Enforce ID token signature verification in unit test (#1835)
This commit is contained in:
parent
e04a6f1983
commit
7c7dad9ab6
|
@ -214,7 +214,8 @@ sub switch {
|
||||||
}
|
}
|
||||||
|
|
||||||
sub op {
|
sub op {
|
||||||
return LLNG::Manager::Test->new( {
|
return LLNG::Manager::Test->new(
|
||||||
|
{
|
||||||
ini => {
|
ini => {
|
||||||
logLevel => $debug,
|
logLevel => $debug,
|
||||||
domain => 'idp.com',
|
domain => 'idp.com',
|
||||||
|
@ -312,7 +313,8 @@ GQIDAQAB
|
||||||
|
|
||||||
sub rp {
|
sub rp {
|
||||||
my ( $jwks, $metadata ) = @_;
|
my ( $jwks, $metadata ) = @_;
|
||||||
return LLNG::Manager::Test->new( {
|
return LLNG::Manager::Test->new(
|
||||||
|
{
|
||||||
ini => {
|
ini => {
|
||||||
logLevel => $debug,
|
logLevel => $debug,
|
||||||
domain => 'rp.com',
|
domain => 'rp.com',
|
||||||
|
@ -330,6 +332,7 @@ sub rp {
|
||||||
},
|
},
|
||||||
oidcOPMetaDataOptions => {
|
oidcOPMetaDataOptions => {
|
||||||
op => {
|
op => {
|
||||||
|
oidcOPMetaDataOptionsCheckJWTSignature => 1,
|
||||||
oidcOPMetaDataOptionsJWKSTimeout => 0,
|
oidcOPMetaDataOptionsJWKSTimeout => 0,
|
||||||
oidcOPMetaDataOptionsClientSecret => "rpsecret",
|
oidcOPMetaDataOptionsClientSecret => "rpsecret",
|
||||||
oidcOPMetaDataOptionsScope => "openid profile",
|
oidcOPMetaDataOptionsScope => "openid profile",
|
||||||
|
|
|
@ -311,7 +311,8 @@ sub switch {
|
||||||
}
|
}
|
||||||
|
|
||||||
sub op {
|
sub op {
|
||||||
return LLNG::Manager::Test->new( {
|
return LLNG::Manager::Test->new(
|
||||||
|
{
|
||||||
ini => {
|
ini => {
|
||||||
logLevel => $debug,
|
logLevel => $debug,
|
||||||
domain => 'idp.com',
|
domain => 'idp.com',
|
||||||
|
@ -408,7 +409,8 @@ GQIDAQAB
|
||||||
|
|
||||||
sub rp {
|
sub rp {
|
||||||
my ( $jwks, $metadata ) = @_;
|
my ( $jwks, $metadata ) = @_;
|
||||||
return LLNG::Manager::Test->new( {
|
return LLNG::Manager::Test->new(
|
||||||
|
{
|
||||||
ini => {
|
ini => {
|
||||||
logLevel => $debug,
|
logLevel => $debug,
|
||||||
domain => 'rp.com',
|
domain => 'rp.com',
|
||||||
|
@ -426,6 +428,7 @@ sub rp {
|
||||||
},
|
},
|
||||||
oidcOPMetaDataOptions => {
|
oidcOPMetaDataOptions => {
|
||||||
op => {
|
op => {
|
||||||
|
oidcOPMetaDataOptionsCheckJWTSignature => 1,
|
||||||
oidcOPMetaDataOptionsJWKSTimeout => 0,
|
oidcOPMetaDataOptionsJWKSTimeout => 0,
|
||||||
oidcOPMetaDataOptionsScope => "openid profile",
|
oidcOPMetaDataOptionsScope => "openid profile",
|
||||||
oidcOPMetaDataOptionsStoreIDToken => 0,
|
oidcOPMetaDataOptionsStoreIDToken => 0,
|
||||||
|
|
|
@ -254,7 +254,8 @@ sub switch {
|
||||||
}
|
}
|
||||||
|
|
||||||
sub op {
|
sub op {
|
||||||
return LLNG::Manager::Test->new( {
|
return LLNG::Manager::Test->new(
|
||||||
|
{
|
||||||
ini => {
|
ini => {
|
||||||
logLevel => $debug,
|
logLevel => $debug,
|
||||||
domain => 'idp.com',
|
