|
|
|
@ -46,8 +46,21 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
},
|
|
|
|
|
}
|
|
|
|
|
},
|
|
|
|
|
"fail/no-linker": func(t *testing.T) test {
|
|
|
|
|
ctx := NewProvisionerContext(context.Background(), newWireProvisionerWithOptions(t, &provisioner.Options{}))
|
|
|
|
|
return test{
|
|
|
|
|
ctx: ctx,
|
|
|
|
|
expectedErr: &Error{
|
|
|
|
|
Type: "urn:ietf:params:acme:error:serverInternal",
|
|
|
|
|
Detail: "The server experienced an internal error",
|
|
|
|
|
Status: 500,
|
|
|
|
|
Err: errors.New("missing linker"),
|
|
|
|
|
},
|
|
|
|
|
}
|
|
|
|
|
},
|
|
|
|
|
"fail/unmarshal": func(t *testing.T) test {
|
|
|
|
|
ctx := NewProvisionerContext(context.Background(), newWireProvisionerWithOptions(t, &provisioner.Options{}))
|
|
|
|
|
ctx = NewLinkerContext(ctx, NewLinker("ca.example.com", "acme"))
|
|
|
|
|
return test{
|
|
|
|
|
ctx: ctx,
|
|
|
|
|
payload: []byte("?!"),
|
|
|
|
@ -70,6 +83,7 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
},
|
|
|
|
|
"fail/wire-parse-id": func(t *testing.T) test {
|
|
|
|
|
ctx := NewProvisionerContext(context.Background(), newWireProvisionerWithOptions(t, &provisioner.Options{}))
|
|
|
|
|
ctx = NewLinkerContext(ctx, NewLinker("ca.example.com", "acme"))
|
|
|
|
|
return test{
|
|
|
|
|
ctx: ctx,
|
|
|
|
|
payload: []byte("{}"),
|
|
|
|
@ -92,6 +106,7 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
},
|
|
|
|
|
"fail/wire-parse-client-id": func(t *testing.T) test {
|
|
|
|
|
ctx := NewProvisionerContext(context.Background(), newWireProvisionerWithOptions(t, &provisioner.Options{}))
|
|
|
|
|
ctx = NewLinkerContext(ctx, NewLinker("ca.example.com", "acme"))
|
|
|
|
|
valueBytes, err := json.Marshal(struct {
|
|
|
|
|
Name string `json:"name,omitempty"`
|
|
|
|
|
Domain string `json:"domain,omitempty"`
|
|
|
|
@ -126,6 +141,7 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
},
|
|
|
|
|
"fail/no-wire-options": func(t *testing.T) test {
|
|
|
|
|
ctx := NewProvisionerContext(context.Background(), newWireProvisionerWithOptions(t, &provisioner.Options{}))
|
|
|
|
|
ctx = NewLinkerContext(ctx, NewLinker("ca.example.com", "acme"))
|
|
|
|
|
valueBytes, err := json.Marshal(struct {
|
|
|
|
|
Name string `json:"name,omitempty"`
|
|
|
|
|
Domain string `json:"domain,omitempty"`
|
|
|
|
@ -179,6 +195,7 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
}))
|
|
|
|
|
ctx = NewLinkerContext(ctx, NewLinker("ca.example.com", "acme"))
|
|
|
|
|
valueBytes, err := json.Marshal(struct {
|
|
|
|
|
Name string `json:"name,omitempty"`
|
|
|
|
|
Domain string `json:"domain,omitempty"`
|
|
|
|
@ -254,7 +271,8 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
HTU string `json:"htu,omitempty"`
|
|
|
|
|
}{
|
|
|
|
|
Claims: jose.Claims{
|
|
|
|
|
Subject: "wireapp://CzbfFjDOQrenCbDxVmgnFw!594930e9d50bb175@wire.com",
|
|
|
|
|
Subject: "wireapp://CzbfFjDOQrenCbDxVmgnFw!594930e9d50bb175@wire.com",
|
|
|
|
|
Audience: jose.Audience{"https://ca.example.com/acme/wire/challenge/azID/chID"},
|
|
|
|
|
},
|
|
|
|
|
Challenge: "token",
|
|
|
|
|
Handle: "wireapp://%40alice_wire@wire.com",
|
|
|
|
@ -280,7 +298,7 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
}{
|
|
|
|
|
Claims: jose.Claims{
|
|
|
|
|
Issuer: "http://issuer.example.com",
|
|
|
|
|
Audience: []string{"test"},
|
|
|
|
|
