auth

Paddy 2014-11-02 Parent:e45bfa2abc00 Child:a8b86f5fba78

64:c29c7df35905 Go to Latest

auth/token_test.go

Parse the redirect URI early, add new failure modes to tests. When obtaining a grant code, parse the redirect_uri early as a URL, so we can fail without even hitting the database, if possible. Add a test to cover the scenario where the client doesn't specify an endpoint, and the client has no endpoints registered. Add a test to cover the scenario where the client has two endpoints registered, but doesn't specify an endpoint. Fix the test that tested for invalid URLs by actually using an invalid URL. Apparently, "not a URL" is a valid URL. Go figure.

Download raw file
View source Diff to previous Annotate
History
paddy@28 1 package auth
paddy@28 2
paddy@28 3 import (
paddy@28 4 "testing"
paddy@28 5 "time"
paddy@28 6
paddy@45 7 "code.secondbit.org/uuid"
paddy@28 8 )
paddy@28 9
paddy@57 10 var tokenStores = []tokenStore{NewMemstore()}
paddy@28 11
paddy@35 12 func compareTokens(token1, token2 Token) (success bool, field string, val1, val2 interface{}) {
paddy@35 13 if token1.AccessToken != token2.AccessToken {
paddy@35 14 return false, "access token", token1.AccessToken, token2.AccessToken
paddy@35 15 }
paddy@35 16 if token1.RefreshToken != token2.RefreshToken {
paddy@35 17 return false, "refresh token", token1.RefreshToken, token2.RefreshToken
paddy@35 18 }
paddy@35 19 if !token1.Created.Equal(token2.Created) {
paddy@35 20 return false, "created", token1.Created, token2.Created
paddy@35 21 }
paddy@35 22 if token1.ExpiresIn != token2.ExpiresIn {
paddy@35 23 return false, "expires in", token1.ExpiresIn, token2.ExpiresIn
paddy@35 24 }
paddy@35 25 if token1.TokenType != token2.TokenType {
paddy@35 26 return false, "token type", token1.TokenType, token2.TokenType
paddy@35 27 }
paddy@35 28 if token1.Scope != token2.Scope {
paddy@35 29 return false, "scope", token1.Scope, token2.Scope
paddy@35 30 }
paddy@35 31 if !token1.ProfileID.Equal(token2.ProfileID) {
paddy@35 32 return false, "profile ID", token1.ProfileID, token2.ProfileID
paddy@35 33 }
paddy@35 34 return true, "", nil, nil
paddy@35 35 }
paddy@35 36
paddy@28 37 func TestTokenStoreSuccess(t *testing.T) {
paddy@37 38 t.Parallel()
paddy@28 39 token := Token{
paddy@28 40 AccessToken: "access",
paddy@28 41 RefreshToken: "refresh",
paddy@28 42 Created: time.Now(),
paddy@28 43 ExpiresIn: 3600,
paddy@28 44 TokenType: "bearer",
paddy@28 45 Scope: "scope",
paddy@28 46 ProfileID: uuid.NewID(),
paddy@28 47 }
paddy@35 48 for _, store := range tokenStores {
paddy@57 49 err := store.saveToken(token)
paddy@28 50 if err != nil {
paddy@37 51 t.Errorf("Error saving token to %T: %s", store, err)
paddy@37 52 }
paddy@57 53 err = store.saveToken(token)
paddy@37 54 if err != ErrTokenAlreadyExists {
paddy@37 55 t.Errorf("Expected ErrTokenAlreadyExists from %T, got %s", store, err)
paddy@28 56 }
paddy@57 57 retrievedAccess, err := store.getToken(token.AccessToken, false)
paddy@28 58 if err != nil {
paddy@35 59 t.Errorf("Error retrieving token from %T: %s", store, err)
paddy@28 60 }
paddy@35 61 success, field, expectation, result := compareTokens(token, retrievedAccess)
paddy@35 62 if !success {
paddy@35 63 t.Errorf("Expected field %s to be %v, but got %v from %T", field, expectation, result, store)
paddy@35 64 }
paddy@57 65 retrievedRefresh, err := store.getToken(token.RefreshToken, true)
paddy@28 66 if err != nil {
paddy@35 67 t.Errorf("Error retrieving refresh token from %T: %s", store, err)
paddy@28 68 }
paddy@35 69 success, field, expectation, result = compareTokens(token, retrievedRefresh)
paddy@35 70 if !success {
paddy@35 71 t.Errorf("Expected field %s to be %v, but got %v from %T", field, expectation, result, store)
paddy@35 72 }
paddy@57 73 retrievedProfile, err := store.getTokensByProfileID(token.ProfileID, 25, 0)
paddy@28 74 if err != nil {
paddy@35 75 t.Errorf("Error retrieving token by profile from %T: %s", store, err)
paddy@28 76 }
paddy@28 77 if len(retrievedProfile) != 1 {
paddy@35 78 t.Errorf("Expected 1 token retrieved by profile ID from %T, got %+v", store, retrievedProfile)
paddy@28 79 }
paddy@35 80 success, field, expectation, result = compareTokens(token, retrievedProfile[0])
paddy@35 81 if !success {
paddy@35 82 t.Errorf("Expected field %s to be %v, but got %v from %T", field, expectation, result, store)
paddy@35 83 }
paddy@57 84 err = store.removeToken(token.AccessToken)
paddy@28 85 if err != nil {
paddy@35 86 t.Errorf("Error removing token from %T: %s", store, err)
paddy@28 87 }
paddy@57 88 _, err = store.getToken(token.AccessToken, false)
paddy@28 89 if err != ErrTokenNotFound {
paddy@35 90 t.Errorf("Expected ErrTokenNotFound from %T, got %s", store, err)
paddy@28 91 }
paddy@57 92 _, err = store.getToken(token.RefreshToken, true)
paddy@28 93 if err != ErrTokenNotFound {
paddy@35 94 t.Errorf("Expected ErrTokenNotFound from %T, got %s", store, err)
paddy@28 95 }
paddy@57 96 retrievedProfile, err = store.getTokensByProfileID(token.ProfileID, 25, 0)
paddy@28 97 if err != nil {
paddy@35 98 t.Errorf("Error retrieving token by profile from %T: %s", store, err)
paddy@28 99 }
paddy@28 100 if len(retrievedProfile) != 0 {
paddy@35 101 t.Errorf("Expected list of 0 tokens from %T, got %+v", store, retrievedProfile)
paddy@28 102 }
paddy@57 103 err = store.removeToken(token.AccessToken)
paddy@37 104 if err != ErrTokenNotFound {
paddy@37 105 t.Errorf("Expected ErrTokenNotFound from %T, got %s", store, err)
paddy@37 106 }
paddy@28 107 }
paddy@28 108 }