authorize: fix indentation

This commit is contained in:
Caleb Doxsey 2020-04-16 12:19:51 -06:00 committed by Caleb Doxsey
parent 428dee99c4
commit 903a2d401f

View file

@ -1,45 +1,45 @@
package pomerium.authz
jwt_header := {
"typ": "JWT",
"alg": "HS256"
"typ": "JWT",
"alg": "HS256"
}
signing_key := {
"kty": "oct",
"k": "OkFmqMK9U0dmPhMCW0VYy6D_raJKwEJsMdxqdnukThzko3D_XrsihwYE0pxrUSpm0JTrW2QpIz4rT1vdEvZw67WP4xrqjiwyd7PgpPTD5xvQBM7TIKiSW0X2R0pfq_OItszPQRtb7VirrSbGJiLNS-NJMMrYVKWWtUbVSTXEjL7VcFqML5PiSe7XDmyCZjpgEpfE5Q82zIeXM2sLrz6HW2A9IwGk7mWS0c57R_2JGyFO2tCA4zEIYhWvLE62Os2tZ6YrrwdB8n35jlPpgUE6poEvIU20lPLaocozXYMqAku-KJnloJlAzKg2Xa_0iSiSgSAumx44B3n7DQjg3jPhRg"
"kty": "oct",
"k": "OkFmqMK9U0dmPhMCW0VYy6D_raJKwEJsMdxqdnukThzko3D_XrsihwYE0pxrUSpm0JTrW2QpIz4rT1vdEvZw67WP4xrqjiwyd7PgpPTD5xvQBM7TIKiSW0X2R0pfq_OItszPQRtb7VirrSbGJiLNS-NJMMrYVKWWtUbVSTXEjL7VcFqML5PiSe7XDmyCZjpgEpfE5Q82zIeXM2sLrz6HW2A9IwGk7mWS0c57R_2JGyFO2tCA4zEIYhWvLE62Os2tZ6YrrwdB8n35jlPpgUE6poEvIU20lPLaocozXYMqAku-KJnloJlAzKg2Xa_0iSiSgSAumx44B3n7DQjg3jPhRg"
}
shared_key := base64url.decode(signing_key.k)
test_email_allowed {
user := io.jwt.encode_sign(jwt_header, {
"aud": ["example.com"],
"email": "joe@example.com"
}, signing_key)
user := io.jwt.encode_sign(jwt_header, {
"aud": ["example.com"],
"email": "joe@example.com"
}, signing_key)
allow with data.route_policies as [{
"source": "example.com",
"allowed_users": ["joe@example.com"]
}] with data.signing_key as signing_key with data.shared_key as shared_key with input as {
"url": "http://example.com",
"host": "example.com",
"user": user
}
allow with data.route_policies as [{
"source": "example.com",
"allowed_users": ["joe@example.com"]
}] with data.signing_key as signing_key with data.shared_key as shared_key with input as {
"url": "http://example.com",
"host": "example.com",
"user": user
}
}
test_email_denied {
user := io.jwt.encode_sign(jwt_header, {
"aud": ["example.com"],
"email": "joe@example.com"
}, signing_key)
user := io.jwt.encode_sign(jwt_header, {
"aud": ["example.com"],
"email": "joe@example.com"
}, signing_key)
not allow with data.route_policies as [{
"source": "example.com",
"allowed_users": ["bob@example.com"]
}] with data.signing_key as signing_key with data.shared_key as shared_key with input as {
"url": "http://example.com",
"host": "example.com",
"user": user
}
not allow with data.route_policies as [{
"source": "example.com",
"allowed_users": ["bob@example.com"]
}] with data.signing_key as signing_key with data.shared_key as shared_key with input as {
"url": "http://example.com",
"host": "example.com",
"user": user
}
}
test_parse_url {