TheArchive/headscale
1
0
Fork 0
mirror of https://github.com/juanfont/headscale.git synced 2025-05-05 15:10:52 +00:00
Code Issues Packages Projects Releases Wiki Activity

add casbin user test (#2474)

Browse Source 
* add casbin user test

Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>

* Delete double slash

* types/users: use join url on iss that are ursl

Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>

---------

Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
Co-authored-by: Juan Font <juanfontalonso@gmail.com>
This commit is contained in:
Kristoffer Dalby 2025-04-23 13:21:51 +02:00 committed by GitHub
parent 56d085bd08
commit 098ab0357c
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 38 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
hscontrol/types/users.go
View File

@ -6,6 +6,7 @@ import (
"encoding/json" "encoding/json"
"fmt" "fmt"
"net/mail" "net/mail"
"net/url"
"strconv" "strconv"
"strings" "strings"
@ -194,6 +195,11 @@ type OIDCClaims struct {
} }
func (c *OIDCClaims) Identifier() string { func (c *OIDCClaims) Identifier() string {
if strings.HasPrefix(c.Iss, "http") {
if i, err := url.JoinPath(c.Iss, c.Sub); err == nil {
return i
}
}
return c.Iss + "/" + c.Sub return c.Iss + "/" + c.Sub
} }

33
hscontrol/types/users_test.go
View File

@ -197,11 +197,42 @@ func TestOIDCClaimsJSONToUser(t *testing.T) {
DisplayName: "XXXXXX XXXX", DisplayName: "XXXXXX XXXX",
Name: "user@domain.com", Name: "user@domain.com",
ProviderIdentifier: sql.NullString{ ProviderIdentifier: sql.NullString{
String: "https://login.microsoftonline.com//v2.0/I-70OQnj3TogrNSfkZQqB3f7dGwyBWSm1dolHNKrMzQ", String: "https://login.microsoftonline.com/v2.0/I-70OQnj3TogrNSfkZQqB3f7dGwyBWSm1dolHNKrMzQ",
Valid: true, Valid: true,
}, },
}, },
}, },
{
// From https://github.com/juanfont/headscale/issues/2333
name: "casby-oidc-claim-20250513",
jsonstr: `
{
"sub": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"iss": "https://oidc.example.com/",
"aud": "xxxxxxxxxxxx",
"preferred_username": "user001",
"name": "User001",
"email": "user001@example.com",
"email_verified": true,
"picture": "https://cdn.casbin.org/img/casbin.svg",
"groups": [
"org1/department1",
"org1/department2"
]
}
`,
want: User{
Provider: util.RegisterMethodOIDC,
Name: "user001",
DisplayName: "User001",
Email: "user001@example.com",
ProviderIdentifier: sql.NullString{
String: "https://oidc.example.com/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
Valid: true,
},
ProfilePicURL: "https://cdn.casbin.org/img/casbin.svg",
},
},
} }
for _, tt := range tests { for _, tt := range tests {