From eab911df74c0409f7b7a41908a18913ca01d6cf8 Mon Sep 17 00:00:00 2001 From: youssef-deriv Date: Tue, 1 Oct 2024 06:44:20 +0000 Subject: [PATCH 1/6] use self --- lib/WebService/Hydra/Client.pm | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/WebService/Hydra/Client.pm b/lib/WebService/Hydra/Client.pm index ad0eafd..7e239a6 100644 --- a/lib/WebService/Hydra/Client.pm +++ b/lib/WebService/Hydra/Client.pm @@ -354,7 +354,7 @@ method validate_id_token ($id_token) { try { my $payload = decode_jwt( token => $id_token, - kid_keys => $jwks + kid_keys => $self->jwks ); return $payload; } catch ($e) { @@ -385,8 +385,8 @@ method validate_token ($token) { token => $token, verify_iat => 1, verify_exp => 1, - verify_iss => $oidc_config->{issuer}, - kid_keys => $jwks + verify_iss => $self->oidc_config->{issuer}, + kid_keys => $self->jwks ); return $payload; } From e525cf64ef7467172ff35f0bebbc0eaec89594a3 Mon Sep 17 00:00:00 2001 From: youssef-deriv Date: Wed, 2 Oct 2024 05:49:50 +0000 Subject: [PATCH 2/6] Add test for validate_token --- t/unit/hydra_client.t | 44 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+) diff --git a/t/unit/hydra_client.t b/t/unit/hydra_client.t index 9122e23..1cafede 100644 --- a/t/unit/hydra_client.t +++ b/t/unit/hydra_client.t @@ -539,6 +539,50 @@ subtest 'oidc_config' => sub { }; +subtest 'validate_token' => sub { + my $mock_hydra = Test::MockModule->new('WebService::Hydra::Client'); + my $mock_token = 'mock.jwt.token'; + my $mock_oidc_config = { issuer => 'https://example.com' }; + my $mock_jwks = { keys => [ { kid => 'key1', kty => 'RSA', n => '...', e => '...' } ] }; + my $mock_payload = { sub => '1234567890', name => 'John Doe', admin => 'true' }; + + $mock_hydra->redefine('decode_jwt' , sub { + my %args = @_; + if ($args{token} eq $mock_token) { + return $mock_payload; + } else { + die "Invalid token"; + } + }); + + $mock_hydra->redefine('fetch_openid_configuration', sub { + return $mock_oidc_config; + }); + + $mock_hydra->redefine('fetch_jwks', sub { + return $mock_jwks; + }); + + my $client = WebService::Hydra::Client->new( + admin_endpoint => 'http://dummyhydra.com/admin', + public_endpoint => 'http://dummyhydra.com' + ); + + subtest 'validate_token' => sub { + my $decoded_payload; + + lives_ok { + $decoded_payload = $client->validate_token($mock_token); + } 'Token validation should succeed'; + + is_deeply($decoded_payload, $mock_payload, 'Decoded payload should match expected payload'); + + throws_ok { + $client->validate_token('invalid.token'); + } qr/Invalid token/, 'Invalid token should throw an exception'; + }; +}; + done_testing(); 1; From af62a570c19543c44a2f0170a123f6e92f7c8029 Mon Sep 17 00:00:00 2001 From: youssef-deriv Date: Wed, 2 Oct 2024 06:19:44 +0000 Subject: [PATCH 3/6] bug_fix From ba61f8b29fe5da36ac050d830323b9137dc4a964 Mon Sep 17 00:00:00 2001 From: youssef-deriv Date: Wed, 2 Oct 2024 06:29:25 +0000 Subject: [PATCH 4/6] fix_validate_token_bug From 2babbf2cb277c4921a9150b702e5f264022d86c9 Mon Sep 17 00:00:00 2001 From: youssef-deriv Date: Wed, 2 Oct 2024 06:37:10 +0000 Subject: [PATCH 5/6] tidy --- t/unit/hydra_client.t | 60 ++++++++++++++++++++++++++----------------- 