kevin/baron-sso
1
0
Fork 0
forked from baron/baron-sso
Code Pull Requests Activity
Files
d9e8fee64b6bcbe00aa363fcf4e48c6b54b5ed6c
baron-sso/backend/internal/domain/hydra_models_test.go
Lectom C Han 94362bf8eb headless login으로 리펙토링
2026-04-01 10:50:31 +09:00

83 lines
2.2 KiB
Go
Raw Blame History

package domain
import "testing"
func TestHydraClient_HeadlessLoginFlags(t *testing.T) {
t.Run("metadata-backed headless login client is supported", func(t *testing.T) {
client := HydraClient{
TokenEndpointAuthMethod: "none",
Metadata: map[string]any{
"headless_login_enabled": true,
"headless_token_endpoint_auth_method": "private_key_jwt",
"headless_jwks": map[string]any{
"keys": []map[string]any{{
"kty": "RSA",
}},
},
},
}
if !client.SupportsHeadlessLogin() {
t.Fatalf("expected metadata-backed headless login client")
}
if !client.IsHeadlessLoginEnabled() {
t.Fatalf("expected metadata-backed headless login enabled")
}
})
t.Run("inline jwks with private_key_jwt and headless enabled", func(t *testing.T) {
client := HydraClient{
TokenEndpointAuthMethod: "private_key_jwt",
JWKS: map[string]any{
"keys": []map[string]any{{
"kty": "RSA",
}},
},
Metadata: map[string]any{
"headless_login_enabled": true,
},
}
if !client.SupportsHeadlessLogin() {
t.Fatalf("expected headless login client")
}
if !client.IsHeadlessLoginEnabled() {
t.Fatalf("expected headless login enabled")
}
})
t.Run("jwks uri without private_key_jwt does not support headless login", func(t *testing.T) {
client := HydraClient{
TokenEndpointAuthMethod: "none",
JWKSUri: "https://rp.example.com/.well-known/jwks.json",
Metadata: map[string]any{
"headless_login_enabled": true,
},
}
if client.SupportsHeadlessLogin() {
t.Fatalf("expected headless login prerequisites to be missing")
}
if client.IsHeadlessLoginEnabled() {
t.Fatalf("expected headless login disabled when prerequisites are missing")
}
})
t.Run("headless login client without boolean metadata flag is not enabled", func(t *testing.T) {
client := HydraClient{
TokenEndpointAuthMethod: "private_key_jwt",
JWKSUri: "https://rp.example.com/.well-known/jwks.json",
Metadata: map[string]any{
"headless_login_enabled": "true",
},
}
if !client.SupportsHeadlessLogin() {
t.Fatalf("expected headless login client")
}
if client.IsHeadlessLoginEnabled() {
t.Fatalf("expected headless login disabled for non-bool metadata")
}
})
}
View Git Blame Copy Permalink