Merge pull request #131 from greenbone/AT-1103-remove-keycloak-public…

…-url At 1103 remove keycloak public url
greenbone · Nov 21, 2023 · 077fcf6 · 077fcf6
2 parents 1f9ef4d + 568583f
commit 077fcf6
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 31 deletions.
diff --git a/auth/auth_test.go b/auth/auth_test.go
@@ -20,7 +20,6 @@ func TestNewKeycloakAuthorizer(t *testing.T) {
 		assert.ErrorContains(t, err, "invalid realm info")
 		assert.ErrorContains(t, err, "realm id cannot be empty")
 		assert.ErrorContains(t, err, "couldn't parse auth server internal url")
-		assert.ErrorContains(t, err, "couldn't parse auth server public url")
 		assert.Nil(t, authorizer)
 	})
 
@@ -36,7 +35,6 @@ func TestNewKeycloakAuthorizer(t *testing.T) {
 				t.Run(test, func(t *testing.T) {
 					authorizer, err := NewKeycloakAuthorizer(KeycloakRealmInfo{
 						AuthServerInternalUrl: test,
-						AuthServerPublicUrl:   validPublicUrl,
 						RealmId:               validRealm,
 					})
 
@@ -46,28 +44,12 @@ func TestNewKeycloakAuthorizer(t *testing.T) {
 				})
 			}
 		})
-		t.Run("public", func(t *testing.T) {
-			for _, test := range tests {
-				t.Run(test, func(t *testing.T) {
-					authorizer, err := NewKeycloakAuthorizer(KeycloakRealmInfo{
-						AuthServerInternalUrl: validInternalUrl,
-						AuthServerPublicUrl:   test,
-						RealmId:               validRealm,
-					})
-
-					assert.ErrorContains(t, err, "invalid realm info")
-					assert.ErrorContains(t, err, "couldn't parse auth server public url")
-					assert.Nil(t, authorizer)
-				})
-			}
-		})
 	})
 
 	t.Run("OK", func(t *testing.T) {
 		authorizer, err := NewKeycloakAuthorizer(KeycloakRealmInfo{
 			RealmId:               validRealm,
 			AuthServerInternalUrl: validInternalUrl,
-			AuthServerPublicUrl:   validPublicUrl,
 		})
 
 		assert.NoError(t, err)
@@ -79,7 +61,6 @@ func TestParseJWT(t *testing.T) {
 	authorizer, err := NewKeycloakAuthorizer(KeycloakRealmInfo{
 		RealmId:               validRealm,
 		AuthServerInternalUrl: validInternalUrl,
-		AuthServerPublicUrl:   validPublicUrl,
 	})
 	require.NoError(t, err)
 	require.NotNil(t, authorizer)
@@ -137,7 +118,6 @@ func TestParseAuthorizationHeader(t *testing.T) {
 	authorizer, err := NewKeycloakAuthorizer(KeycloakRealmInfo{
 		RealmId:               validRealm,
 		AuthServerInternalUrl: validInternalUrl,
-		AuthServerPublicUrl:   validPublicUrl,
 	})
 	require.NoError(t, err)
 	require.NotNil(t, authorizer)
@@ -192,7 +172,6 @@ func TestParseRequest(t *testing.T) {
 	authorizer, err := NewKeycloakAuthorizer(KeycloakRealmInfo{
 		RealmId:               validRealm,
 		AuthServerInternalUrl: validInternalUrl,
-		AuthServerPublicUrl:   validPublicUrl,
 	})
 	require.NoError(t, err)
 	require.NotNil(t, authorizer)

diff --git a/auth/example_test.go b/auth/example_test.go
@@ -49,16 +49,14 @@ func ExampleNewKeycloakAuthorizer() {
 	defer clean()
 
 	var (
-		realmId   = "user-management"             // keycloak realm name
-		authUrl   = "http://keycloak:8080/auth"   // keycloak server internal url
-		publicUrl = "http://localhost:28080/auth" // keycloak server public url (jwt issuer)
-		origin    = "http://localhost:3000"       // request origin, note: it is optional, if request doesn't have Origin header it is not validated
+		realmId = "user-management"           // keycloak realm name
+		authUrl = "http://keycloak:8080/auth" // keycloak server internal url
+		origin  = "http://localhost:3000"     // request origin, note: it is optional, if request doesn't have Origin header it is not validated
 	)
 
 	realmInfo := auth.KeycloakRealmInfo{
 		RealmId:               realmId,
 		AuthServerInternalUrl: authUrl,
-		AuthServerPublicUrl:   publicUrl,
 	}
 
 	authorizer, err := auth.NewKeycloakAuthorizer(realmInfo, authorizerKeycloakMock) // NOTE: authorizerKeycloakMock only used for mocking keycloak cert response in this example, do not use outside tests!
@@ -101,16 +99,14 @@ func ExampleNewGinAuthMiddleware() {
 	defer clean()
 
 	var (
-		realmId   = "user-management"             // keycloak realm name
-		authUrl   = "http://keycloak:8080/auth"   // keycloak server internal url
-		publicUrl = "http://localhost:28080/auth" // keycloak server public url (jwt issuer)
-		origin    = "http://localhost:3000"       // request origin, note: it is optional, if request doesn't have Origin header it is not validated
+		realmId = "user-management"           // keycloak realm name
+		authUrl = "http://keycloak:8080/auth" // keycloak server internal url
+		origin  = "http://localhost:3000"     // request origin, note: it is optional, if request doesn't have Origin header it is not validated
 	)
 
 	realmInfo := auth.KeycloakRealmInfo{
 		RealmId:               realmId,
 		AuthServerInternalUrl: authUrl,
-		AuthServerPublicUrl:   publicUrl,
 	}
 
 	authorizer, err := auth.NewKeycloakAuthorizer(realmInfo, authorizerKeycloakMock) // NOTE: authorizerKeycloakMock only used for mocking keycloak cert response in this example, do not use outside tests!