MCPcopy Index your code
hub / github.com/coder/coder / encodeClaims

Method encodeClaims

coderd/coderdtest/oidctest/idp.go:905–935  ·  view source on GitHub ↗

encodeClaims is a helper func to convert claims to a valid JWT.

(t testing.TB, claims jwt.MapClaims)

Source from the content-addressed store, hash-verified

903
904// encodeClaims is a helper func to convert claims to a valid JWT.
905func (f *FakeIDP) encodeClaims(t testing.TB, claims jwt.MapClaims) string {
906 t.Helper()
907
908 if _, ok := claims["exp"]; !ok {
909 claims["exp"] = time.Now().Add(time.Hour).UnixMilli()
910 }
911
912 if _, ok := claims["aud"]; !ok {
913 claims["aud"] = f.clientID
914 }
915
916 if _, ok := claims["iss"]; !ok {
917 claims["iss"] = f.locked.Issuer()
918 }
919
920 // Default email_verified to true so that tests that do not care
921 // about the email_verified flow are not forced to set it.
922 // Tests that need a different value can set it explicitly.
923 // Use WithOmitEmailVerifiedDefault() to suppress this default
924 // for tests that need to exercise the absent-claim path.
925 if !f.omitEmailVerifiedDefault {
926 if _, ok := claims["email_verified"]; !ok {
927 claims["email_verified"] = true
928 }
929 }
930
931 signed, err := jwt.NewWithClaims(jwt.SigningMethodRS256, claims).SignedString(f.locked.PrivateKey())
932 require.NoError(t, err)
933
934 return signed
935}
936
937// httpHandler is the IDP http server.
938func (f *FakeIDP) httpHandler(t testing.TB) http.Handler {

Callers 2

newTokenMethod · 0.95
httpHandlerMethod · 0.95

Calls 4

IssuerMethod · 0.80
PrivateKeyMethod · 0.80
HelperMethod · 0.65
AddMethod · 0.65

Tested by

no test coverage detected