From 8b6ace610c23106df95908e3aa41111a82e5d43f Mon Sep 17 00:00:00 2001 From: Riley Anderson Date: Wed, 10 Apr 2024 14:44:07 -0600 Subject: [PATCH] Add new cert and key for sign-in service sts clients (#16263) --- config/settings.yml | 2 + db/seeds/development.rb | 13 ++++- .../controllers/v0/sign_in_controller_spec.rb | 4 +- .../sign_in/sample_service_account.crt | 19 ------- .../sign_in/sample_service_account.pem | 28 ---------- spec/fixtures/sign_in/sts_client.crt | 37 +++++++++++++ spec/fixtures/sign_in/sts_client.pem | 52 +++++++++++++++++++ .../sign_in/assertion_validator_spec.rb | 4 +- 8 files changed, 107 insertions(+), 52 deletions(-) delete mode 100644 spec/fixtures/sign_in/sample_service_account.crt delete mode 100644 spec/fixtures/sign_in/sample_service_account.pem create mode 100644 spec/fixtures/sign_in/sts_client.crt create mode 100644 spec/fixtures/sign_in/sts_client.pem diff --git a/config/settings.yml b/config/settings.yml index 065cca2a433..b96a0d93058 100644 --- a/config/settings.yml +++ b/config/settings.yml @@ -79,6 +79,8 @@ sign_in: vaweb_client_id: vaweb vamobile_client_id: vamobile arp_client_id: arp + sts_client: + key_path: spec/fixtures/sign_in/sts_client.pem terms_of_use: current_version: v1 diff --git a/db/seeds/development.rb b/db/seeds/development.rb index 00a1512f296..aa5195e17ac 100644 --- a/db/seeds/development.rb +++ b/db/seeds/development.rb @@ -110,7 +110,7 @@ access_token_audience: 'http://localhost:3978/api/messages', access_token_user_attributes: ['icn'], access_token_duration: SignIn::Constants::ServiceAccountAccessToken::VALIDITY_LENGTH_SHORT_MINUTES, - certificates: [File.read('spec/fixtures/sign_in/sample_service_account.crt')] + certificates: [File.read('spec/fixtures/sign_in/sts_client.crt')] ) # Create config for accredited_representative_portal @@ -124,3 +124,14 @@ access_token_attributes: %w[first_name last_name email], refresh_token_duration: SignIn::Constants::RefreshToken::VALIDITY_LENGTH_SHORT_MINUTES, logout_redirect_uri: 'http://localhost:3001/representatives') + +# Create Service Account Config for BTSSS +btsss = SignIn::ServiceAccountConfig.find_or_initialize_by(service_account_id: 'bbb5830ecebdef04556e9c430e374972') +btsss.update!