line |
stmt |
bran |
cond |
sub |
pod |
time |
code |
1
|
|
|
|
|
|
|
package Mojolicious::Plugin::OAuth2::Mock; |
2
|
2
|
|
|
2
|
|
15
|
use Mojo::Base -base; |
|
2
|
|
|
|
|
5
|
|
|
2
|
|
|
|
|
16
|
|
3
|
|
|
|
|
|
|
|
4
|
|
|
|
|
|
|
require Mojolicious::Plugin::OAuth2; |
5
|
|
|
|
|
|
|
|
6
|
2
|
|
50
|
2
|
|
448
|
use constant DEBUG => $ENV{MOJO_OAUTH2_DEBUG} || 0; |
|
2
|
|
|
|
|
5
|
|
|
2
|
|
|
|
|
3395
|
|
7
|
|
|
|
|
|
|
|
8
|
|
|
|
|
|
|
has provider => sub { |
9
|
|
|
|
|
|
|
return { |
10
|
|
|
|
|
|
|
authorization_endpoint_url => '/mocked/oauth2/authorize', |
11
|
|
|
|
|
|
|
end_session_endpoint_url => '/mocked/oauth2/logout', |
12
|
|
|
|
|
|
|
issuer_url => '/mocked/oauth2/v2.0', |
13
|
|
|
|
|
|
|
jwks_url => '/mocked/oauth2/keys', |
14
|
|
|
|
|
|
|
return_code => 'fake_code', |
15
|
|
|
|
|
|
|
return_token => 'fake_token', |
16
|
|
|
|
|
|
|
token_endpoint_url => '/mocked/oauth2/token', |
17
|
|
|
|
|
|
|
}; |
18
|
|
|
|
|
|
|
}; |
19
|
|
|
|
|
|
|
|
20
|
|
|
|
|
|
|
has _rsa => sub { require Crypt::OpenSSL::RSA; Crypt::OpenSSL::RSA->generate_key(2048) }; |
21
|
|
|
|
|
|
|
|
22
|
|
|
|
|
|
|
sub apply_to { |
23
|
2
|
50
|
|
2
|
1
|
13
|
my $self = ref $_[0] ? shift : shift->SUPER::new; |
24
|
2
|
|
|
|
|
15
|
my ($app, $provider) = @_; |
25
|
|
|
|
|
|
|
|
26
|
2
|
50
|
|
|
|
11
|
map { $self->provider->{$_} = $provider->{$_} } keys %$provider if $provider; |
|
9
|
|
|
|
|
41
|
|
27
|
2
|
|
|
|
|
12
|
push @{$app->renderer->classes}, __PACKAGE__; |
|
2
|
|
|
|
|
6
|
|
28
|
|
|
|
|
|
|
|
29
|
|
|
|
|
|
|
# Add mocked routes for "authorize", "token", ... |
30
|
2
|
|
|
|
|
21
|
for my $k (keys %{$self->provider}) { |
|
2
|
|
|
|
|
7
|
|
31
|
23
|
100
|
|
|
|
5862
|
next unless $k =~ m!^([a-z].+)_url$!; |
32
|
15
|
|
|
|
|
60
|
my $method = "_action_$1"; |
33
|
15
|
|
|
|
|
48
|
my $url = $self->provider->{$k}; |
34
|
15
|
|
|
|
|
155
|
warn "[Oauth2::Mock] $url => $method()\n" if DEBUG; |
35
|
15
|
|
|
13
|
|
51
|
$app->routes->any($url => sub { $self->$method(@_) }); |
|
13
|
|
|
|
|
122444
|
|
36
|
|
|
|
|
|
|
} |
37
|
|
|
|
|
|
|
} |
38
|
|
|
|
|
|
|
|
39
|
|
|
|
|
|
|
sub _action_authorization_endpoint { |
40
|
3
|
|
|
3
|
|
11
|
my ($self, $c) = @_; |
41
|
|
|
|
|
|
|
|
42
|
3
|
100
|
|
|
|
13
|
if ($c->param('response_mode') eq 'form_post') { |
43
|
1
|
|
|
|
|
628
|
return $c->render( |
44
|
|
|
|
|
|
|
template => 'oauth2/mock/form_post', |
45
|
|
|
|
|
|
|
format => 'html', |
46
|
|
|
|
|
|
|
code => "authorize-code", |
47
|
|
|
|
|
|
|
redirect_uri => $c->param('redirect_uri'), |
48
|
|
|
|
|
