OIDCCallback will emulate the IDP redirecting back to the Coder callback. This is helpful if no Coderd exists because the IDP needs to redirect to something. Essentially this is used to fake the Coderd side of the exchange. The flow starts at the user hitting the OIDC login page.
(t testing.TB, state string, idTokenClaims jwt.MapClaims)
| 779 | // Essentially this is used to fake the Coderd side of the exchange. |
| 780 | // The flow starts at the user hitting the OIDC login page. |
| 781 | func (f *FakeIDP) OIDCCallback(t testing.TB, state string, idTokenClaims jwt.MapClaims) *http.Response { |
| 782 | t.Helper() |
| 783 | if f.serve { |
| 784 | panic("cannot use OIDCCallback with WithServing. This is only for the in memory usage") |
| 785 | } |
| 786 | |
| 787 | opts := []oauth2.AuthCodeOption{} |
| 788 | if f.pkce { |
| 789 | verifier := oauth2.GenerateVerifier() |
| 790 | opts = append(opts, oauth2.S256ChallengeOption(oauth2.S256ChallengeFromVerifier(verifier))) |
| 791 | } |
| 792 | |
| 793 | f.stateToIDTokenClaims.Store(state, idTokenClaims) |
| 794 | |
| 795 | cli := f.HTTPClient(nil) |
| 796 | u := f.locked.Config().AuthCodeURL(state, opts...) |
| 797 | req, err := http.NewRequest("GET", u, nil) |
| 798 | require.NoError(t, err) |
| 799 | |
| 800 | resp, err := cli.Do(req.WithContext(context.Background())) |
| 801 | require.NoError(t, err) |
| 802 | |
| 803 | t.Cleanup(func() { |
| 804 | if resp.Body != nil { |
| 805 | _ = resp.Body.Close() |
| 806 | } |
| 807 | }) |
| 808 | return resp |
| 809 | } |
| 810 | |
| 811 | // ProviderJSON is the .well-known/configuration JSON |
| 812 | type ProviderJSON struct { |