IAM/iam-service
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
27a6791591102b9b0f2d993ab16201d9f9ce3c1a
iam-service/tests/jwks_e2e.rs
shay7sev 27a6791591 feat(lib): add auth-kit
2026-02-02 14:26:24 +08:00

42 lines
1.1 KiB
Rust
Raw Blame History

use axum::{Router, routing::get};
use uuid::Uuid;
#[tokio::test]
async fn jwks_endpoint_allows_rs256_verification_via_auth_kit() {
let app = Router::new().route(
"/.well-known/jwks.json",
get(iam_service::handlers::jwks_handler),
);
let listener = tokio::net::TcpListener::bind("127.0.0.1:0").await.unwrap();
let addr = listener.local_addr().unwrap();
let base_url = format!("http://{}", addr);
let handle = tokio::spawn(async move {
axum::serve(listener, app).await.unwrap();
});
let token = iam_service::utils::sign(
Uuid::new_v4(),
Uuid::new_v4(),
vec!["Admin".to_string()],
vec!["tenant:read".to_string()],
vec![],
0,
)
.unwrap();
let cfg = auth_kit::jwt::JwtVerifyConfig::rs256_from_jwks(
"iam-service",
&format!("{}/.well-known/jwks.json", base_url),
)
.unwrap();
let claims = auth_kit::jwt::verify(&token, &cfg).await.unwrap();
assert_eq!(claims.iss, "iam-service");
assert!(!claims.sub.is_empty());
assert!(!claims.tenant_id.is_empty());
handle.abort();
}
Reference in New Issue View Git Blame Copy Permalink