*: ClientIdentityXXX -> ClientXXX
Get rid of all outdated "ClientIdentity" terminology.
This commit is contained in:
Bobby Rullo
parent
95757e8779
commit
e5948ab3ce
22
admin/api.go
22
admin/api.go
|
|
@ -16,11 +16,11 @@ import (
|
|||
|
||||
// AdminAPI provides the logic necessary to implement the Admin API.
|
||||
type AdminAPI struct {
|
||||
userManager *manager.UserManager
|
||||
userRepo user.UserRepo
|
||||
passwordInfoRepo user.PasswordInfoRepo
|
||||
clientIdentityRepo client.ClientIdentityRepo
|
||||
localConnectorID string
|
||||
userManager *manager.UserManager
|
||||
userRepo user.UserRepo
|
||||
passwordInfoRepo user.PasswordInfoRepo
|
||||
clientRepo client.ClientRepo
|
||||
localConnectorID string
|
||||
}
|
||||
|
||||
// TODO(ericchiang): Swap the DbMap for a storage interface. See #278
|
||||
|
|
@ -30,11 +30,11 @@ func NewAdminAPI(dbMap *gorp.DbMap, userManager *manager.UserManager, localConne
|
|||
panic("must specify non-blank localConnectorID")
|
||||
}
|
||||
return &AdminAPI{
|
||||
userManager: userManager,
|
||||
userRepo: db.NewUserRepo(dbMap),
|
||||
passwordInfoRepo: db.NewPasswordInfoRepo(dbMap),
|
||||
clientIdentityRepo: db.NewClientIdentityRepo(dbMap),
|
||||
localConnectorID: localConnectorID,
|
||||
userManager: userManager,
|
||||
userRepo: db.NewUserRepo(dbMap),
|
||||
passwordInfoRepo: db.NewPasswordInfoRepo(dbMap),
|
||||
clientRepo: db.NewClientRepo(dbMap),
|
||||
localConnectorID: localConnectorID,
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -136,7 +136,7 @@ func (a *AdminAPI) CreateClient(req adminschema.ClientCreateRequest) (adminschem
|
|||
|
||||
cli.Credentials.ID = id
|
||||
|
||||
creds, err := a.clientIdentityRepo.New(cli)
|
||||
creds, err := a.clientRepo.New(cli)
|
||||
if err != nil {
|
||||
return adminschema.ClientCreateResponse{}, mapError(err)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -23,7 +23,7 @@ type Client struct {
|
|||
Admin bool
|
||||
}
|
||||
|
||||
type ClientIdentityRepo interface {
|
||||
type ClientRepo interface {
|
||||
Get(clientID string) (Client, error)
|
||||
|
||||
// Metadata returns one matching ClientMetadata if the given client
|
||||
|
|
@ -37,10 +37,10 @@ type ClientIdentityRepo interface {
|
|||
// to make these assertions will a non-nil error be returned.
|
||||
Authenticate(creds oidc.ClientCredentials) (bool, error)
|
||||
|
||||
// All returns all registered Client Identities.
|
||||
// All returns all registered Clients
|
||||
All() ([]Client, error)
|
||||
|
||||
// New registers a ClientIdentity with the repo for the given metadata.
|
||||
// New registers a Client with the repo.
|
||||
// An unused ID must be provided. A corresponding secret will be returned
|
||||
// in a ClientCredentials struct along with the provided ID.
|
||||
New(client Client) (*oidc.ClientCredentials, error)
|
||||
|
|
|
|||
|
|
@ -14,7 +14,7 @@ func newDBDriver(dsn string) (driver, error) {
|
|||
}
|
||||
|
||||
drv := &dbDriver{
|
||||
ciRepo: db.NewClientIdentityRepo(dbc),
|
||||
ciRepo: db.NewClientRepo(dbc),
|
||||
cfgRepo: db.NewConnectorConfigRepo(dbc),
|
||||
}
|
||||
|
||||
|
|
@ -22,7 +22,7 @@ func newDBDriver(dsn string) (driver, error) {
|
|||
}
|
||||
|
||||
type dbDriver struct {
|
||||
ciRepo client.ClientIdentityRepo
|
||||
ciRepo client.ClientRepo
|
||||
cfgRepo *db.ConnectorConfigRepo
|
||||
}
|
||||
|
||||
|
|
|
|||
79
db/client.go
79
db/client.go
|
|
@ -18,7 +18,7 @@ import (
|
|||
)
|
||||
|
||||
const (
|
||||
clientIdentityTableName = "client_identity"
|
||||
clientTableName = "client_identity"
|
||||
|
||||
bcryptHashCost = 10
|
||||
|
||||
|
|
@ -34,19 +34,18 @@ const (
|
|||
|
||||
func init() {
|
||||
register(table{
|
||||
name: clientIdentityTableName,
|
||||
model: clientIdentityModel{},
|
||||
name: clientTableName,
|
||||
model: clientModel{},
|
||||
autoinc: false,
|
||||
pkey: []string{"id"},
|
||||
})
|
||||
}
|
||||
|
||||
func newClientIdentityModel(cli client.Client) (*clientIdentityModel, error) {
|
||||
func newClientModel(cli client.Client) (*clientModel, error) {
|
||||
secretBytes, err := base64.URLEncoding.DecodeString(cli.Credentials.Secret)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
hashed, err := bcrypt.GenerateFromPassword([]byte(
|
||||
secretBytes),
|
||||
bcryptHashCost)
|
||||
|
|
@ -59,7 +58,7 @@ func newClientIdentityModel(cli client.Client) (*clientIdentityModel, error) {
|
|||
return nil, err
|
||||
}
|
||||
|
||||
cim := clientIdentityModel{
|
||||
cim := clientModel{
|
||||
ID: cli.Credentials.ID,
|
||||
Secret: hashed,
|
||||
Metadata: string(bmeta),
|
||||
|
|
@ -69,14 +68,14 @@ func newClientIdentityModel(cli client.Client) (*clientIdentityModel, error) {
|
|||
return &cim, nil
|
||||
}
|
||||
|
||||
type clientIdentityModel struct {
|
||||
type clientModel struct {
|
||||
ID string `db:"id"`
|
||||
Secret []byte `db:"secret"`
|
||||
Metadata string `db:"metadata"`
|
||||
DexAdmin bool `db:"dex_admin"`
|
||||
}
|
||||
|
||||
func (m *clientIdentityModel) Client() (*client.Client, error) {
|
||||
func (m *clientModel) Client() (*client.Client, error) {
|
||||
ci := client.Client{
|
||||
Credentials: oidc.ClientCredentials{
|
||||
ID: m.ID,
|
||||
|
|
@ -92,16 +91,16 @@ func (m *clientIdentityModel) Client() (*client.Client, error) {
|
|||
return &ci, nil
|
||||
}
|
||||
|
||||
func NewClientIdentityRepo(dbm *gorp.DbMap) client.ClientIdentityRepo {
|
||||
return newClientIdentityRepo(dbm)
|
||||
func NewClientRepo(dbm *gorp.DbMap) client.ClientRepo {
|
||||
return newClientRepo(dbm)
|
||||
}
|
||||
|
||||
func newClientIdentityRepo(dbm *gorp.DbMap) *clientIdentityRepo {
|
||||
return &clientIdentityRepo{db: &db{dbm}}
|
||||
func newClientRepo(dbm *gorp.DbMap) *clientRepo {
|
||||
return &clientRepo{db: &db{dbm}}
|
||||
}
|
||||
|
||||
func NewClientIdentityRepoFromClients(dbm *gorp.DbMap, clients []client.Client) (client.ClientIdentityRepo, error) {
|
||||
repo := newClientIdentityRepo(dbm)
