102 lines
2.0 KiB
Go
102 lines
2.0 KiB
Go
package keyserve
|
|
|
|
import (
|
|
"context"
|
|
"crypto/ecdsa"
|
|
"crypto/elliptic"
|
|
"crypto/rand"
|
|
"encoding/json"
|
|
"io/ioutil"
|
|
"log"
|
|
"net/http"
|
|
"os"
|
|
"testing"
|
|
"time"
|
|
|
|
"git.rootprojects.org/root/keypairs"
|
|
)
|
|
|
|
func TestServeKeys(t *testing.T) {
|
|
eckey, _ := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
|
|
pubs := []keypairs.PublicKey{
|
|
keypairs.NewPublicKey(eckey.Public()),
|
|
}
|
|
|
|
addr := ":62017"
|
|
done := make(chan bool, 1)
|
|
|
|
h := &http.Server{Addr: addr, Handler: &server{Middleware: Middleware{Keys: pubs}}}
|
|
|
|
logger := log.New(os.Stdout, "", 0)
|
|
|
|
go func() {
|
|
logger.Printf("Listening on http://0.0.0.0%s\n", addr)
|
|
|
|
if err := h.ListenAndServe(); err != nil {
|
|
// TODO check for the non-error server closed error
|
|
//logger.Fatal(err)
|
|
}
|
|
|
|
done <- true
|
|
}()
|
|
|
|
go func() {
|
|
time.Sleep(15 * time.Second)
|
|
ctx, _ := context.WithTimeout(context.Background(), 15*time.Second)
|
|
h.Shutdown(ctx)
|
|
}()
|
|
|
|
m := map[string]string{}
|
|
resp, err := http.Get("http://localhost" + addr + "/.well-known/openid-configuration")
|
|
if nil != err {
|
|
log.Fatal(err)
|
|
}
|
|
dec := json.NewDecoder(resp.Body)
|
|
err = dec.Decode(&m)
|
|
if nil != err {
|
|
log.Fatal(err)
|
|
}
|
|
|
|
n := struct {
|
|
Keys []map[string]interface{} `json:"keys"`
|
|
}{
|
|
Keys: []map[string]interface{}{},
|
|
}
|
|
resp, err = http.Get(m["jwks_uri"])
|
|
if nil != err {
|
|
log.Fatal(err)
|
|
}
|
|
dec = json.NewDecoder(resp.Body)
|
|
err = dec.Decode(&n)
|
|
if nil != err {
|
|
log.Fatal(err)
|
|
}
|
|
|
|
resp, err = http.Get("http://localhost" + addr + "/pem")
|
|
if nil != err {
|
|
log.Fatal(err)
|
|
}
|
|
bytes, err := ioutil.ReadAll(resp.Body)
|
|
if nil != err {
|
|
log.Fatal(err)
|
|
}
|
|
_, err = keypairs.ParsePublicKey(bytes)
|
|
if nil != err {
|
|
log.Fatal("Could not parse PEM/cert from self")
|
|
log.Fatal(err)
|
|
}
|
|
|
|
h.Shutdown(context.Background())
|
|
<-done
|
|
}
|
|
|
|
type server struct {
|
|
Middleware Middleware
|
|
}
|
|
|
|
func (s *server) ServeHTTP(w http.ResponseWriter, r *http.Request) {
|
|
if !s.Middleware.Handler(w, r) {
|
|
w.Write([]byte("Try .well-known/openid-configuration or .well-known/jwks.json"))
|
|
}
|
|
}
|