Commit 0944b25a authored by Siarhei Khaletski (EPAM)'s avatar Siarhei Khaletski (EPAM) 🚩
Browse files

Added access_token support

parent bfbaf17c
Pipeline #3598 failed with stages
in 6 seconds
......@@ -32,23 +32,12 @@
version = "v0.3.1"
[[projects]]
branch = "master"
digest = "1:a74730e052a45a3fab1d310fdef2ec17ae3d6af16228421e238320846f2aaec8"
name = "github.com/alecthomas/template"
packages = [
".",
"parse",
]
pruneopts = ""
revision = "a0175ee3bccc567396460bf5acd36800cb10c49c"
[[projects]]
branch = "master"
digest = "1:8483994d21404c8a1d489f6be756e25bfccd3b45d65821f25695577791a08e68"
name = "github.com/alecthomas/units"
digest = "1:bb7f91ab4d1c44a3bb2651c613463c134165bda0282fca891a63b88d1b501997"
name = "github.com/coreos/go-oidc"
packages = ["."]
pruneopts = ""
revision = "2efee857e7cfd4f3d0138cc3cbb1b4966962b93a"
revision = "8d771559cf6e5111c9b9159810d0e4538e7cdc82"
version = "v2.2.1"
[[projects]]
digest = "1:0deddd908b6b4b768cfc272c16ee61e7088a60f7fe2f06c547bd3d8e1f8b8e77"
......@@ -194,14 +183,6 @@
revision = "8eab2debe79d12b7bd3d10653910df25fa9552ba"
version = "1.0.0"
[[projects]]
digest = "1:0f51cee70b0d254dbc93c22666ea2abf211af81c1701a96d04e2284b408621db"
name = "github.com/konsorten/go-windows-terminal-sequences"
packages = ["."]
pruneopts = ""
revision = "f55edac94c9bbba5d6182a4be46d86a2c9b5b50e"
version = "v1.0.2"
[[projects]]
digest = "1:961dc3b1d11f969370533390fdf203813162980c858e1dabe827b60940c909a5"
name = "github.com/magiconair/properties"
......@@ -243,12 +224,15 @@
version = "v1.0.0"
[[projects]]
digest = "1:96af18a3819d2ff7d6aa07e6e50955b11e477dbc8b890324c67462b84adca56b"
name = "github.com/prometheus/common"
packages = ["log"]
branch = "master"
digest = "1:de5481dda0c081b66450e391bbb1a5c4435b13e3c0bbf0133ba1a5baeda7b7af"
name = "github.com/pquerna/cachecontrol"
packages = [
".",
"cacheobject",
]
pruneopts = ""
revision = "cfeb6f9992ffa54aaa4f2170ade4067ee478b250"
version = "v0.2.0"
revision = "1555304b9b35fdd2b425bccf1a5613677705e7d0"
[[projects]]
digest = "1:3b23607374368ee32c86d3233ea3471a8d36af22647348d582ac930d94da334e"
......@@ -274,14 +258,6 @@
revision = "f58768cc1a7a7e77a3bd49e98cdd21419399b6a3"
version = "v1.2.0"
[[projects]]
digest = "1:b73fe282e350b3ef2c71d8ff08e929e0b9670b1bb5b7fde1d3c1b4cd6e6dc8b1"
name = "github.com/sirupsen/logrus"
packages = ["."]
pruneopts = ""
revision = "dae0fa8d5b0c810a8ab733fbd5510c7cae84eca4"
version = "v1.4.0"
[[projects]]
digest = "1:d9f371ceb44045ca4405b65fed916e4b45396340b9e8674851c3d652f6351cde"
name = "github.com/spf13/afero"
......@@ -376,7 +352,6 @@
"ed25519",
"ed25519/internal/edwards25519",
"pbkdf2",
"ssh/terminal",
]
pruneopts = ""
revision = "4def268fd1a49955bfb3dda92fe3db4f924f2285"
......@@ -446,12 +421,7 @@
branch = "master"
digest = "1:9f5e388a2e01d646e82dc420469e21a6e0e7a526954ef1638009bc87eacf578e"
name = "golang.org/x/sys"
packages = [
"unix",
"windows",
"windows/registry",
"windows/svc/eventlog",
]
packages = ["unix"]
pruneopts = ""
revision = "a2f829d7f35f2ed1c3520c553a6226495455cae0"
......@@ -612,14 +582,6 @@
revision = "2fdaae294f38ed9a121193c51ec99fecd3b13eb7"
version = "v1.19.0"
[[projects]]
digest = "1:15d017551627c8bb091bde628215b2861bed128855343fdd570c62d08871f6e1"
name = "gopkg.in/alecthomas/kingpin.v2"
packages = ["."]
