auth
2014-07-18
auth/authorize_test.go
Start rewriting the repo. This code originally was a carbon copy of https://github.com/RangelReale/osin, but I am methodically stripping out the extensible nature of it for a simpler interface, while simultaneously bringing the style into line with the Ducky style.
| paddy@0 | 1 package oauth2 |
| paddy@0 | 2 |
| paddy@0 | 3 import ( |
| paddy@0 | 4 "net/http" |
| paddy@0 | 5 "net/url" |
| paddy@0 | 6 "testing" |
| paddy@0 | 7 ) |
| paddy@0 | 8 |
| paddy@0 | 9 func TestAuthorizeCode(t *testing.T) { |
| paddy@0 | 10 sconfig := NewServerConfig() |
| paddy@0 | 11 sconfig.AllowedAuthorizeTypes = AllowedAuthorizeType{CODE} |
| paddy@0 | 12 server := NewServer(sconfig, NewTestingStorage()) |
| paddy@0 | 13 server.AuthorizeTokenGen = &TestingAuthorizeTokenGen{} |
| paddy@0 | 14 resp := server.NewResponse() |
| paddy@0 | 15 |
| paddy@0 | 16 req, err := http.NewRequest("GET", "http://localhost:14000/appauth", nil) |
| paddy@0 | 17 if err != nil { |
| paddy@0 | 18 t.Fatal(err) |
| paddy@0 | 19 } |
| paddy@0 | 20 req.Form = make(url.Values) |
| paddy@0 | 21 req.Form.Set("response_type", string(CODE)) |
| paddy@0 | 22 req.Form.Set("client_id", "1234") |
| paddy@0 | 23 req.Form.Set("state", "a") |
| paddy@0 | 24 |
| paddy@0 | 25 if ar := server.HandleAuthorizeRequest(resp, req); ar != nil { |
| paddy@0 | 26 ar.Authorized = true |
| paddy@0 | 27 server.FinishAuthorizeRequest(resp, req, ar) |
| paddy@0 | 28 } |
| paddy@0 | 29 |
| paddy@0 | 30 //fmt.Printf("%+v", resp) |
| paddy@0 | 31 |
| paddy@0 | 32 if resp.IsError && resp.InternalError != nil { |
| paddy@0 | 33 t.Fatalf("Error in response: %s", resp.InternalError) |
| paddy@0 | 34 } |
| paddy@0 | 35 |
| paddy@0 | 36 if resp.IsError { |
| paddy@0 | 37 t.Fatalf("Should not be an error") |
| paddy@0 | 38 } |
| paddy@0 | 39 |
| paddy@0 | 40 if resp.Type != REDIRECT { |
| paddy@0 | 41 t.Fatalf("Response should be a redirect") |
| paddy@0 | 42 } |
| paddy@0 | 43 |
| paddy@0 | 44 if d := resp.Output["code"]; d != "1" { |
| paddy@0 | 45 t.Fatalf("Unexpected authorization code: %s", d) |
| paddy@0 | 46 } |
| paddy@0 | 47 } |
| paddy@0 | 48 |
| paddy@0 | 49 func TestAuthorizeToken(t *testing.T) { |
| paddy@0 | 50 sconfig := NewServerConfig() |
| paddy@0 | 51 sconfig.AllowedAuthorizeTypes = AllowedAuthorizeType{TOKEN} |
| paddy@0 | 52 server := NewServer(sconfig, NewTestingStorage()) |
| paddy@0 | 53 server.AuthorizeTokenGen = &TestingAuthorizeTokenGen{} |
| paddy@0 | 54 server.AccessTokenGen = &TestingAccessTokenGen{} |
| paddy@0 | 55 resp := server.NewResponse() |
| paddy@0 | 56 |
| paddy@0 | 57 req, err := http.NewRequest("GET", "http://localhost:14000/appauth", nil) |
| paddy@0 | 58 if err != nil { |
| paddy@0 | 59 t.Fatal(err) |
| paddy@0 | 60 } |
| paddy@0 | 61 req.Form = make(url.Values) |
| paddy@0 | 62 req.Form.Set("response_type", string(TOKEN)) |
| paddy@0 | 63 req.Form.Set("client_id", "1234") |
| paddy@0 | 64 req.Form.Set("state", "a") |
| paddy@0 | 65 |
| paddy@0 | 66 if ar := server.HandleAuthorizeRequest(resp, req); ar != nil { |
| paddy@0 | 67 ar.Authorized = true |
| paddy@0 | 68 server.FinishAuthorizeRequest(resp, req, ar) |
| paddy@0 | 69 } |
| paddy@0 | 70 |
| paddy@0 | 71 //fmt.Printf("%+v", resp) |
| paddy@0 | 72 |
| paddy@0 | 73 if resp.IsError && resp.InternalError != nil { |
| paddy@0 | 74 t.Fatalf("Error in response: %s", resp.InternalError) |
| paddy@0 | 75 } |
| paddy@0 | 76 |
| paddy@0 | 77 if resp.IsError { |
| paddy@0 | 78 t.Fatalf("Should not be an error") |
| paddy@0 | 79 } |
| paddy@0 | 80 |
| paddy@0 | 81 if resp.Type != REDIRECT || !resp.RedirectInFragment { |
| paddy@0 | 82 t.Fatalf("Response should be a redirect with fragment") |
| paddy@0 | 83 } |
| paddy@0 | 84 |
| paddy@0 | 85 if d := resp.Output["access_token"]; d != "1" { |
| paddy@0 | 86 t.Fatalf("Unexpected access token: %s", d) |
| paddy@0 | 87 } |
| paddy@0 | 88 } |