package oidc
import (
"context"
"io"
"net/http"
"net/http/httptest"
"testing"
"time"
"github.com/coreos/go-oidc/v3/oidc"
"github.com/stretchr/testify/assert"
"golang.org/x/oauth2"
)
func TestUserInfoRoundTrip(t *testing.T) {
var srv *httptest.Server
srv = httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
switch r.URL.Path {
case "/.well-known/openid-configuration":
w.Header().Set("Content-Type", "application/json")
io.WriteString(w, `
{
"authorization_endpoint": "`+srv.URL+`/oauth2/authorize",
"id_token_signing_alg_values_supported": [
"RS256"
],
"issuer": "`+srv.URL+`",
"jwks_uri": "`+srv.URL+`/.well-known/jwks.json",
"response_types_supported": [
"code",
"token"
],
"scopes_supported": [
"openid",
"email",
"phone",
"profile"
],
"subject_types_supported": [
"public"
],
"token_endpoint": "`+srv.URL+`/oauth2/token",
"token_endpoint_auth_methods_supported": [
"client_secret_basic",
"client_secret_post"
],
"userinfo_endpoint": "`+srv.URL+`/oauth2/userInfo"
}`)
case "/oauth2/userInfo":
w.Header().Set("Content-Type", "application/json")
io.WriteString(w, `{ "email_verified": "true", "mail": "test@example.com" }`)
}
}))
defer srv.Close()
provider, err := oidc.NewProvider(context.Background(), srv.URL)
if !assert.NoError(t, err) {
return
}
token := oauth2.StaticTokenSource(&oauth2.Token{
AccessToken: "access-token",
TokenType: "Bearer",
RefreshToken: "refresh-token",
Expiry: time.Now().Add(time.Minute),
})
userInfo, err := getUserInfo(context.Background(), provider, token)
if !assert.NoError(t, err) {
return
}
assert.True(t, userInfo.EmailVerified)
assert.Equal(t, "test@example.com", userInfo.Email)
}