[FEAT/BE] down to hs256 without rotate key

2026-05-23 14:55:42 +00:00 · 2026-02-26 12:39:02 +07:00
parent 4d009978ae
commit 2cf4ab03ad
5 changed files with 121 additions and 35 deletions
@@ -0,0 +1,42 @@
+package sso
+
+import (
+	"context"
+	"testing"
+	"time"
+
+	"github.com/golang-jwt/jwt/v5"
+)
+
+func TestVerifyAccessTokenHMAC(t *testing.T) {
+	secret := "test-secret-123"
+	issuer := "http://localhost:8080"
+	aud := []string{"client:1"}
+
+	if err := Init(context.Background(), "", issuer, aud, secret); err != nil {
+		t.Fatalf("Init error: %v", err)
+	}
+
+	claims := &AccessTokenClaims{
+		Scope: "openid profile",
+		RegisteredClaims: jwt.RegisteredClaims{
+			Issuer:    issuer,
+			Subject:   "user:1",
+			Audience:  jwt.ClaimStrings(aud),
+			IssuedAt:  jwt.NewNumericDate(time.Now().Add(-1 * time.Minute)),
+			ExpiresAt: jwt.NewNumericDate(time.Now().Add(5 * time.Minute)),
+		},
+	}
+	token, err := jwt.NewWithClaims(jwt.SigningMethodHS256, claims).SignedString([]byte(secret))
+	if err != nil {
+		t.Fatalf("sign token error: %v", err)
+	}
+
+	result, err := VerifyAccessToken(token)
+	if err != nil {
+		t.Fatalf("VerifyAccessToken error: %v", err)
+	}
+	if result.UserID != 1 {
+		t.Fatalf("unexpected user id: %d", result.UserID)
+	}
+}