Audience: jose.Audience{"https://ca.example.com/acme/wire/challenge/azID/chID"},
|
|
|
|
|
Expiry: jose.NewNumericDate(time.Now().Add(1 * time.Minute)),
|
|
|
|
|
},
|
|
|
|
|
Challenge: "token",
|
|
|
|
@ -339,6 +357,7 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
}))
|
|
|
|
|
ctx = NewLinkerContext(ctx, NewLinker("ca.example.com", "acme"))
|
|
|
|
|
return test{
|
|
|
|
|
ch: &Challenge{
|
|
|
|
|
ID: "chID",
|
|
|
|
@ -396,7 +415,8 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
HTU string `json:"htu,omitempty"`
|
|
|
|
|
}{
|
|
|
|
|
Claims: jose.Claims{
|
|
|
|
|
Subject: "wireapp://CzbfFjDOQrenCbDxVmgnFw!594930e9d50bb175@wire.com",
|
|
|
|
|
Subject: "wireapp://CzbfFjDOQrenCbDxVmgnFw!594930e9d50bb175@wire.com",
|
|
|
|
|
Audience: jose.Audience{"https://ca.example.com/acme/wire/challenge/azID/chID"},
|
|
|
|
|
},
|
|
|
|
|
Challenge: "token",
|
|
|
|
|
Handle: "wireapp://%40alice_wire@wire.com",
|
|
|
|
@ -422,7 +442,7 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
}{
|
|
|
|
|
Claims: jose.Claims{
|
|
|
|
|
Issuer: "http://issuer.example.com",
|
|
|
|
|
Audience: []string{"test"},
|
|
|
|
|
Audience: jose.Audience{"https://ca.example.com/acme/wire/challenge/azID/chID"},
|
|
|
|
|
Expiry: jose.NewNumericDate(time.Now().Add(1 * time.Minute)),
|
|
|
|
|
},
|
|
|
|
|
Challenge: "token",
|
|
|
|
@ -481,6 +501,7 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
}))
|
|
|
|
|
ctx = NewLinkerContext(ctx, NewLinker("ca.example.com", "acme"))
|
|
|
|
|
return test{
|
|
|
|
|
ch: &Challenge{
|
|
|
|
|
ID: "chID",
|
|
|
|
@ -542,7 +563,8 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
HTU string `json:"htu,omitempty"`
|
|
|
|
|
}{
|
|
|
|
|
Claims: jose.Claims{
|
|
|
|
|
Subject: "wireapp://CzbfFjDOQrenCbDxVmgnFw!594930e9d50bb175@wire.com",
|
|
|
|
|
Subject: "wireapp://CzbfFjDOQrenCbDxVmgnFw!594930e9d50bb175@wire.com",
|
|
|
|
|
Audience: jose.Audience{"https://ca.example.com/acme/wire/challenge/azID/chID"},
|
|
|
|
|
},
|
|
|
|
|
Challenge: "token",
|
|
|
|
|
Handle: "wireapp://%40alice_wire@wire.com",
|
|
|
|
@ -568,7 +590,7 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
}{
|
|
|
|
|
Claims: jose.Claims{
|
|
|
|
|
Issuer: "http://issuer.example.com",
|
|
|
|
|
Audience: []string{"test"},
|
|
|
|
|
Audience: jose.Audience{"https://ca.example.com/acme/wire/challenge/azID/chID"},
|
|
|
|
|
Expiry: jose.NewNumericDate(time.Now().Add(1 * time.Minute)),
|
|
|
|
|
},
|
|
|
|
|
Challenge: "token",
|
|
|
|
@ -627,6 +649,7 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
}))
|
|
|
|
|
ctx = NewLinkerContext(ctx, NewLinker("ca.example.com", "acme"))
|
|
|
|
|
return test{
|
|
|
|
|
ch: &Challenge{
|
|
|
|
|
ID: "chID",
|
|
|
|
@ -688,7 +711,8 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
HTU string `json:"htu,omitempty"`
|
|
|
|
|
}{
|
|
|
|
|
Claims: jose.Claims{
|
|
|
|
|
Subject: "wireapp://CzbfFjDOQrenCbDxVmgnFw!594930e9d50bb175@wire.com",
|
|
|
|
|
Subject: "wireapp://CzbfFjDOQrenCbDxVmgnFw!594930e9d50bb175@wire.com",
|
|
|
|
|
Audience: jose.Audience{"https://ca.example.com/acme/wire/challenge/azID/chID"},
|
|
|
|
|
},
|
|
|
|
|
Challenge: "token",
|
|
|
|
|
Handle: "wireapp://%40alice_wire@wire.com",
|
|
|
|
@ -714,7 +738,7 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
}{
|
|
|
|
|
Claims: jose.Claims{
|