|
||||
func NewClientRepoFromClients(dbm *gorp.DbMap, clients []client.Client) (client.ClientRepo, error) {
|
||||
repo := newClientRepo(dbm)
|
||||
tx, err := repo.begin()
|
||||
if err != nil {
|
||||
return nil, err
|
||||
|
|
@ -112,7 +111,7 @@ func NewClientIdentityRepoFromClients(dbm *gorp.DbMap, clients []client.Client)
|
|||
if c.Credentials.Secret == "" {
|
||||
return nil, fmt.Errorf("client %q has no secret", c.Credentials.ID)
|
||||
}
|
||||
cm, err := newClientIdentityModel(c)
|
||||
cm, err := newClientModel(c)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -127,13 +126,12 @@ func NewClientIdentityRepoFromClients(dbm *gorp.DbMap, clients []client.Client)
|
|||
return repo, nil
|
||||
}
|
||||
|
||||
type clientIdentityRepo struct {
|
||||
type clientRepo struct {
|
||||
*db
|
||||
}
|
||||
|
||||
func (r *clientIdentityRepo) Get(clientID string) (client.Client, error) {
|
||||
m, err := r.executor(nil).Get(clientIdentityModel{}, clientID)
|
||||
|
||||
func (r *clientRepo) Get(clientID string) (client.Client, error) {
|
||||
m, err := r.executor(nil).Get(clientModel{}, clientID)
|
||||
if err == sql.ErrNoRows || m == nil {
|
||||
return client.Client{}, client.ErrorNotFound
|
||||
}
|
||||
|
|
@ -141,7 +139,7 @@ func (r *clientIdentityRepo) Get(clientID string) (client.Client, error) {
|
|||
return client.Client{}, err
|
||||
}
|
||||
|
||||
cim, ok := m.(*clientIdentityModel)
|
||||
cim, ok := m.(*clientModel)
|
||||
if !ok {
|
||||
log.Errorf("expected clientModel but found %v", reflect.TypeOf(m))
|
||||
return client.Client{}, errors.New("unrecognized model")
|
||||
|
|
@ -155,7 +153,7 @@ func (r *clientIdentityRepo) Get(clientID string) (client.Client, error) {
|
|||
return *ci, nil
|
||||
}
|
||||
|
||||
func (r *clientIdentityRepo) Metadata(clientID string) (*oidc.ClientMetadata, error) {
|
||||
func (r *clientRepo) Metadata(clientID string) (*oidc.ClientMetadata, error) {
|
||||
c, err := r.Get(clientID)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
|
|
@ -164,22 +162,22 @@ func (r *clientIdentityRepo) Metadata(clientID string) (*oidc.ClientMetadata, er
|
|||
return &c.Metadata, nil
|
||||
}
|
||||
|
||||
func (r *clientIdentityRepo) IsDexAdmin(clientID string) (bool, error) {
|
||||
m, err := r.executor(nil).Get(clientIdentityModel{}, clientID)
|
||||
func (r *clientRepo) IsDexAdmin(clientID string) (bool, error) {
|
||||
m, err := r.executor(nil).Get(clientModel{}, clientID)
|
||||
if m == nil || err != nil {
|
||||
return false, err
|
||||
}
|
||||
|
||||
cim, ok := m.(*clientIdentityModel)
|
||||
cim, ok := m.(*clientModel)
|
||||
if !ok {
|
||||
log.Errorf("expected clientIdentityModel but found %v", reflect.TypeOf(m))
|
||||
log.Errorf("expected clientModel but found %v", reflect.TypeOf(m))
|
||||
return false, errors.New("unrecognized model")
|
||||
}
|
||||
|
||||
return cim.DexAdmin, nil
|
||||
}
|
||||
|
||||
func (r *clientIdentityRepo) SetDexAdmin(clientID string, isAdmin bool) error {
|
||||
func (r *clientRepo) SetDexAdmin(clientID string, isAdmin bool) error {
|
||||
tx, err := r.begin()
|
||||
if err != nil {
|
||||
return err
|
||||
|
|
@ -187,14 +185,14 @@ func (r *clientIdentityRepo) SetDexAdmin(clientID string, isAdmin bool) error {
|
|||
defer tx.Rollback()
|
||||
exec := r.executor(tx)
|
||||
|
||||
m, err := exec.Get(clientIdentityModel{}, clientID)
|
||||
m, err := exec.Get(clientModel{}, clientID)
|
||||
if m == nil || err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
cim, ok := m.(*clientIdentityModel)
|
||||
cim, ok := m.(*clientModel)
|
||||
if !ok {
|
||||
log.Errorf("expected clientIdentityModel but found %v", reflect.TypeOf(m))
|
||||
log.Errorf("expected clientModel but found %v", reflect.TypeOf(m))
|
||||
return errors.New("unrecognized model")
|
||||
}
|
||||
|
||||
|
|
@ -207,15 +205,15 @@ func (r *clientIdentityRepo) SetDexAdmin(clientID string, isAdmin bool) error {
|
|||
return tx.Commit()
|
||||
}
|
||||
|
||||
func (r *clientIdentityRepo) Authenticate(creds oidc.ClientCredentials) (bool, error) {
|
||||
m, err := r.executor(nil).Get(clientIdentityModel{}, creds.ID)
|
||||
func (r *clientRepo) Authenticate(creds oidc.ClientCredentials) (bool, error) {
|
||||
m, err := r.executor(nil).Get(clientModel{}, creds.ID)
|
||||
if m == nil || err != nil {
|
||||
return false, err
|
||||
}
|
||||
|
||||
cim, ok := m.(*clientIdentityModel)
|
||||
cim, ok := m.(*clientModel)
|
||||
if !ok {
|
||||
log.Errorf("expected clientIdentityModel but found %v", reflect.TypeOf(m))
|
||||
log.Errorf("expected clientModel but found %v", reflect.TypeOf(m))
|
||||
return false, errors.New("unrecognized model")
|
||||
}
|
||||
|
||||
|
|
@ -252,14 +250,15 @@ func isAlreadyExistsErr(err error) bool {
|
|||
return false
|
||||
}
|
||||
|
||||
func (r *clientIdentityRepo) New(cli client.Client) (*oidc.ClientCredentials, error) {
|
||||
func (r *clientRepo) New(cli client.Client) (*oidc.ClientCredentials, error) {
|
||||
secret, err := pcrypto.RandBytes(maxSecretLength)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
cli.Credentials.Secret = base64.URLEncoding.EncodeToString(secret)
|
||||
cim, err := newClientIdentityModel(cli)
|
||||
cim, err := newClientModel(cli)
|
||||
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -279,19 +278,19 @@ func (r *clientIdentityRepo) New(cli client.Client) (*oidc.ClientCredentials, er
|
|||
return &cc, nil
|
||||
}
|
||||
|
||||
func (r *clientIdentityRepo) All() ([]client.Client, error) {
|
||||
qt := r.quote(clientIdentityTableName)
|
||||
func (r *clientRepo) All() ([]client.Client, error) {
|
||||
qt := r.quote(clientTableName)
|
||||
q := fmt.Sprintf("SELECT * FROM %s", qt)
|
||||
objs, err := r.executor(nil).Select(&clientIdentityModel{}, q)
|
||||
objs, err := r.executor(nil).Select(&clientModel{}, q)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
cs := make([]client.Client, len(objs))
|
||||
for i, obj := range objs {
