auth

Paddy 2014-07-18

0:7a6f64db7246 Go to Latest

auth/access_test.go

Start rewriting the repo. This code originally was a carbon copy of https://github.com/RangelReale/osin, but I am methodically stripping out the extensible nature of it for a simpler interface, while simultaneously bringing the style into line with the Ducky style.

Download raw file
View source Diff to previous Annotate
History
paddy@0 1 package oauth2
paddy@0 2
paddy@0 3 import (
paddy@0 4 "net/http"
paddy@0 5 "net/url"
paddy@0 6 "testing"
paddy@0 7 )
paddy@0 8
paddy@0 9 func TestAccessAuthorizationCode(t *testing.T) {
paddy@0 10 sconfig := NewServerConfig()
paddy@0 11 sconfig.AllowedAccessTypes = AllowedAccessType{AuthorizationCodeART}
paddy@0 12 server := NewServer(sconfig, NewTestingStorage())
paddy@0 13 server.AccessTokenGen = &TestingAccessTokenGen{}
paddy@0 14 resp := server.NewResponse()
paddy@0 15
paddy@0 16 req, err := http.NewRequest("POST", "http://localhost:14000/appauth", nil)
paddy@0 17 if err != nil {
paddy@0 18 t.Fatal(err)
paddy@0 19 }
paddy@0 20 req.SetBasicAuth("1234", "aabbccdd")
paddy@0 21
paddy@0 22 req.Form = make(url.Values)
paddy@0 23 req.Form.Set("grant_type", string(AuthorizationCodeART))
paddy@0 24 req.Form.Set("code", "9999")
paddy@0 25 req.Form.Set("state", "a")
paddy@0 26 req.PostForm = make(url.Values)
paddy@0 27
paddy@0 28 if ar := server.HandleAccessRequest(resp, req); ar != nil {
paddy@0 29 ar.Authorized = true
paddy@0 30 server.FinishAccessRequest(resp, req, ar)
paddy@0 31 }
paddy@0 32
paddy@0 33 //fmt.Printf("%+v", resp)
paddy@0 34
paddy@0 35 if resp.IsError && resp.InternalError != nil {
paddy@0 36 t.Fatalf("Error in response: %s", resp.InternalError)
paddy@0 37 }
paddy@0 38
paddy@0 39 if resp.IsError {
paddy@0 40 t.Fatalf("Should not be an error")
paddy@0 41 }
paddy@0 42
paddy@0 43 if resp.Type != DATA {
paddy@0 44 t.Fatalf("Response should be data")
paddy@0 45 }
paddy@0 46
paddy@0 47 if d := resp.Output["access_token"]; d != "1" {
paddy@0 48 t.Fatalf("Unexpected access token: %s", d)
paddy@0 49 }
paddy@0 50
paddy@0 51 if d := resp.Output["refresh_token"]; d != "r1" {
paddy@0 52 t.Fatalf("Unexpected refresh token: %s", d)
paddy@0 53 }
paddy@0 54 }
paddy@0 55
paddy@0 56 func TestAccessRefreshToken(t *testing.T) {
paddy@0 57 sconfig := NewServerConfig()
paddy@0 58 sconfig.AllowedAccessTypes = AllowedAccessType{REFRESH_TOKEN}
paddy@0 59 server := NewServer(sconfig, NewTestingStorage())
paddy@0 60 server.AccessTokenGen = &TestingAccessTokenGen{}
paddy@0 61 resp := server.NewResponse()
paddy@0 62
paddy@0 63 req, err := http.NewRequest("POST", "http://localhost:14000/appauth", nil)
paddy@0 64 if err != nil {
paddy@0 65 t.Fatal(err)
paddy@0 66 }
paddy@0 67 req.SetBasicAuth("1234", "aabbccdd")
paddy@0 68
paddy@0 69 req.Form = make(url.Values)
paddy@0 70 req.Form.Set("grant_type", string(REFRESH_TOKEN))
paddy@0 71 req.Form.Set("refresh_token", "r9999")
paddy@0 72 req.Form.Set("state", "a")
paddy@0 73 req.PostForm = make(url.Values)
paddy@0 74
paddy@0 75 if ar := server.HandleAccessRequest(resp, req); ar != nil {
paddy@0 76 ar.Authorized = true
paddy@0 77 server.FinishAccessRequest(resp, req, ar)
paddy@0 78 }
paddy@0 79
paddy@0 80 //fmt.Printf("%+v", resp)
paddy@0 81
paddy@0 82 if resp.IsError && resp.InternalError != nil {
paddy@0 83 t.Fatalf("Error in response: %s", resp.InternalError)
paddy@0 84 }
paddy@0 85
paddy@0 86 if resp.IsError {
paddy@0 87 t.Fatalf("Should not be an error")
paddy@0 88 }
paddy@0 89
paddy@0 90 if resp.Type != DATA {
paddy@0 91 t.Fatalf("Response should be data")
paddy@0 92 }
paddy@0 93
paddy@0 94 if d := resp.Output["access_token"]; d != "1" {