|
|
state => $c->param('state') |
49
|
|
|
|
|
|
|
); |
50
|
|
|
|
|
|
|
} |
51
|
|
|
|
|
|
|
|
52
|
|
|
|
|
|
|
# $c->param('response_mode') eq 'query' |
53
|
2
|
|
|
|
|
1248
|
my $url = Mojo::URL->new($c->param('redirect_uri')); |
54
|
2
|
|
|
|
|
367
|
$url->query({code => 'authorize-code', state => $c->param('state')}); |
55
|
2
|
|
|
|
|
464
|
return $c->redirect_to($url); |
56
|
|
|
|
|
|
|
} |
57
|
|
|
|
|
|
|
|
58
|
|
|
|
|
|
|
sub _action_authorize { |
59
|
1
|
|
|
1
|
|
6
|
my ($self, $c) = @_; |
60
|
|
|
|
|
|
|
|
61
|
1
|
50
|
33
|
|
|
5
|
if ($c->param('client_id') and $c->param('redirect_uri')) { |
62
|
1
|
|
|
|
|
417
|
my $url = Mojo::URL->new($c->param('redirect_uri')); |
63
|
1
|
|
|
|
|
147
|
$url->query->append(code => $self->provider->{return_code}); |
64
|
1
|
|
|
1
|
|
48
|
$c->render(text => $c->tag('a', href => $url, sub {'Connect'})); |
|
1
|
|
|
|
|
37
|
|
65
|
|
|
|
|
|
|
} |
66
|
|
|
|
|
|
|
else { |
67
|
0
|
|
|
|
|
0
|
$c->render(text => "Invalid request\n", status => 400); |
68
|
|
|
|
|
|
|
} |
69
|
|
|
|
|
|
|
} |
70
|
|
|
|
|
|
|
|
71
|
|
|
|
|
|
|
sub _action_end_session_endpoint { |
72
|
1
|
|
|
1
|
|
4
|
my ($self, $c) = @_; |
73
|
1
|
|
|
|
|
5
|
my $rp_url = Mojo::URL->new($c->param('post_logout_redirect_uri')) |
74
|
|
|
|
|
|
|
->query({id_token_hint => $c->param('id_token_hint'), state => $c->param('state')}); |
75
|
1
|
|
|
|
|
776
|
$c->redirect_to($rp_url); |
76
|
|
|
|
|
|
|
} |
77
|
|
|
|
|
|
|
|
78
|
|
|
|
|
|
|
sub _action_issuer { |
79
|
0
|
|
|
0
|
|
0
|
my ($self, $c) = @_; |
80
|
|
|
|
|
|
|
} |
81
|
|
|
|
|
|
|
|
82
|
|
|
|
|
|
|
sub _action_jwks { |
83
|
1
|
|
|
1
|
|
4
|
my ($self, $c) = @_; |
84
|
|
|
|
|
|
|
|
85
|
1
|
|
|
|
|
7
|
my ($n, $e) = $self->_rsa->get_key_parameters; |
86
|
1
|
|
|
|
|
1016
|
my $x5c = $self->_rsa->get_public_key_string; |
87
|
1
|
|
|
|
|
43
|
$x5c =~ s/\n/\\n/g; |
88
|
|
|
|
|
|
|
|
89
|
1
|
|
|
|
|
9
|
require MIME::Base64; |
90
|
|
|
|
|
|
|
return $c->render( |
91
|
|
|
|
|
|
|
template => 'oauth2/mock/keys', |
92
|
|
|
|
|
|
|
format => 'json', |
93
|
|
|
|
|
|
|
n => MIME::Base64::encode_base64url($n->to_bin), |
94
|
|
|
|
|
|
|
e => MIME::Base64::encode_base64url($e->to_bin), |
95
|
|
|
|
|
|
|
x5c => $x5c, |
96
|
1
|
|
|
|
|
16
|
issuer => $c->url_for($self->provider->{issuer_url})->to_abs, |
97
|
|
|
|
|
|
|
); |
98
|
|
|
|
|
|
|
} |
99
|
|
|
|
|
|
|
|
100
|
|
|
|
|
|
|
sub _action_token { |
101
|
1
|
|
|
1
|
|
4
|
my ($self, $c) = @_; |
102
|
|
|
|
|
|
|
|
103
|
|
|
|
|
|
|
return $c->render(text => 'FAIL OVERFLOW', status => 404) |
