diff --git a/lib/CF/Helpers/Auth.pm b/lib/CF/Helpers/Auth.pm
index 866ceb2f0a86a75af19676c79ffc0e52a6b1e8ea..7c95057798b7af3fd75fd1bb9bbd3f68152c82b0 100644
--- a/lib/CF/Helpers/Auth.pm
+++ b/lib/CF/Helpers/Auth.pm
@@ -17,6 +17,14 @@ sub register ( $class, $self, $conf) {
$self->helper( jwt => sub {
if ( ! $jwt ) {
+
+ if ( $self->cfg->{test} && $self->cfg->{test_auth_jwt_secret}) {
+ $jwt = Mojo::JWT->new(
+ secret => $self->cfg->{test_auth_jwt_secret}
+ );
+ return $jwt;
+ }
+
my $res;
eval { $res = $ua->get( $self->cfg->{oauth_url} )->result; };
@@ -32,6 +40,7 @@ sub register ( $class, $self, $conf) {
$self->helper( oauth_groups => sub ( $c ) {
if ( ! $groups ) {
my $res;
+
eval { $res = $ua->get( $self->cfg->{groups_url} )->result; };
if (! $@ && $res->is_success) {
@@ -49,6 +58,7 @@ sub register ( $class, $self, $conf) {
$self->helper( oauth_claims => sub ( $c ) {
if ( ! $c->stash->{claims}) {
+
return undef if ! ($c->jwt && $c->oauth_token);
my $claims;
@@ -58,7 +68,7 @@ sub register ( $class, $self, $conf) {
$c->app->log->warn("Invalid token ($@)");
}
- $c->stash->{claims} = $claims;
+ $c->stash->{claims} = $claims;
}
return $c->stash->{claims};
@@ -81,7 +91,7 @@ sub register ( $class, $self, $conf) {
uuid => $claims->{sub},
username => $claims->{preferred_username},
name => $claims->{name},
- groups => $claims->{groups},
+# groups => $claims->{groups},
main_group_name => $c->oauth_main_group_name(),
};
}
@@ -91,10 +101,7 @@ sub register ( $class, $self, $conf) {
$self->helper( user_roles => sub ( $c ) {
my @roles = ();
- if ( $c->cfg->{test_x_roles} && $c->req->headers->header('X-Roles')) {
- @roles = split /\W+/, $c->req->headers('X-Roles');
- }
- elsif ( my $claims = $c->oauth_claims ) {
+ if ( my $claims = $c->oauth_claims ) {
@roles = @{ $claims->{roles} // [] };
}