( + description: 'BTSSS', + scopes: [], + access_token_audience: 'http://localhost:3000', + access_token_user_attributes: ['icn'], + access_token_duration: SignIn::Constants::ServiceAccountAccessToken::VALIDITY_LENGTH_SHORT_MINUTES, + certificates: [File.read('spec/fixtures/sign_in/sts_client.crt')] +) diff --git a/spec/controllers/v0/sign_in_controller_spec.rb b/spec/controllers/v0/sign_in_controller_spec.rb index 54e230bbe4a..52da427b770 100644 --- a/spec/controllers/v0/sign_in_controller_spec.rb +++ b/spec/controllers/v0/sign_in_controller_spec.rb @@ -1637,7 +1637,7 @@ context 'and assertion is a valid jwt' do let(:private_key) { OpenSSL::PKey::RSA.new(File.read(private_key_path)) } - let(:private_key_path) { 'spec/fixtures/sign_in/sample_service_account.pem' } + let(:private_key_path) { 'spec/fixtures/sign_in/sts_client.pem' } let(:assertion_payload) do { iss:, @@ -1661,7 +1661,7 @@ let(:expiration_time) { SignIn::Constants::AccessToken::VALIDITY_LENGTH_SHORT_MINUTES.since.to_i } let(:created_time) { Time.zone.now.to_i } let(:uuid) { 'some-uuid' } - let(:certificate_path) { 'spec/fixtures/sign_in/sample_service_account.crt' } + let(:certificate_path) { 'spec/fixtures/sign_in/sts_client.crt' } let(:version) { SignIn::Constants::AccessToken::CURRENT_VERSION } let(:assertion_certificate) { File.read(certificate_path) } let(:service_account_config) { create(:service_account_config, certificates: [assertion_certificate]) } diff --git a/spec/fixtures/sign_in/sample_service_account.crt b/spec/fixtures/sign_in/sample_service_account.crt deleted file mode 100644 index 45fbb7ca73e..00000000000 --- a/spec/fixtures/sign_in/sample_service_account.crt +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDAjCCAeoCCQCd5yxC1/1eSTANBgkqhkiG9w0BAQsFADBDMQswCQYDVQQGEwJV -UzEPMA0GA1UECAwGT3JlZ29uMREwDwYDVQQHDAhQb3J0bGFuZDEQMA4GA1UECgwH -T2RkYmFsbDAeFw0yMzA3MjAxMzM2MTFaFw0yNDA3MTkxMzM2MTFaMEMxCzAJBgNV -BAYTAlVTMQ8wDQYDVQQIDAZPcmVnb24xETAPBgNVBAcMCFBvcnRsYW5kMRAwDgYD -VQQKDAdPZGRiYWxsMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw15I -xiDnedSaypN4J85mpqnW/lEhUVBOab8WH6yHP/TAybwuEA1g5FlvsK+JI8daB9ww -tj5jEO7lVObrLXDj9n2nvA05UxaoeSihVJcZZyXeqszyceV5Jy19cQFeHQsNCH/f -2rgWupyCe6UrqK8l9K/F5MILXLoDDKE1a/2mdoWl7dPy9eCBfkuoptKsWp/UYSzE -UOeveppS+fqvcyoJIRO1vMqt7Lf07RhxmzOEOF71IzxTUDbI/RLgO+LgEHPHOg9J -W7Tubh0RvKD2W7xqMDQF/81t+Y+LQ8+jnpE/7LUrHWUMmQHd5BXECFoBi/XiR01t -dcBtKdQfwmRydoPMZQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQC/2iLSxm+0Eehq -txZq7h8CMTMuOueLVeTu/UY9zT/juvobTmwgsKqYLmKx4JC7Ioycn7z1diX0LeEV -ECcMV0dIYgNDQ9J1pEVA1GJX72d3za45ZlY9R0tujDD8eynx/rxbimv5KaxmNmBA -a/2qmpxHyy2F4ZjHX4w60CYRVHvqNzSjCUpHkMw+40P89I3YStFhW64i3lpm7YRJ -Asf3Uq21LI1T9xWECQ6YBDeRHeyn2EOqAYe/xLV23AXP1pID3Mso+KpXch7Nsemc -KRXpqqNAsSZqbyXm3Wwf5zR7zKwTE2E5UfpQxlcQMFJi6HJKOua/6ujsm9JimNlr -2FRiU/DM ------END CERTIFICATE----- diff --git a/spec/fixtures/sign_in/sample_service_account.pem b/spec/fixtures/sign_in/sample_service_account.pem deleted file mode 100644 index a651eb6b6a2..00000000000 --- a/spec/fixtures/sign_in/sample_service_account.pem +++ /dev/null @@ -1,28 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDDXkjGIOd51JrK -k3gnzmamqdb+USFRUE5pvxYfrIc/9MDJvC4QDWDkWW+wr4kjx1oH3DC2PmMQ7uVU -5ustcOP2fae8DTlTFqh5KKFUlxlnJd6qzPJx5XknLX1xAV4dCw0If9/auBa6nIJ7 -pSuoryX0r8XkwgtcugMMoTVr/aZ2haXt0/L14IF+S6im0qxan9RhLMRQ5696mlL5 -+q9zKgkhE7W8yq3st/TtGHGbM4Q4XvUjPFNQNsj9EuA74uAQc8c6D0lbtO5uHRG8 -oPZbvGowNAX/zW35j4tDz6OekT/stSsdZQyZAd3kFcQIWgGL9eJHTW11wG0p1B/C -ZHJ2g8xlAgMBAAECggEAfjVNa/jbsF+A87bam1SCCc6UHcyJan8neLbB8wpAgTd6 -x5fyZdpOqpWASrLLNDrXVVaQfVrGIq1Bp1xZtwxDp/u6vQgJ7Two78QonH3UIkdb -lhk50gw8/OstKzCH/NkjvUbmdOQRgtISlQ+5qYokSfK3M7WLI4bi62jFGxNMUymX -DGGMa1quOKJjT1xTCU7+WAZa+xzMH8J+HOw5kyigfjIj1ImzpcDCPP5tTWXt1nFL -o/Ynh+SeyMF+N923a64Ynm0htZzHuImuX5mRr1Fw+HeFDuYsbdp11bQ8iAieAj24 -aUXdiVKDnf/bLJuiV+pil/pr4EQSyidRelGwFmMaTQKBgQD3BH0NOI2JTQzO21Ay -ecfiqo8bCqrQcT++aCX6omGhPcNpoD9hHSBitjYPjqm+rpcEVsDrd6dNAFsF7eEU -aRAAaGaxjng3uDtYLFzNI/HPg4l/ZZFaFPWD9TuXVW0JRInGRyQUNUebiZkUckGX -hpZELVT/pebIESeZgsoQ85vcPwKBgQDKePzed0c9zm0jhKHZoV1o1WhXWb7vTIFG -KlVK+LCh2Mnd0LJou16QDqU5hNSJtCMyfSBKapBNdiDrtHsug+28nv0SJYQtiehV -nyQ7i9WCv4dnPFDMPsbu8ZdnCg+pEuVQg5G7PnYZ1lt4XvNPz6mBY7EjlZJ7EHMh -lCvmGOr+WwKBgQCrKe0NEDbjAQTzAX0cvM4I/m6TKl0aep7U7Y4DkilcdVPHCUdh -n7ElNWVYel6cxpXWZ9beUtcWwDxSa3cfkX2JCs6+Eh6zXXGhs3vKmjGgvWC1akfB -x+woN/HG92bKmTdusTUK27B20m3EgTd6K8RMEa1oSCkWUOzDrqEeBe/mOQKBgQDB -ahQ9O/pdK22MiW3HJOPDemGDWCMSG6Y+bcAurySkZyBnea6EZ8DsomDpcl9J8D/T -Qj5veB7DMH5AS5eEltiq38Hm7Nm4Ws4LxMtq6qiajvX9A1w30BxfM4ArGSxemcNf -R2AWW5OcGO4mLaYGbtyA0sfrsz1LvCoPQKky1EjfkwKBgQDGyKQNZX7W6Y+2ou65 -2qY5tcw+oesU3zH+tDeNOlb3hp7PvtDKDf25/0cZJ0YGW9N6DQhGmbZWgChfQ1nS -4CkAQVbGeJPm3mvLf+k0ApQHgc3xuy7CD0eYYv3IzCt9oEppzyZoadRJ+L6sH6lN -1f0oNJVVK26pEtXsc0IrfQ5EbQ== ------END PRIVATE KEY----- diff --git a/spec/fixtures/sign_in/sts_client.crt b/spec/fixtures/sign_in/sts_client.crt new file mode 100644 index 