JWS: use GOOPS

author: Vivien Kraus <vivien@planete-kraus.eu> 2021-09-20 11:25:29 +0200
committer: Vivien Kraus <vivien@planete-kraus.eu> 2021-09-21 22:28:51 +0200
commit: e910b3ba2ded990a5193f7ea0cfad525332e4171 (patch)
tree: b04e74e7c06e0a0fde5edd7ac0b8773db94cd515 /tests/token-endpoint-refresh.scm
parent: dcd329af1ec765ca0fac97ef2dc18a3177d34083 (diff)
1 files changed, 40 insertions, 23 deletions
diff --git a/tests/token-endpoint-refresh.scm b/tests/token-endpoint-refresh.scm
index f14d648..f0174b8 100644
--- a/tests/token-endpoint-refresh.scm
+++ b/tests/token-endpoint-refresh.scm
@@ -19,6 +19,7 @@
              (webid-oidc refresh-token)
              (webid-oidc dpop-proof)
              (webid-oidc jwk)
+             (webid-oidc access-token)
              (webid-oidc jws)
              (webid-oidc jti)
              (webid-oidc testing)
@@ -50,11 +51,12 @@
        ;; The refresh token is fake!
        (let ((dpop
               (parameterize ((p:current-date 0))
-                (issue-dpop-proof
-                 client-key
-                 #:htm 'POST
-                 #:htu (string->uri
-                        "https://token-endpoint-issue.scm/token")))))
+                (issue <dpop-proof>
+                       client-key
+                       #:jwk (public-key client-key)
+                       #:htm 'POST
+                       #:htu (string->uri
+                              "https://token-endpoint-issue.scm/token")))))
          (parameterize ((p:current-date 0))
            (endpoint
             (build-request (string->uri
@@ -69,11 +71,12 @@
      (receive (response response-body user error)
          (let ((dpop
                 (parameterize ((p:current-date 10))
-                  (issue-dpop-proof
-                   client-key
-                   #:htm 'POST
-                   #:htu (string->uri
-                          "https://token-endpoint-issue.scm/token")))))
+                  (issue <dpop-proof>
+                         client-key
+                         #:jwk (public-key client-key)
+                         #:htm 'POST
+                         #:htu (string->uri
+                                "https://token-endpoint-issue.scm/token")))))
            (parameterize ((p:current-date 10))
              (endpoint
               (build-request (string->uri
@@ -94,17 +97,31 @@
              (exit 6))
            (unless refresh-token-enc
              (exit 7))
-           (let ((access-token (jws-decode access-token-enc
-                                           (lambda (h) key))))
+           (let ((access-token
+                  (parameterize ((p:current-date 20))
+                    (decode <access-token> access-token-enc
+                            #:http-request
+                            (lambda* (uri . args)
+                              (cond
+                               ((equal? uri (string->uri "https://issuer.token-endpoint-issue.scm/.well-known/openid-configuration"))
+                                (values (build-response #:headers '((content-type application/json)))
+                                        "{
+  \"jwks_uri\": \"https://token-endpoint-issue.scm/keys\",
+  \"token_endpoint\": \"https://token-endpoint-issue.scm/token\",
+  \"authorization_endpoint\": \"https://token-endpoint-issue.scm/authorize\",
+  \"solid_oidc_supported\": \"https://solidproject.org/TR/solid-oidc\"
+}"))
+                               ((equal? uri (string->uri "https://token-endpoint-issue.scm/keys"))
+                                (values (build-response #:headers '((content-type application/json)))
+                                        (stubs:scm->json-string `((keys . ,(list->vector (list (key->jwk key))))))))
+                               (else
+                                (exit 8))))))))
              (unless access-token
-               (exit 8))
-             (let ((access-token-cnf (assq-ref access-token 'cnf)))
-               (unless access-token-cnf
-                 (exit 9))
-               (let ((access-token-cnf/jkt (assq-ref access-token-cnf 'jkt)))
-                 (unless access-token-cnf/jkt
-                   (exit 10))
-                 (unless (string=? access-token-cnf/jkt (jkt client-key))
-                   (exit 11))))
-             (unless (string=? refresh-token-enc refresh-code)
-               (exit 12)))))))))
+               (exit 9))
+             (let ((access-token-cnf/jkt (cnf/jkt access-token)))
+               (unless access-token-cnf/jkt
+                 (exit 10))
+               (unless (string=? access-token-cnf/jkt (jkt client-key))
+                 (exit 11))))
+           (unless (string=? refresh-token-enc refresh-code)
+             (exit 12))))))))
author	Vivien Kraus <vivien@planete-kraus.eu>	2021-09-20 11:25:29 +0200
committer	Vivien Kraus <vivien@planete-kraus.eu>	2021-09-21 22:28:51 +0200
commit	e910b3ba2ded990a5193f7ea0cfad525332e4171 (patch)
tree	b04e74e7c06e0a0fde5edd7ac0b8773db94cd515 /tests/token-endpoint-refresh.scm
parent	dcd329af1ec765ca0fac97ef2dc18a3177d34083 (diff)