|
||||
m, ok := obj.(*clientIdentityModel)
|
||||
m, ok := obj.(*clientModel)
|
||||
if !ok {
|
||||
return nil, errors.New("unable to cast client identity to clientIdentityModel")
|
||||
return nil, errors.New("unable to cast client identity to clientModel")
|
||||
}
|
||||
|
||||
ci, err := m.Client()
|
||||
|
|
|
|||
|
|
@ -88,7 +88,7 @@ func TestMigrateClientMetadata(t *testing.T) {
|
|||
}
|
||||
|
||||
for i, tt := range tests {
|
||||
model := &clientIdentityModel{
|
||||
model := &clientModel{
|
||||
ID: strconv.Itoa(i),
|
||||
Secret: []byte("verysecret"),
|
||||
Metadata: tt.before,
|
||||
|
|
@ -108,12 +108,12 @@ func TestMigrateClientMetadata(t *testing.T) {
|
|||
|
||||
for i, tt := range tests {
|
||||
id := strconv.Itoa(i)
|
||||
m, err := dbMap.Get(clientIdentityModel{}, id)
|
||||
m, err := dbMap.Get(clientModel{}, id)
|
||||
if err != nil {
|
||||
t.Errorf("case %d: failed to get model: %v", i, err)
|
||||
continue
|
||||
}
|
||||
cim, ok := m.(*clientIdentityModel)
|
||||
cim, ok := m.(*clientModel)
|
||||
if !ok {
|
||||
t.Errorf("case %d: unrecognized model type: %T", i, m)
|
||||
continue
|
||||
|
|
|
|||
|
|
@ -189,9 +189,9 @@ func (r *refreshTokenRepo) RevokeTokensForClient(userID, clientID string) error
|
|||
func (r *refreshTokenRepo) ClientsWithRefreshTokens(userID string) ([]client.Client, error) {
|
||||
q := `SELECT c.* FROM %s as c
|
||||
INNER JOIN %s as r ON c.id = r.client_id WHERE r.user_id = $1;`
|
||||
q = fmt.Sprintf(q, r.quote(clientIdentityTableName), r.quote(refreshTokenTableName))
|
||||
q = fmt.Sprintf(q, r.quote(clientTableName), r.quote(refreshTokenTableName))
|
||||
|
||||
var clients []clientIdentityModel
|
||||
var clients []clientModel
|
||||
if _, err := r.executor(nil).Select(&clients, q, userID); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
|
|||
|
|
@ -181,8 +181,8 @@ func TestDBPrivateKeySetRepoSetGet(t *testing.T) {
|
|||
}
|
||||
}
|
||||
|
||||
func TestDBClientIdentityRepoMetadata(t *testing.T) {
|
||||
r := db.NewClientIdentityRepo(connect(t))
|
||||
func TestDBClientRepoMetadata(t *testing.T) {
|
||||
r := db.NewClientRepo(connect(t))
|
||||
|
||||
cm := oidc.ClientMetadata{
|
||||
RedirectURIs: []url.URL{
|
||||
|
|
@ -211,8 +211,8 @@ func TestDBClientIdentityRepoMetadata(t *testing.T) {
|
|||
}
|
||||
}
|
||||
|
||||
func TestDBClientIdentityRepoMetadataNoExist(t *testing.T) {
|
||||
r := db.NewClientIdentityRepo(connect(t))
|
||||
func TestDBClientRepoMetadataNoExist(t *testing.T) {
|
||||
r := db.NewClientRepo(connect(t))
|
||||
|
||||
got, err := r.Metadata("noexist")
|
||||
if err != client.ErrorNotFound {
|
||||
|
|
@ -223,8 +223,8 @@ func TestDBClientIdentityRepoMetadataNoExist(t *testing.T) {
|
|||
}
|
||||
}
|
||||
|
||||
func TestDBClientIdentityRepoNewDuplicate(t *testing.T) {
|
||||
r := db.NewClientIdentityRepo(connect(t))
|
||||
func TestDBClientRepoNewDuplicate(t *testing.T) {
|
||||
r := db.NewClientRepo(connect(t))
|
||||
|
||||
meta1 := oidc.ClientMetadata{
|
||||
RedirectURIs: []url.URL{
|
||||
|
|
@ -257,8 +257,8 @@ func TestDBClientIdentityRepoNewDuplicate(t *testing.T) {
|
|||
}
|
||||
}
|
||||
|
||||
func TestDBClientIdentityRepoAuthenticate(t *testing.T) {
|
||||
r := db.NewClientIdentityRepo(connect(t))
|
||||
func TestDBClientRepoAuthenticate(t *testing.T) {
|
||||
r := db.NewClientRepo(connect(t))
|
||||
|
||||
cm := oidc.ClientMetadata{
|
||||
RedirectURIs: []url.URL{
|
||||
|
|
@ -310,8 +310,8 @@ func TestDBClientIdentityRepoAuthenticate(t *testing.T) {
|
|||
}
|
||||
}
|
||||
|
||||
func TestDBClientIdentityAll(t *testing.T) {
|
||||
r := db.NewClientIdentityRepo(connect(t))
|
||||
func TestDBClientAll(t *testing.T) {
|
||||
r := db.NewClientRepo(connect(t))
|
||||
|
||||
cm := oidc.ClientMetadata{
|
||||
RedirectURIs: []url.URL{
|
||||
|
|
|
|||
|
|
@ -48,7 +48,7 @@ var (
|
|||
}
|
||||
)
|
||||
|
||||
func newClientIdentityRepo(t *testing.T) client.ClientIdentityRepo {
|
||||
func newClientRepo(t *testing.T) client.ClientRepo {
|
||||
dsn := os.Getenv("DEX_TEST_DSN")
|
||||
var dbMap *gorp.DbMap
|
||||
if dsn == "" {
|
||||
|
|
@ -56,7 +56,7 @@ func newClientIdentityRepo(t *testing.T) client.ClientIdentityRepo {
|
|||
} else {
|
||||
dbMap = connect(t)
|
||||
}
|
||||
repo, err := db.NewClientIdentityRepoFromClients(dbMap, testClients)
|
||||
repo, err := db.NewClientRepoFromClients(dbMap, testClients)
|
||||
if err != nil {
|
||||
t.Fatalf("failed to create client repo from clients: %v", err)
|
||||
}
|
||||
|
|
@ -101,7 +101,7 @@ func TestGetSetAdminClient(t *testing.T) {
|
|||
|
||||
Tests:
|
||||
for i, tt := range tests {
|
||||
repo := newClientIdentityRepo(t)
|
||||
repo := newClientRepo(t)
|
||||
for _, cid := range startAdmins {
|
||||
err := repo.SetDexAdmin(cid, true)
|
||||
if err != nil {
|
||||
|
|
|
|||
|
|
@ -27,7 +27,7 @@ func newRefreshRepo(t *testing.T, users []user.UserWithRemoteIdentities, clients
|
|||
if _, err := db.NewUserRepoFromUsers(dbMap, users); err != nil {
|
||||
t.Fatalf("Unable to add users: %v", err)
|
||||
}
|
||||
if _, err := db.NewClientIdentityRepoFromClients(dbMap, clients); err != nil {
|
||||
if _, err := db.NewClientRepoFromClients(dbMap, clients); err != nil {
|
||||
t.Fatalf("Unable to add clients: %v", err)
|
||||
}
|
||||
return db.NewRefreshTokenRepo(dbMap)
|
||||
|
|
|
|||
|
|
@ -73,7 +73,7 @@ func TestClientCreate(t *testing.T) {
|
|||
t.Error("Expected non-empty Client Secret")
|
||||
}
|
||||
|
||||
meta, err := srv.ClientIdentityRepo.Metadata(newClient.Id)
|
||||
meta, err := srv.ClientRepo.Metadata(newClient.Id)
|
||||
if err != nil {
|
||||
t.Errorf("Error looking up client metadata: %v", err)
|
||||
} else if meta == nil {
|
||||
|
|
|
|||
|
|
@ -35,17 +35,17 @@ func mockServer(cis []client.Client) (*server.Server, error) {
|
|||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
clientIdentityRepo, err := db.NewClientIdentityRepoFromClients(dbMap, cis)
|
||||
