chore: refactoring ready for review

- Unit tests passing
- Regenerated many mocks which caused file deletes
- Strategy providers in place
- Unit test rework (heavy & surgical)

Author: shaunnkhan

compose/compose.go

@@ -70,9 +70,9 @@ func ComposeAllEnabled(config *fosite.Config, storage fosite.Storage, key interf
 		config,
 		storage,
 		&CommonStrategy{
-			CoreStrategy:               NewOAuth2HMACStrategy(config),
-			RFC8628CodeStrategy:        NewDeviceStrategy(config),
-			OpenIDConnectTokenStrategy: NewOpenIDConnectStrategy(keyGetter, config),
+			coreStrategy:               NewOAuth2HMACStrategy(config),
+			rfc8628CodeStrategy:        NewDeviceStrategy(config),
+			openIDConnectTokenStrategy: NewOpenIDConnectStrategy(keyGetter, config),
 			Signer:                     &jwt.DefaultSigner{GetPrivateKey: keyGetter},
 		},
 		OAuth2AuthorizeExplicitFactory,

compose/compose_oauth2.go

@@ -59,9 +59,9 @@ func OAuth2RefreshTokenGrantFactory(config fosite.Configurator, storage fosite.S
 // an access token, refresh token and authorize code validator.
 func OAuth2AuthorizeImplicitFactory(config fosite.Configurator, storage fosite.Storage, strategy interface{}) interface{} {
 	return &oauth2.AuthorizeImplicitGrantHandler{
-		AccessTokenStrategy: strategy.(oauth2.AccessTokenStrategyProvider),
-		AccessTokenStorage:  storage.(oauth2.AccessTokenStorageProvider),
-		Config:              config,
+		Strategy: strategy.(oauth2.AccessTokenStrategyProvider),
+		Storage:  storage.(oauth2.AccessTokenStorageProvider),
+		Config:   config,
 	}
 }
 
@@ -73,33 +73,43 @@ func OAuth2AuthorizeImplicitFactory(config fosite.Configurator, storage fosite.S
 // is discouraged see: https://www.scottbrady91.com/oauth/why-the-resource-owner-password-credentials-grant-type-is-not-authentication-nor-suitable-for-modern-applications
 func OAuth2ResourceOwnerPasswordCredentialsFactory(config fosite.Configurator, storage fosite.Storage, strategy interface{}) interface{} {
 	return &oauth2.ResourceOwnerPasswordCredentialsGrantHandler{
-		ResourceOwnerPasswordCredentialsGrantStorage: storage.(oauth2.ResourceOwnerPasswordCredentialsGrantStorage),
-		HandleHelper: &oauth2.HandleHelper{
-			AccessTokenStrategy: strategy.(oauth2.AccessTokenStrategy),
-			Storage:             storage.(oauth2.AccessTokenStorageProvider),
-			Config:              config,
-		},
-		RefreshTokenStrategy: strategy.(oauth2.RefreshTokenStrategy),
-		Config:               config,
+		Strategy: strategy.(interface {
+			oauth2.AccessTokenStrategyProvider
+			oauth2.RefreshTokenStrategyProvider
+		}),
+		Storage: storage.(oauth2.ResourceOwnerPasswordCredentialsGrantStorage),
+		Config:  config,
 	}
 }
 
 // OAuth2TokenRevocationFactory creates an OAuth2 token revocation handler.
 func OAuth2TokenRevocationFactory(_ fosite.Configurator, storage fosite.Storage, strategy interface{}) interface{} {
 	return &oauth2.TokenRevocationHandler{
-		TokenRevocationStorage: storage.(oauth2.TokenRevocationStorageProvider),
-		AccessTokenStrategy:    strategy.(oauth2.AccessTokenStrategy),
-		RefreshTokenStrategy:   strategy.(oauth2.RefreshTokenStrategy),
+		Strategy: strategy.(interface {
+			oauth2.AccessTokenStrategyProvider
+			oauth2.RefreshTokenStrategyProvider
+		}),
+		Storage: storage.(interface {
+			oauth2.AccessTokenStorageProvider
+			oauth2.RefreshTokenStorageProvider
+			oauth2.TokenRevocationStorageProvider
+		}),
 	}
 }
 