paddy@0 95 t.Fatalf("Unexpected access token: %s", d)
paddy@0 96 }
paddy@0 97
paddy@0 98 if d := resp.Output["refresh_token"]; d != "r1" {
paddy@0 99 t.Fatalf("Unexpected refresh token: %s", d)
paddy@0 100 }
paddy@0 101 }
paddy@0 102
paddy@0 103 func TestAccessPassword(t *testing.T) {
paddy@0 104 sconfig := NewServerConfig()
paddy@0 105 sconfig.AllowedAccessTypes = AllowedAccessType{PASSWORD}
paddy@0 106 server := NewServer(sconfig, NewTestingStorage())
paddy@0 107 server.AccessTokenGen = &TestingAccessTokenGen{}
paddy@0 108 resp := server.NewResponse()
paddy@0 109
paddy@0 110 req, err := http.NewRequest("POST", "http://localhost:14000/appauth", nil)
paddy@0 111 if err != nil {
paddy@0 112 t.Fatal(err)
paddy@0 113 }
paddy@0 114 req.SetBasicAuth("1234", "aabbccdd")
paddy@0 115
paddy@0 116 req.Form = make(url.Values)
paddy@0 117 req.Form.Set("grant_type", string(PASSWORD))
paddy@0 118 req.Form.Set("username", "testing")
paddy@0 119 req.Form.Set("password", "testing")
paddy@0 120 req.Form.Set("state", "a")
paddy@0 121 req.PostForm = make(url.Values)
paddy@0 122
paddy@0 123 if ar := server.HandleAccessRequest(resp, req); ar != nil {
paddy@0 124 ar.Authorized = ar.Username == "testing" && ar.Password == "testing"
paddy@0 125 server.FinishAccessRequest(resp, req, ar)
paddy@0 126 }
paddy@0 127
paddy@0 128 //fmt.Printf("%+v", resp)
paddy@0 129
paddy@0 130 if resp.IsError && resp.InternalError != nil {
paddy@0 131 t.Fatalf("Error in response: %s", resp.InternalError)
paddy@0 132 }
paddy@0 133
paddy@0 134 if resp.IsError {
paddy@0 135 t.Fatalf("Should not be an error")
paddy@0 136 }
paddy@0 137
paddy@0 138 if resp.Type != DATA {
paddy@0 139 t.Fatalf("Response should be data")
paddy@0 140 }
paddy@0 141
paddy@0 142 if d := resp.Output["access_token"]; d != "1" {
paddy@0 143 t.Fatalf("Unexpected access token: %s", d)
paddy@0 144 }
paddy@0 145
paddy@0 146 if d := resp.Output["refresh_token"]; d != "r1" {
paddy@0 147 t.Fatalf("Unexpected refresh token: %s", d)
paddy@0 148 }
paddy@0 149 }
paddy@0 150
paddy@0 151 func TestAccessClientCredentials(t *testing.T) {
paddy@0 152 sconfig := NewServerConfig()
paddy@0 153 sconfig.AllowedAccessTypes = AllowedAccessType{CLIENT_CREDENTIALS}
paddy@0 154 server := NewServer(sconfig, NewTestingStorage())
paddy@0 155 server.AccessTokenGen = &TestingAccessTokenGen{}
paddy@0 156 resp := server.NewResponse()
paddy@0 157
paddy@0 158 req, err := http.NewRequest("POST", "http://localhost:14000/appauth", nil)
paddy@0 159 if err != nil {
paddy@0 160 t.Fatal(err)
paddy@0 161 }
paddy@0 162 req.SetBasicAuth("1234", "aabbccdd")
paddy@0 163
paddy@0 164 req.Form = make(url.Values)
paddy@0 165 req.Form.Set("grant_type", string(CLIENT_CREDENTIALS))
paddy@0 166 req.Form.Set("state", "a")
paddy@0 167 req.PostForm = make(url.Values)
paddy@0 168
paddy@0 169 if ar := server.HandleAccessRequest(resp, req); ar != nil {
paddy@0 170 ar.Authorized = true
paddy@0 171 server.FinishAccessRequest(resp, req, ar)
paddy@0 172 }
paddy@0 173
paddy@0 174 //fmt.Printf("%+v", resp)
paddy@0 175
paddy@0 176 if resp.IsError && resp.InternalError != nil {
paddy@0 177 t.Fatalf("Error in response: %s", resp.InternalError)
paddy@0 178 }
paddy@0 179
paddy@0 180 if resp.IsError {
paddy@0 181 t.Fatalf("Should not be an error")
paddy@0 182 }
paddy@0 183
paddy@0 184 if resp.Type != DATA {
paddy@0 185 t.Fatalf("Response should be data")
paddy@0 186 }
paddy@0 187
paddy@0 188 if d := resp.Output["access_token"]; d != "1" {
paddy@0 189 t.Fatalf("Unexpected access token: %s", d)
paddy@0 190 }
paddy@0 191
paddy@0 192 if d := resp.Output["refresh_token"]; d != "r1" {
paddy@0 193 t.Fatalf("Unexpected refresh token: %s", d)
paddy@0 194 }
paddy@0 195 }