clientRepo, err := db.NewClientRepoFromClients(dbMap, cis)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
sm := manager.NewSessionManager(db.NewSessionRepo(dbMap), db.NewSessionKeyRepo(dbMap))
|
||||
srv := &server.Server{
|
||||
IssuerURL: url.URL{Scheme: "http", Host: "server.example.com"},
|
||||
KeyManager: km,
|
||||
ClientIdentityRepo: clientIdentityRepo,
|
||||
SessionManager: sm,
|
||||
IssuerURL: url.URL{Scheme: "http", Host: "server.example.com"},
|
||||
KeyManager: km,
|
||||
ClientRepo: clientRepo,
|
||||
SessionManager: sm,
|
||||
}
|
||||
|
||||
return srv, nil
|
||||
|
|
@ -125,7 +125,7 @@ func TestHTTPExchangeTokenRefreshToken(t *testing.T) {
|
|||
}
|
||||
|
||||
dbMap := db.NewMemDB()
|
||||
cir, err := db.NewClientIdentityRepoFromClients(dbMap, []client.Client{ci})
|
||||
cir, err := db.NewClientRepoFromClients(dbMap, []client.Client{ci})
|
||||
if err != nil {
|
||||
t.Fatalf("Failed to create client identity repo: " + err.Error())
|
||||
}
|
||||
|
|
@ -161,15 +161,15 @@ func TestHTTPExchangeTokenRefreshToken(t *testing.T) {
|
|||
refreshTokenRepo := refreshtest.NewTestRefreshTokenRepo()
|
||||
|
||||
srv := &server.Server{
|
||||
IssuerURL: issuerURL,
|
||||
KeyManager: km,
|
||||
SessionManager: sm,
|
||||
ClientIdentityRepo: cir,
|
||||
Templates: template.New(connector.LoginPageTemplateName),
|
||||
Connectors: []connector.Connector{},
|
||||
UserRepo: userRepo,
|
||||
PasswordInfoRepo: passwordInfoRepo,
|
||||
RefreshTokenRepo: refreshTokenRepo,
|
||||
IssuerURL: issuerURL,
|
||||
KeyManager: km,
|
||||
SessionManager: sm,
|
||||
ClientRepo: cir,
|
||||
Templates: template.New(connector.LoginPageTemplateName),
|
||||
Connectors: []connector.Connector{},
|
||||
UserRepo: userRepo,
|
||||
PasswordInfoRepo: passwordInfoRepo,
|
||||
RefreshTokenRepo: refreshTokenRepo,
|
||||
}
|
||||
|
||||
if err = srv.AddConnector(cfg); err != nil {
|
||||
|
|
|
|||
|
|
@ -101,8 +101,8 @@ func makeUserAPITestFixtures() *userAPITestFixtures {
|
|||
f := &userAPITestFixtures{}
|
||||
|
||||
dbMap, _, _, um := makeUserObjects(userUsers, userPasswords)
|
||||
cir := func() client.ClientIdentityRepo {
|
||||
repo, err := db.NewClientIdentityRepoFromClients(dbMap, []client.Client{
|
||||
cir := func() client.ClientRepo {
|
||||
repo, err := db.NewClientRepoFromClients(dbMap, []client.Client{
|
||||
client.Client{
|
||||
Credentials: oidc.ClientCredentials{
|
||||
ID: testClientID,
|
||||
|
|
|
|||
|
|
@ -1,4 +1,5 @@
|
|||
package adminschema
|
||||
|
||||
//
|
||||
// This file is automatically generated by schema/generator
|
||||
//
|
||||
|
|
@ -180,4 +181,4 @@ const DiscoveryJSON = `{
|
|||
}
|
||||
}
|
||||
}
|
||||
`
|
||||
`
|
||||
|
|
|
|||
|
|
@ -1,4 +1,5 @@
|
|||
package workerschema
|
||||
|
||||
//
|
||||
// This file is automatically generated by schema/generator
|
||||
//
|
||||
|
|
@ -419,4 +420,4 @@ const DiscoveryJSON = `{
|
|||
}
|
||||
}
|
||||
}
|
||||
`
|
||||
`
|
||||
|
|
|
|||
|
|
@ -14,7 +14,7 @@ import (
|
|||
|
||||
type clientTokenMiddleware struct {
|
||||
issuerURL string
|
||||
ciRepo client.ClientIdentityRepo
|
||||
ciRepo client.ClientRepo
|
||||
keysFunc func() ([]key.PublicKey, error)
|
||||
next http.Handler
|
||||
}
|
||||
|
|
@ -31,7 +31,7 @@ func (c *clientTokenMiddleware) ServeHTTP(w http.ResponseWriter, r *http.Request
|
|||
}
|
||||
|
||||
if c.ciRepo == nil {
|
||||
log.Errorf("Misconfigured clientTokenMiddleware, ClientIdentityRepo is not set")
|
||||
log.Errorf("Misconfigured clientTokenMiddleware, ClientRepo is not set")
|
||||
respondError()
|
||||
return
|
||||
}
|
||||
|
|
|
|||
|
|
@ -37,7 +37,7 @@ func TestClientToken(t *testing.T) {
|
|||
},
|
||||
},
|
||||
}
|
||||
repo, err := db.NewClientIdentityRepoFromClients(db.NewMemDB(), []client.Client{ci})
|
||||
repo, err := db.NewClientRepoFromClients(db.NewMemDB(), []client.Client{ci})
|
||||
if err != nil {
|
||||
t.Fatalf("Failed to create client identity repo: %v", err)
|
||||
}
|
||||
|
|
@ -65,7 +65,7 @@ func TestClientToken(t *testing.T) {
|
|||
|
||||
tests := []struct {
|
||||
keys []key.PublicKey
|
||||
repo client.ClientIdentityRepo
|
||||
repo client.ClientRepo
|
||||
header string
|
||||
wantCode int
|
||||
}{
|
||||
|
|
@ -114,7 +114,7 @@ func TestClientToken(t *testing.T) {
|
|||
// empty repo
|
||||
{
|
||||
keys: []key.PublicKey{pubKey},
|
||||
repo: db.NewClientIdentityRepo(db.NewMemDB()),
|
||||
repo: db.NewClientRepo(db.NewMemDB()),
|
||||
header: fmt.Sprintf("BEARER %s", validJWT),
|
||||
wantCode: http.StatusUnauthorized,
|
||||
},
|
||||
|
|
|
|||
|
|
@ -45,7 +45,7 @@ func (s *Server) handleClientRegistrationRequest(r *http.Request) (*oidc.ClientR
|
|||
return nil, newAPIError(oauth2.ErrorServerError, "unable to save client metadata")
|
||||
}
|
||||
|
||||
creds, err := s.ClientIdentityRepo.New(client.Client{
|
||||
creds, err := s.ClientRepo.New(client.Client{
|
||||
Credentials: oidc.ClientCredentials{
|
||||
ID: id,
|
||||
},
|
||||
|
|
|
|||
|
|
@ -143,7 +143,7 @@ func TestClientRegistration(t *testing.T) {
|
|||
return fmt.Errorf("no client id in registration response")
|
||||
}
|
||||
|
||||
metadata, err := fixtures.clientIdentityRepo.Metadata(r.ClientID)
|
||||
metadata, err := fixtures.clientRepo.Metadata(r.ClientID)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to lookup client id after creation")
|
||||
}
|
||||
|
|
|
|||
|
|
@ -14,10 +14,10 @@ import (
|
|||
)
|
||||
|
||||
type clientResource struct {
|
||||
repo client.ClientIdentityRepo
|
||||
repo client.ClientRepo
|
||||
}
|
||||
|
||||
func registerClientResource(prefix string, repo client.ClientIdentityRepo) (string, http.Handler) {
|
||||
func registerClientResource(prefix string, repo client.ClientRepo) (string, http.Handler) {
|
||||
mux := http.NewServeMux()
|
||||
c := &clientResource{
|
||||
repo: repo,
|
||||
|
|
|
|||
|
|
@ -28,7 +28,7 @@ func makeBody(s string) io.ReadCloser {
|
|||
func TestCreateInvalidRequest(t *testing.T) {
|
||||
