Skip to content

Commit 49ad669

Browse files
hijiki51hijiki51
committed
test: add test for DecodeIDToken
1 parent 16d2b5c commit 49ad669

2 files changed

Lines changed: 86 additions & 0 deletions

File tree

handler/openid/strategy_jwt_test.go

Lines changed: 85 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -10,8 +10,10 @@ import (
1010
"time"
1111

1212
"github.com/stretchr/testify/assert"
13+
"github.com/stretchr/testify/require"
1314

1415
"github.com/ory/fosite"
16+
"github.com/ory/fosite/internal/gen"
1517
"github.com/ory/fosite/token/jwt"
1618
)
1719

@@ -283,3 +285,86 @@ func TestJWTStrategy_GenerateIDToken(t *testing.T) {
283285
})
284286
}
285287
}
288+
289+
func TestJWTStrategy_DecodeIDToken(t *testing.T) {
290+
var j = &DefaultStrategy{
291+
Signer: &jwt.DefaultSigner{
292+
GetPrivateKey: func(_ context.Context) (interface{}, error) {
293+
return key, nil
294+
}},
295+
Config: &fosite.Config{
296+
MinParameterEntropy: fosite.MinParameterEntropy,
297+
},
298+
}
299+
300+
var anotherKey = gen.MustRSAKey()
301+
302+
var genIDToken = func(c jwt.IDTokenClaims) string {
303+
s, _, err := j.Generate(context.TODO(), c.ToMapClaims(), jwt.NewHeaders())
304+
require.NoError(t, err)
305+
return s
306+
}
307+
308+
var token string
309+
var decoder *DefaultStrategy
310+
for k, c := range []struct {
311+
description string
312+
setup func()
313+
expectErr bool
314+
}{
315+
{
316+
description: "should pass with valid token",
317+
setup: func() {
318+
token = genIDToken(jwt.IDTokenClaims{
319+
Subject: "peter",
320+
RequestedAt: time.Now(),
321+
ExpiresAt: time.Now().Add(time.Hour),
322+
})
323+
decoder = j
324+
},
325+
expectErr: false,
326+
},
327+
{
328+
description: "should pass even though token is expired",
329+
setup: func() {
330+
token = genIDToken(jwt.IDTokenClaims{
331+
Subject: "peter",
332+
RequestedAt: time.Now(),
333+
ExpiresAt: time.Now().Add(-time.Hour),
334+
})
335+
decoder = j
336+
},
337+
expectErr: false,
338+
},
339+
{
340+
description: "should fail because token is decoded with wrong key",
341+
setup: func() {
342+
token = genIDToken(jwt.IDTokenClaims{
343+
Subject: "peter",
344+
RequestedAt: time.Now(),
345+
ExpiresAt: time.Now().Add(time.Hour),
346+
})
347+
decoder = &DefaultStrategy{
348+
Signer: &jwt.DefaultSigner{
349+
GetPrivateKey: func(_ context.Context) (interface{}, error) {
350+
return anotherKey, nil
351+
}},
352+
Config: &fosite.Config{
353+
MinParameterEntropy: fosite.MinParameterEntropy,
354+
},
355+
}
356+
},
357+
expectErr: true,
358+
},
359+
} {
360+
t.Run(fmt.Sprintf("case=%d/description=%s", k, c.description), func(t *testing.T) {
361+
c.setup()
362+
req := fosite.NewAccessRequest(&DefaultSession{})
363+
idtoken, err := decoder.DecodeIDToken(context.Background(), req, token)
364+
assert.Equal(t, c.expectErr, err != nil, "%d: %+v", k, err)
365+
if !c.expectErr {
366+
assert.NotNil(t, idtoken)
367+
}
368+
})
369+
}
370+
}

internal/id_token_strategy.go

Lines changed: 1 addition & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)