104
|
1
|
50
|
|
|
|
3
|
unless 3 == grep { $c->param($_) } qw(client_secret redirect_uri code); |
|
3
|
|
|
|
|
573
|
|
105
|
|
|
|
|
|
|
|
106
|
|
|
|
|
|
|
$c->render( |
107
|
|
|
|
|
|
|
text => Mojo::Parameters->new( |
108
|
|
|
|
|
|
|
access_token => $self->provider->{return_token}, |
109
|
|
|
|
|
|
|
expires_in => 3600, |
110
|
|
|
|
|
|
|
refresh_token => Mojo::Util::md5_sum(rand), |
111
|
1
|
|
50
|
|
|
62
|
scope => $self->provider->{scopes} || 'some list of scopes', |
112
|
|
|
|
|
|
|
token_type => 'bearer', |
113
|
|
|
|
|
|
|
)->to_string |
114
|
|
|
|
|
|
|
); |
115
|
|
|
|
|
|
|
} |
116
|
|
|
|
|
|
|
|
117
|
|
|
|
|
|
|
sub _action_token_endpoint { |
118
|
5
|
|
|
5
|
|
17
|
my ($self, $c) = @_; |
119
|
5
|
50
|
66
|
|
|
22
|
return $c->render(json => {error => 'invalid_request'}, status => 500) |
|
|
|
66
|
|
|
|
|
|
|
|
33
|
|
|
|
|
|
|
|
66
|
|
|
|
|
120
|
|
|
|
|
|
|
unless (($c->param('client_secret') and $c->param('redirect_uri') and $c->param('code')) |
121
|
|
|
|
|
|
|
|| ($c->param('grant_type') eq 'refresh_token' and $c->param('refresh_token'))); |
122
|
|
|
|
|
|
|
|
123
|
|
|
|
|
|
|
my $claims = { |
124
|
|
|
|
|
|
|
aud => $c->param('client_id'), |
125
|
|
|
|
|
|
|
email => 'foo.bar@example.com', |
126
|
5
|
|
|
|
|
3647
|
iss => $c->url_for($self->provider->{issuer_url})->to_abs, |
127
|
|
|
|
|
|
|
name => 'foo bar', |
128
|
|
|
|
|
|
|
preferred_username => 'foo.bar@example.com', |
129
|
|
|
|
|
|
|
sub => 'foo.bar' |
130
|
|
|
|
|
|
|
}; |
131
|
|
|
|
|
|
|
|
132
|
5
|
|
|
|
|
2588
|
require Mojo::JWT; |
133
|
5
|
|
|
|
|
31
|
my $id_token = Mojo::JWT->new( |
134
|
|
|
|
|
|
|
algorithm => 'RS256', |
135
|
|
|
|
|
|
|
secret => $self->_rsa->get_private_key_string, |
136
|
|
|
|
|
|
|
set_iat => 1, |
137
|
|
|
|
|
|
|
claims => $claims, |
138
|
|
|
|
|
|
|
header => {kid => 'TEST_SIGNING_KEY'} |
139
|
|
|
|
|
|
|
); |
140
|
|
|
|
|
|
|
|
141
|
5
|
|
100
|
|
|
397
|
return $c->render( |
142
|
|
|
|
|
|
|
template => 'oauth2/mock/token', |
143
|
|
|
|
|
|
|
format => 'json', |
144
|
|
|
|
|
|
|
id_token => $id_token->expires(Mojo::JWT->now + 3600)->encode, |
145
|
|
|
|
|
|
|
refresh_token => $c->param('refresh_token') // 'refresh-token', |
146
|
|
|
|
|
|
|
); |
147
|
|
|
|
|
|
|
} |
148
|
|
|
|
|
|
|
|
149
|
|
|
|
|
|
|
sub _action_well_known { |
150
|
1
|
|
|
1
|
|
4
|
my ($self, $c) = @_; |
151
|
1
|
|
|
|
|
20
|
my $provider = $self->provider; |
152
|
1
|
|
|
|
|
10
|
my $req_url = $c->req->url->to_abs; |
153
|
1
|
|
|
5
|
|
237
|
my $to_abs = sub { $req_url->path(Mojo::URL->new(shift)->path)->to_abs }; |
