Gabriel Radureau
dd25d7d1ae
Implements the 4 OIDCClient methods that were TODO skeletons in PR #69: - Discover(ctx) — fetch + cache .well-known/openid-configuration - RefreshJWKS(ctx) — fetch JWKS, parse RSA public keys (n/e base64-url) - ExchangeCode(ctx, code, codeVerifier, redirectURI) — POST token endpoint with PKCE - ValidateIDToken(ctx, idToken) — verify signature via JWKS, validate claims Plus 7 unit tests using httptest.NewServer to mock the OIDC provider: TestDiscover_HappyPath, TestDiscover_Idempotent, TestRefreshJWKS_HappyPath, TestExchangeCode_HappyPath, TestValidateIDToken_HappyPath, TestValidateIDToken_RejectsExpired, TestValidateIDToken_RejectsWrongIssuer. Mostly authored by Mistral Vibe (batch6, $3.51 / 46 steps), trainer-takeover on 2 bugs: - closure auto-reference bug (server := httptest.NewServer with closure body referencing server.URL — needs var server *httptest.Server then server = ...) - ExchangeCode body wasn't being sent (req.PostForm = form is wrong; must pass strings.NewReader(form.Encode()) as the request body)
9.0 KiB
9.0 KiB