zot/pkg/test/auth/oidc.go

package auth

import (
	"crypto/rand"
	"crypto/rsa"
	"net"
	"net/http"
	"strings"

	"github.com/project-zot/mockoidc"
)

func MockOIDCRun() (*mockoidc.MockOIDC, error) {
	// Create a fresh RSA Private Key for token signing
	rsaKey, _ := rsa.GenerateKey(rand.Reader, 2048) //nolint: gomnd

	// Create an unstarted MockOIDC server
	mockServer, _ := mockoidc.NewServer(rsaKey)

	// Create the net.Listener, kernel will chose a valid port
	listener, _ := net.Listen("tcp", "127.0.0.1:0")

	bearerMiddleware := func(next http.Handler) http.Handler {
		return http.HandlerFunc(func(response http.ResponseWriter, req *http.Request) {
			// stateVal := req.Form.Get("state")
			header := req.Header.Get("Authorization")
			parts := strings.SplitN(header, " ", 2) //nolint: gomnd
			if header != "" {
				if strings.ToLower(parts[0]) == "bearer" {
					req.Header.Set("Authorization", strings.Join([]string{"Bearer", parts[1]}, " "))
				}
			}

			next.ServeHTTP(response, req)
		})
	}

	err := mockServer.AddMiddleware(bearerMiddleware)
	if err != nil {
		return mockServer, err
	}
	// tlsConfig can be nil if you want HTTP
	return mockServer, mockServer.Start(listener, nil)
}
refactor(pkg/test): split logic in pkg/test/common.go into multiple packages (#1861) Which could be imported independently. See more details: 1. "zotregistry.io/zot/pkg/test/common" - currently used as tcommon "zotregistry.io/zot/pkg/test/common" - inside pkg/test test "zotregistry.io/zot/pkg/test/common" - in tests . "zotregistry.io/zot/pkg/test/common" - in tests Decouple zb from code in test/pkg in order to keep the size small. 2. "zotregistry.io/zot/pkg/test/image-utils" - curently used as . "zotregistry.io/zot/pkg/test/image-utils" 3. "zotregistry.io/zot/pkg/test/deprecated" - curently used as "zotregistry.io/zot/pkg/test/deprecated" This one will bre replaced gradually by image-utils in the future. 4. "zotregistry.io/zot/pkg/test/signature" - (cosign + notation) use as "zotregistry.io/zot/pkg/test/signature" 5. "zotregistry.io/zot/pkg/test/auth" - (bearer + oidc) curently used as authutils "zotregistry.io/zot/pkg/test/auth" 6. "zotregistry.io/zot/pkg/test/oci-utils" - curently used as ociutils "zotregistry.io/zot/pkg/test/oci-utils" Some unused functions were removed, some were replaced, and in a few cases specific funtions were moved to the files they were used in. Added an interface for the StoreController, this reduces the number of imports of the entire image store, decreasing binary size for tests. If the zb code was still coupled with pkg/test, this would have reflected in zb size. Signed-off-by: Andrei Aaron <aaaron@luxoft.com> 2023-09-27 21:34:48 +03:00			`package auth`

			`import (`
			`"crypto/rand"`
			`"crypto/rsa"`
			`"net"`
			`"net/http"`
			`"strings"`

			`"github.com/project-zot/mockoidc"`
			`)`

			`func MockOIDCRun() (*mockoidc.MockOIDC, error) {`
			`// Create a fresh RSA Private Key for token signing`
			`rsaKey, _ := rsa.GenerateKey(rand.Reader, 2048) //nolint: gomnd`

			`// Create an unstarted MockOIDC server`
			`mockServer, _ := mockoidc.NewServer(rsaKey)`

			`// Create the net.Listener, kernel will chose a valid port`
			`listener, _ := net.Listen("tcp", "127.0.0.1:0")`

			`bearerMiddleware := func(next http.Handler) http.Handler {`
			`return http.HandlerFunc(func(response http.ResponseWriter, req *http.Request) {`
			`// stateVal := req.Form.Get("state")`
			`header := req.Header.Get("Authorization")`
			`parts := strings.SplitN(header, " ", 2) //nolint: gomnd`
			`if header != "" {`
			`if strings.ToLower(parts[0]) == "bearer" {`
			`req.Header.Set("Authorization", strings.Join([]string{"Bearer", parts[1]}, " "))`
			`}`
			`}`

			`next.ServeHTTP(response, req)`
			`})`
			`}`

			`err := mockServer.AddMiddleware(bearerMiddleware)`
			`if err != nil {`
			`return mockServer, err`
			`}`
			`// tlsConfig can be nil if you want HTTP`
			`return mockServer, mockServer.Start(listener, nil)`
			`}`