u := &url.URL{Scheme: "http", Host: "example.com", Path: "clients"}
|
||||
h := http.Header{"Content-Type": []string{"application/json"}}
|
||||
repo := db.NewClientIdentityRepo(db.NewMemDB())
|
||||
repo := db.NewClientRepo(db.NewMemDB())
|
||||
res := &clientResource{repo: repo}
|
||||
tests := []struct {
|
||||
req *http.Request
|
||||
|
|
@ -119,7 +119,7 @@ func TestCreateInvalidRequest(t *testing.T) {
|
|||
}
|
||||
|
||||
func TestCreate(t *testing.T) {
|
||||
repo := db.NewClientIdentityRepo(db.NewMemDB())
|
||||
repo := db.NewClientRepo(db.NewMemDB())
|
||||
res := &clientResource{repo: repo}
|
||||
tests := [][]string{
|
||||
[]string{"http://example.com"},
|
||||
|
|
@ -239,7 +239,7 @@ func TestList(t *testing.T) {
|
|||
}
|
||||
|
||||
for i, tt := range tests {
|
||||
repo, err := db.NewClientIdentityRepoFromClients(db.NewMemDB(), tt.cs)
|
||||
repo, err := db.NewClientRepoFromClients(db.NewMemDB(), tt.cs)
|
||||
if err != nil {
|
||||
t.Errorf("case %d: failed to create client identity repo: %v", i, err)
|
||||
continue
|
||||
|
|
|
|||
|
|
@ -114,7 +114,7 @@ func (cfg *SingleServerConfig) Configure(srv *Server) error {
|
|||
if err != nil {
|
||||
return fmt.Errorf("unable to read clients from file %s: %v", cfg.ClientsFile, err)
|
||||
}
|
||||
ciRepo, err := db.NewClientIdentityRepoFromClients(dbMap, clients)
|
||||
ciRepo, err := db.NewClientRepoFromClients(dbMap, clients)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to create client identity repo: %v", err)
|
||||
}
|
||||
|
|
@ -155,7 +155,7 @@ func (cfg *SingleServerConfig) Configure(srv *Server) error {
|
|||
|
||||
txnFactory := db.TransactionFactory(dbMap)
|
||||
userManager := usermanager.NewUserManager(userRepo, pwiRepo, cfgRepo, txnFactory, usermanager.ManagerOptions{})
|
||||
srv.ClientIdentityRepo = ciRepo
|
||||
srv.ClientRepo = ciRepo
|
||||
srv.KeySetRepo = kRepo
|
||||
srv.ConnectorConfigRepo = cfgRepo
|
||||
srv.UserRepo = userRepo
|
||||
|
|
@ -246,7 +246,7 @@ func (cfg *MultiServerConfig) Configure(srv *Server) error {
|
|||
return fmt.Errorf("unable to create PrivateKeySetRepo: %v", err)
|
||||
}
|
||||
|
||||
ciRepo := db.NewClientIdentityRepo(dbc)
|
||||
ciRepo := db.NewClientRepo(dbc)
|
||||
sRepo := db.NewSessionRepo(dbc)
|
||||
skRepo := db.NewSessionKeyRepo(dbc)
|
||||
cfgRepo := db.NewConnectorConfigRepo(dbc)
|
||||
|
|
@ -257,7 +257,7 @@ func (cfg *MultiServerConfig) Configure(srv *Server) error {
|
|||
|
||||
sm := sessionmanager.NewSessionManager(sRepo, skRepo)
|
||||
|
||||
srv.ClientIdentityRepo = ciRepo
|
||||
srv.ClientRepo = ciRepo
|
||||
srv.KeySetRepo = kRepo
|
||||
srv.ConnectorConfigRepo = cfgRepo
|
||||
srv.UserRepo = userRepo
|
||||
|
|
|
|||
|
|
@ -28,7 +28,7 @@ func handleVerifyEmailResendFunc(
|
|||
srvKeysFunc func() ([]key.PublicKey, error),
|
||||
emailer *useremail.UserEmailer,
|
||||
userRepo user.UserRepo,
|
||||
clientIdentityRepo client.ClientIdentityRepo) http.HandlerFunc {
|
||||
clientRepo client.ClientRepo) http.HandlerFunc {
|
||||
return func(w http.ResponseWriter, r *http.Request) {
|
||||
decoder := json.NewDecoder(r.Body)
|
||||
var params struct {
|
||||
|
|
@ -57,7 +57,7 @@ func handleVerifyEmailResendFunc(
|
|||
return
|
||||
}
|
||||
|
||||
cm, err := clientIdentityRepo.Metadata(clientID)
|
||||
cm, err := clientRepo.Metadata(clientID)
|
||||
if err == client.ErrorNotFound {
|
||||
log.Errorf("No such client: %v", err)
|
||||
writeAPIError(w, http.StatusBadRequest,
|
||||
|
|
|
|||
|
|
@ -130,7 +130,7 @@ func TestHandleVerifyEmailResend(t *testing.T) {
|
|||
keysFunc,
|
||||
f.srv.UserEmailer,
|
||||
f.userRepo,
|
||||
f.clientIdentityRepo)
|
||||
f.clientRepo)
|
||||
|
||||
w := httptest.NewRecorder()
|
||||
u := "http://example.com"
|
||||
|
|
|
|||
|
|
@ -78,8 +78,8 @@ func TestHandleAuthFuncResponsesSingleRedirectURL(t *testing.T) {
|
|||
srv := &Server{
|
||||
IssuerURL: url.URL{Scheme: "http", Host: "server.example.com"},
|
||||
SessionManager: manager.NewSessionManager(db.NewSessionRepo(db.NewMemDB()), db.NewSessionKeyRepo(db.NewMemDB())),
|
||||
ClientIdentityRepo: func() client.ClientIdentityRepo {
|
||||
repo, err := db.NewClientIdentityRepoFromClients(db.NewMemDB(), []client.Client{
|
||||
ClientRepo: func() client.ClientRepo {
|
||||
repo, err := db.NewClientRepoFromClients(db.NewMemDB(), []client.Client{
|
||||
client.Client{
|
||||
Credentials: oidc.ClientCredentials{
|
||||
ID: "XXX",
|
||||
|
|
@ -230,8 +230,8 @@ func TestHandleAuthFuncResponsesMultipleRedirectURLs(t *testing.T) {
|
|||
srv := &Server{
|
||||
IssuerURL: url.URL{Scheme: "http", Host: "server.example.com"},
|
||||
SessionManager: manager.NewSessionManager(db.NewSessionRepo(db.NewMemDB()), db.NewSessionKeyRepo(db.NewMemDB())),
|
||||
ClientIdentityRepo: func() client.ClientIdentityRepo {
|
||||
repo, err := db.NewClientIdentityRepoFromClients(db.NewMemDB(), []client.Client{
|
||||
ClientRepo: func() client.ClientRepo {
|
||||
repo, err := db.NewClientRepoFromClients(db.NewMemDB(), []client.Client{
|
||||
client.Client{
|
||||
Credentials: oidc.ClientCredentials{
|
||||
ID: "XXX",
|
||||
|
|
|
|||
|
|
@ -29,7 +29,7 @@ type SendResetPasswordEmailHandler struct {
|
|||
tpl *template.Template
|
||||
emailer *useremail.UserEmailer
|
||||
sm *sessionmanager.SessionManager
|
||||
cr client.ClientIdentityRepo
|
||||
cr client.ClientRepo
|
||||
}
|
||||
|
||||
func (h *SendResetPasswordEmailHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
|
||||
|
|
|
|||
|
|
@ -267,7 +267,7 @@ func TestSendResetPasswordEmailHandler(t *testing.T) {
|
|||
tpl: f.srv.SendResetPasswordEmailTemplate,
|
||||
emailer: f.srv.UserEmailer,
|
||||
sm: f.sessionManager,
|
||||
cr: f.clientIdentityRepo,
|
||||
cr: f.clientRepo,
|
||||
}
|
||||
|
||||
w := httptest.NewRecorder()
|
||||
|
|
|
|||
|
|
@ -60,7 +60,7 @@ type Server struct {
|
|||
KeyManager key.PrivateKeyManager
|
||||
KeySetRepo key.PrivateKeySetRepo
|
||||
SessionManager *sessionmanager.SessionManager