 // OAuth2TokenIntrospectionFactory creates an OAuth2 token introspection handler and registers
 // an access token and refresh token validator.
 func OAuth2TokenIntrospectionFactory(config fosite.Configurator, storage fosite.Storage, strategy interface{}) interface{} {
 	return &oauth2.CoreValidator{
-		CoreStrategy: strategy.(oauth2.CoreStrategy),
-		CoreStorage:  storage.(oauth2.CoreStorage),
-		Config:       config,
+		Strategy: strategy.(interface {
+			oauth2.AccessTokenStrategyProvider
+			oauth2.RefreshTokenStrategyProvider
+		}),
+		Storage: storage.(interface {
+			oauth2.AccessTokenStorageProvider
+			oauth2.RefreshTokenStorageProvider
+		}),
+		Config: config,
 	}
 }
 

compose/compose_openid.go

@@ -16,9 +16,9 @@ import (
 // **Important note:** You must add this handler *after* you have added an OAuth2 authorize code handler!
 func OpenIDConnectExplicitFactory(config fosite.Configurator, storage fosite.Storage, strategy interface{}) interface{} {
 	return &openid.ExplicitHandler{
-		Storage: storage.(openid.OIDCRequestStorageProvider),
+		Storage: storage.(openid.OpenIDConnectRequestStorageProvider),
 		IDTokenHandleHelper: &openid.IDTokenHandleHelper{
-			IDTokenStrategy: strategy.(openid.OpenIDConnectTokenStrategy),
+			IDTokenStrategy: strategy.(openid.OpenIDConnectTokenStrategyProvider),
 		},
 		OpenIDConnectRequestValidator: openid.NewOpenIDConnectRequestValidator(strategy.(jwt.Signer), config),
 		Config:                        config,
@@ -31,7 +31,7 @@ func OpenIDConnectExplicitFactory(config fosite.Configurator, storage fosite.Sto
 func OpenIDConnectRefreshFactory(config fosite.Configurator, _ fosite.Storage, strategy interface{}) interface{} {
 	return &openid.OpenIDConnectRefreshHandler{
 		IDTokenHandleHelper: &openid.IDTokenHandleHelper{
-			IDTokenStrategy: strategy.(openid.OpenIDConnectTokenStrategy),
+			IDTokenStrategy: strategy.(openid.OpenIDConnectTokenStrategyProvider),
 		},
 		Config: config,
 	}
@@ -43,13 +43,13 @@ func OpenIDConnectRefreshFactory(config fosite.Configurator, _ fosite.Storage, s
 func OpenIDConnectImplicitFactory(config fosite.Configurator, storage fosite.Storage, strategy interface{}) interface{} {
 	return &openid.OpenIDConnectImplicitHandler{
 		AuthorizeImplicitGrantTypeHandler: &oauth2.AuthorizeImplicitGrantHandler{
-			AccessTokenStrategy: strategy.(oauth2.AccessTokenStrategy),
-			AccessTokenStorage:  storage.(oauth2.AccessTokenStorageProvider),
-			Config:              config,
+			Strategy: strategy.(oauth2.AccessTokenStrategyProvider),
+			Storage:  storage.(oauth2.AccessTokenStorageProvider),
+			Config:   config,
 		},
 		Config: config,
 		IDTokenHandleHelper: &openid.IDTokenHandleHelper{
-			IDTokenStrategy: strategy.(openid.OpenIDConnectTokenStrategy),
+			IDTokenStrategy: strategy.(openid.OpenIDConnectTokenStrategyProvider),
 		},