|
5
|
|
|
|
|
605
|
|
154
|
|
|
|
|
|
|
|
155
|
|
|
|
|
|
|
$c->render( |
156
|
|
|
|
|
|
|
template => 'oauth2/mock/configuration', |
157
|
|
|
|
|
|
|
format => 'json', |
158
|
|
|
|
|
|
|
authorization_endpoint => $to_abs->($provider->{authorization_endpoint_url}), |
159
|
|
|
|
|
|
|
end_session_endpoint => $to_abs->($provider->{end_session_endpoint_url}), |
160
|
|
|
|
|
|
|
issuer => $to_abs->($provider->{issuer_url}), |
161
|
|
|
|
|
|
|
jwks_uri => $to_abs->($provider->{jwks_url}), |
162
|
1
|
|
|
|
|
5
|
token_endpoint => $to_abs->($provider->{token_endpoint_url}), |
163
|
|
|
|
|
|
|
); |
164
|
|
|
|
|
|
|
} |
165
|
|
|
|
|
|
|
|
166
|
|
|
|
|
|
|
1; |
167
|
|
|
|
|
|
|
|
168
|
|
|
|
|
|
|
=encoding utf8 |
169
|
|
|
|
|
|
|
|
170
|
|
|
|
|
|
|
=head1 NAME |
171
|
|
|
|
|
|
|
|
172
|
|
|
|
|
|
|
Mojolicious::Plugin::OAuth2::Mock - Mock an Oauth2 and/or OpenID Connect provider |
173
|
|
|
|
|
|
|
|
174
|
|
|
|
|
|
|
=head1 SYNOPSIS |
175
|
|
|
|
|
|
|
|
176
|
|
|
|
|
|
|
use Mojolicious::Plugin::OAuth2::Mock; |
177
|
|
|
|
|
|
|
use Mojolicious; |
178
|
|
|
|
|
|
|
|
179
|
|
|
|
|
|
|
my $app = Mojolicious->new; |
180
|
|
|
|
|
|
|
Mojolicious::Plugin::OAuth2::Mock->apply_to($app); |
181
|
|
|
|
|
|
|
|
182
|
|
|
|
|
|
|
=head1 DESCRIPTION |
183
|
|
|
|
|
|
|
|
184
|
|
|
|
|
|
|
L is an EXPERIMENTAL module to make it |
185
|
|
|
|
|
|
|
easier to test your L based code. |
186
|
|
|
|
|
|
|
|
187
|
|
|
|
|
|
|
=head1 METHODS |
188
|
|
|
|
|
|
|
|
189
|
|
|
|
|
|
|
=head2 apply_to |
190
|
|
|
|
|
|
|
|
191
|
|
|
|
|
|
|
Mojolicious::Plugin::OAuth2::Mock->apply_to($app, \%provider_args); |
192
|
|
|
|
|
|
|
$mock->apply_to($app, \%provider_args); |
193
|
|
|
|
|
|
|
|
194
|
|
|
|
|
|
|
Used to add mocked routes to a L application, based on all the |
195
|
|
|
|
|
|
|
keys in C<%provider_args> that end with "_url". Example: |
196
|
|
|
|
|
|
|
|
197
|
|
|
|
|
|
|
|
198
|
|
|
|
|
|
|
* authorize_url => /mocked/oauth/authorize |
199
|
|
|
|
|
|
|
* authorization_endpoint_url => /mocked/oauth2/authorize |
200
|
|
|
|
|
|
|
* end_session_endpoint_url => /mocked/oauth2/logout |
201
|
|
|
|
|
|
|
* issuer_url => /mocked/oauth2/v2.0 |
202
|
|
|
|
|
|
|
* jwks_url => /mocked/oauth2/keys |
203
|
|
|
|
|
|
|
* token_url => /mocked/oauth/token |
204
|
|
|
|
|
|
|
* token_endpoint_url => /mocked/oauth2/token |
205
|
|
|
|
|
|
|
|
206
|
|
|
|
|
|
|
=head1 SEE ALSO |
207
|
|
|
|
|
|
|
|
208
|
|
|
|
|
|
|
L. |
209
|
|
|
|
|
|
|
|
210
|
|
|
|
|
|
|
=cut |
211
|
|
|
|
|
|
|
|
212
|
|
|
|
|
|
|
__DATA__ |