pruneopts = ""
revision = "947dcec5ba9c011838740e680966fd7087a71d0d"
version = "v2.2.6"
[[projects]]
digest = "1:40cf02345bfa29fb217cfe0767a9416d99569d4ff21dbb1fd3378ef10682549c"
name = "gopkg.in/square/go-jose.v2"
......@@ -678,6 +640,7 @@
"cloud.google.com/go/logging",
"cloud.google.com/go/profiler",
"cloud.google.com/go/storage",
"github.com/coreos/go-oidc",
"github.com/dgrijalva/jwt-go",
"github.com/franela/goblin",
"github.com/golang/mock/gomock",
......@@ -686,7 +649,6 @@
"github.com/gorilla/mux",
"github.com/jpillora/backoff",
"github.com/pkg/errors",
"github.com/prometheus/common/log",
"github.com/rafaeljusto/redigomock",
"github.com/rs/cors",
"github.com/satori/go.uuid",
......
package main
import (
"cloud.google.com/go/datastore"
"cloud.google.com/go/profiler"
golangContext "context"
"entitlements/accountmapping"
"entitlements/httpwrapper"
"entitlements/jwt"
"fmt"
"github.com/gorilla/context"
"github.com/gorilla/mux"
"github.com/rs/cors"
"github.com/spf13/viper"
"golang.org/x/net/trace"
"log"
"net/http"
"os"
"strconv"
"time"
loggingLibrary "cloud.google.com/go/logging"
"cloud.google.com/go/datastore"
"cloud.google.com/go/profiler"
"github.com/coreos/go-oidc"
"github.com/gorilla/context"
"github.com/gorilla/mux"
"github.com/rs/cors"
"github.com/spf13/viper"
"golang.org/x/net/trace"
"entitlements/api"
"entitlements/common"
"entitlements/logging"
......@@ -29,6 +30,8 @@ import (
"entitlements/services"
"entitlements/utility"
"entitlements/validation"
loggingLibrary "cloud.google.com/go/logging"
)
func init() {
......@@ -129,8 +132,16 @@ func initHandler() (http.Handler, *mux.Router) {
identityMap,
}
ctx := golangContext.Background()
var oidcProvider utility.OidsProviderInterface
oidcProvider, err = oidc.NewProvider(ctx, common.GoogleOpenIdHost)
if err != nil {
log.Fatalf(err.Error())
return nil, m
}
api.AddRoutes(entitlements,
middleware.NewAuthMiddlewareService(redisOperations, dbAccessor, tokenServiceClient),
middleware.NewAuthMiddlewareService(redisOperations, dbAccessor, tokenServiceClient, oidcProvider),
validation.NewValidators(redisOperations), datalakeAPI, &api.AuthServiceAPI{AuthService: services.NewAuthService(httpClientWrapper)})
// CORS
......
......@@ -112,6 +112,8 @@ const (
Email = "email"
GoogleOpenIdHost = "https://accounts.google.com"
GoogleJWKUri = "https://www.googleapis.com/oauth2/v3/certs"
PrefixJWKCacheKey = "jwk-"
......@@ -139,6 +141,8 @@ const (
//"userid": "domain_member@quibitai.com",
//"iss": "accounts.google.com"
//}
AccessTokenGoogleDomainUser = "ya29.a0AfH6SMCwXbAmZeAjvl7aH254OFVS5E6Ub_By2goM0d2KEuXKKtcNR-_YN9wUCPx1iCT5nHRR5QmfMSgNKF1Df6n78edx7dJ-FFQqsAOKyI7dyrl7NfXpCs3FctaWDKQfrgSm5DMUskha1K5IJXWufEpkuQ9paEvojoeh6w"
)
// logging package const
......