|
|
|
|
Issuer: "http://issuer.example.com",
|
|
|
|
|
Audience: []string{"test"},
|
|
|
|
|
Audience: jose.Audience{"https://ca.example.com/acme/wire/challenge/azID/chID"},
|
|
|
|
|
Expiry: jose.NewNumericDate(time.Now().Add(1 * time.Minute)),
|
|
|
|
|
},
|
|
|
|
|
Challenge: "token",
|
|
|
|
@ -773,6 +797,7 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
}))
|
|
|
|
|
ctx = NewLinkerContext(ctx, NewLinker("ca.example.com", "acme"))
|
|
|
|
|
return test{
|
|
|
|
|
ch: &Challenge{
|
|
|
|
|
ID: "chID",
|
|
|
|
@ -841,7 +866,8 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
HTU string `json:"htu,omitempty"`
|
|
|
|
|
}{
|
|
|
|
|
Claims: jose.Claims{
|
|
|
|
|
Subject: "wireapp://CzbfFjDOQrenCbDxVmgnFw!594930e9d50bb175@wire.com",
|
|
|
|
|
Subject: "wireapp://CzbfFjDOQrenCbDxVmgnFw!594930e9d50bb175@wire.com",
|
|
|
|
|
Audience: jose.Audience{"https://ca.example.com/acme/wire/challenge/azID/chID"},
|
|
|
|
|
},
|
|
|
|
|
Challenge: "token",
|
|
|
|
|
Handle: "wireapp://%40alice_wire@wire.com",
|
|
|
|
@ -867,7 +893,7 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
}{
|
|
|
|
|
Claims: jose.Claims{
|
|
|
|
|
Issuer: "http://issuer.example.com",
|
|
|
|
|
Audience: []string{"test"},
|
|
|
|
|
Audience: jose.Audience{"https://ca.example.com/acme/wire/challenge/azID/chID"},
|
|
|
|
|
Expiry: jose.NewNumericDate(time.Now().Add(1 * time.Minute)),
|
|
|
|
|
},
|
|
|
|
|
Challenge: "token",
|
|
|
|
@ -882,7 +908,6 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
APIVersion: 5,
|
|
|
|
|
Scope: "wire_client_id",
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
require.NoError(t, err)
|
|
|
|
|
signed, err := signer.Sign(tokenBytes)
|
|
|
|
|
require.NoError(t, err)
|
|
|
|
@ -926,6 +951,7 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
}))
|
|
|
|
|
ctx = NewLinkerContext(ctx, NewLinker("ca.example.com", "acme"))
|
|
|
|
|
return test{
|
|
|
|
|
ch: &Challenge{
|
|
|
|
|
ID: "chID",
|
|
|
|
@ -1010,8 +1036,21 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
},
|
|
|
|
|
}
|
|
|
|
|
},
|
|
|
|
|
"fail/no-linker": func(t *testing.T) test {
|
|
|
|
|
ctx := NewProvisionerContext(context.Background(), newWireProvisionerWithOptions(t, &provisioner.Options{}))
|
|
|
|
|
return test{
|
|
|
|
|
ctx: ctx,
|
|
|
|
|
expectedErr: &Error{
|
|
|
|
|
Type: "urn:ietf:params:acme:error:serverInternal",
|
|
|
|
|
Detail: "The server experienced an internal error",
|
|
|
|
|
Status: 500,
|
|
|
|
|
Err: errors.New("missing linker"),
|
|
|
|
|
},
|
|
|
|
|
}
|
|
|
|
|
},
|
|
|
|
|
"fail/unmarshal": func(t *testing.T) test {
|
|
|
|
|
ctx := NewProvisionerContext(context.Background(), newWireProvisionerWithOptions(t, &provisioner.Options{}))
|
|
|
|
|
ctx = NewLinkerContext(ctx, NewLinker("ca.example.com", "acme"))
|
|
|
|
|
return test{
|
|
|
|
|
ctx: ctx,
|
|
|
|
|
payload: []byte("?!"),
|
|
|
|
@ -1040,6 +1079,7 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
},
|
|
|
|
|
"fail/wire-parse-id": func(t *testing.T) test {
|
|
|
|
|
ctx := NewProvisionerContext(context.Background(), newWireProvisionerWithOptions(t, &provisioner.Options{}))
|
|
|
|
|
ctx = NewLinkerContext(ctx, NewLinker("ca.example.com", "acme"))
|
|
|
|
|
return test{
|
|
|
|
|
ctx: ctx,
|
|
|
|
|
payload: []byte("{}"),
|
|
|
|