 		OpenIDConnectRequestValidator: openid.NewOpenIDConnectRequestValidator(strategy.(jwt.Signer), config),
 	}
@@ -61,22 +61,29 @@ func OpenIDConnectImplicitFactory(config fosite.Configurator, storage fosite.Sto
 func OpenIDConnectHybridFactory(config fosite.Configurator, storage fosite.Storage, strategy interface{}) interface{} {
 	return &openid.OpenIDConnectHybridHandler{
 		AuthorizeExplicitGrantHandler: &oauth2.AuthorizeExplicitGrantHandler{
-			AccessTokenStrategy:   strategy.(oauth2.AccessTokenStrategy),
-			RefreshTokenStrategy:  strategy.(oauth2.RefreshTokenStrategy),
-			AuthorizeCodeStrategy: strategy.(oauth2.AuthorizeCodeStrategy),
-			Storage:               storage.(oauth2.CoreStorage),
-			Config:                config,
+			Strategy: strategy.(interface {
+				oauth2.AuthorizeCodeStrategyProvider
+				oauth2.AccessTokenStrategyProvider
+				oauth2.RefreshTokenStrategyProvider
+			}),
+			Storage: storage.(interface {
+				oauth2.AuthorizeCodeStorageProvider
+				oauth2.AccessTokenStorageProvider
+				oauth2.RefreshTokenStorageProvider
+				oauth2.TokenRevocationStorageProvider
+			}),
+			Config: config,
 		},
 		Config: config,
 		AuthorizeImplicitGrantHandler: &oauth2.AuthorizeImplicitGrantHandler{
-			AccessTokenStrategy: strategy.(oauth2.AccessTokenStrategy),
-			AccessTokenStorage:  storage.(oauth2.AccessTokenStorageProvider),
-			Config:              config,
+			Strategy: strategy.(oauth2.AccessTokenStrategyProvider),
+			Storage:  storage.(oauth2.AccessTokenStorageProvider),
+			Config:   config,
 		},
 		IDTokenHandleHelper: &openid.IDTokenHandleHelper{
-			IDTokenStrategy: strategy.(openid.OpenIDConnectTokenStrategy),
+			IDTokenStrategy: strategy.(openid.OpenIDConnectTokenStrategyProvider),
 		},
-		OpenIDConnectRequestStorage:   storage.(openid.OIDCRequestStorageProvider),
+		OpenIDConnectRequestStorage:   storage.(openid.OpenIDConnectRequestStorageProvider),
 		OpenIDConnectRequestValidator: openid.NewOpenIDConnectRequestValidator(strategy.(jwt.Signer), config),
 	}
 }
@@ -86,11 +93,11 @@ func OpenIDConnectHybridFactory(config fosite.Configurator, storage fosite.Stora
 // **Important note:** You must add this handler *after* you have added an OAuth2 device authorization handler!
 func OpenIDConnectDeviceFactory(config fosite.Configurator, storage fosite.Storage, strategy interface{}) interface{} {
 	return &openid.OpenIDConnectDeviceHandler{
-		OpenIDConnectRequestStorage: storage.(openid.OIDCRequestStorageProvider),
+		Storage: storage.(openid.OpenIDConnectRequestStorageProvider),
 		IDTokenHandleHelper: &openid.IDTokenHandleHelper{
-			IDTokenStrategy: strategy.(openid.OpenIDConnectTokenStrategy),
+			IDTokenStrategy: strategy.(openid.OpenIDConnectTokenStrategyProvider),
 		},
-		DeviceCodeStrategy: strategy.(rfc8628.DeviceCodeStrategy),
-		Config:             config,
+		Strategy: strategy.(rfc8628.DeviceCodeStrategyProvider),
+		Config:   config,
 	}
 }

compose/compose_par.go

@@ -11,7 +11,7 @@ import (
 // PushedAuthorizeHandlerFactory creates the basic PAR handler
 func PushedAuthorizeHandlerFactory(config fosite.Configurator, storage fosite.Storage, _ interface{}) interface{} {
 	return &par.PushedAuthorizeHandler{
-		Storage: storage.(par.StorageProvider),
+		Storage: storage.(fosite.PARStorageProvider),
 		Config:  config,
 	}
 }

compose/compose_pkce.go

@@ -12,7 +12,7 @@ import (
 // OAuth2PKCEFactory creates a PKCE handler.
 func OAuth2PKCEFactory(config fosite.Configurator, storage fosite.Storage, strategy interface{}) interface{} {
 	return &pkce.Handler{
-		Strategy: strategy.(oauth2.AuthorizeCodeStrategy),
+		Strategy: strategy.(oauth2.AuthorizeCodeStrategyProvider),
 		Storage:  storage.(pkce.PKCERequestStorageProvider),
 		Config:   config,
 	}

compose/compose_rfc7523.go

@@ -13,12 +13,11 @@ import (
 // and registers an access token, refresh token and authorize code validator.
 func RFC7523AssertionGrantFactory(config fosite.Configurator, storage fosite.Storage, strategy interface{}) interface{} {
 	return &rfc7523.Handler{
-		Storage: storage.(rfc7523.RFC7523KeyStorage),
-		HandleHelper: &oauth2.HandleHelper{
-			AccessTokenStrategy: strategy.(oauth2.AccessTokenStrategy),
-			Storage:             storage.(oauth2.AccessTokenStorageProvider),
-			Config:              config,
-		},
+		Strategy: strategy.(oauth2.AccessTokenStrategyProvider),
+		Storage: storage.(interface {
+			oauth2.AccessTokenStorageProvider
+			rfc7523.RFC7523KeyStorageProvider
+		}),
 		Config: config,
 	}
 }

compose/compose_rfc8628.go

@@ -15,23 +15,37 @@ import (
 // a user code, device code, access token and a refresh token validator.
 func RFC8628DeviceFactory(config fosite.Configurator, storage fosite.Storage, strategy interface{}) interface{} {
 	return &rfc8628.DeviceAuthHandler{
-		Strategy: strategy.(rfc8628.RFC8628CodeStrategy),
-		Storage:  storage.(rfc8628.Storage),
-		Config:   config,
+		Strategy: strategy.(interface {
+			rfc8628.DeviceRateLimitStrategyProvider
+			rfc8628.DeviceCodeStrategyProvider
+			rfc8628.UserCodeStrategyProvider
+		}),
+		Storage: storage.(interface {
+			rfc8628.DeviceAuthStorageProvider
+			oauth2.AccessTokenStorageProvider
+			oauth2.RefreshTokenStorageProvider
+		}),
+		Config: config,
 	}
 }
 
 // RFC8628DeviceAuthorizationTokenFactory creates an OAuth2 device authorization grant ("Device Authorization Grant") handler and registers
 // an access token, refresh token and authorize code validator.
 func RFC8628DeviceAuthorizationTokenFactory(config fosite.Configurator, storage fosite.Storage, strategy interface{}) interface{} {
 	return &rfc8628.DeviceCodeTokenEndpointHandler{
-		DeviceRateLimitStrategy: strategy.(rfc8628.DeviceRateLimitStrategy),
-		DeviceCodeStrategy:      strategy.(rfc8628.DeviceCodeStrategy),
-		UserCodeStrategy:        strategy.(rfc8628.UserCodeStrategy),
-		AccessTokenStrategy:     strategy.(oauth2.AccessTokenStrategy),
-		RefreshTokenStrategy:    strategy.(oauth2.RefreshTokenStrategy),
-		CoreStorage:             storage.(rfc8628.Storage),
-		TokenRevocationStorage:  storage.(oauth2.TokenRevocationStorageProvider),
-		Config:                  config,
+		Strategy: strategy.(interface {
+			rfc8628.DeviceRateLimitStrategyProvider
+			rfc8628.DeviceCodeStrategyProvider
+			rfc8628.UserCodeStrategyProvider
+			oauth2.AccessTokenStrategyProvider
+			oauth2.RefreshTokenStrategyProvider
+		}),
+		Storage: storage.(interface {
+			rfc8628.DeviceAuthStorageProvider
+			oauth2.AccessTokenStorageProvider
+			oauth2.RefreshTokenStorageProvider
+			oauth2.TokenRevocationStorageProvider
+		}),
+		Config: config,
 	}
 }

