add test + codacy

2026-04-18 16:26:38 +00:00 · 2023-03-30 16:43:39 +02:00
parent 2a79995706
commit 1343a3f00e
5 changed files with 59 additions and 20 deletions
--- a/management/server/jwtclaims/extractor.go
+++ b/management/server/jwtclaims/extractor.go
@@ -6,12 +6,14 @@ import (
 	"github.com/golang-jwt/jwt"
 )

+type key string
+
 const (
-	TokenUserProperty    = "user"
-	AccountIDSuffix      = "wt_account_id"
-	DomainIDSuffix       = "wt_account_domain"
-	DomainCategorySuffix = "wt_account_domain_category"
-	UserIDClaim          = "sub"
+	TokenUserProperty    key = "user"
+	AccountIDSuffix      key = "wt_account_id"
+	DomainIDSuffix       key = "wt_account_domain"
+	DomainCategorySuffix key = "wt_account_domain_category"
+	UserIDClaim          key = "sub"
 )

 // Extract function type
@@ -60,7 +62,7 @@ func NewClaimsExtractor(options ...ClaimsExtractorOption) *ClaimsExtractor {
 		ce.FromRequestContext = ce.fromRequestContext
 	}
 	if ce.userIDClaim == "" {
-		ce.userIDClaim = UserIDClaim
+		ce.userIDClaim = string(UserIDClaim)
 	}
 	return ce
 }
@@ -74,15 +76,15 @@ func (c *ClaimsExtractor) FromToken(token *jwt.Token) AuthorizationClaims {
 		return jwtClaims
 	}
 	jwtClaims.UserId = userID
-	accountIDClaim, ok := claims[c.authAudience+AccountIDSuffix]
+	accountIDClaim, ok := claims[c.authAudience+string(AccountIDSuffix)]
 	if ok {
 		jwtClaims.AccountId = accountIDClaim.(string)
 	}
-	domainClaim, ok := claims[c.authAudience+DomainIDSuffix]
+	domainClaim, ok := claims[c.authAudience+string(DomainIDSuffix)]
 	if ok {
 		jwtClaims.Domain = domainClaim.(string)
 	}
-	domainCategoryClaim, ok := claims[c.authAudience+DomainCategorySuffix]
+	domainCategoryClaim, ok := claims[c.authAudience+string(DomainCategorySuffix)]
 	if ok {
 		jwtClaims.DomainCategory = domainCategoryClaim.(string)
 	}
--- a/management/server/jwtclaims/extractor_test.go
+++ b/management/server/jwtclaims/extractor_test.go
@@ -12,21 +12,21 @@ import (
 func newTestRequestWithJWT(t *testing.T, claims AuthorizationClaims, audiance string) *http.Request {
 	claimMaps := jwt.MapClaims{}
 	if claims.UserId != "" {
-		claimMaps[UserIDClaim] = claims.UserId
+		claimMaps[string(UserIDClaim)] = claims.UserId
 	}
 	if claims.AccountId != "" {
-		claimMaps[audiance+AccountIDSuffix] = claims.AccountId
+		claimMaps[audiance+string(AccountIDSuffix)] = claims.AccountId
 	}
 	if claims.Domain != "" {
-		claimMaps[audiance+DomainIDSuffix] = claims.Domain
+		claimMaps[audiance+string(DomainIDSuffix)] = claims.Domain
 	}
 	if claims.DomainCategory != "" {
-		claimMaps[audiance+DomainCategorySuffix] = claims.DomainCategory
+		claimMaps[audiance+string(DomainCategorySuffix)] = claims.DomainCategory
 	}
 	token := jwt.NewWithClaims(jwt.SigningMethodHS256, claimMaps)
 	r, err := http.NewRequest(http.MethodGet, "http://localhost", nil)
 	require.NoError(t, err, "creating testing request failed")
-	testRequest := r.WithContext(context.WithValue(r.Context(), TokenUserProperty, token)) //nolint
+	testRequest := r.WithContext(context.WithValue(r.Context(), TokenUserProperty, token)) // nolint

 	return testRequest
 }
@@ -124,7 +124,7 @@ func TestExtractClaimsSetOptions(t *testing.T) {
 				t.Error("audience should be empty")
 				return
 			}
-			if c.extractor.userIDClaim != UserIDClaim {
+			if c.extractor.userIDClaim != string(UserIDClaim) {
 				t.Errorf("user id claim should be default, expected %s, got %s", UserIDClaim, c.extractor.userIDClaim)
 				return
 			}