kevin/baron-sso
1
0
Fork 0
forked from baron/baron-sso
Code Pull Requests Activity

fix(auth): separate pkce and headless trusted rp config

Browse Source
This commit is contained in:
Lectom C Han
2026-03-31 10:44:04 +09:00
parent 4b34ab8161
commit 33afe1eddf
8 changed files with 274 additions and 62 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
backend/internal/handler/dev_handler_test.go
View File

@@ -676,9 +676,10 @@ func TestCreateClient_TrustedRPPayloadMapping(t *testing.T) {
resp, _ := app.Test(req, -1)
assert.Equal(t, http.StatusCreated, resp.StatusCode)
assert.Equal(t, "private_key_jwt", captured.TokenEndpointAuthMethod)
assert.NotNil(t, captured.JWKS)
assert.True(t, captured.IsTrustedRP())
assert.Equal(t, "none", captured.TokenEndpointAuthMethod)
assert.Nil(t, captured.JWKS)
assert.Equal(t, "private_key_jwt", captured.Metadata["headless_token_endpoint_auth_method"])
assert.NotNil(t, captured.Metadata["headless_jwks"])
assert.True(t, captured.IsHeadlessLoginEnabled())
assert.Equal(t, true, captured.Metadata["headless_login_enabled"])
assert.Equal(t, "RS256", captured.Metadata["request_object_signing_alg"])
@@ -754,9 +755,10 @@ func TestUpdateClient_TrustedRPPayloadMapping(t *testing.T) {
resp, _ := app.Test(req, -1)
assert.Equal(t, http.StatusOK, resp.StatusCode)
assert.Equal(t, "private_key_jwt", captured.TokenEndpointAuthMethod)
assert.Equal(t, "https://rp.example.com/.well-known/jwks.json", captured.JWKSUri)
assert.True(t, captured.IsTrustedRP())
assert.Equal(t, "none", captured.TokenEndpointAuthMethod)
assert.Equal(t, "", captured.JWKSUri)
assert.Equal(t, "private_key_jwt", captured.Metadata["headless_token_endpoint_auth_method"])
assert.Equal(t, "https://rp.example.com/.well-known/jwks.json", captured.Metadata["headless_jwks_uri"])
assert.True(t, captured.IsHeadlessLoginEnabled())
assert.Equal(t, true, captured.Metadata["headless_login_enabled"])
}