|
||||
ClientIdentityRepo client.ClientIdentityRepo
|
||||
ClientRepo client.ClientRepo
|
||||
ConnectorConfigRepo connector.ConnectorConfigRepo
|
||||
Templates *template.Template
|
||||
LoginTemplate *template.Template
|
||||
|
|
@ -213,13 +213,13 @@ func (s *Server) HTTPHandler() http.Handler {
|
|||
s.KeyManager.PublicKeys,
|
||||
s.UserEmailer,
|
||||
s.UserRepo,
|
||||
s.ClientIdentityRepo)))
|
||||
s.ClientRepo)))
|
||||
|
||||
mux.Handle(httpPathSendResetPassword, &SendResetPasswordEmailHandler{
|
||||
tpl: s.SendResetPasswordEmailTemplate,
|
||||
emailer: s.UserEmailer,
|
||||
sm: s.SessionManager,
|
||||
cr: s.ClientIdentityRepo,
|
||||
cr: s.ClientRepo,
|
||||
})
|
||||
|
||||
mux.Handle(httpPathResetPassword, &ResetPasswordHandler{
|
||||
|
|
@ -256,11 +256,11 @@ func (s *Server) HTTPHandler() http.Handler {
|
|||
apiBasePath := path.Join(httpPathAPI, APIVersion)
|
||||
registerDiscoveryResource(apiBasePath, mux)
|
||||
|
||||
clientPath, clientHandler := registerClientResource(apiBasePath, s.ClientIdentityRepo)
|
||||
clientPath, clientHandler := registerClientResource(apiBasePath, s.ClientRepo)
|
||||
mux.Handle(path.Join(apiBasePath, clientPath), s.NewClientTokenAuthHandler(clientHandler))
|
||||
|
||||
usersAPI := usersapi.NewUsersAPI(s.dbMap, s.UserManager, s.UserEmailer, s.localConnectorID)
|
||||
handler := NewUserMgmtServer(usersAPI, s.JWTVerifierFactory(), s.UserManager, s.ClientIdentityRepo).HTTPHandler()
|
||||
handler := NewUserMgmtServer(usersAPI, s.JWTVerifierFactory(), s.UserManager, s.ClientRepo).HTTPHandler()
|
||||
|
||||
mux.Handle(apiBasePath+"/", handler)
|
||||
|
||||
|
|
@ -271,14 +271,14 @@ func (s *Server) HTTPHandler() http.Handler {
|
|||
func (s *Server) NewClientTokenAuthHandler(handler http.Handler) http.Handler {
|
||||
return &clientTokenMiddleware{
|
||||
issuerURL: s.IssuerURL.String(),
|
||||
ciRepo: s.ClientIdentityRepo,
|
||||
ciRepo: s.ClientRepo,
|
||||
keysFunc: s.KeyManager.PublicKeys,
|
||||
next: handler,
|
||||
}
|
||||
}
|
||||
|
||||
func (s *Server) ClientMetadata(clientID string) (*oidc.ClientMetadata, error) {
|
||||
return s.ClientIdentityRepo.Metadata(clientID)
|
||||
return s.ClientRepo.Metadata(clientID)
|
||||
}
|
||||
|
||||
func (s *Server) NewSession(ipdcID, clientID, clientState string, redirectURL url.URL, nonce string, register bool, scope []string) (string, error) {
|
||||
|
|
@ -365,7 +365,7 @@ func (s *Server) Login(ident oidc.Identity, key string) (string, error) {
|
|||
}
|
||||
|
||||
func (s *Server) ClientCredsToken(creds oidc.ClientCredentials) (*jose.JWT, error) {
|
||||
ok, err := s.ClientIdentityRepo.Authenticate(creds)
|
||||
ok, err := s.ClientRepo.Authenticate(creds)
|
||||
if err != nil {
|
||||
log.Errorf("Failed fetching client %s from repo: %v", creds.ID, err)
|
||||
return nil, oauth2.NewError(oauth2.ErrorServerError)
|
||||
|
|
@ -397,7 +397,7 @@ func (s *Server) ClientCredsToken(creds oidc.ClientCredentials) (*jose.JWT, erro
|
|||
}
|
||||
|
||||
func (s *Server) CodeToken(creds oidc.ClientCredentials, sessionKey string) (*jose.JWT, string, error) {
|
||||
ok, err := s.ClientIdentityRepo.Authenticate(creds)
|
||||
ok, err := s.ClientRepo.Authenticate(creds)
|
||||
if err != nil {
|
||||
log.Errorf("Failed fetching client %s from repo: %v", creds.ID, err)
|
||||
return nil, "", oauth2.NewError(oauth2.ErrorServerError)
|
||||
|
|
@ -466,7 +466,7 @@ func (s *Server) CodeToken(creds oidc.ClientCredentials, sessionKey string) (*jo
|
|||
}
|
||||
|
||||
func (s *Server) RefreshToken(creds oidc.ClientCredentials, token string) (*jose.JWT, error) {
|
||||
ok, err := s.ClientIdentityRepo.Authenticate(creds)
|
||||
ok, err := s.ClientRepo.Authenticate(creds)
|
||||
if err != nil {
|
||||
log.Errorf("Failed fetching client %s from repo: %v", creds.ID, err)
|
||||
return nil, oauth2.NewError(oauth2.ErrorServerError)
|
||||
|
|
|
|||
|
|
@ -194,8 +194,8 @@ func TestServerLogin(t *testing.T) {
|
|||
},
|
||||
},
|
||||
}
|
||||
ciRepo := func() client.ClientIdentityRepo {
|
||||
repo, err := db.NewClientIdentityRepoFromClients(db.NewMemDB(), []client.Client{ci})
|
||||
ciRepo := func() client.ClientRepo {
|
||||
repo, err := db.NewClientRepoFromClients(db.NewMemDB(), []client.Client{ci})
|
||||
if err != nil {
|
||||
t.Fatalf("Failed to create client identity repo: %v", err)
|
||||
}
|
||||
|
|
@ -219,11 +219,11 @@ func TestServerLogin(t *testing.T) {
|
|||
}
|
||||
|
||||
srv := &Server{
|
||||
IssuerURL: url.URL{Scheme: "http", Host: "server.example.com"},
|
||||
KeyManager: km,
|
||||
SessionManager: sm,
|
||||
ClientIdentityRepo: ciRepo,
|
||||
UserRepo: userRepo,
|
||||
IssuerURL: url.URL{Scheme: "http", Host: "server.example.com"},
|
||||
KeyManager: km,
|
||||
SessionManager: sm,
|
||||
ClientRepo: ciRepo,
|
||||
UserRepo: userRepo,
|
||||
}
|
||||
|
||||
ident := oidc.Identity{ID: "YYY", Name: "elroy", Email: "elroy@example.com"}
|
||||
|
|
@ -244,8 +244,8 @@ func TestServerLogin(t *testing.T) {
|
|||
}
|
||||
|
||||
func TestServerLoginUnrecognizedSessionKey(t *testing.T) {
|
||||
ciRepo := func() client.ClientIdentityRepo {
|
||||
repo, err := db.NewClientIdentityRepoFromClients(db.NewMemDB(), []client.Client{
|
||||
ciRepo := func() client.ClientRepo {
|
||||
repo, err := db.NewClientRepoFromClients(db.NewMemDB(), []client.Client{
|
||||
client.Client{
|
||||
Credentials: oidc.ClientCredentials{
|
||||
ID: "XXX", Secret: clientTestSecret,
|
||||
|
|
@ -263,10 +263,10 @@ func TestServerLoginUnrecognizedSessionKey(t *testing.T) {
|
|||
}
|
||||
sm := manager.NewSessionManager(db.NewSessionRepo(db.NewMemDB()), db.NewSessionKeyRepo(db.NewMemDB()))
|
||||
srv := &Server{
|
||||
IssuerURL: url.URL{Scheme: "http", Host: "server.example.com"},
|
||||
KeyManager: km,
|
||||
SessionManager: sm,
|
||||
ClientIdentityRepo: ciRepo,
|
||||
IssuerURL: url.URL{Scheme: "http", Host: "server.example.com"},
|
||||
KeyManager: km,
|
||||
SessionManager: sm,
