fix: correct minor configuration details

zitadel · Apr 28, 2022 · a8d4f83 · a8d4f83
2 parents 5a32ca8 + e62ff42
commit a8d4f83
Show file tree

Hide file tree

Showing 5 changed files with 18 additions and 19 deletions.
diff --git a/README.md b/README.md
@@ -1,4 +1,4 @@
-# SAML Connect SDK (server) for Go
+# SAML SDK (server) for Go
 
 [![semantic-release](https://img.shields.io/badge/%20%20%F0%9F%93%A6%F0%9F%9A%80-semantic--release-e10079.svg)](https://github.com/semantic-release/semantic-release)
 [![Release](https://github.com/zitadel/saml/workflows/Release/badge.svg)](https://github.com/zitadel/saml/actions)

diff --git a/pkg/provider/identityprovider.go b/pkg/provider/identityprovider.go
@@ -86,8 +86,8 @@ type IdentityProvider struct {
 	serviceProviders []*serviceprovider.ServiceProvider
 }
 
-func NewIdentityProvider(metadataEndpoint *op.Endpoint, conf *IdentityProviderConfig, storage IDPStorage) (*IdentityProvider, error) {
-	cert, privateKey := getResponseCert(storage)
+func NewIdentityProvider(ctx context.Context, metadataEndpoint *op.Endpoint, conf *IdentityProviderConfig, storage IDPStorage) (*IdentityProvider, error) {
+	cert, privateKey := getResponseCert(ctx, storage)
 
 	signingContext, signer, err := signature.GetSigningContextAndSigner(cert, privateKey, conf.SignatureAlgorithm)
 	if err != nil {
@@ -229,8 +229,7 @@ func notImplementedHandleFunc(w http.ResponseWriter, _ *http.Request) {
 	http.Error(w, fmt.Sprintf("not implemented yet"), http.StatusNotImplemented)
 }
 
-func getResponseCert(storage IdentityProviderStorage) ([]byte, *rsa.PrivateKey) {
-	ctx := context.Background()
+func getResponseCert(ctx context.Context, storage IdentityProviderStorage) ([]byte, *rsa.PrivateKey) {
 	certAndKeyCh := make(chan key.CertificateAndKey)
 	go storage.GetResponseSigningKey(ctx, certAndKeyCh)
 

diff --git a/pkg/provider/identityprovider_test.go b/pkg/provider/identityprovider_test.go
@@ -95,7 +95,7 @@ func TestIDP_certificateHandleFunc(t *testing.T) {
 				return
 			}
 
-			idp, err := NewIdentityProvider(&endpoint, tt.args.config, mockStorage)
+			idp, err := NewIdentityProvider(context.Background(), &endpoint, tt.args.config, mockStorage)
 			if (err != nil) != tt.res.err {
 				t.Errorf("NewIdentityProvider() error = %v", err.Error())
 				return

diff --git a/pkg/provider/provider.go b/pkg/provider/provider.go
@@ -84,9 +84,8 @@ type Provider struct {
 }
 
 type Config struct {
-	MetadataEndpoint *op.Endpoint
-	MetadataConfig   *MetadataConfig
-	IDPConfig        *IdentityProviderConfig
+	MetadataConfig *MetadataConfig
+	IDPConfig      *IdentityProviderConfig
 
 	Organisation  *Organisation
 	ContactPerson *ContactPerson
@@ -98,13 +97,15 @@ func NewProvider(
 	conf *Config,
 	providerOpts ...Option,
 ) (*Provider, error) {
+	getCACert(ctx, storage)
+	cert, key := getMetadataCert(ctx, storage)
+	signingContext, signer, err := signature.GetSigningContextAndSigner(cert, key, conf.MetadataConfig.SignatureAlgorithm)
 
-	getCACert(storage)
-	cert, key := getMetadataCert(storage)
-	signingContext, signer, err := signature.GetSigningContextAndSigner(cert, key, conf.IDPConfig.SignatureAlgorithm)
+	metadata := op.NewEndpointWithURL(conf.MetadataConfig.Path, conf.MetadataConfig.URL)
 
 	idp, err := NewIdentityProvider(
-		conf.MetadataEndpoint,
+		ctx,
+		&metadata,
 		conf.IDPConfig,
 		storage,
 	)
@@ -113,7 +114,7 @@ func NewProvider(
 	}
 
 	prov := &Provider{
-		MetadataEndpoint: conf.MetadataEndpoint,
+		MetadataEndpoint: &metadata,
 		Metadata:         conf.getMetadata(idp),
 		signingContext:   signingContext,
 		signer:           signer,
@@ -157,8 +158,7 @@ func (p *Provider) Probes() []ProbesFn {
 		ReadyStorage(p.Storage()),
 	}
 }
-func getCACert(storage Storage) ([]byte, *rsa.PrivateKey) {
-	ctx := context.Background()
+func getCACert(ctx context.Context, storage Storage) ([]byte, *rsa.PrivateKey) {
 	certAndKeyCh := make(chan key.CertificateAndKey)
 	go storage.GetCA(ctx, certAndKeyCh)
 	for {
@@ -178,8 +178,7 @@ func getCACert(storage Storage) ([]byte, *rsa.PrivateKey) {
 	}
 }
 
-func getMetadataCert(storage Storage) ([]byte, *rsa.PrivateKey) {
-	ctx := context.Background()
+func getMetadataCert(ctx context.Context, storage Storage) ([]byte, *rsa.PrivateKey) {
 	certAndKeyCh := make(chan key.CertificateAndKey)
 	go storage.GetMetadataSigningKey(ctx, certAndKeyCh)
 

diff --git a/pkg/provider/sso_test.go b/pkg/provider/sso_test.go
@@ -1,6 +1,7 @@
 package provider
 
 import (
+	"context"
 	"github.com/golang/mock/gomock"
 	dsig "github.com/russellhaering/goxmldsig"
 	"github.com/zitadel/oidc/pkg/op"
@@ -513,7 +514,7 @@ func TestSSO_ssoHandleFunc(t *testing.T) {
 				return
 			}
 
-			idp, err := NewIdentityProvider(&endpoint, tt.args.config, mockStorage)
+			idp, err := NewIdentityProvider(context.Background(), &endpoint, tt.args.config, mockStorage)
 			if (err != nil) != tt.res.err {
 				t.Errorf("NewIdentityProvider() error = %v", err.Error())
 				return