1 file changed, 36 insertions(+), 24 deletions(-) diff --git a/t/unit/hydra_client.t b/t/unit/hydra_client.t index 1cafede..a1793c9 100644 --- a/t/unit/hydra_client.t +++ b/t/unit/hydra_client.t @@ -416,7 +416,7 @@ subtest 'revoke_login_sessions' => sub { is_deeply $got , $mock_api_response->{data}, 'api_call response correctly parsed'; @params = (); - $got = $client->revoke_login_sessions(sid => '1234'); + $got = $client->revoke_login_sessions(sid => '1234'); is $params[1], 'DELETE', 'DELETE request method'; is $params[2], 'http://dummyhydra.com/admin/admin/oauth2/auth/sessions/login?sid=1234', 'Request URL built with correct parameters'; @@ -540,28 +540,38 @@ subtest 'oidc_config' => sub { }; subtest 'validate_token' => sub { - my $mock_hydra = Test::MockModule->new('WebService::Hydra::Client'); - my $mock_token = 'mock.jwt.token'; - my $mock_oidc_config = { issuer => 'https://example.com' }; - my $mock_jwks = { keys => [ { kid => 'key1', kty => 'RSA', n => '...', e => '...' } ] }; - my $mock_payload = { sub => '1234567890', name => 'John Doe', admin => 'true' }; - - $mock_hydra->redefine('decode_jwt' , sub { - my %args = @_; - if ($args{token} eq $mock_token) { - return $mock_payload; - } else { - die "Invalid token"; - } - }); - - $mock_hydra->redefine('fetch_openid_configuration', sub { - return $mock_oidc_config; - }); + my $mock_hydra = Test::MockModule->new('WebService::Hydra::Client'); + my $mock_token = 'mock.jwt.token'; + my $mock_oidc_config = {issuer => 'https://example.com'}; + my $mock_jwks = {keys => [{kid => 'key1', kty => 'RSA', n => '...', e => '...'}]}; + my $mock_payload = { + sub => '1234567890', + name => 'John Doe', + admin => 'true' + }; - $mock_hydra->redefine('fetch_jwks', sub { - return $mock_jwks; - }); + $mock_hydra->redefine( + 'decode_jwt', + sub { + my %args = @_; + if ($args{token} eq $mock_token) { + return $mock_payload; + } else { + die "Invalid token"; + } + }); + + $mock_hydra->redefine( + 'fetch_openid_configuration', + sub { + return $mock_oidc_config; + }); + + $mock_hydra->redefine( + 'fetch_jwks', + sub { + return $mock_jwks; + }); my $client = WebService::Hydra::Client->new( admin_endpoint => 'http://dummyhydra.com/admin', @@ -573,13 +583,15 @@ subtest 'validate_token' => sub { lives_ok { $decoded_payload = $client->validate_token($mock_token); - } 'Token validation should succeed'; + } + 'Token validation should succeed'; is_deeply($decoded_payload, $mock_payload, 'Decoded payload should match expected payload'); throws_ok { $client->validate_token('invalid.token'); - } qr/Invalid token/, 'Invalid token should throw an exception'; + } + qr/Invalid token/, 'Invalid token should throw an exception'; }; }; From c9282fbb4883c8a242293081220c32878efbe38e Mon Sep 17 00:00:00 2001 From: youssef-deriv Date: Wed, 2 Oct 2024 06:47:51 +0000 Subject: [PATCH 6/6] Update changes --- Changes | 1 + 1 file changed, 1 insertion(+) diff --git a/Changes b/Changes index c1fc1db..55843f4 100644 --- a/Changes +++ b/Changes @@ -1,4 +1,5 @@ {{$NEXT}} + - Bug fix in `validate_token` and `validate_id_token` methods. 0.001 2024-09-30 03:56:03+00:00 UTC - Initial release