3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-07-30 06:51:30 +02:00
Code Issues Projects Releases Packages Wiki Activity

authorize: add support for passing access or id token upstream (#3047)

Browse source 
* authorize: add support for passing access or id token upstream

* use an enum
This commit is contained in:
Caleb Doxsey 2022-02-17 09:28:31 -07:00 committed by GitHub
parent 7140562a82
commit 99b9a3ee12
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
9 changed files with 726 additions and 538 deletions
Download patch file Download diff file Expand all files Collapse all files

36
authorize/evaluator/headers_evaluator_test.go
View file

@ -106,4 +106,40 @@ func TestHeadersEvaluator(t *testing.T) {
assert.Equal(t, "u2", claims["sub"], "should set subject to user id")
assert.Equal(t, "u2", claims["user"], "should set user to user id")
})
t.Run("access token", func(t *testing.T) {
output, err := eval(t,
[]proto.Message{
&session.Session{Id: "s1", OauthToken: &session.OAuthToken{
AccessToken: "ACCESS_TOKEN",
}},
},
&HeadersRequest{
FromAudience: "from.example.com",
ToAudience: "to.example.com",
Session: RequestSession{ID: "s1"},
PassAccessToken: true,
})
require.NoError(t, err)
assert.Equal(t, "Bearer ACCESS_TOKEN", output.Headers.Get("Authorization"))
})
t.Run("id token", func(t *testing.T) {
output, err := eval(t,
[]proto.Message{
&session.Session{Id: "s1", IdToken: &session.IDToken{
Raw: "ID_TOKEN",
}},
},
&HeadersRequest{
FromAudience: "from.example.com",
ToAudience: "to.example.com",
Session: RequestSession{ID: "s1"},
PassIDToken: true,
})
require.NoError(t, err)
assert.Equal(t, "Bearer ID_TOKEN", output.Headers.Get("Authorization"))
})
}