domain => 'idp.com',
|
||||||
|
@ -362,7 +363,8 @@ GQIDAQAB
|
||||||
|
|
||||||
sub rp {
|
sub rp {
|
||||||
my ( $jwks, $metadata ) = @_;
|
my ( $jwks, $metadata ) = @_;
|
||||||
return LLNG::Manager::Test->new( {
|
return LLNG::Manager::Test->new(
|
||||||
|
{
|
||||||
ini => {
|
ini => {
|
||||||
logLevel => $debug,
|
logLevel => $debug,
|
||||||
domain => 'rp.com',
|
domain => 'rp.com',
|
||||||
|
@ -380,6 +382,7 @@ sub rp {
|
||||||
},
|
},
|
||||||
oidcOPMetaDataOptions => {
|
oidcOPMetaDataOptions => {
|
||||||
op => {
|
op => {
|
||||||
|
oidcOPMetaDataOptionsCheckJWTSignature => 1,
|
||||||
oidcOPMetaDataOptionsJWKSTimeout => 0,
|
oidcOPMetaDataOptionsJWKSTimeout => 0,
|
||||||
oidcOPMetaDataOptionsClientSecret => "rpsecret",
|
oidcOPMetaDataOptionsClientSecret => "rpsecret",
|
||||||
oidcOPMetaDataOptionsScope => "openid profile",
|
oidcOPMetaDataOptionsScope => "openid profile",
|
||||||
|
|
|
@ -311,7 +311,8 @@ sub switch {
|
||||||
}
|
}
|
||||||
|
|
||||||
sub op {
|
sub op {
|
||||||
return LLNG::Manager::Test->new( {
|
return LLNG::Manager::Test->new(
|
||||||
|
{
|
||||||
ini => {
|
ini => {
|
||||||
logLevel => $debug,
|
logLevel => $debug,
|
||||||
domain => 'idp.com',
|
domain => 'idp.com',
|
||||||
|
@ -408,7 +409,8 @@ GQIDAQAB
|
||||||
|
|
||||||
sub rp {
|
sub rp {
|
||||||
my ( $jwks, $metadata ) = @_;
|
my ( $jwks, $metadata ) = @_;
|
||||||
return LLNG::Manager::Test->new( {
|
return LLNG::Manager::Test->new(
|
||||||
|
{
|
||||||
ini => {
|
ini => {
|
||||||
logLevel => $debug,
|
logLevel => $debug,
|
||||||
domain => 'rp.com',
|
domain => 'rp.com',
|
||||||
|
@ -426,6 +428,7 @@ sub rp {
|
||||||
},
|
},
|
||||||
oidcOPMetaDataOptions => {
|
oidcOPMetaDataOptions => {
|
||||||
op => {
|
op => {
|
||||||
|
oidcOPMetaDataOptionsCheckJWTSignature => 1,
|
||||||
oidcOPMetaDataOptionsJWKSTimeout => 0,
|
oidcOPMetaDataOptionsJWKSTimeout => 0,
|
||||||
oidcOPMetaDataOptionsClientSecret => "rpsecret",
|
oidcOPMetaDataOptionsClientSecret => "rpsecret",
|
||||||
oidcOPMetaDataOptionsScope => "openid profile",
|
oidcOPMetaDataOptionsScope => "openid profile",
|
||||||
|
|
|
@ -221,7 +221,8 @@ sub switch {
|
||||||
}
|
}
|
||||||
|
|
||||||
sub op {
|
sub op {
|
||||||
return LLNG::Manager::Test->new( {
|
return LLNG::Manager::Test->new(
|
||||||
|
{
|
||||||
ini => {
|
ini => {
|
||||||
logLevel => $debug,
|
logLevel => $debug,
|
||||||
domain => 'idp.com',
|
domain => 'idp.com',
|
||||||
|
@ -316,7 +317,8 @@ GQIDAQAB
|
||||||
|
|
||||||
sub rp {
|
sub rp {
|
||||||
my ( $jwks, $metadata ) = @_;
|
my ( $jwks, $metadata ) = @_;
|
||||||
return LLNG::Manager::Test->new( {
|
return LLNG::Manager::Test->new(
|
||||||
|
{
|
||||||
ini => {
|
ini => {
|
||||||
logLevel => $debug,
|
logLevel => $debug,
|
||||||
domain => 'rp.com',
|
domain => 'rp.com',
|
||||||
|