@ -1062,6 +1102,7 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
},
|
|
|
|
|
"fail/no-wire-options": func(t *testing.T) test {
|
|
|
|
|
ctx := NewProvisionerContext(context.Background(), newWireProvisionerWithOptions(t, &provisioner.Options{}))
|
|
|
|
|
ctx = NewLinkerContext(ctx, NewLinker("ca.example.com", "acme"))
|
|
|
|
|
valueBytes, err := json.Marshal(struct {
|
|
|
|
|
Name string `json:"name,omitempty"`
|
|
|
|
|
Domain string `json:"domain,omitempty"`
|
|
|
|
@ -1094,8 +1135,8 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
},
|
|
|
|
|
}
|
|
|
|
|
},
|
|
|
|
|
"fail/keyauth-mismatch": func(t *testing.T) test {
|
|
|
|
|
jwk, _ := mustAccountAndKeyAuthorization(t, "token")
|
|
|
|
|
"fail/verify": func(t *testing.T) test {
|
|
|
|
|
jwk, keyAuth := mustAccountAndKeyAuthorization(t, "token")
|
|
|
|
|
signerJWK, err := jose.GenerateJWK("EC", "P-256", "ES256", "sig", "", 0)
|
|
|
|
|
require.NoError(t, err)
|
|
|
|
|
signer, err := jose.NewSigner(jose.SigningKey{
|
|
|
|
@ -1103,12 +1144,15 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
Key: signerJWK,
|
|
|
|
|
}, new(jose.SignerOptions))
|
|
|
|
|
require.NoError(t, err)
|
|
|
|
|
srv := mustJWKServer(t, signerJWK.Public())
|
|
|
|
|
anotherSignerJWK, err := jose.GenerateJWK("EC", "P-256", "ES256", "sig", "", 0)
|
|
|
|
|
require.NoError(t, err)
|
|
|
|
|
srv := mustJWKServer(t, anotherSignerJWK.Public())
|
|
|
|
|
tokenBytes, err := json.Marshal(struct {
|
|
|
|
|
jose.Claims
|
|
|
|
|
Name string `json:"name,omitempty"`
|
|
|
|
|
PreferredUsername string `json:"preferred_username,omitempty"`
|
|
|
|
|
KeyAuth string `json:"keyauth"`
|
|
|
|
|
ACMEAudience string `json:"acme_aud"`
|
|
|
|
|
}{
|
|
|
|
|
Claims: jose.Claims{
|
|
|
|
|
Issuer: srv.URL,
|
|
|
|
@ -1116,8 +1160,9 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
Expiry: jose.NewNumericDate(time.Now().Add(1 * time.Minute)),
|
|
|
|
|
},
|
|
|
|
|
Name: "Alice Smith",
|
|
|
|
|
PreferredUsername: "wireapp://%40bob@wire.com",
|
|
|
|
|
KeyAuth: "wrong-keyauth",
|
|
|
|
|
PreferredUsername: "wireapp://%40alice_wire@wire.com",
|
|
|
|
|
KeyAuth: keyAuth,
|
|
|
|
|
ACMEAudience: "https://ca.example.com/acme/wire/challenge/azID/chID",
|
|
|
|
|
})
|
|
|
|
|
require.NoError(t, err)
|
|
|
|
|
signed, err := signer.Sign(tokenBytes)
|
|
|
|
@ -1162,6 +1207,7 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
}))
|
|
|
|
|
ctx = NewLinkerContext(ctx, NewLinker("ca.example.com", "acme"))
|
|
|
|
|
return test{
|
|
|
|
|
ch: &Challenge{
|
|
|
|
|
ID: "chID",
|
|
|
|
@ -1189,7 +1235,7 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
assert.Equal(t, "urn:ietf:params:acme:error:rejectedIdentifier", k.Type)
|
|
|
|
|
assert.Equal(t, "The server will not issue certificates for the identifier", k.Detail)
|
|
|
|
|
assert.Equal(t, 400, k.Status)
|
|
|
|
|
assert.Contains(t, k.Err.Error(), "keyAuthorization does not match")
|
|
|
|
|
assert.Equal(t, `error verifying ID token signature: failed to verify signature: failed to verify id token signature`, k.Err.Error())
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
@ -1197,8 +1243,8 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
},
|
|
|
|
|
}
|
|
|
|
|
},
|
|
|
|
|
"fail/verify": func(t *testing.T) test {
|
|
|
|
|
jwk, keyAuth := mustAccountAndKeyAuthorization(t, "token")
|
|
|
|
|
