RunIDP needs the testing.T because our oidctest package requires the testing.T.
()
| 57 | // RunIDP needs the testing.T because our oidctest package requires the |
| 58 | // testing.T. |
| 59 | func RunIDP() func(t *testing.T) { |
| 60 | tooManyRequestParams := oidctest.With429Arguments{} |
| 61 | if *tooManyRequests != "" { |
| 62 | for _, v := range strings.Split(*tooManyRequests, ",") { |
| 63 | v = strings.ToLower(strings.TrimSpace(v)) |
| 64 | switch v { |
| 65 | case "all": |
| 66 | tooManyRequestParams.AllPaths = true |
| 67 | case "auth": |
| 68 | tooManyRequestParams.AuthorizePath = true |
| 69 | case "token": |
| 70 | tooManyRequestParams.TokenPath = true |
| 71 | case "keys": |
| 72 | tooManyRequestParams.KeysPath = true |
| 73 | case "userinfo": |
| 74 | tooManyRequestParams.UserInfoPath = true |
| 75 | case "device": |
| 76 | tooManyRequestParams.DeviceAuth = true |
| 77 | case "device-verify": |
| 78 | tooManyRequestParams.DeviceVerify = true |
| 79 | default: |
| 80 | log.Printf("Unknown too-many-requests value: %s\nView the `testidp/main.go` for valid values.", v) |
| 81 | } |
| 82 | } |
| 83 | } |
| 84 | |
| 85 | return func(t *testing.T) { |
| 86 | idp := oidctest.NewFakeIDP(t, |
| 87 | oidctest.WithServing(), |
| 88 | oidctest.WithStaticUserInfo(jwt.MapClaims{ |
| 89 | // This is a static set of auth fields. Might be beneficial to make flags |
| 90 | // to allow different values here. This is only required for using the |
| 91 | // testIDP as primary auth. External auth does not ever fetch these fields. |
| 92 | "sub": uuid.MustParse("26c6a19c-b9b8-493b-a991-88a4c3310314"), |
| 93 | "email": "oidc_member@coder.com", |
| 94 | "preferred_username": "oidc_member", |
| 95 | "email_verified": true, |
| 96 | "groups": []string{"testidp", "qa", "engineering"}, |
| 97 | "roles": []string{"testidp", "admin", "higher_power"}, |
| 98 | }), |
| 99 | oidctest.WithDefaultIDClaims(jwt.MapClaims{ |
| 100 | "sub": uuid.MustParse("26c6a19c-b9b8-493b-a991-88a4c3310314"), |
| 101 | }), |
| 102 | oidctest.WithDefaultExpire(*expiry), |
| 103 | oidctest.WithStaticCredentials(*clientID, *clientSecret), |
| 104 | oidctest.WithIssuer("http://localhost:4500"), |
| 105 | oidctest.WithLogger(slog.Make(sloghuman.Sink(os.Stderr))), |
| 106 | oidctest.With429(tooManyRequestParams), |
| 107 | ) |
| 108 | id, sec := idp.AppCredentials() |
| 109 | prov := idp.WellknownConfig() |
| 110 | const appID = "fake" |
| 111 | coderCfg := idp.ExternalAuthConfig(t, appID, &oidctest.ExternalAuthConfigOptions{ |
| 112 | UseDeviceAuth: *deviceFlow, |
| 113 | }) |
| 114 | |
| 115 | log.Println("IDP Issuer URL", idp.IssuerURL()) |
| 116 | log.Println("Coderd Flags") |
no test coverage detected