......@@ -8,12 +8,13 @@ import (
"entitlements/logging"
"entitlements/redis"
"entitlements/utility"
"runtime/debug"
"errors"
"fmt"
"github.com/gorilla/context"
"net/http"
"runtime/debug"
"strings"
"github.com/gorilla/context"
)
//go:generate mockgen -destination=../mocks/middleware.go -package=mocks -source=middleware.go
......@@ -30,11 +31,12 @@ type MiddlewareService struct {
RedisOps redis.OperationsInterface
TokenSvc jwt.TokenIssuer
TenantInfoAccessor accountmapping.TenantInfoAccessor
OidcProvider utility.OidsProviderInterface
}
// NewAuthMiddlewareService initializes the data lake api service
func NewAuthMiddlewareService(redisOperations redis.OperationsInterface, dbAccessor accountmapping.TenantInfoAccessor, tokenSvc jwt.TokenIssuer) *MiddlewareService {
return &MiddlewareService{RedisOps: redisOperations, TokenSvc: tokenSvc, TenantInfoAccessor: dbAccessor}
func NewAuthMiddlewareService(redisOperations redis.OperationsInterface, dbAccessor accountmapping.TenantInfoAccessor, tokenSvc jwt.TokenIssuer, oidcProvider utility.OidsProviderInterface) *MiddlewareService {
return &MiddlewareService{RedisOps: redisOperations, TokenSvc: tokenSvc, TenantInfoAccessor: dbAccessor, OidcProvider: oidcProvider}
}
// Authz adds an auth middleware to a context handler
......@@ -97,27 +99,38 @@ func (as *MiddlewareService) AuthzOwner(fn func(http.ResponseWriter, *http.Reque
func (as *MiddlewareService) MapDataPartitionIds(fn func(http.ResponseWriter, *http.Request)) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
if tokenString, err := jwt.ExtractBearerToken(r, common.Authorization); err != nil {
var (
isFailed = false
requestInfo *utility.RequestInfo
err error
tokenString string
)
if tokenString, err = jwt.ExtractBearerToken(r, common.Authorization); err != nil {
isFailed = true
} else if requestInfo, err = jwt.GetClaimsFromToken(tokenString); err != nil {
if requestInfo, err = utility.ParseAccessToken(tokenString, as.OidcProvider); err != nil {
isFailed = true
}
}
if isFailed {
writeErrorResponse(err, err.Error(), w, r)
return
} else if requestInfo, err := jwt.GetClaimsFromToken(tokenString); err != nil{
}
context.Set(r, common.RequestInfoKey, &requestInfo)
dataPartitionIds, err := as.mapAccountID(r)
if err != nil {
writeErrorResponse(err, err.Error(), w, r)
return
} else {
context.Set(r, common.RequestInfoKey, &requestInfo)
dataPartitionIds, err := as.mapAccountID(r)
if err != nil {
writeErrorResponse(err, err.Error(), w, r)
return
}
context.Set(r, common.AuthUserID, requestInfo.DesID)
utility.SetRequestInfoAccountIds(r, requestInfo, dataPartitionIds)
fn(w, r)
}
context.Set(r, common.AuthUserID, requestInfo.DesID)
utility.SetRequestInfoAccountIds(r, requestInfo, dataPartitionIds)
fn(w, r)
}
}
func (as *MiddlewareService) PullGroups(fn func(http.ResponseWriter, *http.Request)) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
authEmail := context.Get(r, common.AuthUserID).(string)
......@@ -167,7 +180,7 @@ func (as *MiddlewareService) mapAccountID(request *http.Request) ([]string, erro
dataPartitionIDs := request.Header.Get(common.DataPartitionID)
if len(dataPartitionIDs) == 0 {
return []string{}, errors.New(common.MissingAccountIDError)
return []string{}, errors.New(common.MissingAccountIDError)
}
dataPartitionIdList := strings.Split(dataPartitionIDs, ",")
......