"fail/keyauth-mismatch": func(t *testing.T) test {
|
|
|
|
|
jwk, _ := mustAccountAndKeyAuthorization(t, "token")
|
|
|
|
|
signerJWK, err := jose.GenerateJWK("EC", "P-256", "ES256", "sig", "", 0)
|
|
|
|
|
require.NoError(t, err)
|
|
|
|
|
signer, err := jose.NewSigner(jose.SigningKey{
|
|
|
|
@ -1206,14 +1252,13 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
Key: signerJWK,
|
|
|
|
|
}, new(jose.SignerOptions))
|
|
|
|
|
require.NoError(t, err)
|
|
|
|
|
anotherSignerJWK, err := jose.GenerateJWK("EC", "P-256", "ES256", "sig", "", 0)
|
|
|
|
|
require.NoError(t, err)
|
|
|
|
|
srv := mustJWKServer(t, anotherSignerJWK.Public())
|
|
|
|
|
srv := mustJWKServer(t, signerJWK.Public())
|
|
|
|
|
tokenBytes, err := json.Marshal(struct {
|
|
|
|
|
jose.Claims
|
|
|
|
|
Name string `json:"name,omitempty"`
|
|
|
|
|
PreferredUsername string `json:"preferred_username,omitempty"`
|
|
|
|
|
KeyAuth string `json:"keyauth"`
|
|
|
|
|
ACMEAudience string `json:"acme_aud"`
|
|
|
|
|
}{
|
|
|
|
|
Claims: jose.Claims{
|
|
|
|
|
Issuer: srv.URL,
|
|
|
|
@ -1221,8 +1266,9 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
Expiry: jose.NewNumericDate(time.Now().Add(1 * time.Minute)),
|
|
|
|
|
},
|
|
|
|
|
Name: "Alice Smith",
|
|
|
|
|
PreferredUsername: "wireapp://%40bob@wire.com",
|
|
|
|
|
KeyAuth: keyAuth,
|
|
|
|
|
PreferredUsername: "wireapp://%40alice_wire@wire.com",
|
|
|
|
|
KeyAuth: "wrong-keyauth",
|
|
|
|
|
ACMEAudience: "https://ca.example.com/acme/wire/challenge/azID/chID",
|
|
|
|
|
})
|
|
|
|
|
require.NoError(t, err)
|
|
|
|
|
signed, err := signer.Sign(tokenBytes)
|
|
|
|
@ -1267,6 +1313,7 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
}))
|
|
|
|
|
ctx = NewLinkerContext(ctx, NewLinker("ca.example.com", "acme"))
|
|
|
|
|
return test{
|
|
|
|
|
ch: &Challenge{
|
|
|
|
|
ID: "chID",
|
|
|
|
@ -1294,7 +1341,7 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
assert.Equal(t, "urn:ietf:params:acme:error:rejectedIdentifier", k.Type)
|
|
|
|
|
assert.Equal(t, "The server will not issue certificates for the identifier", k.Detail)
|
|
|
|
|
assert.Equal(t, 400, k.Status)
|
|
|
|
|
assert.Equal(t, `error verifying ID token signature: failed to verify signature: failed to verify id token signature`, k.Err.Error())
|
|
|
|
|
assert.Contains(t, k.Err.Error(), "keyAuthorization does not match")
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
@ -1317,6 +1364,7 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
Name string `json:"name,omitempty"`
|
|
|
|
|
PreferredUsername string `json:"preferred_username,omitempty"`
|
|
|
|
|
KeyAuth string `json:"keyauth"`
|
|
|
|
|
ACMEAudience string `json:"acme_aud"`
|
|
|
|
|
}{
|
|
|
|
|
Claims: jose.Claims{
|
|
|
|
|
Issuer: srv.URL,
|
|
|
|
@ -1326,6 +1374,7 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
Name: "Alice Smith",
|
|
|
|
|
PreferredUsername: "wireapp://%40bob@wire.com",
|
|
|
|
|
KeyAuth: keyAuth,
|
|
|
|
|
ACMEAudience: "https://ca.example.com/acme/wire/challenge/azID/chID",
|
|
|
|
|
})
|
|
|
|
|
require.NoError(t, err)
|
|
|
|
|
signed, err := signer.Sign(tokenBytes)
|
|
|
|
@ -1370,6 +1419,7 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
}))
|
|
|
|
|
ctx = NewLinkerContext(ctx, NewLinker("ca.example.com", "acme"))
|
|
|
|
|
return test{
|
|
|
|
|
ch: &Challenge{
|
|
|
|
|
ID: "chID",
|
|
|
|
@ -1420,6 +1470,7 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
Name string `json:"name,omitempty"`
|
|
|
|
|
PreferredUsername string `json:"preferred_username,omitempty"`
|
|
|
|
|
KeyAuth string `json:"keyauth"`
|
|
|
|
|
ACMEAudience string `json:"acme_aud"`
|
|
|
|
|
}{
|
|
|
|
|
Claims: jose.Claims{
|
|
|
|
|
Issuer: srv.URL,
|
|
|
|
@ -1429,6 +1480,7 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
Name: "Alice Smith",
|
|
|
|
|
PreferredUsername: "wireapp://%40alice_wire@wire.com",
|
|
|
|
|
KeyAuth: keyAuth,
|
|
|
|
|
ACMEAudience: "https://ca.example.com/acme/wire/challenge/azID/chID",
|
|
|
|
|
})
|
|
|
|
|
require.NoError(t, err)
|
|
|
|
|
signed, err := signer.Sign(tokenBytes)
|
|
|
|
@ -1473,6 +1525,7 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
}))
|
|
|
|
|
ctx = NewLinkerContext(ctx, NewLinker("ca.example.com", "acme"))
|
|
|
|
|
return test{
|
|
|
|
|
ch: &Challenge{
|
|
|
|
|
ID: "chID",
|
|
|
|
@ -1520,6 +1573,7 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
Name string `json:"name,omitempty"`
|
|
|
|
|
PreferredUsername string `json:"preferred_username,omitempty"`
|
|
|
|
|
KeyAuth string `json:"keyauth"`
|
|
|
|
|
ACMEAudience string `json:"acme_aud"`
|
|
|
|
|
}{
|
|
|
|
|
Claims: jose.Claims{
|
|
|
|
|
Issuer: srv.URL,
|
|
|
|
@ -1529,6 +1583,7 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
Name: "Alice Smith",
|
|
|
|
|
PreferredUsername: "wireapp://%40alice_wire@wire.com",
|
|
|
|
|
KeyAuth: keyAuth,
|
|
|
|
|
ACMEAudience: "https://ca.example.com/acme/wire/challenge/azID/chID",
|
|
|
|
|
})
|
|
|
|
|
require.NoError(t, err)
|
|
|
|
|
signed, err := signer.Sign(tokenBytes)
|
|
|
|
@ -1573,6 +1628,7 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
}))
|
|
|
|
|
ctx = NewLinkerContext(ctx, NewLinker("ca.example.com", "acme"))
|
|
|
|
|
return test{
|
|
|
|
|
ch: &Challenge{
|
|
|
|
|
ID: "chID",
|
|
|
|
@ -1624,6 +1680,7 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
Name string `json:"name,omitempty"`
|
|
|
|
|
PreferredUsername string `json:"preferred_username,omitempty"`
|
|
|
|
|
KeyAuth string `json:"keyauth"`
|
|
|
|
|
ACMEAudience string `json:"acme_aud"`
|
|
|
|
|
}{
|
|
|
|
|
Claims: jose.Claims{
|
|
|
|
|
Issuer: srv.URL,
|
|
|
|
@ -1633,6 +1690,7 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
Name: "Alice Smith",
|
|
|
|
|
PreferredUsername: "wireapp://%40alice_wire@wire.com",
|
|
|
|
|
KeyAuth: keyAuth,
|
|
|
|
|
ACMEAudience: "https://ca.example.com/acme/wire/challenge/azID/chID",
|
|
|
|
|
})
|
|
|
|
|
require.NoError(t, err)
|
|
|
|
|
signed, err := signer.Sign(tokenBytes)
|
|
|
|
@ -1677,6 +1735,7 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
}))
|
|
|
|
|
ctx = NewLinkerContext(ctx, NewLinker("ca.example.com", "acme"))
|
|
|
|
|
return test{
|
|
|
|
|
ch: &Challenge{
|
|
|
|
|
ID: "chID",
|
|
|
|
@ -1728,6 +1787,7 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
Name string `json:"name,omitempty"`
|
|
|
|
|
PreferredUsername string `json:"preferred_username,omitempty"`
|
|
|
|
|
KeyAuth string `json:"keyauth"`
|
|
|
|
|
ACMEAudience string `json:"acme_aud"`
|
|
|
|
|
}{
|
|
|
|
|
Claims: jose.Claims{
|
|
|
|
|
Issuer: srv.URL,
|
|
|
|
@ -1737,6 +1797,7 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
