can't figure out how to implement IDP initiated from IDP (for writing tests) #564
Comments
|
Same issue here. We would like to create a http.Request with a valid token in place already to test the token validation logic. The token value extraction seems to be possible via https://github.com/crewjam/saml/blob/v0.4.14/samlsp/session.go#L79 , using an internal iota for access... => context not easily reproducible (?) Therefore we are doing token value access like: Is there an easy way to create a valid test Request which would allow this function to perform properly? Is this even the proper way to validate/access the token? I wasn't able to find specific documentation regarding that. |
|
Extracting and analysing the jwt cookie via https://github.com/dgrijalva/jwt-go (also used internal in the library) could work, but the library doesn't seem to allow custom secret key while handling all token creation behind the scenes... making this solution redundant and too bulky. Although, it would certainly remove some "automagic" out of the process. |
we're trying to write some unit tests for our SP for IDP initiated flow, which leads us to trying to implement the IDP side of the IDP initiated flow to create some mock payloads etc.
but we can't seem to figure out where to look in the library for the code to facilitate this?
(sorry for opening a ticket for this)
The text was updated successfully, but these errors were encountered: