-
Notifications
You must be signed in to change notification settings - Fork 1.8k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Remove OIDCClaimsToTraits helper function (#48599)
The function was relocated to the only place it was being called in gravitational/teleport.e#5374 and is no longer needed in lib/services. This also has the added benefit of removing go-oidc as a direct dependency of lib/services.
- Loading branch information
1 parent
0b13107
commit 4fbfd7a
Showing
3 changed files
with
20 additions
and
59 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -21,43 +21,13 @@ package services | |
import ( | ||
"testing" | ||
|
||
"github.com/coreos/go-oidc/jose" | ||
"github.com/gravitational/trace" | ||
"github.com/stretchr/testify/require" | ||
|
||
"github.com/gravitational/teleport/api/constants" | ||
"github.com/gravitational/teleport/api/types" | ||
) | ||
|
||
// TestOIDCRoleMapping verifies basic mapping from OIDC claims to roles. | ||
func TestOIDCRoleMapping(t *testing.T) { | ||
// create a connector | ||
oidcConnector, err := types.NewOIDCConnector("example", types.OIDCConnectorSpecV3{ | ||
IssuerURL: "https://www.exmaple.com", | ||
ClientID: "example-client-id", | ||
ClientSecret: "example-client-secret", | ||
Display: "sign in with example.com", | ||
Scope: []string{"foo", "bar"}, | ||
ClaimsToRoles: []types.ClaimMapping{{Claim: "roles", Value: "teleport-user", Roles: []string{"user"}}}, | ||
RedirectURLs: []string{"https://localhost:3080/v1/webapi/oidc/callback"}, | ||
}) | ||
require.NoError(t, err) | ||
|
||
// create some claims | ||
var claims = make(jose.Claims) | ||
claims.Add("roles", "teleport-user") | ||
claims.Add("email", "[email protected]") | ||
claims.Add("nickname", "foo") | ||
claims.Add("full_name", "foo bar") | ||
|
||
traits := OIDCClaimsToTraits(claims) | ||
require.Len(t, traits, 4) | ||
|
||
_, roles := TraitsToRoles(oidcConnector.GetTraitMappings(), traits) | ||
require.Len(t, roles, 1) | ||
require.Equal(t, "user", roles[0]) | ||
} | ||
|
||
// TestOIDCUnmarshal tests UnmarshalOIDCConnector | ||
func TestOIDCUnmarshal(t *testing.T) { | ||
for _, tc := range []struct { | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters