X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/0b0b4c7b23e96a6efb3cfd88b0ba7224158e9544..46f0c0faf4f032697d59c2d663018ae67d1059d4:/sdk/go/arvadostest/oidc_provider.go?ds=sidebyside

diff --git a/sdk/go/arvadostest/oidc_provider.go b/sdk/go/arvadostest/oidc_provider.go
index de21302e5a..087adc4b24 100644
--- a/sdk/go/arvadostest/oidc_provider.go
+++ b/sdk/go/arvadostest/oidc_provider.go
@@ -29,10 +29,18 @@ type OIDCProvider struct {
 	AuthEmail          string
 	AuthEmailVerified  bool
 	AuthName           string
+	AuthGivenName      string
+	AuthFamilyName     string
 	AccessTokenPayload map[string]interface{}
 
 	PeopleAPIResponse map[string]interface{}
 
+	// send incoming /userinfo requests to HoldUserInfo (if not
+	// nil), then receive from ReleaseUserInfo (if not nil),
+	// before responding (these are used to set up races)
+	HoldUserInfo    chan *http.Request
+	ReleaseUserInfo chan struct{}
+
 	key       *rsa.PrivateKey
 	Issuer    *httptest.Server
 	PeopleAPI *httptest.Server
@@ -96,6 +104,8 @@ func (p *OIDCProvider) serveOIDC(w http.ResponseWriter, req *http.Request) {
 			"email":          p.AuthEmail,
 			"email_verified": p.AuthEmailVerified,
 			"name":           p.AuthName,
+			"given_name":     p.AuthGivenName,
+			"family_name":    p.AuthFamilyName,
 			"alt_verified":   true,                    // for custom claim tests
 			"alt_email":      "alt_email@example.com", // for custom claim tests
 			"alt_username":   "desired-username",      // for custom claim tests
@@ -122,6 +132,12 @@ func (p *OIDCProvider) serveOIDC(w http.ResponseWriter, req *http.Request) {
 	case "/auth":
 		w.WriteHeader(http.StatusInternalServerError)
 	case "/userinfo":
+		if p.HoldUserInfo != nil {
+			p.HoldUserInfo <- req
+		}
+		if p.ReleaseUserInfo != nil {
+			<-p.ReleaseUserInfo
+		}
 		authhdr := req.Header.Get("Authorization")
 		if _, err := jwt.ParseSigned(strings.TrimPrefix(authhdr, "Bearer ")); err != nil {
 			p.c.Logf("OIDCProvider: bad auth %q", authhdr)
@@ -131,8 +147,8 @@ func (p *OIDCProvider) serveOIDC(w http.ResponseWriter, req *http.Request) {
 		json.NewEncoder(w).Encode(map[string]interface{}{
 			"sub":            "fake-user-id",
 			"name":           p.AuthName,
-			"given_name":     p.AuthName,
-			"family_name":    "",
+			"given_name":     p.AuthGivenName,
+			"family_name":    p.AuthFamilyName,
 			"alt_username":   "desired-username",
 			"email":          p.AuthEmail,
 			"email_verified": p.AuthEmailVerified,