Name: "Alice Smith",
|
|
|
|
|
PreferredUsername: "wireapp://%40alice_wire@wire.com",
|
|
|
|
|
KeyAuth: keyAuth,
|
|
|
|
|
ACMEAudience: "https://ca.example.com/acme/wire/challenge/azID/chID",
|
|
|
|
|
})
|
|
|
|
|
require.NoError(t, err)
|
|
|
|
|
signed, err := signer.Sign(tokenBytes)
|
|
|
|
@ -1781,6 +1842,7 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
}))
|
|
|
|
|
ctx = NewLinkerContext(ctx, NewLinker("ca.example.com", "acme"))
|
|
|
|
|
return test{
|
|
|
|
|
ch: &Challenge{
|
|
|
|
|
ID: "chID",
|
|
|
|
@ -1838,6 +1900,7 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
Name string `json:"name,omitempty"`
|
|
|
|
|
PreferredUsername string `json:"preferred_username,omitempty"`
|
|
|
|
|
KeyAuth string `json:"keyauth"`
|
|
|
|
|
ACMEAudience string `json:"acme_aud"`
|
|
|
|
|
}{
|
|
|
|
|
Claims: jose.Claims{
|
|
|
|
|
Issuer: srv.URL,
|
|
|
|
@ -1847,6 +1910,7 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
Name: "Alice Smith",
|
|
|
|
|
PreferredUsername: "wireapp://%40alice_wire@wire.com",
|
|
|
|
|
KeyAuth: keyAuth,
|
|
|
|
|
ACMEAudience: "https://ca.example.com/acme/wire/challenge/azID/chID",
|
|
|
|
|
})
|
|
|
|
|
require.NoError(t, err)
|
|
|
|
|
signed, err := signer.Sign(tokenBytes)
|
|
|
|
@ -1891,6 +1955,7 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
}))
|
|
|
|
|
ctx = NewLinkerContext(ctx, NewLinker("ca.example.com", "acme"))
|
|
|
|
|
return test{
|
|
|
|
|
ch: &Challenge{
|
|
|
|
|
ID: "chID",
|
|
|
|
@ -1954,6 +2019,7 @@ MCowBQYDK2VwAyEA5c+4NKZSNQcR1T8qN6SjwgdPZQ0Ge12Ylx/YeGAJ35k=
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func Test_parseAndVerifyWireAccessToken(t *testing.T) {
|
|
|
|
|
t.Skip("skip until we can retrieve public key from e2e test, so that we can actually verify the token")
|
|
|
|
|
key := `
|
|
|
|
|
-----BEGIN PUBLIC KEY-----
|
|
|
|
|
MCowBQYDK2VwAyEAB2IYqBWXAouDt3WcCZgCM3t9gumMEKMlgMsGenSu+fA=
|
|
|
|
@ -1969,7 +2035,7 @@ MCowBQYDK2VwAyEAB2IYqBWXAouDt3WcCZgCM3t9gumMEKMlgMsGenSu+fA=
|
|
|
|
|
Handle: "wireapp://%40alice_wire@wire.com",
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
token := `eyJhbGciOiJFZERTQSIsInR5cCI6ImF0K2p3dCIsImp3ayI6eyJrdHkiOiJPS1AiLCJjcnYiOiJFZDI1NTE5IiwieCI6IkIySVlxQldYQW91RHQzV2NDWmdDTTN0OWd1bU1FS01sZ01zR2VuU3UtZkEifX0.eyJpYXQiOjE3MDQ5ODUyMDUsImV4cCI6MTcwNDk4OTE2NSwibmJmIjoxNzA0OTg1MjA1LCJpc3MiOiJodHRwOi8vd2lyZS5jb206MTk5ODMvY2xpZW50cy83YTQxY2Y1Yjc5NjgzNDEwL2FjY2Vzcy10b2tlbiIsInN1YiI6IndpcmVhcHA6Ly9ndVZYNXhlRlMzZVRhdG1YQkl5QTRBITdhNDFjZjViNzk2ODM0MTBAd2lyZS5jb20iLCJhdWQiOiJodHRwOi8vd2lyZS5jb206MTk5ODMvY2xpZW50cy83YTQxY2Y1Yjc5NjgzNDEwL2FjY2Vzcy10b2tlbiIsImp0aSI6IjQyYzQ2ZDRjLWU1MTAtNDE3NS05ZmI1LWQwNTVlMTI1YTQ5ZCIsIm5vbmNlIjoiVUVKeVIyZHFPRWh6WkZKRVlXSkJhVGt5T0RORVlURTJhRXMwZEhJeGNFYyIsImNoYWwiOiJiWFVHTnBVZmNSeDNFaEIzNHhQM3k2MmFRWm9HWlM2aiIsImNuZiI6eyJraWQiOiJvTVdmTkRKUXNJNWNQbFhONVVvQk5uY0t0YzRmMmRxMnZ3Q2pqWHNxdzdRIn0sInByb29mIjoiZXlKaGJHY2lPaUpGWkVSVFFTSXNJblI1Y0NJNkltUndiM0FyYW5kMElpd2lhbmRySWpwN0ltdDBlU0k2SWs5TFVDSXNJbU55ZGlJNklrVmtNalUxTVRraUxDSjRJam9pTVV3eFpVZ3lZVFpCWjFaMmVsUndOVnBoYkV0U1puRTJjRlpRVDNSRmFrazNhRGhVVUhwQ1dVWm5UU0o5ZlEuZXlKcFlYUWlPakUzTURRNU9EVXlNRFVzSW1WNGNDSTZNVGN3TkRrNU1qUXdOU3dpYm1KbUlqb3hOekEwT1RnMU1qQTFMQ0p6ZFdJaU9pSjNhWEpsWVhCd09pOHZaM1ZXV0RWNFpVWlRNMlZVWVhSdFdFSkplVUUwUVNFM1lUUXhZMlkxWWpjNU5qZ3pOREV3UUhkcGNtVXVZMjl0SWl3aWFuUnBJam9pTldVMk5qZzBZMkl0Tm1JME9DMDBOamhrTFdJd09URXRabVl3TkdKbFpEWmxZekpsSWl3aWJtOXVZMlVpT2lKVlJVcDVVakprY1U5RmFIcGFSa3BGV1ZkS1FtRlVhM2xQUkU1RldWUkZNbUZGY3pCa1NFbDRZMFZqSWl3aWFIUnRJam9pVUU5VFZDSXNJbWgwZFNJNkltaDBkSEE2THk5M2FYSmxMbU52YlRveE9UazRNeTlqYkdsbGJuUnpMemRoTkRGalpqVmlOemsyT0RNME1UQXZZV05qWlhOekxYUnZhMlZ1SWl3aVkyaGhiQ0k2SW1KWVZVZE9jRlZtWTFKNE0wVm9Rak0wZUZBemVUWXlZVkZhYjBkYVV6WnFJaXdpYUdGdVpHeGxJam9pZDJseVpXRndjRG92THlVME1HRnNhV05sWDNkcGNtVkFkMmx5WlM1amIyMGlMQ0owWldGdElqb2lkMmx5WlNKOS52bkN1T2JURFRLVFhCYXpyX3Z2X0xyZDBZT1Rac2xteHQtM2xKNWZKSU9iRVRidUVCTGlEaS1JVWZHcFJHTm1Dbm9IZjVocHNsWW5HeFMzSjloUmVDZyIsImNsaWVudF9pZCI6IndpcmVhcHA6Ly9ndVZYNXhlRlMzZVRhdG1YQkl5QTRBITdhNDFjZjViNzk2ODM0MTBAd2lyZS5jb20iLCJhcGlfdmVyc2lvbiI6NSwic2NvcGUiOiJ3aXJlX2NsaWVudF9pZCJ9.uCVYhmvCJm7nM1NxJQKl_XZJcSqm9eFmNmbRJkA5Wpsw70ZF1YANYC9nQ91QgsnuAbaRZMJiJt3P8ZntR2ozDQ`
|
|
|
|
|
token := `eyJhbGciOiJFZERTQSIsInR5cCI6ImF0K2p3dCIsImp3ayI6eyJrdHkiOiJPS1AiLCJjcnYiOiJFZDI1NTE5IiwieCI6Im8zcWZhQ045a2FzSnZJRlhPdFNMTGhlYW0wTE5jcVF5MHdBMk9PeFRRNW8ifX0.eyJpYXQiOjE3MDU0OTc3MzksImV4cCI6MTcwNTUwMTY5OSwibmJmIjoxNzA1NDk3NzM5LCJpc3MiOiJodHRwOi8vd2lyZS5jb206MTY4MjQvY2xpZW50cy8zN2ZlOThiZDQwZDBkZmUvYWNjZXNzLXRva2VuIiwic3ViIjoid2lyZWFwcDovLzE4NXdIUmtRVHdTOTVGODhaZTQ1SlEhMzdmZTk4YmQ0MGQwZGZlQHdpcmUuY29tIiwiYXVkIjoiaHR0cHM6Ly9zdGVwY2E6NTUwMjMvYWNtZS93aXJlL2NoYWxsZW5nZS9SeEdSWGVoRGxCcHcxNTJQTVUzem0xY2M0cEtGcHVWRi9RWnRFazdQNUVFRXhadHBSYngydjVoYlc3QXB1S2NOSSIsImp0aSI6ImU1MzllODYzLTRkNTgtNGMwMS1iYjk3LTYwODdiNTEzOWIyMCIsIm5vbmNlIjoiUzJKYWVWcExkV28wUkZKaFFrWndXR0ZKY0VoVlFrNUxXVGd4WkhkRFVqQSIsImNoYWwiOiIyaDFPdUdxbTBKUXd6bHVsWGtLSTJEMGZiRDgzRUIxdyIsImNuZiI6eyJraWQiOiJhSEY3MVhYeG0tTWE5Q05zSjNaU1RKTjlYS0ZxOFFmOGh2UTJLN3NLQmQ4In0sInByb29mIjoiZXlKaGJHY2lPaUpGWkVSVFFTSXNJblI1Y0NJNkltUndiM0FyYW5kMElpd2lhbmRySWpwN0ltdDBlU0k2SWs5TFVDSXNJbU55ZGlJNklrVmtNalUxTVRraUxDSjRJam9pWVVsaVMwcFBha0poWXpZeVF6TnRhVmhHVjAxb09ITTJkRXQzUkROaGNHRnVSMHBQZURaVVFYVklRU0o5ZlEuZXlKcFlYUWlPakUzTURVME9UYzNNemtzSW1WNGNDSTZNVGN3TlRVd05Ea3pPU3dpYm1KbUlqb3hOekExTkRrM056TTVMQ0p6ZFdJaU9pSjNhWEpsWVhCd09pOHZNVGcxZDBoU2ExRlVkMU01TlVZNE9GcGxORFZLVVNFek4yWmxPVGhpWkRRd1pEQmtabVZBZDJseVpTNWpiMjBpTENKaGRXUWlPaUpvZEhSd2N6b3ZMM04wWlhCallUbzFOVEF5TXk5aFkyMWxMM2RwY21VdlkyaGhiR3hsYm1kbEwxSjRSMUpZWldoRWJFSndkekUxTWxCTlZUTjZiVEZqWXpSd1MwWndkVlpHTDFGYWRFVnJOMUExUlVWRmVGcDBjRkppZURKMk5XaGlWemRCY0hWTFkwNUpJaXdpYW5ScElqb2lNV1kxTUdRM1lUQXRaamt6WmkwME5XWXdMV0V3TWpBdE1ETm1NREJpTlRreVlUUmtJaXdpYm05dVkyVWlPaUpUTWtwaFpWWndUR1JYYnpCU1JrcG9VV3RhZDFkSFJrcGpSV2hXVVdzMVRGZFVaM2hhU0dSRVZXcEJJaXdpYUhSdElqb2lVRTlUVkNJc0ltaDBkU0k2SW1oMGRIQTZMeTkzYVhKbExtTnZiVG94TmpneU5DOWpiR2xsYm5Sekx6TTNabVU1T0dKa05EQmtNR1JtWlM5aFkyTmxjM010ZEc5clpXNGlMQ0pqYUdGc0lqb2lNbWd4VDNWSGNXMHdTbEYzZW14MWJGaHJTMGt5UkRCbVlrUTRNMFZDTVhjaUxDSm9ZVzVrYkdVaU9pSjNhWEpsWVhCd09pOHZKVFF3WVd4cFkyVmZkMmx5WlVCM2FYSmxMbU52YlNJc0luUmxZVzBpT2lKM2FYSmxJbjAuZlNmQnFuWWlfMTRhZEc5MDAyZ0RJdEgybXNyYW55eXVnR0g5bHpFcmprdmRGbkRPOFRVWWRYUXJKUzdlX3BlU0lzcGxlRUVkaGhzc0gwM3FBWHY2QXciLCJjbGllbnRfaWQiOiJ3aXJlYXBwOi8vMTg1d0hSa1FUd1M5NUY4OFplNDVKUSEzN2ZlOThiZDQwZDBkZmVAd2lyZS5jb20iLCJhcGlfdmVyc2lvbiI6NSwic2NvcGUiOiJ3aXJlX2NsaWVudF9pZCJ9.GKK7ZsJ8EWJjeaHqf8P48H9mluJhxyXUmI0FO3xstda3XDJIK7Z5Ur4hi1OIJB0ZsS5BqRVT2q5whL4KP9hZCA`
|
|
|
|
|
ch := &Challenge{
|
|
|
|
|
Token: "bXUGNpUfcRx3EhB34xP3y62aQZoGZS6j",
|
|
|
|
|
}
|
|
|
|
|