......@@ -7,12 +7,14 @@ import (
"entitlements/utility"
"entitlements/validation"
"fmt"
"github.com/golang/mock/gomock"
"github.com/gorilla/mux"
"net/http"
"net/http/httptest"
"testing"
"github.com/golang/mock/gomock"
"github.com/gorilla/mux"
oidc "github.com/coreos/go-oidc"
"github.com/franela/goblin"
"github.com/gorilla/context"
)
......@@ -24,11 +26,15 @@ func TestMapDataPartitionIds(t *testing.T) {
mockTenantInfoAccesser := mocks.NewMockTenantInfoAccessor(ctrl)
mockRedisOps := mocks.NewMockOperationsInterface(ctrl)
mockTokenService := mocks.NewMockTokenIssuer(ctrl)
oidcMock := mocks.NewMockOidsProviderInterface(ctrl)
ms := MiddlewareService{
RedisOps: mockRedisOps,
TenantInfoAccessor: mockTenantInfoAccesser,
TokenSvc: mockTokenService,
TokenSvc: mockTokenService,
OidcProvider: oidcMock,
}
handler := http.HandlerFunc(ms.MapDataPartitionIds(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Type", "application/json")
w.WriteHeader(http.StatusAccepted)
......@@ -43,7 +49,11 @@ func TestMapDataPartitionIds(t *testing.T) {
t.Fatal(err)
}
context.Set(req, common.RequestInfoKey, &utility.RequestInfo{})
req.Header.Set(common.Authorization, common.AuthTokenGoogleDomainUser)
req.Header.Set(common.Authorization, common.AccessTokenGoogleDomainUser)
userInfo := oidc.UserInfo{
Email: "test@test.com"}
oidcMock.EXPECT().UserInfo(gomock.Any(), gomock.Any()).Return(&userInfo, nil).AnyTimes()
})
g.It("Should set data partition ids in RequestInfoKey", func() {
......@@ -140,10 +150,10 @@ func TestAuthz(t *testing.T) {
ctrl := gomock.NewController(t)
defer ctrl.Finish()
mockRedisOps := mocks.NewMockOperationsInterface(ctrl)
ms := MiddlewareService{RedisOps: mockRedisOps}
oidcMock := mocks.NewMockOidsProviderInterface(ctrl)
ms := MiddlewareService{RedisOps: mockRedisOps, OidcProvider: oidcMock}
handler := http.HandlerFunc(ms.Authz(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Type", "application/json")
w.WriteHeader(http.StatusAccepted)
}), []string{common.UsersGroup, common.EntitlementUsersGroup}))
req, err := http.NewRequest("GET", "/groups", nil)
......@@ -171,8 +181,7 @@ func TestAuthz(t *testing.T) {
g.Assert(rr.Body.String()).Equal("{\"name\":\"Unauthorized\",\"message\":\"user is unauthorized.\"}\n")
})
g.It("Should return StatusAccepted if user is authorized", func() {
g.It("Should return StatusOk if user is authorized", func() {
context.Set(req, common.RequestInfoKey, &utility.RequestInfo{DataPartitionIds: []string{"tenant"}})
context.Set(req, common.AuthUserID, "test_member@quibitai.com")
context.Set(req, "test_member@quibitai.com:tenant", &common.MemberGroupsListRes{
......@@ -180,10 +189,21 @@ func TestAuthz(t *testing.T) {
MemberEmail: "test_member@quibitai.com",
DesId: "test_member@shadow.quibitai.com",
})
req.Header.Set(common.Authorization, common.InvalidUserToken)
req.Header.Set(common.Authorization, common.AuthTokenGoogleDomainUser)
rr := httptest.NewRecorder()
handler.ServeHTTP(rr, req)
g.Assert(rr.Code).Equal(http.StatusOK)
})
g.It("Should return StatusAccepted if user is authorized with Access Tokent", func() {
userInfo := oidc.UserInfo{
Email: "test@test.com"}
oidcMock.EXPECT().UserInfo(gomock.Any(), gomock.Any()).Return(&userInfo, nil).AnyTimes()
req.Header.Set(common.Authorization, common.AccessTokenGoogleDomainUser)
rr := httptest.NewRecorder()
handler.ServeHTTP(rr, req)
g.Assert(rr.Code).Equal(http.StatusAccepted)
g.Assert(rr.Code).Equal(http.StatusOK)
})
})
}
......
// Code generated by MockGen. DO NOT EDIT.
// Source: utility/auth_utils.go
// Package mocks is a generated GoMock package.
package mocks
import (
context "context"
go_oidc "github.com/coreos/go-oidc"
gomock "github.com/golang/mock/gomock"
oauth2 "golang.org/x/oauth2"
reflect "reflect"
)
// MockOidsProviderInterface is a mock of OidsProviderInterface interface.
type MockOidsProviderInterface struct {
ctrl *gomock.Controller
recorder *MockOidsProviderInterfaceMockRecorder
}
// MockOidsProviderInterfaceMockRecorder is the mock recorder for MockOidsProviderInterface.
type MockOidsProviderInterfaceMockRecorder struct {
mock *MockOidsProviderInterface
}
// NewMockOidsProviderInterface creates a new mock instance.
func NewMockOidsProviderInterface(ctrl *gomock.Controller) *MockOidsProviderInterface {
mock := &MockOidsProviderInterface{ctrl: ctrl}
mock.recorder = &MockOidsProviderInterfaceMockRecorder{mock}
return mock
}
// EXPECT returns an object that allows the caller to indicate expected use.
func (m *MockOidsProviderInterface) EXPECT() *MockOidsProviderInterfaceMockRecorder {
return m.recorder
}
// Claims mocks base method.
func (m *MockOidsProviderInterface) Claims(v interface{}) error {
m.ctrl.T.Helper()
ret := m.ctrl.Call(m, "Claims", v)
ret0, _ := ret[0].(error)
return ret0
}
// Claims indicates an expected call of Claims.
func (mr *MockOidsProviderInterfaceMockRecorder) Claims(v interface{}) *gomock.Call {
mr.mock.ctrl.T.Helper()
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Claims", reflect.TypeOf((*MockOidsProviderInterface)(nil).Claims), v)
}
// Endpoint mocks base method.
func (m *MockOidsProviderInterface) Endpoint() oauth2.Endpoint {
m.ctrl.T.Helper()
ret := m.ctrl.Call(m, "Endpoint")
ret0, _ := ret[0].(oauth2.Endpoint)
return ret0
}
// Endpoint indicates an expected call of Endpoint.
func (mr *MockOidsProviderInterfaceMockRecorder) Endpoint() *gomock.Call {
mr.mock.ctrl.T.Helper()
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Endpoint", reflect.TypeOf((*MockOidsProviderInterface)(nil).Endpoint))
}
// UserInfo mocks base method.
func (m *MockOidsProviderInterface) UserInfo(ctx context.Context, tokenSource oauth2.TokenSource) (*go_oidc.UserInfo, error) {
m.ctrl.T.Helper()
ret := m.ctrl.Call(m, "UserInfo", ctx, tokenSource)
ret0, _ := ret[0].(*go_oidc.UserInfo)
ret1, _ := ret[1].(error)
return ret0, ret1
}
// UserInfo indicates an expected call of UserInfo.
func (mr *MockOidsProviderInterfaceMockRecorder) UserInfo(ctx, tokenSource interface{}) *gomock.Call {
mr.mock.ctrl.T.Helper()
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "UserInfo", reflect.TypeOf((*MockOidsProviderInterface)(nil).UserInfo), ctx, tokenSource)
}
// Code generated by MockGen. DO NOT EDIT.
// Source: middleware.go
// Source: middleware/middleware.go
// Package mocks is a generated GoMock package.
package mocks
......@@ -10,30 +10,30 @@ import (
reflect "reflect"
)
// MockMiddlewareInterface is a mock of MiddlewareInterface interface
// MockMiddlewareInterface is a mock of MiddlewareInterface interface.
type MockMiddlewareInterface struct {
ctrl *gomock.Controller
recorder *MockMiddlewareInterfaceMockRecorder
}
// MockMiddlewareInterfaceMockRecorder is the mock recorder for MockMiddlewareInterface
// MockMiddlewareInterfaceMockRecorder is the mock recorder for MockMiddlewareInterface.
type MockMiddlewareInterfaceMockRecorder struct {
mock *MockMiddlewareInterface
}
// NewMockMiddlewareInterface creates a new mock instance
// NewMockMiddlewareInterface creates a new mock instance.
func NewMockMiddlewareInterface(ctrl *gomock.Controller) *MockMiddlewareInterface {
mock := &MockMiddlewareInterface{ctrl: ctrl}
mock.recorder = &MockMiddlewareInterfaceMockRecorder{mock}
return mock
}
// EXPECT returns an object that allows the caller to indicate expected use
// EXPECT returns an object that allows the caller to indicate expected use.
func (m *MockMiddlewareInterface) EXPECT() *MockMiddlewareInterfaceMockRecorder {
return m.recorder
}
// MapDataPartitionIds mocks base method
// MapDataPartitionIds mocks base method.
func (m *MockMiddlewareInterface) MapDataPartitionIds(fn func(http.ResponseWriter, *http.Request)) http.HandlerFunc {
m.ctrl.T.Helper()
ret := m.ctrl.Call(m, "MapDataPartitionIds", fn)
......@@ -41,13 +41,13 @@ func (m *MockMiddlewareInterface) MapDataPartitionIds(fn func(http.ResponseWrite
return ret0
}
// MapDataPartitionIds indicates an expected call of MapDataPartitionIds
// MapDataPartitionIds indicates an expected call of MapDataPartitionIds.
