Added jti as parameter to claims helper to privide better interface t…

…o developers Signed-off-by: Alexander Widerberg <[email protected]>
ory · Jan 19, 2016 · bde3822 · bde3822
1 parent 26f41a0
commit bde3822
Show file tree

Hide file tree

Showing 5 changed files with 16 additions and 12 deletions.
diff --git a/enigma/jwt_test.go b/enigma/jwt_test.go
@@ -55,7 +55,7 @@ func TestRejectsAlgAndTypHeader(t *testing.T) {
 		{"typ": "foo"},
 		{"typ": "foo", "alg": "foo"},
 	} {
-		claims, _ := jwthelper.NewClaimsContext("fosite", "peter", "group0",
+		claims, _ := jwthelper.NewClaimsContext("fosite", "peter", "group0", "",
 			time.Now().Add(time.Hour), time.Now(), time.Now(), make(map[string]interface{}))
 
 		j := JWTEnigma{
@@ -68,7 +68,7 @@ func TestRejectsAlgAndTypHeader(t *testing.T) {
 }
 
 func TestGenerateJWT(t *testing.T) {
-	claims, err := jwthelper.NewClaimsContext("fosite", "peter", "group0",
+	claims, err := jwthelper.NewClaimsContext("fosite", "peter", "group0", "",
 		time.Now().Add(time.Hour), time.Now(), time.Now(), make(map[string]interface{}))
 
 	j := JWTEnigma{
@@ -109,7 +109,7 @@ func TestGenerateJWT(t *testing.T) {
 	j.PrivateKey = []byte(TestCertificates[0][1])
 
 	// Lets validate the exp claim
-	claims, err = jwthelper.NewClaimsContext("fosite", "peter", "group0",
+	claims, err = jwthelper.NewClaimsContext("fosite", "peter", "group0", "",
 		time.Now().Add(-time.Hour), time.Now(), time.Now(), make(map[string]interface{}))
 
 	token, sig, err = j.Generate(claims, make(map[string]interface{}))
@@ -121,7 +121,7 @@ func TestGenerateJWT(t *testing.T) {
 	require.NotNil(t, err, "%s", err)
 
 	// Lets validate the nbf claim
-	claims, err = jwthelper.NewClaimsContext("fosite", "peter", "group0",
+	claims, err = jwthelper.NewClaimsContext("fosite", "peter", "group0", "",
 		time.Now().Add(time.Hour), time.Now().Add(time.Hour), time.Now(), make(map[string]interface{}))
 
 	token, sig, err = j.Generate(claims, make(map[string]interface{}))

diff --git a/enigma/jwthelper/claims.go b/enigma/jwthelper/claims.go
@@ -29,7 +29,7 @@ var reservedClaimNames = map[string]string{
 }
 
 // NewClaimsContext : Dezignated initializer of the ClaimsContext handler
-func NewClaimsContext(issuer string, subject string, audience string,
+func NewClaimsContext(issuer string, subject string, audience string, tokenId string,
 	expiresAt time.Time, notBefore time.Time, issuedAt time.Time,
 	userClaims map[string]interface{}) (*ClaimsContext, error) {
 
@@ -50,7 +50,11 @@ func NewClaimsContext(issuer string, subject string, audience string,
 	allClaims["nbf"] = notBefore.Unix()
 	allClaims["aud"] = audience
 	allClaims["exp"] = expiresAt.Unix()
-	allClaims["jti"] = uuid.New()
+	if tokenId != "" {
+		allClaims["jti"] = tokenId
+	} else {
+		allClaims["jti"] = uuid.New()
+	}
 
 	return &allClaims, nil
 }

diff --git a/enigma/jwthelper/claims_test.go b/enigma/jwthelper/claims_test.go
@@ -9,7 +9,7 @@ import (
 
 func TestValidClaimsContext(t *testing.T) {
 	userClaims := ClaimsContext{"user-id": "123456", "custom-time": 1453066866, "custom-time-f": 1631.083, "custom-date": time.Date(2016, time.January, 17, 19, 00, 00, 00, &time.Location{})}
-	ctx, err := NewClaimsContext("fosite/auth", "Peter", "[email protected]", time.Now().Add(time.Hour), time.Now(), time.Now(), userClaims)
+	ctx, err := NewClaimsContext("fosite/auth", "Peter", "[email protected]", "", time.Now().Add(time.Hour), time.Now(), time.Now(), userClaims)
 	assert.Nil(t, err)
 
 	assert.Equal(t, "fosite/auth", ctx.GetIssuer())
@@ -41,11 +41,11 @@ func TestValidClaimsContext(t *testing.T) {
 
 func TestInvalidClaimsContext(t *testing.T) {
 	userClaims := ClaimsContext{"sub": "the \"sub\" field cannot be passed to claims context since it's a reserved claim"}
-	claimsCtx, err := NewClaimsContext("fosite/auth", "Peter", "[email protected]", time.Now().Add(time.Hour), time.Now(), time.Now(), userClaims)
+	claimsCtx, err := NewClaimsContext("fosite/auth", "Peter", "[email protected]", "", time.Now().Add(time.Hour), time.Now(), time.Now(), userClaims)
 	assert.NotNil(t, err)
 
 	userClaims = ClaimsContext{"alt": ""}
-	claimsCtx, err = NewClaimsContext("fosite/auth", "Peter", "[email protected]", time.Now().Add(-time.Hour), time.Now().Add(time.Hour), time.Now(), userClaims)
+	claimsCtx, err = NewClaimsContext("fosite/auth", "Peter", "[email protected]", "", time.Now().Add(-time.Hour), time.Now().Add(time.Hour), time.Now(), userClaims)
 	assert.Nil(t, err)
 
 	assert.True(t, claimsCtx.AssertExpired())

diff --git a/fosite-example/main.go b/fosite-example/main.go
@@ -166,7 +166,7 @@ func tokenEndpoint(rw http.ResponseWriter, req *http.Request) {
 
 	if typeof(*selectedStrategy) == "strategy.JWTStrategy" {
 		// JWT
-		claims, _ := jwthelper.NewClaimsContext("fosite", "peter", "group0",
+		claims, _ := jwthelper.NewClaimsContext("fosite", "peter", "group0", "",
 			time.Now().Add(time.Hour), time.Now(), time.Now(), make(map[string]interface{}))
 
 		mySessionData := strategy.JWTSession{
@@ -239,7 +239,7 @@ func authEndpoint(rw http.ResponseWriter, req *http.Request) {
 
 	if typeof(*selectedStrategy) == "strategy.JWTStrategy" {
 		// JWT
-		claims, _ := jwthelper.NewClaimsContext("fosite", "peter", "group0",
+		claims, _ := jwthelper.NewClaimsContext("fosite", "peter", "group0", "",
 			time.Now().Add(time.Hour), time.Now(), time.Now(), make(map[string]interface{}))
 
 		mySessionData := strategy.JWTSession{

diff --git a/handler/core/strategy/strategy_test.go b/handler/core/strategy/strategy_test.go
@@ -23,7 +23,7 @@ var j = &JWTStrategy{
 	},
 }
 
-var claims, claimsErr = jwthelper.NewClaimsContext("fosite", "peter", "group0",
+var claims, claimsErr = jwthelper.NewClaimsContext("fosite", "peter", "group0", "",
 	time.Now().Add(time.Hour), time.Now(), time.Now(), make(map[string]interface{}))
 
 var r = &fosite.Request{