|
||||
ClientRepo: ciRepo,
|
||||
}
|
||||
|
||||
ident := oidc.Identity{ID: "YYY", Name: "elroy", Email: "elroy@example.com"}
|
||||
|
|
@ -296,8 +296,8 @@ func TestServerLoginDisabledUser(t *testing.T) {
|
|||
},
|
||||
},
|
||||
}
|
||||
ciRepo := func() client.ClientIdentityRepo {
|
||||
repo, err := db.NewClientIdentityRepoFromClients(db.NewMemDB(), []client.Client{ci})
|
||||
ciRepo := func() client.ClientRepo {
|
||||
repo, err := db.NewClientRepoFromClients(db.NewMemDB(), []client.Client{ci})
|
||||
if err != nil {
|
||||
t.Fatalf("Failed to create client identity repo: %v", err)
|
||||
}
|
||||
|
|
@ -335,11 +335,11 @@ func TestServerLoginDisabledUser(t *testing.T) {
|
|||
})
|
||||
|
||||
srv := &Server{
|
||||
IssuerURL: url.URL{Scheme: "http", Host: "server.example.com"},
|
||||
KeyManager: km,
|
||||
SessionManager: sm,
|
||||
ClientIdentityRepo: ciRepo,
|
||||
UserRepo: userRepo,
|
||||
IssuerURL: url.URL{Scheme: "http", Host: "server.example.com"},
|
||||
KeyManager: km,
|
||||
SessionManager: sm,
|
||||
ClientRepo: ciRepo,
|
||||
UserRepo: userRepo,
|
||||
}
|
||||
|
||||
ident := oidc.Identity{ID: "disabled-connector-id", Name: "elroy", Email: "elroy@example.com"}
|
||||
|
|
@ -361,8 +361,8 @@ func TestServerCodeToken(t *testing.T) {
|
|||
Secret: clientTestSecret,
|
||||
},
|
||||
}
|
||||
ciRepo := func() client.ClientIdentityRepo {
|
||||
repo, err := db.NewClientIdentityRepoFromClients(db.NewMemDB(), []client.Client{ci})
|
||||
ciRepo := func() client.ClientRepo {
|
||||
repo, err := db.NewClientRepoFromClients(db.NewMemDB(), []client.Client{ci})
|
||||
if err != nil {
|
||||
t.Fatalf("Failed to create client identity repo: %v", err)
|
||||
}
|
||||
|
|
@ -381,12 +381,12 @@ func TestServerCodeToken(t *testing.T) {
|
|||
refreshTokenRepo := refreshtest.NewTestRefreshTokenRepo()
|
||||
|
||||
srv := &Server{
|
||||
IssuerURL: url.URL{Scheme: "http", Host: "server.example.com"},
|
||||
KeyManager: km,
|
||||
SessionManager: sm,
|
||||
ClientIdentityRepo: ciRepo,
|
||||
UserRepo: userRepo,
|
||||
RefreshTokenRepo: refreshTokenRepo,
|
||||
IssuerURL: url.URL{Scheme: "http", Host: "server.example.com"},
|
||||
KeyManager: km,
|
||||
SessionManager: sm,
|
||||
ClientRepo: ciRepo,
|
||||
UserRepo: userRepo,
|
||||
RefreshTokenRepo: refreshTokenRepo,
|
||||
}
|
||||
|
||||
tests := []struct {
|
||||
|
|
@ -447,8 +447,8 @@ func TestServerTokenUnrecognizedKey(t *testing.T) {
|
|||
Secret: clientTestSecret,
|
||||
},
|
||||
}
|
||||
ciRepo := func() client.ClientIdentityRepo {
|
||||
repo, err := db.NewClientIdentityRepoFromClients(db.NewMemDB(), []client.Client{ci})
|
||||
ciRepo := func() client.ClientRepo {
|
||||
repo, err := db.NewClientRepoFromClients(db.NewMemDB(), []client.Client{ci})
|
||||
if err != nil {
|
||||
t.Fatalf("Failed to create client identity repo: %v", err)
|
||||
}
|
||||
|
|
@ -460,10 +460,10 @@ func TestServerTokenUnrecognizedKey(t *testing.T) {
|
|||
sm := manager.NewSessionManager(db.NewSessionRepo(db.NewMemDB()), db.NewSessionKeyRepo(db.NewMemDB()))
|
||||
|
||||
srv := &Server{
|
||||
IssuerURL: url.URL{Scheme: "http", Host: "server.example.com"},
|
||||
KeyManager: km,
|
||||
SessionManager: sm,
|
||||
ClientIdentityRepo: ciRepo,
|
||||
IssuerURL: url.URL{Scheme: "http", Host: "server.example.com"},
|
||||
KeyManager: km,
|
||||
SessionManager: sm,
|
||||
ClientRepo: ciRepo,
|
||||
}
|
||||
|
||||
sessionID, err := sm.NewSession("connector_id", ci.Credentials.ID, "bogus", url.URL{}, "", false, []string{"openid", "offline_access"})
|
||||
|
|
@ -569,7 +569,7 @@ func TestServerTokenFail(t *testing.T) {
|
|||
km := &StaticKeyManager{
|
||||
signer: tt.signer,
|
||||
}
|
||||
ciRepo, err := db.NewClientIdentityRepoFromClients(db.NewMemDB(), []client.Client{
|
||||
ciRepo, err := db.NewClientRepoFromClients(db.NewMemDB(), []client.Client{
|
||||
client.Client{Credentials: ccFixture},
|
||||
})
|
||||
if err != nil {
|
||||
|
|
@ -590,12 +590,12 @@ func TestServerTokenFail(t *testing.T) {
|
|||
refreshTokenRepo := refreshtest.NewTestRefreshTokenRepo()
|
||||
|
||||
srv := &Server{
|
||||
IssuerURL: issuerURL,
|
||||
KeyManager: km,
|
||||
SessionManager: sm,
|
||||
ClientIdentityRepo: ciRepo,
|
||||
UserRepo: userRepo,
|
||||
RefreshTokenRepo: refreshTokenRepo,
|
||||
IssuerURL: issuerURL,
|
||||
KeyManager: km,
|
||||
SessionManager: sm,
|
||||
ClientRepo: ciRepo,
|
||||
UserRepo: userRepo,
|
||||
RefreshTokenRepo: refreshTokenRepo,
|
||||
}
|
||||
|
||||
_, err = sm.NewSessionKey(sessionID)
|
||||
|
|
@ -731,7 +731,7 @@ func TestServerRefreshToken(t *testing.T) {
|
|||
signer: tt.signer,
|
||||
}
|
||||
|
||||
ciRepo, err := db.NewClientIdentityRepoFromClients(db.NewMemDB(), []client.Client{
|
||||
ciRepo, err := db.NewClientRepoFromClients(db.NewMemDB(), []client.Client{
|
||||
client.Client{Credentials: credXXX},
|
||||
client.Client{Credentials: credYYY},
|
||||
})
|
||||
|
|
@ -748,11 +748,11 @@ func TestServerRefreshToken(t *testing.T) {
|
|||
refreshTokenRepo := refreshtest.NewTestRefreshTokenRepo()
|
||||
|
||||
srv := &Server{
|
||||
IssuerURL: issuerURL,
|
||||
KeyManager: km,
|
||||
ClientIdentityRepo: ciRepo,
|
||||
UserRepo: userRepo,
|
||||
RefreshTokenRepo: refreshTokenRepo,
|
||||
IssuerURL: issuerURL,
|
||||
KeyManager: km,
|
||||
ClientRepo: ciRepo,
|
||||
UserRepo: userRepo,
|
||||
RefreshTokenRepo: refreshTokenRepo,
|
||||
}
|
||||
|
||||
if _, err := refreshTokenRepo.Create("testid-1", tt.clientID); err != nil {
|
||||
|
|
@ -784,7 +784,7 @@ func TestServerRefreshToken(t *testing.T) {
|
|||
signer: signerFixture,
|
||||
}
|
||||
|
||||
ciRepo, err := db.NewClientIdentityRepoFromClients(db.NewMemDB(), []client.Client{
|
||||
ciRepo, err := db.NewClientRepoFromClients(db.NewMemDB(), []client.Client{
|
||||
client.Client{Credentials: credXXX},
|
||||
client.Client{Credentials: credYYY},
|
||||
})
|
||||
|
|
@ -808,11 +808,11 @@ func TestServerRefreshToken(t *testing.T) {
|
|||
refreshTokenRepo := refreshtest.NewTestRefreshTokenRepo()
|
||||
|
||||
srv := &Server{
|
||||
IssuerURL: issuerURL,
|
||||
KeyManager: km,
|
||||
ClientIdentityRepo: ciRepo,
|
||||
UserRepo: userRepo,
|
||||
RefreshTokenRepo: refreshTokenRepo,
|
||||
IssuerURL: issuerURL,
|
||||
KeyManager: km,
|
||||
ClientRepo: ciRepo,
|
||||
UserRepo: userRepo,
|
||||
RefreshTokenRepo: refreshTokenRepo,
|
||||
}
|
||||
|
||||
if _, err := refreshTokenRepo.Create("testid-2", credXXX.ID); err != nil {
|
||||
|
|
|
|||
|
|
@ -73,12 +73,12 @@ var (
|
|||
)
|
||||
|
||||
type testFixtures struct {
|
||||
srv *Server
|
||||
userRepo user.UserRepo
|
||||
sessionManager *sessionmanager.SessionManager
|
||||
emailer *email.TemplatizedEmailer
|
||||
redirectURL url.URL
|
||||
clientIdentityRepo client.ClientIdentityRepo
|
||||
srv *Server
|
||||
userRepo user.UserRepo
|
||||
sessionManager *sessionmanager.SessionManager
|
||||
emailer *email.TemplatizedEmailer
|
||||
redirectURL url.URL
|
||||
clientRepo client.ClientRepo
|
||||
}
|
||||
|
||||
func sequentialGenerateCodeFunc() sessionmanager.GenerateCodeFunc {
|
||||
|
|
@ -136,7 +136,7 @@ func makeTestFixtures() (*testFixtures, error) {
|
|||
return nil, err
|
||||
}
|
||||
|
||||
clientIdentityRepo, err := db.NewClientIdentityRepoFromClients(db.NewMemDB(), []client.Client{
|
||||
clientRepo, err := db.NewClientRepoFromClients(db.NewMemDB(), []client.Client{
|
||||
client.Client{
|
||||
Credentials: oidc.ClientCredentials{
|
||||
ID: "XXX",
|
||||
|
|
@ -167,14 +167,14 @@ func makeTestFixtures() (*testFixtures, error) {
|
|||
}
|
||||
|
||||
srv := &Server{
|
||||
IssuerURL: testIssuerURL,
|
||||
SessionManager: sessionManager,
|
||||
ClientIdentityRepo: clientIdentityRepo,
|
||||
Templates: tpl,
|
||||
UserRepo: userRepo,
|
||||
PasswordInfoRepo: pwRepo,
|
||||
UserManager: manager,
|
||||
KeyManager: km,
|
||||
IssuerURL: testIssuerURL,
|
||||
SessionManager: sessionManager,
|
||||
ClientRepo: clientRepo,
|
||||
Templates: tpl,
|
||||
UserRepo: userRepo,
|
||||
PasswordInfoRepo: pwRepo,
|
||||
UserManager: manager,
|
||||
KeyManager: km,
|
||||
}
|
||||
|
||||
err = setTemplates(srv, tpl)
|
||||
|
|
@ -201,11 +201,11 @@ func makeTestFixtures() (*testFixtures, error) {
|
|||
)
|
||||
|
||||
return &testFixtures{
|
||||
srv: srv,
|
||||
redirectURL: testRedirectURL,
|
||||
userRepo: userRepo,
|
||||
sessionManager: sessionManager,
|
||||
emailer: emailer,
|
||||
clientIdentityRepo: clientIdentityRepo,
|
||||
srv: srv,
|
||||
redirectURL: testRedirectURL,
|
||||
userRepo: userRepo,
|
||||
sessionManager: sessionManager,
|
||||
emailer: emailer,
|
||||
clientRepo: clientRepo,
|
||||
}, nil
|
||||
}
|
||||
|
|
|
|||
|
|
@ -39,10 +39,10 @@ type UserMgmtServer struct {
|
|||
api *api.UsersAPI
|
||||
jwtvFactory JWTVerifierFactory
|
||||
um *manager.UserManager
|
||||
cir client.ClientIdentityRepo
|
||||
cir client.ClientRepo
|
||||
}
|
||||
|
||||
func NewUserMgmtServer(userMgmtAPI *api.UsersAPI, jwtvFactory JWTVerifierFactory, um *manager.UserManager, cir client.ClientIdentityRepo) *UserMgmtServer {
|
||||
func NewUserMgmtServer(userMgmtAPI *api.UsersAPI, jwtvFactory JWTVerifierFactory, um *manager.UserManager, cir client.ClientRepo) *UserMgmtServer {
|
||||
return &UserMgmtServer{
|
||||
api: userMgmtAPI,
|
||||
jwtvFactory: jwtvFactory,
|
||||
|
|
|
|||
|
|
@ -88,11 +88,11 @@ func (e Error) Error() string {
|
|||
// calling User. It is assumed that the clientID has already validated as an
|
||||
// admin app before calling.
|
||||
type UsersAPI struct {
|
||||
manager *manager.UserManager
|
||||
localConnectorID string
|
||||
clientIdentityRepo client.ClientIdentityRepo
|
||||
refreshRepo refresh.RefreshTokenRepo
|
||||
emailer Emailer
|
||||
manager *manager.UserManager
|
||||
localConnectorID string
|
||||
clientRepo client.ClientRepo
|
||||
refreshRepo refresh.RefreshTokenRepo
|
||||
emailer Emailer
|
||||
}
|
||||
|
||||
type Emailer interface {
|
||||
|
|
@ -107,11 +107,11 @@ type Creds struct {
|
|||
// TODO(ericchiang): Don't pass a dbMap. See #385.
|
||||
func NewUsersAPI(dbMap *gorp.DbMap, userManager *manager.UserManager, emailer Emailer, localConnectorID string) *UsersAPI {
|
||||
return &UsersAPI{
|
||||
manager: userManager,
|
||||
refreshRepo: db.NewRefreshTokenRepo(dbMap),
|
||||
clientIdentityRepo: db.NewClientIdentityRepo(dbMap),
|
||||
localConnectorID: localConnectorID,
|
||||
emailer: emailer,
|
||||
manager: userManager,
|
||||
refreshRepo: db.NewRefreshTokenRepo(dbMap),
|
||||
clientRepo: db.NewClientRepo(dbMap),
|
||||
localConnectorID: localConnectorID,
|
||||
emailer: emailer,
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -157,7 +157,7 @@ func (u *UsersAPI) CreateUser(creds Creds, usr schema.User, redirURL url.URL) (s
|
|||
return schema.UserCreateResponse{}, mapError(err)
|
||||
}
|
||||
|
||||
metadata, err := u.clientIdentityRepo.Metadata(creds.ClientID)
|
||||
metadata, err := u.clientRepo.Metadata(creds.ClientID)
|
||||
if err != nil {
|
||||
return schema.UserCreateResponse{}, mapError(err)
|
||||
}
|
||||
|
|
@ -202,7 +202,7 @@ func (u *UsersAPI) ResendEmailInvitation(creds Creds, userID string, redirURL ur
|
|||
return schema.ResendEmailInvitationResponse{}, ErrorUnauthorized
|
||||
}
|
||||
|
||||
metadata, err := u.clientIdentityRepo.Metadata(creds.ClientID)
|
||||
metadata, err := u.clientRepo.Metadata(creds.ClientID)
|
||||
if err != nil {
|
||||
return schema.ResendEmailInvitationResponse{}, mapError(err)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -167,8 +167,7 @@ func makeTestFixtures() (*UsersAPI, *testEmailer) {
|
|||
},
|
||||
},
|
||||
}
|
||||
|
||||
if _, err := db.NewClientIdentityRepoFromClients(dbMap, []client.Client{ci}); err != nil {
|
||||
if _, err := db.NewClientRepoFromClients(dbMap, []client.Client{ci}); err != nil {
|
||||
panic("Failed to create client repo: " + err.Error())
|
||||
}
|
||||
|
||||
|
|
|
|||
Reference in a new issue