken.GetStringClaim("sid") case openIDconfig.GetCheckSessionIframe(): - externalSessionID, err = getSessionStateFrom(params) + sessionID, err = getSessionStateFrom(params) default: - externalSessionID, err = h.GenerateSessionID() + sessionID, err = h.GenerateSessionID() } if err != nil { return "", err } - return externalSessionID, nil + return sessionID, nil } func getSessionStateFrom(params url.Values) (string, error) { diff --git a/pkg/router/router_test.go b/pkg/router/router_test.go index 76abaee..210c95d 100644 --- a/pkg/router/router_test.go +++ b/pkg/router/router_test.go @@ -196,7 +196,7 @@ func TestHandler_Callback_and_Logout(t *testing.T) { } func TestHandler_FrontChannelLogout(t *testing.T) { - _, idp, _ := mock.IdentityProviderServer(false) + _, idp, idpHandler := mock.IdentityProviderServer(false) h := newHandler(idp) r := router.New(h) server := httptest.NewServer(r) @@ -252,6 +252,9 @@ func TestHandler_FrontChannelLogout(t *testing.T) { sid, err := h.Crypter.Decrypt(ciphertext) assert.NoError(t, err) + clientID := idpHandler.GetClientID(parseSessionID(sid)) + assert.Equal(t, idp.GetClientConfiguration().GetClientID(), clientID) + frontchannelLogoutURL, err := url.Parse(server.URL) assert.NoError(t, err) @@ -324,8 +327,8 @@ func TestHandler_CheckSessionIframe(t *testing.T) { sessionState, err := h.Crypter.Decrypt(ciphertext) assert.NoError(t, err) - idpSessionState := idpHandler.GetCurrentSessionState(idp.GetClientConfiguration().GetClientID()) - assert.Equal(t, idpSessionState, strings.Split(string(sessionState), ":")[2]) + clientID := idpHandler.GetClientID(parseSessionID(sessionState)) + assert.Equal(t, idp.GetClientConfiguration().GetClientID(), clientID) } func getCookieFromJar(name string, cookies []*http.Cookie) *http.Cookie { @@ -337,3 +340,7 @@ func getCookieFromJar(name string, cookies []*http.Cookie) *http.Cookie { return nil } + +func parseSessionID(sessionID []byte) string { + return strings.Split(string(sessionID), ":")[2] +}