-
Notifications
You must be signed in to change notification settings - Fork 9
Expand file tree
/
Copy pathmock_authority.go
More file actions
133 lines (116 loc) · 3.57 KB
/
mock_authority.go
File metadata and controls
133 lines (116 loc) · 3.57 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
package oidfed
import (
"crypto/ecdsa"
"crypto/elliptic"
"crypto/rand"
"fmt"
mathrand "math/rand"
"time"
"github.com/lestrrat-go/jwx/v3/jwa"
"github.com/go-oidfed/lib/jwx"
"github.com/go-oidfed/lib/unixtime"
)
type mockAuthority struct {
EntityID string
FetchEndpoint string
ListEndpoint string
data EntityStatementPayload
*jwx.EntityStatementSigner
subordinates []mockSubordinateInfo
}
func (a mockAuthority) EntityConfigurationJWT() ([]byte, error) {
return a.EntityStatementSigner.JWT(a.EntityStatementPayload())
}
func (a mockAuthority) FetchResponse(sub string) ([]byte, error) {
pay := a.SubordinateEntityStatementPayload(sub)
return a.EntityStatementSigner.JWT(pay)
}
func (a mockAuthority) Subordinates(_ string) (subordinates []string, err error) {
for _, sub := range a.subordinates {
subordinates = append(subordinates, sub.entityID)
}
return
}
type mockSubordinateInfo struct {
entityID string
jwks jwx.JWKS
}
type mockSubordinate interface {
GetSubordinateInfo() mockSubordinateInfo
AddAuthority(authorityID string)
}
func newMockAuthority(entityID string, data EntityStatementPayload) *mockAuthority {
sk, err := ecdsa.GenerateKey(elliptic.P521(), rand.Reader)
if err != nil {
panic(err)
}
data.JWKS, err = jwx.KeyToJWKS(sk.Public(), jwa.ES512())
if err != nil {
panic(err)
}
data.Issuer = entityID
data.Subject = entityID
a := &mockAuthority{
EntityID: entityID,
FetchEndpoint: fmt.Sprintf("%s/fetch", entityID),
ListEndpoint: fmt.Sprintf("%s/list", entityID),
data: data,
EntityStatementSigner: jwx.NewEntityStatementSigner(
jwx.NewSingleKeyVersatileSigner(sk, jwa.ES512()),
),
}
if a.data.Metadata == nil {
a.data.Metadata = &Metadata{}
}
if a.data.Metadata.FederationEntity == nil {
a.data.Metadata.FederationEntity = &FederationEntityMetadata{}
}
a.data.Metadata.FederationEntity.OrganizationName = fmt.Sprintf("Organization %d", mathrand.Int()%100)
a.data.Metadata.FederationEntity.FederationFetchEndpoint = a.FetchEndpoint
a.data.Metadata.FederationEntity.FederationListEndpoint = a.ListEndpoint
mockEntityConfiguration(a.EntityID, a)
mockFetchEndpoint(a.FetchEndpoint, a)
mockListEndpoint(a.ListEndpoint, a)
return a
}
func (a mockAuthority) EntityStatementPayload() *EntityStatementPayload {
now := time.Now()
payload := a.data
payload.IssuedAt = unixtime.Unixtime{Time: now}
payload.ExpiresAt = unixtime.Unixtime{Time: now.Add(time.Second * time.Duration(mockStmtLifetime))}
return &payload
}
func (a mockAuthority) SubordinateEntityStatementPayload(subID string) EntityStatementPayload {
now := time.Now()
var jwks jwx.JWKS
for _, s := range a.subordinates {
if s.entityID == subID {
jwks = s.jwks
}
}
payload := EntityStatementPayload{
Issuer: a.EntityID,
Subject: subID,
IssuedAt: unixtime.Unixtime{Time: now},
ExpiresAt: unixtime.Unixtime{Time: now.Add(time.Second * time.Duration(mockStmtLifetime))},
JWKS: jwks,
MetadataPolicy: a.data.MetadataPolicy,
MetadataPolicyCrit: a.data.MetadataPolicyCrit,
Constraints: a.data.Constraints,
}
return payload
}
func (a mockAuthority) GetSubordinateInfo() mockSubordinateInfo {
return mockSubordinateInfo{
entityID: a.EntityID,
jwks: a.data.JWKS,
}
}
func (a *mockAuthority) AddAuthority(authorityID string) {
a.data.AuthorityHints = append(a.data.AuthorityHints, authorityID)
}
func (a *mockAuthority) RegisterSubordinate(s mockSubordinate) {
info := s.GetSubordinateInfo()
a.subordinates = append(a.subordinates, info)
s.AddAuthority(a.EntityID)
}