fix: improve key rotation (#1107)

* key rotation * fix: rotate signing key * cleanup * introspect * testingapplication key * date * client keys * fix client keys * fix client keys * access tokens only for users * AuthMethodPrivateKeyJWT * client keys * set introspection info correctly * managae apis * update oidc pkg * cleanup * merge msater * set current sequence in migration * set current sequence in migration * set current sequence in migration * ensure authn keys uptodate * improve key rotation * fix: return api config in ApplicationView * fix mocks for tests * fix(mock): corrected unit tests for updated mock package Co-authored-by: Stefan Benz <stefan@caos.ch>
2025-10-20 18:49:04 +00:00 · 2021-02-23 15:07:42 +01:00
parent 16a47c6542
commit f60d200d5a
34 changed files with 590 additions and 433 deletions
--- a/internal/crypto/code_mocker.go
+++ b/internal/crypto/code_mocker.go
@@ -11,12 +11,12 @@ func CreateMockEncryptionAlg(ctrl *gomock.Controller) EncryptionAlgorithm {
 	mCrypto.EXPECT().Algorithm().AnyTimes().Return("enc")
 	mCrypto.EXPECT().EncryptionKeyID().AnyTimes().Return("id")
 	mCrypto.EXPECT().DecryptionKeyIDs().AnyTimes().Return([]string{"id"})
-	mCrypto.EXPECT().Encrypt(gomock.Any()).DoAndReturn(
+	mCrypto.EXPECT().Encrypt(gomock.Any()).AnyTimes().DoAndReturn(
 		func(code []byte) ([]byte, error) {
 			return code, nil
 		},
 	)
-	mCrypto.EXPECT().DecryptString(gomock.Any(), gomock.Any()).DoAndReturn(
+	mCrypto.EXPECT().DecryptString(gomock.Any(), gomock.Any()).AnyTimes().DoAndReturn(
 		func(code []byte, keyID string) (string, error) {
 			if keyID != "id" {
 				return "", errors.ThrowInternal(nil, "id", "invalid key id")
@@ -30,12 +30,12 @@ func CreateMockEncryptionAlg(ctrl *gomock.Controller) EncryptionAlgorithm {
 func CreateMockHashAlg(ctrl *gomock.Controller) HashAlgorithm {
 	mCrypto := NewMockHashAlgorithm(ctrl)
 	mCrypto.EXPECT().Algorithm().AnyTimes().Return("hash")
-	mCrypto.EXPECT().Hash(gomock.Any()).DoAndReturn(
+	mCrypto.EXPECT().Hash(gomock.Any()).AnyTimes().DoAndReturn(
 		func(code []byte) ([]byte, error) {
 			return code, nil
 		},
 	)
-	mCrypto.EXPECT().CompareHash(gomock.Any(), gomock.Any()).DoAndReturn(
+	mCrypto.EXPECT().CompareHash(gomock.Any(), gomock.Any()).AnyTimes().DoAndReturn(
 		func(hashed, comparer []byte) error {
 			if string(hashed) != string(comparer) {
 				return errors.ThrowInternal(nil, "id", "invalid")