(t *testing.T)
| 188 | } |
| 189 | |
| 190 | func TestJWS(t *testing.T) { |
| 191 | t.Parallel() |
| 192 | t.Run("WrongSignatureAlgorithm", func(t *testing.T) { |
| 193 | t.Parallel() |
| 194 | |
| 195 | ctx := testutil.Context(t, testutil.WaitShort) |
| 196 | |
| 197 | key := newKey(t, 64) |
| 198 | |
| 199 | token, err := jwtutils.Sign(ctx, key, jwt.Claims{}) |
| 200 | require.NoError(t, err) |
| 201 | |
| 202 | var actual testClaims |
| 203 | err = jwtutils.Verify(ctx, key, token, &actual, withSignatureAlgorithm(jose.HS256)) |
| 204 | require.Error(t, err) |
| 205 | }) |
| 206 | |
| 207 | t.Run("CustomClaims", func(t *testing.T) { |
| 208 | t.Parallel() |
| 209 | |
| 210 | var ( |
| 211 | ctx = testutil.Context(t, testutil.WaitShort) |
| 212 | key = newKey(t, 64) |
| 213 | ) |
| 214 | |
| 215 | expected := testClaims{ |
| 216 | MyClaim: "my_value", |
| 217 | } |
| 218 | token, err := jwtutils.Sign(ctx, key, expected) |
| 219 | require.NoError(t, err) |
| 220 | |
| 221 | var actual testClaims |
| 222 | err = jwtutils.Verify(ctx, key, token, &actual, withVerifyExpected(jwt.Expected{})) |
| 223 | require.NoError(t, err) |
| 224 | require.Equal(t, expected, actual) |
| 225 | }) |
| 226 | |
| 227 | t.Run("WithKeycache", func(t *testing.T) { |
| 228 | t.Parallel() |
| 229 | |
| 230 | var ( |
| 231 | ctx = testutil.Context(t, testutil.WaitShort) |
| 232 | db, _ = dbtestutil.NewDB(t) |
| 233 | _ = dbgen.CryptoKey(t, db, database.CryptoKey{ |
| 234 | Feature: database.CryptoKeyFeatureOIDCConvert, |
| 235 | StartsAt: time.Now(), |
| 236 | }) |
| 237 | log = testutil.Logger(t) |
| 238 | fetcher = &cryptokeys.DBFetcher{DB: db} |
| 239 | ) |
| 240 | |
| 241 | cache, err := cryptokeys.NewSigningCache(ctx, log, fetcher, codersdk.CryptoKeyFeatureOIDCConvert) |
| 242 | require.NoError(t, err) |
| 243 | |
| 244 | claims := testClaims{ |
| 245 | MyClaim: "my_value", |
| 246 | Claims: jwt.Claims{ |
| 247 | Expiry: jwt.NewNumericDate(time.Now().Add(time.Hour)), |
nothing calls this directly
no test coverage detected