Skip to content

Commit

Permalink
Refactor oidc_data_decoder_spec
Browse files Browse the repository at this point in the history
  • Loading branch information
@sankichi92
sankichi92 committed Jul 11, 2024
1 parent 4926201 commit f7aec14
Showing 1 changed file with 4 additions and 5 deletions.
9 changes: 4 additions & 5 deletions spec/redmine_amzn_alb_authn/oidc_data_decoder_spec.rb
View file
Original file line number Diff line number Diff line change
@@ -1,15 +1,16 @@
# frozen_string_literal: true

RSpec.describe RedmineAmznAlbAuthn::OidcDataDecoder do
subject(:decoder) { described_class.new(key_endpoint: 'https://example.com', alb_arn:, iss:) }
subject(:decoder) { described_class.new(key_endpoint: 'https://example.com', alb_arn:, iss: expected_iss) }

let(:alb_arn) { 'arn:aws:elasticloadbalancing:ap-northeast-1:012345678901:loadbalancer/app/my-alb/0123456789abcdef' }
let(:iss) { 'my-issuer' }
let(:expected_iss) { 'https://iss.example.com' }

describe '#verify_and_decode!' do
let(:oidc_data) do
JWT.encode({ sub: 1, exp: 2.minutes.from_now.to_i, iss: }, private_key, 'ES256', kid:, signer:)
end
let(:iss) { expected_iss }
let(:signer) { alb_arn }
let(:kid) { SecureRandom.uuid }
let(:private_key) { OpenSSL::PKey::EC.generate('prime256v1') }
Expand Down Expand Up @@ -40,9 +41,7 @@
end

context 'with a JWT that has unexpected iss' do
let(:oidc_data) do
JWT.encode({ sub: 1, exp: 2.minutes.from_now.to_i, iss: 'unknown' }, private_key, 'ES256', kid:, signer:)
end
let(:iss) { 'unexpected' }

it 'raises JWT::InvalidIssuerError' do
expect { decoder.verify_and_decode!(oidc_data) }.to raise_error(JWT::InvalidIssuerError)
Expand Down

0 comments on commit f7aec14

Please sign in to comment.