func (mr *MockMiddlewareInterfaceMockRecorder) MapDataPartitionIds(fn interface{}) *gomock.Call {
mr.mock.ctrl.T.Helper()
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "MapDataPartitionIds", reflect.TypeOf((*MockMiddlewareInterface)(nil).MapDataPartitionIds), fn)
}
// PullGroups mocks base method
// PullGroups mocks base method.
func (m *MockMiddlewareInterface) PullGroups(fn func(http.ResponseWriter, *http.Request)) http.HandlerFunc {
m.ctrl.T.Helper()
ret := m.ctrl.Call(m, "PullGroups", fn)
......@@ -55,13 +55,13 @@ func (m *MockMiddlewareInterface) PullGroups(fn func(http.ResponseWriter, *http.
return ret0
}
// PullGroups indicates an expected call of PullGroups
// PullGroups indicates an expected call of PullGroups.
func (mr *MockMiddlewareInterfaceMockRecorder) PullGroups(fn interface{}) *gomock.Call {
mr.mock.ctrl.T.Helper()
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "PullGroups", reflect.TypeOf((*MockMiddlewareInterface)(nil).PullGroups), fn)
}
// Authz mocks base method
// Authz mocks base method.
func (m *MockMiddlewareInterface) Authz(fn func(http.ResponseWriter, *http.Request), requiredGroups []string) http.HandlerFunc {
m.ctrl.T.Helper()
ret := m.ctrl.Call(m, "Authz", fn, requiredGroups)
......@@ -69,13 +69,13 @@ func (m *MockMiddlewareInterface) Authz(fn func(http.ResponseWriter, *http.Reque
return ret0
}
// Authz indicates an expected call of Authz
// Authz indicates an expected call of Authz.
func (mr *MockMiddlewareInterfaceMockRecorder) Authz(fn, requiredGroups interface{}) *gomock.Call {
mr.mock.ctrl.T.Helper()
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Authz", reflect.TypeOf((*MockMiddlewareInterface)(nil).Authz), fn, requiredGroups)
}
// AuthzOwner mocks base method
// AuthzOwner mocks base method.
func (m *MockMiddlewareInterface) AuthzOwner(fn func(http.ResponseWriter, *http.Request), optionGroup string, checkGroupType bool) http.HandlerFunc {
m.ctrl.T.Helper()
ret := m.ctrl.Call(m, "AuthzOwner", fn, optionGroup, checkGroupType)
......@@ -83,13 +83,13 @@ func (m *MockMiddlewareInterface) AuthzOwner(fn func(http.ResponseWriter, *http.
return ret0
}
// AuthzOwner indicates an expected call of AuthzOwner
// AuthzOwner indicates an expected call of AuthzOwner.
func (mr *MockMiddlewareInterfaceMockRecorder) AuthzOwner(fn, optionGroup, checkGroupType interface{}) *gomock.Call {
mr.mock.ctrl.T.Helper()
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "AuthzOwner", reflect.TypeOf((*MockMiddlewareInterface)(nil).AuthzOwner), fn, optionGroup, checkGroupType)
}
// Validation mocks base method
// Validation mocks base method.
func (m *MockMiddlewareInterface) Validation(fn func(http.ResponseWriter, *http.Request), validator []func(*http.Request) error) http.HandlerFunc {
m.ctrl.T.Helper()
ret := m.ctrl.Call(m, "Validation", fn, validator)
......@@ -97,7 +97,7 @@ func (m *MockMiddlewareInterface) Validation(fn func(http.ResponseWriter, *http.
return ret0
}
// Validation indicates an expected call of Validation
// Validation indicates an expected call of Validation.
func (mr *MockMiddlewareInterfaceMockRecorder) Validation(fn, validator interface{}) *gomock.Call {
mr.mock.ctrl.T.Helper()
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "Validation", reflect.TypeOf((*MockMiddlewareInterface)(nil).Validation), fn, validator)
......
package utility
import (
"reflect"
"strings"
goctx "context"
"entitlements/common"
oidc "github.com/coreos/go-oidc"
"golang.org/x/oauth2"
)
type OidsProviderInterface interface {
Claims(v interface{}) error
Endpoint() oauth2.Endpoint
UserInfo(ctx goctx.Context, tokenSource oauth2.TokenSource) (*oidc.UserInfo, error)
}
func ParseAccessToken(token string, provider OidsProviderInterface) (*RequestInfo, error) {
tt := oauth2.Token{AccessToken: token}
ctx := goctx.Background()
userInfo, err := provider.UserInfo(ctx, oauth2.StaticTokenSource(&tt))