fix: missing certificate

formancehq · Sep 20, 2022 · 623c2e3 · 623c2e3
1 parent b7df99f
commit 623c2e3
Show file tree

Hide file tree

Showing 4 changed files with 11 additions and 9 deletions.
diff --git a/cmd/serve.go b/cmd/serve.go
@@ -90,7 +90,7 @@ var serveCmd = &cobra.Command{
 
 		options := []fx.Option{
 			fx.Supply(fx.Annotate(cmd.Context(), fx.As(new(context.Context)))),
-			oidc.Module(":8080", baseUrl),
+			oidc.Module(":8080", baseUrl, key),
 			api.Module(),
 			fx.Invoke(func(router *mux.Router, healthController *sharedhealth.HealthController) {
 				router.Path("/_healthcheck").HandlerFunc(healthController.Check)

diff --git a/pkg/oidc/module.go b/pkg/oidc/module.go
@@ -2,6 +2,7 @@ package oidc
 
 import (
 	"context"
+	"crypto/rsa"
 
 	auth "github.com/formancehq/auth/pkg"
 	"github.com/gorilla/mux"
@@ -10,15 +11,15 @@ import (
 	"go.uber.org/fx"
 )
 
-func Module(addr, issuer string) fx.Option {
+func Module(addr, issuer string, privateKey *rsa.PrivateKey) fx.Option {
 	return fx.Options(
 		fx.Provide(NewRouter),
 		fx.Provide(fx.Annotate(func(storage Storage, relyingParty rp.RelyingParty, opts []auth.ClientOptions) *storageFacade {
 			var staticClients []auth.Client
 			for _, c := range opts {
 				staticClients = append(staticClients, *auth.NewClient(c))
 			}
-			return NewStorageFacade(storage, relyingParty, staticClients...)
+			return NewStorageFacade(storage, relyingParty, privateKey, staticClients...)
 		}, fx.As(new(op.Storage)))),
 		fx.Provide(func(storage op.Storage) (op.OpenIDProvider, error) {
 			return NewOpenIDProvider(context.TODO(), storage, issuer)

diff --git a/pkg/oidc/oidc_test.go b/pkg/oidc/oidc_test.go
@@ -2,6 +2,8 @@ package oidc_test
 
 import (
 	"context"
+	"crypto/rand"
+	"crypto/rsa"
 	"fmt"
 	"net"
 	"net/http"
@@ -50,7 +52,9 @@ func withServer(t *testing.T, fn func(storage *sqlstorage.Storage, provider op.O
 	require.NoError(t, sqlstorage.MigrateTables(context.Background(), db))
 
 	storage := sqlstorage.New(db)
-	storageFacade := oidc.NewStorageFacade(storage, serverRelyingParty)
+
+	key, _ := rsa.GenerateKey(rand.Reader, 2048)
+	storageFacade := oidc.NewStorageFacade(storage, serverRelyingParty, key)
 
 	// Construct our oidc provider
 	provider, err := oidc.NewOpenIDProvider(context.TODO(), storageFacade, serverUrl)

diff --git a/pkg/oidc/storage.go b/pkg/oidc/storage.go
@@ -2,7 +2,6 @@ package oidc
 
 import (
 	"context"
-	"crypto/rand"
 	"crypto/rsa"
 	"fmt"
 	"math/big"
@@ -525,9 +524,7 @@ var (
 	}
 )
 
-func NewStorageFacade(storage Storage, rp rp.RelyingParty, staticClients ...auth.Client) *storageFacade {
-	// TODO: Pass from config
-	key, _ := rsa.GenerateKey(rand.Reader, 2048)
+func NewStorageFacade(storage Storage, rp rp.RelyingParty, privateKey *rsa.PrivateKey, staticClients ...auth.Client) *storageFacade {
 	return &storageFacade{
 		Storage: storage,
 		services: map[string]Service{
@@ -540,7 +537,7 @@ func NewStorageFacade(storage Storage, rp rp.RelyingParty, staticClients ...auth
 		signingKey: signingKey{
 			ID:        "id",
 			Algorithm: "RS256",
-			Key:       key,
+			Key:       privateKey,
 		},
 		relyingParty:  rp,
 		staticClients: staticClients,