auth

Paddy 2014-10-22 Parent:3a6a65ed380c Child:e45bfa2abc00

54:0f80a3e391b8 Go to Latest

auth/token_test.go

Update CheckEndpoints for strict checking, add CountEndpoints. Create a "strict" mode for CheckEndpoints that will only return true on an exact match, and update the memstore implementation accordingly. Add tests to make sure that the strict mode is adhered to. We need this mode because in certain situations (e.g., the client has more than one endpoint registered), the spec demands a full-string comparison. Add a CountEndpoints method to the ClientStore that will return the number of endpoints registered for a specific client. As we just mentioned, the rules for how a redirect URI is validated depend upon the number of endpoints a client has registered, so we need to be able to get at that number.

Download raw file
View source Diff to previous Annotate
History
paddy@28 1 package auth
paddy@28 2
paddy@28 3 import (
paddy@28 4 "testing"
paddy@28 5 "time"
paddy@28 6
paddy@45 7 "code.secondbit.org/uuid"
paddy@28 8 )
paddy@28 9
paddy@28 10 var tokenStores = []TokenStore{NewMemstore()}
paddy@28 11
paddy@35 12 func compareTokens(token1, token2 Token) (success bool, field string, val1, val2 interface{}) {
paddy@35 13 if token1.AccessToken != token2.AccessToken {
paddy@35 14 return false, "access token", token1.AccessToken, token2.AccessToken
paddy@35 15 }
paddy@35 16 if token1.RefreshToken != token2.RefreshToken {
paddy@35 17 return false, "refresh token", token1.RefreshToken, token2.RefreshToken
paddy@35 18 }
paddy@35 19 if !token1.Created.Equal(token2.Created) {
paddy@35 20 return false, "created", token1.Created, token2.Created
paddy@35 21 }
paddy@35 22 if token1.ExpiresIn != token2.ExpiresIn {
paddy@35 23 return false, "expires in", token1.ExpiresIn, token2.ExpiresIn
paddy@35 24 }
paddy@35 25 if token1.TokenType != token2.TokenType {
paddy@35 26 return false, "token type", token1.TokenType, token2.TokenType
paddy@35 27 }
paddy@35 28 if token1.Scope != token2.Scope {
paddy@35 29 return false, "scope", token1.Scope, token2.Scope
paddy@35 30 }
paddy@35 31 if !token1.ProfileID.Equal(token2.ProfileID) {
paddy@35 32 return false, "profile ID", token1.ProfileID, token2.ProfileID
paddy@35 33 }
paddy@35 34 return true, "", nil, nil
paddy@35 35 }
paddy@35 36
paddy@28 37 func TestTokenStoreSuccess(t *testing.T) {
paddy@37 38 t.Parallel()
paddy@28 39 token := Token{
paddy@28 40 AccessToken: "access",
paddy@28 41 RefreshToken: "refresh",
paddy@28 42 Created: time.Now(),
paddy@28 43 ExpiresIn: 3600,
paddy@28 44 TokenType: "bearer",
paddy@28 45 Scope: "scope",
paddy@28 46 ProfileID: uuid.NewID(),
paddy@28 47 }
paddy@35 48 for _, store := range tokenStores {
paddy@28 49 err := store.SaveToken(token)
paddy@28 50 if err != nil {
paddy@37 51 t.Errorf("Error saving token to %T: %s", store, err)
paddy@37 52 }
paddy@37 53 err = store.SaveToken(token)
paddy@37 54 if err != ErrTokenAlreadyExists {
paddy@37 55 t.Errorf("Expected ErrTokenAlreadyExists from %T, got %s", store, err)
paddy@28 56 }
paddy@28 57 retrievedAccess, err := store.GetToken(token.AccessToken, false)
paddy@28 58 if err != nil {
paddy@35 59 t.Errorf("Error retrieving token from %T: %s", store, err)
paddy@28 60 }
paddy@35 61 success, field, expectation, result := compareTokens(token, retrievedAccess)
paddy@35 62 if !success {
paddy@35 63 t.Errorf("Expected field %s to be %v, but got %v from %T", field, expectation, result, store)
paddy@35 64 }
paddy@28 65 retrievedRefresh, err := store.GetToken(token.RefreshToken, true)
paddy@28 66 if err != nil {
paddy@35 67 t.Errorf("Error retrieving refresh token from %T: %s", store, err)
paddy@28 68 }
paddy@35 69 success, field, expectation, result = compareTokens(token, retrievedRefresh)
paddy@35 70 if !success {
paddy@35 71 t.Errorf("Expected field %s to be %v, but got %v from %T", field, expectation, result, store)
paddy@35 72 }
paddy@28 73 retrievedProfile, err := store.GetTokensByProfileID(token.ProfileID, 25, 0)
paddy@28 74 if err != nil {
paddy@35 75 t.Errorf("Error retrieving token by profile from %T: %s", store, err)
paddy@28 76 }
paddy@28 77 if len(retrievedProfile) != 1 {
paddy@35 78 t.Errorf("Expected 1 token retrieved by profile ID from %T, got %+v", store, retrievedProfile)
paddy@28 79 }
paddy@35 80 success, field, expectation, result = compareTokens(token, retrievedProfile[0])
paddy@35 81 if !success {
paddy@35 82 t.Errorf("Expected field %s to be %v, but got %v from %T", field, expectation, result, store)
paddy@35 83 }
paddy@28 84 err = store.RemoveToken(token.AccessToken)
paddy@28 85 if err != nil {
paddy@35 86 t.Errorf("Error removing token from %T: %s", store, err)
paddy@28 87 }
paddy@28 88 _, err = store.GetToken(token.AccessToken, false)
paddy@28 89 if err != ErrTokenNotFound {
paddy@35 90 t.Errorf("Expected ErrTokenNotFound from %T, got %s", store, err)
paddy@28 91 }
paddy@28 92 _, err = store.GetToken(token.RefreshToken, true)
paddy@28 93 if err != ErrTokenNotFound {
paddy@35 94 t.Errorf("Expected ErrTokenNotFound from %T, got %s", store, err)
paddy@28 95 }
paddy@28 96 retrievedProfile, err = store.GetTokensByProfileID(token.ProfileID, 25, 0)
paddy@28 97 if err != nil {
paddy@35 98 t.Errorf("Error retrieving token by profile from %T: %s", store, err)
paddy@28 99 }
paddy@28 100 if len(retrievedProfile) != 0 {
paddy@35 101 t.Errorf("Expected list of 0 tokens from %T, got %+v", store, retrievedProfile)
paddy@28 102 }
paddy@37 103 err = store.RemoveToken(token.AccessToken)
paddy@37 104 if err != ErrTokenNotFound {
paddy@37 105 t.Errorf("Expected ErrTokenNotFound from %T, got %s", store, err)
paddy@37 106 }
paddy@28 107 }
paddy@28 108 }