auth
auth/token_test.go
Fix tests. It made no sense to have the Profile's Passphrase length check in the Validate call of the ProfileChange type, because the ProfileChange had that property being applied as the _hashed_ passphrase. And We want to validate the _cleartext_ passphrase. So we removed that in e660a38fa936. But we forgot to update the tests. So I'm updating now.
| paddy@28 | 1 package auth |
| paddy@28 | 2 |
| paddy@28 | 3 import ( |
| paddy@28 | 4 "testing" |
| paddy@28 | 5 "time" |
| paddy@28 | 6 |
| paddy@107 | 7 "code.secondbit.org/uuid.hg" |
| paddy@28 | 8 ) |
| paddy@28 | 9 |
| paddy@57 | 10 var tokenStores = []tokenStore{NewMemstore()} |
| paddy@28 | 11 |
| paddy@35 | 12 func compareTokens(token1, token2 Token) (success bool, field string, val1, val2 interface{}) { |
| paddy@35 | 13 if token1.AccessToken != token2.AccessToken { |
| paddy@35 | 14 return false, "access token", token1.AccessToken, token2.AccessToken |
| paddy@35 | 15 } |
| paddy@35 | 16 if token1.RefreshToken != token2.RefreshToken { |
| paddy@35 | 17 return false, "refresh token", token1.RefreshToken, token2.RefreshToken |
| paddy@35 | 18 } |
| paddy@35 | 19 if !token1.Created.Equal(token2.Created) { |
| paddy@35 | 20 return false, "created", token1.Created, token2.Created |
| paddy@35 | 21 } |
| paddy@97 | 22 if token1.CreatedFrom != token2.CreatedFrom { |
| paddy@97 | 23 return false, "created from", token1.CreatedFrom, token2.CreatedFrom |
| paddy@97 | 24 } |
| paddy@35 | 25 if token1.ExpiresIn != token2.ExpiresIn { |
| paddy@35 | 26 return false, "expires in", token1.ExpiresIn, token2.ExpiresIn |
| paddy@35 | 27 } |
| paddy@35 | 28 if token1.TokenType != token2.TokenType { |
| paddy@35 | 29 return false, "token type", token1.TokenType, token2.TokenType |
| paddy@35 | 30 } |
| paddy@135 | 31 if len(token1.Scopes) != len(token2.Scopes) { |
| paddy@135 | 32 return false, "scopes", token1.Scopes, token2.Scopes |
| paddy@135 | 33 } |
| paddy@135 | 34 for pos, scope := range token1.Scopes { |
| paddy@135 | 35 if scope != token2.Scopes[pos] { |
| paddy@135 | 36 return false, "scopes", token1.Scopes, token2.Scopes |
| paddy@135 | 37 } |
| paddy@35 | 38 } |
| paddy@35 | 39 if !token1.ProfileID.Equal(token2.ProfileID) { |
| paddy@35 | 40 return false, "profile ID", token1.ProfileID, token2.ProfileID |
| paddy@35 | 41 } |
| paddy@97 | 42 if token1.Revoked != token2.Revoked { |
| paddy@97 | 43 return false, "revoked", token1.Revoked, token2.Revoked |
| paddy@97 | 44 } |
| paddy@35 | 45 return true, "", nil, nil |
| paddy@35 | 46 } |
| paddy@35 | 47 |
| paddy@28 | 48 func TestTokenStoreSuccess(t *testing.T) { |
| paddy@37 | 49 t.Parallel() |
| paddy@28 | 50 token := Token{ |
| paddy@28 | 51 AccessToken: "access", |
| paddy@28 | 52 RefreshToken: "refresh", |
| paddy@28 | 53 Created: time.Now(), |
| paddy@28 | 54 ExpiresIn: 3600, |
| paddy@28 | 55 TokenType: "bearer", |
| paddy@135 | 56 Scopes: []string{"scope"}, |
| paddy@28 | 57 ProfileID: uuid.NewID(), |
| paddy@28 | 58 } |
| paddy@35 | 59 for _, store := range tokenStores { |
| paddy@116 | 60 context := Context{tokens: store} |
| paddy@127 | 61 retrievedAccess, err := context.GetToken(token.AccessToken, false) |
| paddy@127 | 62 if err == nil { |
| paddy@127 | 63 t.Errorf("Expected ErrTokenNotFound from %T, got %+v", store, retrievedAccess) |
| paddy@127 | 64 } else if err != ErrTokenNotFound { |
| paddy@127 | 65 t.Errorf("Expected ErrTokenNotFound from %T, got %s", store, err) |
| paddy@127 | 66 } |
| paddy@127 | 67 retrievedRefresh, err := context.GetToken(token.RefreshToken, true) |
| paddy@127 | 68 if err == nil { |
| paddy@127 | 69 t.Errorf("Expected ErrTokenNotFound from %T, got %+v", store, retrievedRefresh) |
| paddy@127 | 70 } else if err != ErrTokenNotFound { |
| paddy@127 | 71 t.Errorf("Expected ErrTokenNotFound from %T, got %s", store, err) |
| paddy@127 | 72 } |
| paddy@127 | 73 err = context.RevokeToken(token.AccessToken, false) |
| paddy@127 | 74 if err != ErrTokenNotFound { |
| paddy@127 | 75 t.Errorf("Expected ErrTokenNotFound from %T, got %s", store, err) |
