package authenticateflow
import (
"encoding/base64"
"testing"
"time"
"google.golang.org/protobuf/types/known/structpb"
"google.golang.org/protobuf/types/known/timestamppb"
"github.com/pomerium/pomerium/internal/sessions"
"github.com/pomerium/pomerium/internal/testutil"
identitypb "github.com/pomerium/pomerium/pkg/grpc/identity"
"github.com/pomerium/pomerium/pkg/grpc/session"
)
func TestPopulateSessionFromProfile(t *testing.T) {
timeNow = func() time.Time { return time.Unix(1721965100, 0) }
t.Cleanup(func() { timeNow = time.Now })
sessionState := &sessions.State{
Subject: "user-id",
}
idToken := "e30." + base64.RawURLEncoding.EncodeToString([]byte(`{
"iss": "https://issuer.example.com",
"sub": "id-token-user-id",
"iat": 1721965070,
"exp": 1721965670
}`)) + ".fake-signature"
profile := &identitypb.Profile{
IdToken: []byte(idToken),
OauthToken: []byte(`{
"access_token": "access-token",
"refresh_token": "refresh-token",
"expiry": "2024-07-26T12:00:00Z"
}`),
Claims: &structpb.Struct{
Fields: map[string]*structpb.Value{
"name": structpb.NewStringValue("John Doe"),
"email": structpb.NewStringValue("john.doe@example.com"),
},
},
}
var s session.Session
populateSessionFromProfile(&s, profile, sessionState, 4*time.Hour)
testutil.AssertProtoEqual(t, &session.Session{
IssuedAt: timestamppb.New(timeNow()),
AccessedAt: timestamppb.New(timeNow()),
ExpiresAt: timestamppb.New(timeNow().Add(4 * time.Hour)),
UserId: "user-id",
IdToken: &session.IDToken{
Issuer: "https://issuer.example.com",
Subject: "id-token-user-id",
IssuedAt: ×tamppb.Timestamp{Seconds: 1721965070},
ExpiresAt: ×tamppb.Timestamp{Seconds: 1721965670},
Raw: idToken,
},
OauthToken: &session.OAuthToken{
AccessToken: "access-token",
RefreshToken: "refresh-token",
ExpiresAt: ×tamppb.Timestamp{Seconds: 1721995200},
},
Claims: map[string]*structpb.ListValue{
"name": {Values: []*structpb.Value{structpb.NewStringValue("John Doe")}},
"email": {Values: []*structpb.Value{structpb.NewStringValue("john.doe@example.com")}},
},
}, &s)
}