00000000000..cc62802e760 --- /dev/null +++ b/spec/fixtures/sign_in/sts_client.crt @@ -0,0 +1,37 @@ +-----BEGIN CERTIFICATE----- +MIIGZTCCBU2gAwIBAgIHPQAAAACU1zANBgkqhkiG9w0BAQsFADBIMRMwEQYKCZIm +iZPyLGQBGRYDZ292MRIwEAYKCZImiZPyLGQBGRYCdmExHTAbBgNVBAMTFFZBLUlu +dGVybmFsLVMyLUlDQTExMB4XDTI0MDQwNTE1MTkyOFoXDTI1MDQyOTE1MTkyOFow +gY8xCzAJBgNVBAYTAlVTMQ0wCwYDVQQIEwRELkMuMRMwEQYDVQQHEwpXYXNoaW5n +dG9uMSwwKgYDVQQKEyNVLlMuIERlcGFydG1lbnQgb2YgVmV0ZXJhbnMgQWZmYWly +czEuMCwGA1UEAxMlc2lnbi1pbi1zZXJ2aWNlLXN0cy12ZXRzYXBpLWxvY2FsaG9z +dDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALs8ksbzx8CkeEh9FXTW +UibrmN+Qnb/hfG3kAOvXvk1vvzzWTJFjWBzTmahdkHaVMUHEsJ9UPrL0e6j3z8w4 +rYY+4myxzVRE5K1qZ6/JofizdOmnrSPBkLenguOGWBLoNZOVgXuXKnCRif8LexdK +0i7NDhZNF6iM4gJD6fqstSHrfSZTAuqPjQX5o7QccAhJxy/3UWnPJloq35LnhLbi +vGJGHiQ1dqpWxiHo4R8pz9TnsUJb8YEBeIIjWq5CI9lQo0I7bevRUJtcPzkTUm7P +Kb3PolPtCBPzd9OpaOZh5SdlqK8DoNopH70pOgmqaCD6ZfyjLP/Vhu2d6PzSGknq +wAi8YSYYH6TPX25H1VUVnK9F+c/7bEWjgS9ILHZzQ+QugjPs4/rll1/ch2nyLf2R +lZWjwVkf5qllQcNxlg9bQWGp/XeUV4tDLacFQTULY5Xf9w7rdhsYDkuYtTuj4rz3 ++SLEW/weuZ8754CdfQZ3BC+1M53cFcR4A3q9sA9tyloSUmjiKgAZ7Wy2e5IRzfOc +5XQ2lSTIDOLjat91tvUzixwI33JpEDHAQSJvtHkxxCf4s8vacLhz+7Pmy99hc9di +CscDONuoiQJ9W33pkBE8tWCWgmLVMg+GOFyZm1qobZi+v5E4JKZhAPQdgra40vaf +CXQI1ONxoaM3Wi7YT9k+trb9AgMBAAGjggIKMIICBjBeBgNVHREEVzBVgixzaWdu +LWluLXNlcnZpY2Utc3RzLXZldHNhcGktbG9jYWxob3N0LnZhLmdvdoIlc2lnbi1p +bi1zZXJ2aWNlLXN0cy12ZXRzYXBpLWxvY2FsaG9zdDAdBgNVHQ4EFgQUNPHxnzG2 +aPw2OWbj7j9OvUL2+i0wHwYDVR0jBBgwFoAUIliIGSkXgZad98moGCx1KnwULKkw +RwYDVR0fBEAwPjA8oDqgOIY2aHR0cDovL2NybC5wa2kudmEuZ292L3BraS9jcmwv +VkEtSW50ZXJuYWwtUzItSUNBMTEuY3JsMHkGCCsGAQUFBwEBBG0wazBFBggrBgEF +BQcwAoY5aHR0cDovL2FpYS5wa2kudmEuZ292L3BraS9haWEvdmEvVkEtSW50ZXJu +YWwtUzItSUNBMTEuY2VyMCIGCCsGAQUFBzABhhZodHRwOi8vb2NzcC5wa2kudmEu +Z292MAwGA1UdEwEB/wQCMAAwCwYDVR0PBAQDAgTwMD0GCSsGAQQBgjcVBwQwMC4G +JisGAQQBgjcVCIHIwzOB+fAGgaWfDYTggQiFwqpLBoWUjgGCoog/AgFkAgEwMB0G +A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAnBgkrBgEEAYI3FQoEGjAYMAoG +CCsGAQUFBwMBMAoGCCsGAQUFBwMCMA0GCSqGSIb3DQEBCwUAA4IBAQA2NsYsrw0h +lILTMpN2K5WU5SqSsXB/zfkg9oql2Gs6zxG6lnaIiOEzTnNZo920uXdzAlBOyyfj +jEUEAzhWSUvLvNOH6lvM5PCizOyWYvDOGECwGIxIa++Nu+XR+tnakd3AZ/Y77nx8 +RN/7ZcK4uSTXqHASZIERT4PlCN1MHf/7nsNQM1+WJZjKJ2wbQdxfaP8mu3PoFKq1 +Cq7DIz5vdFIm5mI+pYXSZW0y4DWa5jQ5v4yaLOhwVB5K3ewIeidjyrrsCbbRNyLe +S6n2NWmidgrVLw59RO87nYqV9oHelrUyt79bjo3SrL20Mv0ePzDXjqdzi9avxkbn +zQNNc53xge5r +-----END CERTIFICATE----- diff --git a/spec/fixtures/sign_in/sts_client.pem b/spec/fixtures/sign_in/sts_client.pem new file mode 100644 index 00000000000..bcdd1e0137d --- /dev/null +++ b/spec/fixtures/sign_in/sts_client.pem @@ -0,0 +1,52 @@ +-----BEGIN PRIVATE KEY----- +MIIJRAIBADANBgkqhkiG9w0BAQEFAASCCS4wggkqAgEAAoICAQC7PJLG88fApHhI +fRV01lIm65jfkJ2/4Xxt5ADr175Nb7881kyRY1gc05moXZB2lTFBxLCfVD6y9Huo +98/MOK2GPuJssc1UROStamevyaH4s3Tpp60jwZC3p4LjhlgS6DWTlYF7lypwkYn/ +C3sXStIuzQ4WTReojOICQ+n6rLUh630mUwLqj40F+aO0HHAISccv91FpzyZaKt+S +54S24rxiRh4kNXaqVsYh6OEfKc/U57FCW/GBAXiCI1quQiPZUKNCO23r0VCbXD85 +E1Juzym9z6JT7QgT83fTqWjmYeUnZaivA6DaKR+9KToJqmgg+mX8oyz/1Ybtnej8 +0hpJ6sAIvGEmGB+kz19uR9VVFZyvRfnP+2xFo4EvSCx2c0PkLoIz7OP65Zdf3Idp +8i39kZWVo8FZH+apZUHDcZYPW0Fhqf13lFeLQy2nBUE1C2OV3/cO63YbGA5LmLU7 +o+K89/kixFv8HrmfO+eAnX0GdwQvtTOd3BXEeAN6vbAPbcpaElJo4ioAGe1stnuS +Ec3znOV0NpUkyAzi42rfdbb1M4scCN9yaRAxwEEib7R5McQn+LPL2nC4c/uz5svf +YXPXYgrHAzjbqIkCfVt96ZARPLVgloJi1TIPhjhcmZtaqG2Yvr+ROCSmYQD0HYK2 +uNL2nwl0CNTjcaGjN1ou2E/ZPra2/QIDAQABAoICAQCPeUQTtfwsDxuomEjXxd8f +ucrkDWIEBdoeLufR0PkfR3DoQmJbyh9bv31wOXoYlAwxlHGvNZPx90vG11Xg7NFz +HD7PAZQQbdY5WF7pof0+oO0Gmpke3BVz1aWDiY91tYBQffDBbr1zkuKGkBqbZ5cV +i8WuqxZk7sfE6puhnbQSsOuucU+7w5JRsNCTlHL4tuguRjqZdMWztESrwkK9DZND +Tu2L23f54RJkK5pOEfES+ROogOHXc/QO7N5wx3fG73aaqwV4/WTiF9bOepLhHFek +/jUqUGivORJqG9epKfy5qrmOmp4obfjHL48slurB0n5SEAvMYqfI7wb4rFq+p2bM +O1iYr4tcapoTKImOUoYOWTYKr3+SLXpqttZBYwtP9fMQccpg/DwpaLn+shCfrac1 +qvysyZzpYz9iLoVKG/sAHiand/OcdPwdC2SfoCKqqL68fSTY/Ppwkias7Kii4IU8 +ml7aY9u+XDpYTo+aeu0P+kYj6wTbeOhjDw1trN9y0+ZNgvFxX3b1ylhMBdOvZ//F +PioUoK8rrWYIr0p+ujZEAda850UCHwXSzdg5Ro1m2hMqvQtnSrpSJWLp2Ep9rI8Z +Z1s9QfpLh5NvIWLAdOFdfv5QpsPqsvm9IFSCvramT4463iIPIlJEGAcdKcy0t8ke +TOf9T8tviK9tmOMwMQiw1QKCAQEA2JCO4FiDM5lrDPdEsoGOARg2MPT/z2hepXDC +jLUL/ifDperF59Jyhzeox7rwtFImDQn4eEbqyrRJB0S1j9p9Xe3p1ymJKLr4x+Od +3LRxGYkHNDAR+xyNZjKFggnwuuc4MS6mxVPKXbUOPTN+Xj6sWlneL0gOq5+4/WhZ +NF2hfQlZCqv9sQvkbJJxx/Rp+TO76avtwqv5+sbzzWQJV/OZY3gF82JAhPjKCTtr +VfWXnPeac1j+ETFyd5F16lgz2Qpmfp7fEO13g/kB41aLvsZf+uSz9q6FCnZZzx3A +9RrWANXSiQXsIPFb9tBc2R4NyJ787dHrwQqKFs9L1Tth0WpbIwKCAQEA3VTZgd3/ +6HCiB45ECU2vKVI9S8Rd0/3wZy/9XJSxBapNQxcGQLDUKqb0A8l7iyaTiqdKWykT +abKeHWLrUk5gZ34UB2qtuowzDUfrlfOI+luXNf1jU9Qp2NDX1Mrt7aMxuaGwYTty +x1h/iKAlXhEHz6M9BAk7sKDjZ1f5iupazKvCy1bwcirQscpiolD1qnKepOkUDqmV +4UvJVU6x/ENKYz4bvO4ZgMY7s7uo4pQHxiOExiiQYBR/rbXE9Q3vutUWeNKWjlzZ +XzX9BuShdviZcHmuFr5MqM8Qxgbj+PCvvJcLDOmX2BeDle1E3Je5A4f3DUbof/Ww +WqLDSFKd7wJXXwKCAQEAuaUSFZdKwUzey7qcFTmh9aY/rjAXqkCaAdBrthrtMO39 +dZmQFW3955P7B1xlQu6416yYZuLEGwf5IlXwHmT52y87qcpdXaEJ6rBgfvXfjjg9 +CKu8fjq3q8fbUuIajt3u+Zo4NCfj7fhrQGOIDFpFfR5UrMtkaBL/jZuJ/K3W5UzC +G7fcPY0oPzo6d2I6BfonN+S+aIbsP+GU1ZjPuamE8BPPZhfvnw12g/t/w6xIT7Kh +oAfFpA9zRLRZFI6Pw5p6ykh+iBBIx8UJrUxfdyau2HB9JRXtzk4uJrIm2vYqRYUG +eZeuF39PioCLV0PAJR7FS0kMg+r4/RyusRe6fr5haQKCAQA4ICsj9pLNc7py5g20 +ukFf3h3zF7Gfb3bGA/Jgxsf5Is2C5NTOFMlIo5ufVjmA+OBTOcbuRQVKOWRFGW+J +KJzjwaH8m33An4rWpFVGakJjElTO+Rl2CYgvFg6VRHx/VXHnm+vpTDT3/iYhFFNF +flYXvlJbsqezS6k+7J04L+OkoS29eKdynA7d9u96L8OMXJKESSKv8SszvY8pldIm +oT282uQXzd0jvaEoG79g7Z7nDNy/j0vFQY17FGwEpGsVWrHfI6/QHBV3Qm6Oj+2u +CK6ISiLuW4V/DTs4rEilOQunbDn+JUI/Jv9URp2+vq7JCXKJqGCPClOVOE8DCQhJ +srNLAoIBAQDPF/+7PL0Br6YDjVEHQ1kWktK0GZqwP6OyFkKgeCKq6PBjv8BCtq6a +oltzMmcrZCmhpsv81szyk9R90g/N076I4RwHFpuxecikOSDHoQotqXE42rXcXk4f +3Esgi+qQI4KWbUP2ndA2y28W3wc0wbt8zCMU+/LRzs74/roPdvYC+Zl8PWkW5cbt +51bAK6VZm6QhTWGXxzWU4Uw57hsPlw/1YU8Zxvq62iyDxP8uaOqrIEjI/1W3tpZu +bJRpBxF8BkKVRc9oVhRz0TZwz/6vnyqD+W2vb40VIWESABg0yruZjlcns8v6kgy2 +TIB3lEXMXkuee+jO8i+FKa6H0T8rah+w +-----END PRIVATE KEY----- diff --git a/spec/services/sign_in/assertion_validator_spec.rb b/spec/services/sign_in/assertion_validator_spec.rb index 6d5213861ca..21f8995b677 100644 --- a/spec/services/sign_in/assertion_validator_spec.rb +++ b/spec/services/sign_in/assertion_validator_spec.rb @@ -7,7 +7,7 @@ subject { SignIn::AssertionValidator.new(assertion:).perform } let(:private_key) { OpenSSL::PKey::RSA.new(File.read(private_key_path)) } - let(:private_key_path) { 'spec/fixtures/sign_in/sample_service_account.pem' } + let(:private_key_path) { 'spec/fixtures/sign_in/sts_client.pem' } let(:assertion_payload) do { iss:, @@ -30,7 +30,7 @@ let(:service_account_audience) { service_account_config.access_token_audience } let(:assertion_encode_algorithm) { SignIn::Constants::Auth::ASSERTION_ENCODE_ALGORITHM } let(:assertion) { JWT.encode(assertion_payload, private_key, assertion_encode_algorithm) } - let(:certificate_path) { 'spec/fixtures/sign_in/sample_service_account.crt' } + let(:certificate_path) { 'spec/fixtures/sign_in/sts_client.crt' } let(:assertion_certificate) { File.read(certificate_path) } let(:token_route) { "https://#{Settings.hostname}#{SignIn::Constants::Auth::TOKEN_ROUTE_PATH}" }