complete s2s e2e test #2677
complete s2s e2e test #2677
Conversation
| return IntrospectAccessToken200JSONResponse{}, nil | ||
| } | ||
|
|
||
| token := AccessToken{} | ||
| if err := r.accessTokenStore().Get(request.Body.Token, &token); err != nil { | ||
| // Return 200 + 'Active = false' when token is invalid or malformed | ||
| log.Logger().Debug("IntrospectAccessToken: failed to get token from store") | ||
| return IntrospectAccessToken200JSONResponse{}, err |
There was a problem hiding this comment.
Nothing was logged, now there's some debug log. We may want to create an issue to 'fix' the logging for introspection calls?
| @@ -0,0 +1,22 @@ | |||
| function introspectAccessToken(r) { | |||
| // strip the first 8 chars | |||
| var token = "token=" + r.headersIn['Authorization'].substring(7); | |||
There was a problem hiding this comment.
does this always have the right encoding?
There was a problem hiding this comment.
we use 128bit b64 encoded strings, so for us: yes.
There was a problem hiding this comment.
I raw thinking of standard/raw/URL base64 encoding, but if it works...
| # echo $RESPONSE | ||
| # exitWithDockerLogs 1 | ||
| #fi | ||
| RESPONSE=$(docker compose exec nodeB curl --http1.1 --insecure --cert /etc/nginx/ssl/server.pem --key /etc/nginx/ssl/key.pem https://nodeA:443/resource -H "Authorization: bearer $(cat ./node-B/data/accesstoken.txt)" -v) |
There was a problem hiding this comment.
should we also have a not-OK test?
There was a problem hiding this comment.
I'd like to have e2e tests to make sure the integration isn't broken at some point. Various error conditions should be tested by unit-tests. At this point a no-OK test would largely test the nginx config.
| @@ -0,0 +1,22 @@ | |||
| function introspectAccessToken(r) { | |||
| // strip the first 8 chars | |||
| var token = "token=" + r.headersIn['Authorization'].substring(7); | |||
There was a problem hiding this comment.
I raw thinking of standard/raw/URL base64 encoding, but if it works...
* master: complete s2s e2e test (nuts-foundation#2677) Cleanup unused file (nuts-foundation#2692) Discovery: implement server API (nuts-foundation#2659) VCR: Use JWT/JSON-LD constants from go-did (nuts-foundation#2691) Bump github/codeql-action from 2 to 3 (nuts-foundation#2687) split signature verification from verifier (nuts-foundation#2683)
No description provided.