| paddy@127 | 76 } |
| paddy@127 | 77 err = context.RevokeToken(token.RefreshToken, true) |
| paddy@127 | 78 if err != ErrTokenNotFound { |
| paddy@127 | 79 t.Errorf("Expected ErrTokenNotFound from %T, got %s", store, err) |
| paddy@127 | 80 } |
| paddy@127 | 81 err = context.SaveToken(token) |
| paddy@28 | 82 if err != nil { |
| paddy@37 | 83 t.Errorf("Error saving token to %T: %s", store, err) |
| paddy@37 | 84 } |
| paddy@116 | 85 err = context.SaveToken(token) |
| paddy@37 | 86 if err != ErrTokenAlreadyExists { |
| paddy@37 | 87 t.Errorf("Expected ErrTokenAlreadyExists from %T, got %s", store, err) |
| paddy@28 | 88 } |
| paddy@127 | 89 retrievedAccess, err = context.GetToken(token.AccessToken, false) |
| paddy@28 | 90 if err != nil { |
| paddy@35 | 91 t.Errorf("Error retrieving token from %T: %s", store, err) |
| paddy@28 | 92 } |
| paddy@35 | 93 success, field, expectation, result := compareTokens(token, retrievedAccess) |
| paddy@35 | 94 if !success { |
| paddy@35 | 95 t.Errorf("Expected field %s to be %v, but got %v from %T", field, expectation, result, store) |
| paddy@35 | 96 } |
| paddy@127 | 97 retrievedRefresh, err = context.GetToken(token.RefreshToken, true) |
| paddy@28 | 98 if err != nil { |
| paddy@35 | 99 t.Errorf("Error retrieving refresh token from %T: %s", store, err) |
| paddy@28 | 100 } |
| paddy@35 | 101 success, field, expectation, result = compareTokens(token, retrievedRefresh) |
| paddy@35 | 102 if !success { |
| paddy@35 | 103 t.Errorf("Expected field %s to be %v, but got %v from %T", field, expectation, result, store) |
| paddy@35 | 104 } |
| paddy@116 | 105 retrievedProfile, err := context.GetTokensByProfileID(token.ProfileID, 25, 0) |
| paddy@28 | 106 if err != nil { |
| paddy@35 | 107 t.Errorf("Error retrieving token by profile from %T: %s", store, err) |
| paddy@28 | 108 } |
| paddy@28 | 109 if len(retrievedProfile) != 1 { |
| paddy@35 | 110 t.Errorf("Expected 1 token retrieved by profile ID from %T, got %+v", store, retrievedProfile) |
| paddy@28 | 111 } |
| paddy@35 | 112 success, field, expectation, result = compareTokens(token, retrievedProfile[0]) |
| paddy@35 | 113 if !success { |
| paddy@35 | 114 t.Errorf("Expected field %s to be %v, but got %v from %T", field, expectation, result, store) |
| paddy@35 | 115 } |
| paddy@116 | 116 err = context.RevokeToken(token.AccessToken, false) |
| paddy@97 | 117 if err != nil { |
| paddy@97 | 118 t.Errorf("Error revoking token in %T: %s", store, err) |
| paddy@97 | 119 } |
| paddy@116 | 120 retrievedRevoked, err := context.GetToken(token.AccessToken, false) |
| paddy@97 | 121 if err != nil { |
| paddy@97 | 122 t.Errorf("Error retrieving token from %T: %s", store, err) |
| paddy@97 | 123 } |
| paddy@97 | 124 token.Revoked = true |
| paddy@97 | 125 success, field, expectation, result = compareTokens(token, retrievedRevoked) |
| paddy@97 | 126 if !success { |
| paddy@97 | 127 t.Errorf("Expected field %s to be %v, but got %v from %T", field, expectation, result, store) |
| paddy@97 | 128 } |
| paddy@127 | 129 err = context.RevokeToken(token.RefreshToken, true) |
| paddy@28 | 130 if err != nil { |
| paddy@127 | 131 t.Errorf("Error revoking token in %T: %s", store, err) |
| paddy@28 | 132 } |
| paddy@127 | 133 retrievedRevoked, err = context.GetToken(token.RefreshToken, true) |
| paddy@127 | 134 if err != nil { |
| paddy@127 | 135 t.Errorf("Error retrieving token from %T: %s", store, err) |
| paddy@28 | 136 } |
| paddy@127 | 137 token.RefreshRevoked = true |
| paddy@127 | 138 success, field, expectation, result = compareTokens(token, retrievedRevoked) |
| paddy@127 | 139 if !success { |
| paddy@127 | 140 t.Errorf("Expected field %s to be %v, but got %v from %T", field, expectation, result, store) |
| paddy@97 | 141 } |
| paddy@28 | 142 } |
| paddy@28 | 143 } |
| paddy@128 | 144 |
| paddy@128 | 145 // BUG(paddy): We need to test the refreshTokenValidate function. |
| paddy@128 | 146 // BUG(paddy): We need to test the refreshTokenInvalidate function. |