OIDC: persist id token claims (#11691)

* persist idTokenClaims * tests * remove unused cde
2023-10-04 17:06:04 +13:00 · 2023-10-04 17:06:04 +13:00 · feb7e9899b
commit feb7e9899b
parent 1c553eae4e
6 changed files with 70 additions and 24 deletions
--- a/test/utils/oidc/persistOidcSettings-test.ts
+++ b/test/utils/oidc/persistOidcSettings-test.ts
@ -14,6 +14,8 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */

+import { IdTokenClaims } from "oidc-client-ts";
+
 import {
    getStoredOidcClientId,
    getStoredOidcTokenIssuer,
@ -29,12 +31,25 @@ describe("persist OIDC settings", () => {

    const clientId = "test-client-id";
    const issuer = "https://auth.org/";
+    const idTokenClaims: IdTokenClaims = {
+        // audience is this client
+        aud: "123",
+        // issuer matches
+        iss: issuer,
+        sub: "123",
+        exp: 123,
+        iat: 456,
+    };

    describe("persistOidcAuthenticatedSettings", () => {
        it("should set clientId and issuer in session storage", () => {
-            persistOidcAuthenticatedSettings(clientId, issuer);
+            persistOidcAuthenticatedSettings(clientId, issuer, idTokenClaims);
            expect(sessionStorage.setItem).toHaveBeenCalledWith("mx_oidc_client_id", clientId);
            expect(sessionStorage.setItem).toHaveBeenCalledWith("mx_oidc_token_issuer", issuer);
+            expect(sessionStorage.setItem).toHaveBeenCalledWith(
+                "mx_oidc_id_token_claims",
+                JSON.stringify(idTokenClaims),
+            );
        });
    });

@ -50,7 +65,7 @@ describe("persist OIDC settings", () => {
        });
    });

-    describe("Name of the group", () => {
+    describe("getStoredOidcClientId()", () => {
        it("should return clientId from session storage", () => {
            jest.spyOn(sessionStorage.__proto__, "getItem").mockReturnValue(clientId);
            expect(getStoredOidcClientId()).toEqual(clientId);