From d872f9a0d658872dd1bb1f6c8b0b497937e4356f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andrej=20Rama=C5=A1euski?= <andrej@x2.cz>
Date: Wed, 16 Jun 2021 01:07:59 +0200
Subject: [PATCH] Podpora testovaci authorizaci

---
 lib/CF/Helpers/Auth.pm | 19 +++++++++++++------
 1 file changed, 13 insertions(+), 6 deletions(-)

diff --git a/lib/CF/Helpers/Auth.pm b/lib/CF/Helpers/Auth.pm
index 866ceb2..7c95057 100644
--- a/lib/CF/Helpers/Auth.pm
+++ b/lib/CF/Helpers/Auth.pm
@@ -17,6 +17,14 @@ sub register ( $class, $self, $conf) {
 
     $self->helper( jwt => sub {
         if ( ! $jwt ) {
+
+            if ( $self->cfg->{test} && $self->cfg->{test_auth_jwt_secret}) {
+                $jwt = Mojo::JWT->new(
+                    secret => $self->cfg->{test_auth_jwt_secret}
+                );
+                return $jwt;
+            }
+
             my $res;
             eval { $res = $ua->get( $self->cfg->{oauth_url} )->result; };
 
@@ -32,6 +40,7 @@ sub register ( $class, $self, $conf) {
     $self->helper( oauth_groups => sub ( $c ) {
         if ( ! $groups ) {
             my $res;
+
             eval { $res = $ua->get( $self->cfg->{groups_url} )->result; };
 
             if (! $@ && $res->is_success) {
@@ -49,6 +58,7 @@ sub register ( $class, $self, $conf) {
 
     $self->helper( oauth_claims => sub ( $c ) {
         if ( ! $c->stash->{claims}) {
+
             return undef if ! ($c->jwt && $c->oauth_token);
 
             my $claims;
@@ -58,7 +68,7 @@ sub register ( $class, $self, $conf) {
                 $c->app->log->warn("Invalid token ($@)");
             }
 
-             $c->stash->{claims} = $claims;
+            $c->stash->{claims} = $claims;
         }
 
         return $c->stash->{claims};
@@ -81,7 +91,7 @@ sub register ( $class, $self, $conf) {
                 uuid     => $claims->{sub},
                 username => $claims->{preferred_username},
                 name     => $claims->{name},
-                groups   => $claims->{groups},
+#               groups   => $claims->{groups},
                 main_group_name => $c->oauth_main_group_name(),
             };
         }
@@ -91,10 +101,7 @@ sub register ( $class, $self, $conf) {
     $self->helper( user_roles => sub ( $c ) {
         my @roles = ();
 
-        if ( $c->cfg->{test_x_roles} && $c->req->headers->header('X-Roles')) {
-            @roles = split /\W+/, $c->req->headers('X-Roles');
-        }
-        elsif ( my $claims = $c->oauth_claims ) {
+        if ( my $claims = $c->oauth_claims ) {
             @roles = @{ $claims->{roles} // [] };
         }
 
-- 
GitLab