add specific key test
This commit is contained in:
parent
c4fc285259
commit
1205ea05e1
|
|
@ -26,6 +26,15 @@ func TestCachesKey(t *testing.T) {
|
||||||
testCachesKey(t, "https://big-squid.github.io/")
|
testCachesKey(t, "https://big-squid.github.io/")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func TestKnownKID(t *testing.T) {
|
||||||
|
url := "https://kraken-dev.auth0.com"
|
||||||
|
kid := "RkVGNTM5NDc4NkM4NjA5OEMxMTNCMTNBQ0RGRDA0MEQ0RDNDMkM3Qw"
|
||||||
|
_, err := OIDCJWK(kid, url)
|
||||||
|
if nil != err {
|
||||||
|
t.Fatal(url, err)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
func testCachesKey(t *testing.T, url string) {
|
func testCachesKey(t *testing.T, url string) {
|
||||||
// Raw fetch a key and get KID and Thumbprint
|
// Raw fetch a key and get KID and Thumbprint
|
||||||
_, keys, err := uncached.OIDCJWKs(url)
|
_, keys, err := uncached.OIDCJWKs(url)
|
||||||
|
|
|
||||||
|
|
@ -40,97 +40,97 @@ func TestIssuerMatches(t *testing.T) {
|
||||||
|
|
||||||
var iss string
|
var iss string
|
||||||
iss = "https://example.com"
|
iss = "https://example.com"
|
||||||
if !IsTrustedIssuer(iss, list) {
|
if !list.IsTrustedIssuer(iss) {
|
||||||
t.Fatal("A good domain didn't make it:", iss)
|
t.Fatal("A good domain didn't make it:", iss)
|
||||||
}
|
}
|
||||||
|
|
||||||
iss = "https://example.com/"
|
iss = "https://example.com/"
|
||||||
if !IsTrustedIssuer(iss, list) {
|
if !list.IsTrustedIssuer(iss) {
|
||||||
t.Fatal("A good domain didn't make it:", iss)
|
t.Fatal("A good domain didn't make it:", iss)
|
||||||
}
|
}
|
||||||
|
|
||||||
iss = "http://example.com"
|
iss = "http://example.com"
|
||||||
if IsTrustedIssuer(iss, list) {
|
if list.IsTrustedIssuer(iss) {
|
||||||
t.Fatal("A bad URL slipped past", iss)
|
t.Fatal("A bad URL slipped past", iss)
|
||||||
}
|
}
|
||||||
|
|
||||||
iss = "https://example.com/foo"
|
iss = "https://example.com/foo"
|
||||||
if IsTrustedIssuer(iss, list) {
|
if list.IsTrustedIssuer(iss) {
|
||||||
t.Fatal("A bad URL slipped past", iss)
|
t.Fatal("A bad URL slipped past", iss)
|
||||||
}
|
}
|
||||||
|
|
||||||
iss = "http://happy.xyz/abc"
|
iss = "http://happy.xyz/abc"
|
||||||
if !IsTrustedIssuer(iss, list) {
|
if !list.IsTrustedIssuer(iss) {
|
||||||
t.Fatal("A good URL didn't make it:", iss)
|
t.Fatal("A good URL didn't make it:", iss)
|
||||||
}
|
}
|
||||||
|
|
||||||
iss = "http://happy.xyz/abc/"
|
iss = "http://happy.xyz/abc/"
|
||||||
if !IsTrustedIssuer(iss, list) {
|
if !list.IsTrustedIssuer(iss) {
|
||||||
t.Fatal("A good URL didn't make it:", iss)
|
t.Fatal("A good URL didn't make it:", iss)
|
||||||
}
|
}
|
||||||
|
|
||||||
iss = "http://happy.xyz/abc/d"
|
iss = "http://happy.xyz/abc/d"
|
||||||
if IsTrustedIssuer(iss, list) {
|
if list.IsTrustedIssuer(iss) {
|
||||||
t.Fatal("A bad URL slipped past", iss)
|
t.Fatal("A bad URL slipped past", iss)
|
||||||
}
|
}
|
||||||
|
|
||||||
iss = "http://happy.xyz/abcd"
|
iss = "http://happy.xyz/abcd"
|
||||||
if IsTrustedIssuer(iss, list) {
|
if list.IsTrustedIssuer(iss) {
|
||||||
t.Fatal("A bad URL slipped past", iss)
|
t.Fatal("A bad URL slipped past", iss)
|
||||||
}
|
}
|
||||||
|
|
||||||
iss = "https://foobar.net/def"
|
iss = "https://foobar.net/def"
|
||||||
if !IsTrustedIssuer(iss, list) {
|
if !list.IsTrustedIssuer(iss) {
|
||||||
t.Fatal("A good URL didn't make it:", iss)
|
t.Fatal("A good URL didn't make it:", iss)
|
||||||
}
|
}
|
||||||
|
|
||||||
iss = "https://foobar.net/def/"
|
iss = "https://foobar.net/def/"
|
||||||
if !IsTrustedIssuer(iss, list) {
|
if !list.IsTrustedIssuer(iss) {
|
||||||
t.Fatal("A good URL didn't make it:", iss)
|
t.Fatal("A good URL didn't make it:", iss)
|
||||||
}
|
}
|
||||||
|
|
||||||
iss = "http://foobar.net/def/"
|
iss = "http://foobar.net/def/"
|
||||||
if IsTrustedIssuer(iss, list) {
|
if list.IsTrustedIssuer(iss) {
|
