helpers

package
v0.9.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 6, 2026 License: Apache-2.0 Imports: 15 Imported by: 0

Documentation

Overview

Package helpers provides test utilities for auth server integration tests.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GetFreePort 

func GetFreePort(tb testing.TB) int

GetFreePort returns an available TCP port on localhost.

func NewEmbeddedAuthServer 

func NewEmbeddedAuthServer(
	ctx context.Context,
	tb testing.TB,
	cfg *authserver.RunConfig,
) *authserverrunner.EmbeddedAuthServer

NewEmbeddedAuthServer creates an embedded auth server for testing. Returns the server and handles cleanup on test completion.

func NewTestAuthServerConfig 

func NewTestAuthServerConfig(tb testing.TB, upstreamURL string, opts ...AuthServerOption) *authserver.RunConfig

NewTestAuthServerConfig creates a minimal valid RunConfig for testing. Uses development mode defaults (ephemeral signing keys, ephemeral HMAC secrets).

Types

type AuthServerOption 

type AuthServerOption func(*authServerConfig)

AuthServerOption is a functional option for configuring a test auth server.

func WithAllowedAudiences 

func WithAllowedAudiences(audiences []string) AuthServerOption

WithAllowedAudiences sets the allowed resource audiences.

func WithHMACSecrets 

func WithHMACSecrets(files []string) AuthServerOption

WithHMACSecrets sets the HMAC secret file paths.

func WithIssuer 

func WithIssuer(issuer string) AuthServerOption

WithIssuer sets the issuer URL.

func WithScopesSupported 

func WithScopesSupported(scopes []string) AuthServerOption

WithScopesSupported sets the supported scopes.

func WithSigningKey 

func WithSigningKey(cfg *authserver.SigningKeyRunConfig) AuthServerOption

WithSigningKey sets the signing key configuration.

func WithTokenLifespans 

func WithTokenLifespans(cfg *authserver.TokenLifespanRunConfig) AuthServerOption

WithTokenLifespans sets the token lifespan configuration.

func WithUpstreams 

func WithUpstreams(upstreams []authserver.UpstreamRunConfig) AuthServerOption

WithUpstreams sets the upstream IDP configurations.

type MockUpstreamIDP 

type MockUpstreamIDP struct {
	Server           *httptest.Server
	AuthorizeHandler func(w http.ResponseWriter, r *http.Request)
	TokenHandler     func(w http.ResponseWriter, r *http.Request)
	UserInfoHandler  func(w http.ResponseWriter, r *http.Request)
	// contains filtered or unexported fields
}

MockUpstreamIDP creates a mock OAuth2/OIDC upstream identity provider. It provides minimal endpoints needed for testing the auth server integration.

func NewMockUpstreamIDP 

func NewMockUpstreamIDP(tb testing.TB, opts ...MockUpstreamOption) *MockUpstreamIDP

NewMockUpstreamIDP creates a mock upstream IDP for testing. The server is automatically started and will be ready when this function returns.

func (*MockUpstreamIDP) URL 

func (m *MockUpstreamIDP) URL() string

URL returns the base URL of the mock upstream.

type MockUpstreamOption 

type MockUpstreamOption func(*MockUpstreamIDP)

MockUpstreamOption is a functional option for configuring the mock upstream.

func WithAuthorizeHandler 

func WithAuthorizeHandler(h func(w http.ResponseWriter, r *http.Request)) MockUpstreamOption

WithAuthorizeHandler sets a custom authorization endpoint handler.

func WithTokenHandler 

func WithTokenHandler(h func(w http.ResponseWriter, r *http.Request)) MockUpstreamOption

WithTokenHandler sets a custom token endpoint handler.

func WithUserInfoHandler 

func WithUserInfoHandler(h func(w http.ResponseWriter, r *http.Request)) MockUpstreamOption

WithUserInfoHandler sets a custom userinfo endpoint handler.

type OAuthClient 

type OAuthClient struct {
	// contains filtered or unexported fields
}

OAuthClient provides helper methods for testing OAuth flows.

func NewOAuthClient 

func NewOAuthClient(baseURL string) *OAuthClient

NewOAuthClient creates an HTTP client configured for OAuth testing. The client does NOT follow redirects automatically, allowing tests to verify redirect behavior.

func (*OAuthClient) ExchangeToken 

func (c *OAuthClient) ExchangeToken(params url.Values) (map[string]interface{}, int, error)

ExchangeToken performs a token exchange at the token endpoint.

func (*OAuthClient) Get 

func (c *OAuthClient) Get(path string) (*http.Response, error)

Get performs a GET request to the specified path.

func (*OAuthClient) GetJWKS 

func (c *OAuthClient) GetJWKS() (map[string]interface{}, int, error)

GetJWKS fetches the JWKS endpoint and returns the parsed response.

func (*OAuthClient) GetOAuthDiscovery 

func (c *OAuthClient) GetOAuthDiscovery() (map[string]interface{}, int, error)

GetOAuthDiscovery fetches the OAuth Authorization Server Metadata endpoint.

func (*OAuthClient) GetOIDCDiscovery 

func (c *OAuthClient) GetOIDCDiscovery() (map[string]interface{}, int, error)

GetOIDCDiscovery fetches the OIDC Discovery endpoint.

func (*OAuthClient) RegisterClient 

func (c *OAuthClient) RegisterClient(clientMetadata map[string]interface{}) (map[string]interface{}, int, error)

RegisterClient performs dynamic client registration.

func (*OAuthClient) StartAuthorization 

func (c *OAuthClient) StartAuthorization(params url.Values) (*http.Response, error)

StartAuthorization initiates the OAuth authorization flow. Returns the HTTP response including the redirect location.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.