1package web
 2
 3import (
 4	"bytes"
 5	"crypto/rand"
 6	"crypto/rsa"
 7	"crypto/x509"
 8	"encoding/json"
 9	"encoding/pem"
10	"net/http/httptest"
11	"testing"
12
13	"github.com/stretchr/testify/assert"
14	"mokhan.ca/xlgmokha/idp/pkg/dto"
15)
16
17func TestOpenIdConfiguration(t *testing.T) {
18	key, _ := rsa.GenerateKey(rand.Reader, 1024)
19	b := new(bytes.Buffer)
20	pem.Encode(b, &pem.Block{
21		Type:  "RSA PRIVATE KEY",
22		Bytes: x509.MarshalPKCS1PrivateKey(key),
23	})
24
25	h := NewHttpContext(&Configuration{
26		Issuer:  "https://example.org",
27		KeyData: b.Bytes(),
28	})
29
30	t.Run(".well-known/openid-configuration", func(t *testing.T) {
31		w := httptest.NewRecorder()
32		r := httptest.NewRequest("GET", "/.well-known/openid-configuration", nil)
33
34		h.Router().ServeHTTP(w, r)
35
36		assert.Equal(t, w.Header().Get("Content-Type"), "application/json")
37
38		var c dto.OpenIdConfiguration
39		json.NewDecoder(w.Body).Decode(&c)
40
41		assert.Equal(t, c.Issuer, "https://example.org")
42		assert.Equal(t, c.AuthorizationEndpoint, "https://example.org/authorize")
43		assert.Equal(t, c.TokenEndpoint, "https://example.org/token")
44		assert.Equal(t, c.UserInfoEndpoint, "https://example.org/userinfo")
45		assert.Equal(t, c.JwksUri, "https://example.org/.well-known/jwks.json")
46		assert.Equal(t, c.RevocationEndpoint, "https://example.org/revoke")
47		assert.EqualValues(t, c.ScopesSupported, []string{"openid"})
48		assert.EqualValues(t, c.ResponseTypesSupported, []string{
49			"code id_token token",
50			"code id_token",
51			"code token",
52			"code",
53			"id_token token",
54			"id_token",
55		})
56		assert.EqualValues(t, c.ResponseModesSupported, []string{
57			"query",
58			"fragment",
59			"form_post",
60		})
61		assert.EqualValues(t, c.SubjectTypesSupported, []string{"public"})
62		assert.EqualValues(t, c.IdTokenSigningAlgValuesSupported, []string{"RS256"})
63		assert.EqualValues(t, c.ClaimsSupported, []string{
64			"aud",
65			"exp",
66			"iat",
67			"iss",
68			"sub",
69		})
70	})
71}