||||||
t.Fatal("A bad URL slipped past", iss)
|
t.Fatal("A bad URL slipped past", iss)
|
||||||
}
|
}
|
||||||
|
|
||||||
iss = "https://foobar.net/def/e"
|
iss = "https://foobar.net/def/e"
|
||||||
if IsTrustedIssuer(iss, list) {
|
if list.IsTrustedIssuer(iss) {
|
||||||
t.Fatal("A bad URL slipped past", iss)
|
t.Fatal("A bad URL slipped past", iss)
|
||||||
}
|
}
|
||||||
|
|
||||||
iss = "https://foobar.net/defe"
|
iss = "https://foobar.net/defe"
|
||||||
if IsTrustedIssuer(iss, list) {
|
if list.IsTrustedIssuer(iss) {
|
||||||
t.Fatal("A bad URL slipped past", iss)
|
t.Fatal("A bad URL slipped past", iss)
|
||||||
}
|
}
|
||||||
|
|
||||||
iss = "https://wild.org"
|
iss = "https://wild.org"
|
||||||
if IsTrustedIssuer(iss, list) {
|
if list.IsTrustedIssuer(iss) {
|
||||||
t.Fatal("A bad URL slipped past", iss)
|
t.Fatal("A bad URL slipped past", iss)
|
||||||
}
|
}
|
||||||
|
|
||||||
iss = "https://foo.wild.org"
|
iss = "https://foo.wild.org"
|
||||||
if !IsTrustedIssuer(iss, list) {
|
if !list.IsTrustedIssuer(iss) {
|
||||||
t.Fatal("A good URL didn't make it:", iss)
|
t.Fatal("A good URL didn't make it:", iss)
|
||||||
}
|
}
|
||||||
|
|
||||||
iss = "https://sub.foo.wild.org"
|
iss = "https://sub.foo.wild.org"
|
||||||
if !IsTrustedIssuer(iss, list) {
|
if !list.IsTrustedIssuer(iss) {
|
||||||
t.Fatal("A good URL didn't make it:", iss)
|
t.Fatal("A good URL didn't make it:", iss)
|
||||||
}
|
}
|
||||||
|
|
||||||
iss = "https://foo.wild.org/cherries"
|
iss = "https://foo.wild.org/cherries"
|
||||||
if IsTrustedIssuer(iss, list) {
|
if list.IsTrustedIssuer(iss) {
|
||||||
t.Fatal("A bad URL slipped past", iss)
|
t.Fatal("A bad URL slipped past", iss)
|
||||||
}
|
}
|
||||||
|
|
||||||
iss = "https://sub.west.mali/verde/"
|
iss = "https://sub.west.mali/verde/"
|
||||||
if !IsTrustedIssuer(iss, list) {
|
if !list.IsTrustedIssuer(iss) {
|
||||||
t.Fatal("A good URL didn't make it:", iss)
|
t.Fatal("A good URL didn't make it:", iss)
|
||||||
}
|
}
|
||||||
|
|
||||||
iss = "https://sub.west.mali"
|
iss = "https://sub.west.mali"
|
||||||
if IsTrustedIssuer(iss, list) {
|
if list.IsTrustedIssuer(iss) {
|
||||||
t.Fatal("A bad URL slipped past", iss)
|
t.Fatal("A bad URL slipped past", iss)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -147,7 +147,7 @@ func TestImplicitIssuer(t *testing.T) {
|
||||||
}),
|
}),
|
||||||
}
|
}
|
||||||
iss = "https://example.com/foo"
|
iss = "https://example.com/foo"
|
||||||
if !IsTrustedIssuer(iss, nil, r) {
|
if !isTrustedIssuer(iss, nil, r) {
|
||||||
t.Fatal("A good URL didn't make it:", iss)
|
t.Fatal("A good URL didn't make it:", iss)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -160,7 +160,7 @@ func TestImplicitIssuer(t *testing.T) {
|
||||||
}),
|
}),
|
||||||
}
|
}
|
||||||
iss = "http://example.com/foo"
|
iss = "http://example.com/foo"
|
||||||
if IsTrustedIssuer(iss, nil, r) {
|
if isTrustedIssuer(iss, nil, r) {
|
||||||
t.Fatal("A bad URL slipped past:", iss)
|
t.Fatal("A bad URL slipped past:", iss)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -172,7 +172,7 @@ func TestImplicitIssuer(t *testing.T) {
|
||||||
}),
|
}),
|
||||||
}
|
}
|
||||||
iss = "https://example.com/foo/bar/baz"
|
iss = "https://example.com/foo/bar/baz"
|
||||||
if IsTrustedIssuer(iss, nil, r) {
|
if isTrustedIssuer(iss, nil, r) {
|
||||||
t.Fatal("A bad URL slipped past:", iss)
|
t.Fatal("A bad URL slipped past:", iss)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -184,7 +184,7 @@ func TestImplicitIssuer(t *testing.T) {
|
||||||
}),
|
}),
|
||||||
}
|
}
|
||||||
iss = "https://example.com/"
|
iss = "https://example.com/"
|
||||||
if !IsTrustedIssuer(iss, nil, r) {
|
if !isTrustedIssuer(iss, nil, r) {
|
||||||
t.Fatal("A good URL didn't make it:", iss)
|
t.Fatal("A good URL didn't make it:", iss)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue