Documentation
¶
Overview ¶
Package mock provides a convenient mock of JWT token and JWKS response to use in your tests. The mock does not require a private key and will create one if necessary.
Example:
require "github.com/dsggregory/jwtv/pkg/mock"
// a mock JWT token signer
mj, err := mock.NewJWT("")
So(err, ShouldBeNil)
// a mock JWKS service to return our mock signing key
jwkts := mj.NewJWKService()
defer jwkts.Close()
// create and sign a token
token := mj.SignClaims(jwt.MapClaims{}, time.Now().Add(time.Minute))
...
// use token in your http request
req.Header.Set("Authorization", "Bearer " + token)
Index ¶
- func B64UrlUintToPub(ns, es string) (*rsa.PublicKey, error)
- func PubToB64UrlUint(pk *rsa.PublicKey) (encN, encE string)
- type JWKService
- type JWKey
- type JWKeys
- type JWT
- func (m *JWT) CertB64() (string, error)
- func (m *JWT) E() string
- func (m *JWT) N() string
- func (m *JWT) NewJWKService() *JWKService
- func (m *JWT) NewToken(data jwt.MapClaims, expires time.Time, keyID string) *jwt.Token
- func (m *JWT) PubPEM() string
- func (m *JWT) PubString() string
- func (m *JWT) SignClaims(data jwt.MapClaims, expires time.Time) string
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func B64UrlUintToPub ¶
B64UrlUintToPub converts Base64UrlUint-encoded strings to an RSA public key
func PubToB64UrlUint ¶
PubToB64UrlUint converts RSA public key to Base64UrlUint-encoded modulus and exponent strings, for testing
Types ¶
type JWKService ¶
type JWKService struct {
// Server a mock JWK server
Server *httptest.Server
// FetchCounter number of times it has hit the JWK service for keys
FetchCounter int
// KeyResponse the key to respond with in the JWK Set
KeyResponse JWKey
}
JWKService an instance of a mock JWK service to respond with well-known keys
func (*JWKService) URL ¶
func (mjwk *JWKService) URL() string
URL returns URL of the httptest server
func (*JWKService) WriteResponse ¶
func (mjwk *JWKService) WriteResponse(w http.ResponseWriter, r *http.Request)
WriteResponse write the KeyResponse data as a JWK Set in JSON
type JWKey ¶
type JWKey struct {
// N RSA public key modulus, Base64urlUInt-encoded
N string `json:"n"`
// E RSA public key exponent, Base64urlUInt-encoded
E string `json:"e"`
// KID the key ID known to the OIDC server
KID string `json:"kid"`
// X5c RawStdEncoding Base64 DER of RSA signing cert chain. Supersedes N and E.
X5c []string `json:"x5c"`
// Use should be "sig"
Use string `json:"use"`
// Alg signature algorithm (RS256)
Alg string `json:"alg"`
// Kty key type (RSA)
Kty string `json:"kty"`
}
JWKey an RSA JWKS struct
type JWKeys ¶
type JWKeys struct {
Keys []JWKey `json:"keys"`
}
JWKeys the response from a call to a well-known JWKS endpoint that returns a list of the OIDC's signing certs
type JWT ¶
type JWT struct {
RsaPrivateKey *rsa.PrivateKey
RsaPubkey *rsa.PublicKey
PrivKeyDer []byte
PubKeyDer []byte
// Cert X509 certificate (in DER) signed by the private key
Cert []byte
CertPEM string
// contains filtered or unexported fields
}
JWT a mock interface to JWT signing
func NewJWT ¶
NewJWT creates an instance to mock a JWT to be signed by a known key file or generated key if keyPath is empty
func (*JWT) CertB64 ¶
CertB64 return the test certificate Base64 of DER to be used for example, the 'x5c' JWK response
func (*JWT) NewJWKService ¶
func (m *JWT) NewJWKService() *JWKService
NewJWKService creates a new HTTP test server to respond with JWKS well-known keys. Remember to call the Close() method on the returned server.
func (*JWT) NewToken ¶
NewToken just create a token without signing it into an accessToken. See SignClaims for the latter.
Source Files