Skip to content

Commit

Permalink
Allow Clock Skew for Zitadel CT tests (#355)
Browse files Browse the repository at this point in the history
  • Loading branch information
maennchen authored Jun 12, 2024
1 parent 3b12c8a commit fa872d4
Show file tree
Hide file tree
Showing 4 changed files with 12 additions and 0 deletions.
3 changes: 3 additions & 0 deletions test/oidcc/token_test.exs
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,9 @@ defmodule Oidcc.TokenTest do
System.put_env("CLIENT_CREDENTIALS_CLIENT_SECRET", @client_credentials_client_secret)
System.put_env("JWT_PROFILE", @jwt_profile)

# Allow minimal clock skew for Zitadel
Application.put_env(:oidcc, :max_clock_skew, 5)

:ok
end

Expand Down
2 changes: 2 additions & 0 deletions test/oidcc_SUITE.erl
Original file line number Diff line number Diff line change
Expand Up @@ -161,6 +161,7 @@ retrieve_jwt_profile_token(_Config) ->
KeyMap = jose:decode(KeyJson),
Key = jose_jwk:from_pem(maps:get(<<"key">>, KeyMap)),

application:set_env(oidcc, max_clock_skew, 10),
?assertMatch(
{ok, _},
oidcc:jwt_profile_token(
Expand All @@ -175,6 +176,7 @@ retrieve_jwt_profile_token(_Config) ->
}
)
),
application:unset_env(oidcc, max_clock_skew),

ok.

Expand Down
3 changes: 3 additions & 0 deletions test/oidcc_test.exs
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,9 @@ defmodule OidccTest do
System.put_env("CLIENT_CREDENTIALS_CLIENT_SECRET", @client_credentials_client_secret)
System.put_env("JWT_PROFILE", @jwt_profile)

# Allow minimal clock skew for Zitadel
Application.put_env(:oidcc, :max_clock_skew, 5)

:ok
end

Expand Down
4 changes: 4 additions & 0 deletions test/oidcc_token_SUITE.erl
Original file line number Diff line number Diff line change
Expand Up @@ -100,6 +100,7 @@ retrieves_client_credentials_token(_Config) ->
ZitadelClientCredentialsClientSecret
),

application:set_env(oidcc, max_clock_skew, 10),
?assertMatch(
{error, {grant_type_not_supported, client_credentials}},
oidcc_token:client_credentials(SalesforceClientContext, #{})
Expand All @@ -111,6 +112,7 @@ retrieves_client_credentials_token(_Config) ->
scope => [<<"openid">>, <<"profile">>]
})
),
application:unset_env(oidcc, max_clock_skew),

ok.

Expand All @@ -137,6 +139,7 @@ validates_access_token(_Config) ->
ZitadelClientCredentialsClientSecret
),

application:set_env(oidcc, max_clock_skew, 10),
{ok, Token} = oidcc_token:client_credentials(ZitadelClientContext, #{
scope => [<<"openid">>, <<"profile">>]
}),
Expand All @@ -149,5 +152,6 @@ validates_access_token(_Config) ->
}},
oidcc_token:validate_jwt(AccessToken, ZitadelClientContext, #{signing_algs => [<<"RS256">>]})
),
application:unset_env(oidcc, max_clock_skew),

ok.

0 comments on commit fa872d4

Please sign in to comment.