Skip to content

Commit

Permalink
Fixed review comments
Browse files Browse the repository at this point in the history
Signed-off-by: naveensrinivasan <[email protected]>
  • Loading branch information
naveensrinivasan committed Oct 26, 2023
1 parent f69933d commit ed815b8
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 41 deletions.
15 changes: 7 additions & 8 deletions attestation/github/github.go
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,6 @@ import (
"os"
"strings"

"github.com/davecgh/go-spew/spew"
"github.com/testifysec/go-witness/attestation"
"github.com/testifysec/go-witness/attestation/jwt"
"github.com/testifysec/go-witness/cryptoutil"
Expand Down Expand Up @@ -117,16 +116,16 @@ func (a *Attestor) Attest(ctx *attestation.AttestationContext) error {

jwtString, err := fetchToken(a.tokenURL, os.Getenv("ACTIONS_ID_TOKEN_REQUEST_TOKEN"), "witness")
if err != nil {
return fmt.Errorf("error on fething token %w", err)
return fmt.Errorf("error on fetching token %w", err)
}

spew.Dump(jwtString)
if jwtString == "" {
return fmt.Errorf("empty JWT string")
}

if jwtString != "" {
a.JWT = jwt.New(jwt.WithToken(jwtString), jwt.WithJWKSUrl(a.jwksURL))
if err := a.JWT.Attest(ctx); err != nil {
return fmt.Errorf("error on attesting jwt %w", err)
}
a.JWT = jwt.New(jwt.WithToken(jwtString), jwt.WithJWKSUrl(a.jwksURL))
if err := a.JWT.Attest(ctx); err != nil {
return fmt.Errorf("failed to attest github jwt: %w", err)
}

a.CIServerUrl = os.Getenv("GITHUB_SERVER_URL")
Expand Down
34 changes: 1 addition & 33 deletions attestation/github/github_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,6 @@ import (
"testing"

"github.com/stretchr/testify/assert"
"github.com/testifysec/go-witness/attestation"
)

func createMockServer() *httptest.Server {
Expand All @@ -40,18 +39,6 @@ func createMockServer() *httptest.Server {
}))
}

func createTokenServer() *httptest.Server {
return httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if r.URL.Path == "/valid" && r.Header.Get("Authorization") == "bearer validBearer" {
w.Write([]byte(`{"protected": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9",
"payload": "eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ",
"signature": "SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c"}`))
} else {
http.Error(w, "Unauthorized", http.StatusUnauthorized)
}
}))
}

func TestFetchToken(t *testing.T) {
testCases := []struct {
name string
Expand Down Expand Up @@ -111,27 +98,8 @@ func TestFetchToken(t *testing.T) {
}
}

func TestAttestorAttest(t *testing.T) {
tokenServer := createTokenServer()
defer tokenServer.Close()
t.Setenv("GITHUB_ACTIONS", "true")
t.Setenv("ACTIONS_ID_TOKEN_REQUEST_URL", tokenServer.URL+"/valid")
t.Setenv("ACTIONS_ID_TOKEN_REQUEST_TOKEN", "validBearer")

attestor := &Attestor{
aud: tokenAudience,
jwksURL: tokenServer.URL,
tokenURL: os.Getenv("ACTIONS_ID_TOKEN_REQUEST_URL"),
}

ctx := &attestation.AttestationContext{}

err := attestor.Attest(ctx)
assert.NoError(t, err)
}

func TestSubjects(t *testing.T) {
tokenServer := createTokenServer()
tokenServer := createMockServer()
defer tokenServer.Close()
attestor := &Attestor{
aud: "projecturl",
Expand Down

0 comments on commit ed815b8

Please sign in to comment.