@ -333,6 +335,7 @@ sub rp {
|
||||||
},
|
},
|
||||||
oidcOPMetaDataOptions => {
|
oidcOPMetaDataOptions => {
|
||||||
op => {
|
op => {
|
||||||
|
oidcOPMetaDataOptionsCheckJWTSignature => 1,
|
||||||
oidcOPMetaDataOptionsJWKSTimeout => 0,
|
oidcOPMetaDataOptionsJWKSTimeout => 0,
|
||||||
oidcOPMetaDataOptionsClientSecret => "rpsecret",
|
oidcOPMetaDataOptionsClientSecret => "rpsecret",
|
||||||
oidcOPMetaDataOptionsScope => "openid profile",
|
oidcOPMetaDataOptionsScope => "openid profile",
|
||||||
|
|
|
@ -204,7 +204,8 @@ sub switch {
|
||||||
}
|
}
|
||||||
|
|
||||||
sub op {
|
sub op {
|
||||||
return LLNG::Manager::Test->new( {
|
return LLNG::Manager::Test->new(
|
||||||
|
{
|
||||||
ini => {
|
ini => {
|
||||||
logLevel => $debug,
|
logLevel => $debug,
|
||||||
domain => 'idp.com',
|
domain => 'idp.com',
|
||||||
|
@ -298,7 +299,8 @@ GQIDAQAB
|
||||||
|
|
||||||
sub rp {
|
sub rp {
|
||||||
my ( $jwks, $metadata ) = @_;
|
my ( $jwks, $metadata ) = @_;
|
||||||
return LLNG::Manager::Test->new( {
|
return LLNG::Manager::Test->new(
|
||||||
|
{
|
||||||
ini => {
|
ini => {
|
||||||
logLevel => $debug,
|
logLevel => $debug,
|
||||||
domain => 'rp.com',
|
domain => 'rp.com',
|
||||||
|
@ -315,6 +317,7 @@ sub rp {
|
||||||
},
|
},
|
||||||
oidcOPMetaDataOptions => {
|
oidcOPMetaDataOptions => {
|
||||||
op => {
|
op => {
|
||||||
|
oidcOPMetaDataOptionsCheckJWTSignature => 1,
|
||||||
oidcOPMetaDataOptionsJWKSTimeout => 0,
|
oidcOPMetaDataOptionsJWKSTimeout => 0,
|
||||||
oidcOPMetaDataOptionsClientSecret => "rpsecret",
|
oidcOPMetaDataOptionsClientSecret => "rpsecret",
|
||||||
oidcOPMetaDataOptionsScope => "openid profile",
|
oidcOPMetaDataOptionsScope => "openid profile",
|
||||||
|
|
|
@ -118,7 +118,8 @@ sub switch {
|
||||||
}
|
}
|
||||||
|
|
||||||
sub op {
|
sub op {
|
||||||
return LLNG::Manager::Test->new( {
|
return LLNG::Manager::Test->new(
|
||||||
|
{
|
||||||
ini => {
|
ini => {
|
||||||
logLevel => $debug,
|
logLevel => $debug,
|
||||||
domain => 'idp.com',
|
domain => 'idp.com',
|
||||||
|
@ -212,7 +213,8 @@ GQIDAQAB
|
||||||
|
|
||||||
sub rp {
|
sub rp {
|
||||||
my ( $jwks, $metadata ) = @_;
|
my ( $jwks, $metadata ) = @_;
|
||||||
return LLNG::Manager::Test->new( {
|
return LLNG::Manager::Test->new(
|
||||||
|
{
|
||||||
ini => {
|
ini => {
|
||||||
logLevel => $debug,
|
logLevel => $debug,
|
||||||
domain => 'rp.com',
|
domain => 'rp.com',
|
||||||
|
@ -241,6 +243,7 @@ sub rp {
|
||||||
},
|
},
|
||||||
oidcOPMetaDataOptions => {
|
oidcOPMetaDataOptions => {
|
||||||
op => {
|
op => {
|
||||||
|
oidcOPMetaDataOptionsCheckJWTSignature => 1,
|
||||||
oidcOPMetaDataOptionsJWKSTimeout => 0,
|
oidcOPMetaDataOptionsJWKSTimeout => 0,
|
||||||
oidcOPMetaDataOptionsClientSecret => "rpsecret",
|
oidcOPMetaDataOptionsClientSecret => "rpsecret",
|
||||||
oidcOPMetaDataOptionsScope => "openid profile",
|
oidcOPMetaDataOptionsScope => "openid profile",
|
||||||
|
@ -253,6 +256,7 @@ sub rp {
|
||||||
"https://auth.op.com/.well-known/openid-configuration"
|
"https://auth.op.com/.well-known/openid-configuration"
|
||||||
},
|
},
|
||||||
op2 => {
|
op2 => {
|
||||||
|
oidcOPMetaDataOptionsCheckJWTSignature => 1,
|
||||||
oidcOPMetaDataOptionsJWKSTimeout => 0,
|
oidcOPMetaDataOptionsJWKSTimeout => 0,
|
||||||
oidcOPMetaDataOptionsClientSecret => "rpsecret",
|
oidcOPMetaDataOptionsClientSecret => "rpsecret",
|
||||||
oidcOPMetaDataOptionsScope => "openid profile",
|
oidcOPMetaDataOptionsScope => "openid profile",
|
||||||
|
@ -264,6 +268,7 @@ sub rp {
|
||||||
"https://auth.op.com/.well-known/openid-configuration"
|
"https://auth.op.com/.well-known/openid-configuration"
|
||||||
},
|
},
|
||||||
op3 => {
|
op3 => {
|
||||||
|
oidcOPMetaDataOptionsCheckJWTSignature => 1,
|
||||||
oidcOPMetaDataOptionsJWKSTimeout => 0,
|
oidcOPMetaDataOptionsJWKSTimeout => 0,
|
||||||
oidcOPMetaDataOptionsClientSecret => "rpsecret",
|
oidcOPMetaDataOptionsClientSecret => "rpsecret",
|
||||||
oidcOPMetaDataOptionsScope => "openid profile",
|
oidcOPMetaDataOptionsScope => "openid profile",
|
||||||
|
|
|
@ -93,7 +93,8 @@ sub switch {
|
||||||
}
|
}
|
||||||
|
|
||||||
sub issuer {
|
sub issuer {
|
||||||
return LLNG::Manager::Test->new( {
|
return LLNG::Manager::Test->new(
|
||||||
|
{
|
||||||
ini => {
|
ini => {
|
||||||
logLevel => $debug,
|
logLevel => $debug,
|
||||||
domain => 'idp.com',
|
domain => 'idp.com',
|
||||||
|
|
|
@ -129,7 +129,8 @@ sub switch {
|
||||||
}
|
}
|
||||||
|
|
||||||
sub op {
|
sub op {
|
||||||
return LLNG::Manager::Test->new( {
|
return LLNG::Manager::Test->new(
|
||||||
|
{
|
||||||
ini => {
|
ini => {
|
||||||
logLevel => $debug,
|
logLevel => $debug,
|
||||||
domain => 'idp.com',
|
domain => 'idp.com',
|
||||||
|
@ -225,7 +226,8 @@ GQIDAQAB
|
||||||
|
|
||||||
sub rp {
|
sub rp {
|
||||||
my ( $jwks, $metadata ) = @_;
|
my ( $jwks, $metadata ) = @_;
|
||||||
return LLNG::Manager::Test->new( {
|
return LLNG::Manager::Test->new(
|
||||||
|
{
|
||||||
ini => {
|
ini => {
|
||||||
logLevel => $debug,
|
logLevel => $debug,
|
||||||
domain => 'rp.com',
|
domain => 'rp.com',
|
||||||
|
@ -243,6 +245,7 @@ sub rp {
|
||||||
},
|
},
|
||||||
oidcOPMetaDataOptions => {
|
oidcOPMetaDataOptions => {
|
||||||
op => {
|
op => {
|
||||||
|
oidcOPMetaDataOptionsCheckJWTSignature => 1,
|
||||||
oidcOPMetaDataOptionsJWKSTimeout => 0,
|
oidcOPMetaDataOptionsJWKSTimeout => 0,
|
||||||
oidcOPMetaDataOptionsClientSecret => "rpsecret",
|
oidcOPMetaDataOptionsClientSecret => "rpsecret",
|
||||||
oidcOPMetaDataOptionsScope => "openid profile",
|
oidcOPMetaDataOptionsScope => "openid profile",
|
||||||
|
|
Loading…
Reference in New Issue
Block a user