compose/compose_strategy.go

@@ -15,17 +15,41 @@ import (
 )
 
 type CommonStrategy struct {
-	oauth2.AuthorizeCodeStrategyProvider
-	oauth2.AccessTokenStrategyProvider
-	oauth2.RefreshTokenStrategyProvider
+	coreStrategy               *oauth2.HMACSHAStrategy
+	rfc8628CodeStrategy        *rfc8628.DefaultDeviceStrategy
+	openIDConnectTokenStrategy *openid.DefaultStrategy
+	jwt.Signer
+}
+
+// OAuth2 Strategy Providers
+func (s *CommonStrategy) AuthorizeCodeStrategy() oauth2.AuthorizeCodeStrategy {
+	return s.coreStrategy
+}
 
-	openid.OpenIDConnectTokenStrategy
+func (s *CommonStrategy) AccessTokenStrategy() oauth2.AccessTokenStrategy {
+	return s.coreStrategy
+}
 
-	rfc8628.DeviceRateLimitStrategyProvider
-	rfc8628.DeviceCodeStrategyProvider
-	rfc8628.UserCodeStrategyProvider
+func (s *CommonStrategy) RefreshTokenStrategy() oauth2.RefreshTokenStrategy {
+	return s.coreStrategy
+}
 
-	jwt.Signer
+// OpenID Strategy Provider
+func (s *CommonStrategy) OpenIDConnectTokenStrategy() openid.OpenIDConnectTokenStrategy {
+	return s.openIDConnectTokenStrategy
+}
+
+// RFC8628 Device Strategy Providers
+func (s *CommonStrategy) DeviceRateLimitStrategy() rfc8628.DeviceRateLimitStrategy {
+	return s.rfc8628CodeStrategy
+}
+
+func (s *CommonStrategy) DeviceCodeStrategy() rfc8628.DeviceCodeStrategy {
+	return s.rfc8628CodeStrategy
+}
+
+func (s *CommonStrategy) UserCodeStrategy() rfc8628.UserCodeStrategy {
+	return s.rfc8628CodeStrategy
 }
 
 type HMACSHAStrategyConfigurator interface {
@@ -43,11 +67,14 @@ func NewOAuth2HMACStrategy(config HMACSHAStrategyConfigurator) *oauth2.HMACSHASt
 	return oauth2.NewHMACSHAStrategy(&hmac.HMACStrategy{Config: config}, config)
 }
 
-func NewOAuth2JWTStrategy(keyGetter func(context.Context) (interface{}, error), strategy oauth2.CoreStrategy, config fosite.Configurator) *oauth2.DefaultJWTStrategy {
+func NewOAuth2JWTStrategy(keyGetter func(context.Context) (interface{}, error), strategy interface{}, config fosite.Configurator) *oauth2.DefaultJWTStrategy {
 	return &oauth2.DefaultJWTStrategy{
-		Signer:   &jwt.DefaultSigner{GetPrivateKey: keyGetter},
-		Strategy: strategy,
-		Config:   config,
+		Signer: &jwt.DefaultSigner{GetPrivateKey: keyGetter},
+		Strategy: strategy.(interface {
+			oauth2.AuthorizeCodeStrategyProvider
+			oauth2.RefreshTokenStrategyProvider
+		}),
+		Config: config,
 	}
 }