auth
auth/session_test.go
Attach our Scope type to AuthCodes and Tokens. When obtaining an AuthorizationCode or Token, attach a slice of strings, each one a Scope ID, instead of just attaching the encoded string the user passes in. This will allow us to change our Scope encoding down the line, and is more conceptually faithful. Also, if an authorization request is made with an invalid scope, return the invalid_scope error.
| paddy@77 | 1 package auth |
| paddy@77 | 2 |
| paddy@77 | 3 import ( |
| paddy@77 | 4 "testing" |
| paddy@77 | 5 "time" |
| paddy@77 | 6 |
| paddy@107 | 7 "code.secondbit.org/uuid.hg" |
| paddy@77 | 8 ) |
| paddy@77 | 9 |
| paddy@77 | 10 var sessionStores = []sessionStore{NewMemstore()} |
| paddy@77 | 11 |
| paddy@77 | 12 func compareSessions(session1, session2 Session) (success bool, field string, val1, val2 interface{}) { |
| paddy@77 | 13 if session1.ID != session2.ID { |
| paddy@77 | 14 return false, "ID", session1.ID, session2.ID |
| paddy@77 | 15 } |
| paddy@77 | 16 if session1.IP != session2.IP { |
| paddy@77 | 17 return false, "IP", session1.IP, session2.IP |
| paddy@77 | 18 } |
| paddy@77 | 19 if session1.UserAgent != session2.UserAgent { |
| paddy@77 | 20 return false, "UserAgent", session1.UserAgent, session2.UserAgent |
| paddy@77 | 21 } |
| paddy@77 | 22 if !session1.ProfileID.Equal(session2.ProfileID) { |
| paddy@77 | 23 return false, "ProfileID", session1.ProfileID, session2.ProfileID |
| paddy@77 | 24 } |
| paddy@77 | 25 if !session1.Created.Equal(session2.Created) { |
| paddy@77 | 26 return false, "Created", session1.Created, session2.Created |
| paddy@77 | 27 } |
| paddy@132 | 28 if !session1.Expires.Equal(session2.Expires) { |
| paddy@132 | 29 return false, "Expires", session1.Expires, session2.Expires |
| paddy@132 | 30 } |
| paddy@77 | 31 if session1.Login != session2.Login { |
| paddy@77 | 32 return false, "Login", session1.Login, session2.Login |
| paddy@77 | 33 } |
| paddy@77 | 34 if session1.Active != session2.Active { |
| paddy@77 | 35 return false, "Active", session1.Active, session2.Active |
| paddy@77 | 36 } |
| paddy@132 | 37 if session1.CSRFToken != session2.CSRFToken { |
| paddy@132 | 38 return false, "CSRFToken", session1.CSRFToken, session2.CSRFToken |
| paddy@132 | 39 } |
| paddy@77 | 40 return true, "", nil, nil |
| paddy@77 | 41 } |
| paddy@77 | 42 |
| paddy@77 | 43 func TestSessionStoreSuccess(t *testing.T) { |
| paddy@77 | 44 t.Parallel() |
| paddy@77 | 45 session := Session{ |
| paddy@77 | 46 ID: uuid.NewID().String() + uuid.NewID().String(), |
| paddy@77 | 47 IP: "127.0.0.1", |
| paddy@77 | 48 UserAgent: "TestRunner", |
| paddy@77 | 49 ProfileID: uuid.NewID(), |
| paddy@77 | 50 Created: time.Now(), |
| paddy@77 | 51 Login: "test@example.com", |
| paddy@77 | 52 Active: true, |
| paddy@77 | 53 } |
| paddy@77 | 54 for _, store := range sessionStores { |
| paddy@116 | 55 context := Context{sessions: store} |
| paddy@116 | 56 err := context.CreateSession(session) |
| paddy@77 | 57 if err != nil { |
| paddy@77 | 58 t.Errorf("Error saving session to %T: %s", store, err) |
| paddy@77 | 59 } |
| paddy@116 | 60 err = context.CreateSession(session) |
| paddy@77 | 61 if err != ErrSessionAlreadyExists { |
| paddy@77 | 62 t.Errorf("Expected ErrSessionAlreadyExists from %T, got %s", store, err) |
| paddy@77 | 63 } |
| paddy@116 | 64 retrieved, err := context.GetSession(session.ID) |
| paddy@77 | 65 if err != nil { |
| paddy@77 | 66 t.Errorf("Error retrieving session from %T: %s", store, err) |
| paddy@77 | 67 } |
| paddy@77 | 68 success, field, expectation, result := compareSessions(session, retrieved) |
| paddy@77 | 69 if !success { |
| paddy@77 | 70 t.Errorf("Expected field %s to be %v, but got %v from %T", field, expectation, result, store) |
| paddy@77 | 71 } |
| paddy@116 | 72 retrievedList, err := context.ListSessions(session.ProfileID, time.Time{}, 10) |
| paddy@77 | 73 if err != nil { |
| paddy@77 | 74 t.Errorf("Error retrieving sessions by profile from %T: %s", store, err) |
| paddy@77 | 75 } |
| paddy@77 | 76 if len(retrievedList) != 1 { |
| paddy@77 | 77 t.Errorf("Expected 1 session retrieved by profile from %T, got %d", store, len(retrievedList)) |
| paddy@77 | 78 } |
| paddy@77 | 79 success, field, expectation, result = compareSessions(session, retrievedList[0]) |
| paddy@77 | 80 if !success { |
| paddy@77 | 81 t.Errorf("Expected field %s to be %v, but got %v from %T", field, expectation, result, store) |
| paddy@77 | 82 } |
| paddy@116 | 83 err = context.RemoveSession(session.ID) |
| paddy@77 | 84 if err != nil { |
| paddy@77 | 85 t.Errorf("Error removing session from %T: %s", store, err) |
| paddy@77 | 86 } |
| paddy@116 | 87 retrieved, err = context.GetSession(session.ID) |
| paddy@77 | 88 if err != ErrSessionNotFound { |
| paddy@77 | 89 t.Errorf("Expected ErrSessionNotFound from %T, got %s", store, err) |
| paddy@77 | 90 } |
| paddy@116 | 91 retrievedList, err = context.ListSessions(session.ProfileID, time.Time{}, 10) |
| paddy@77 | 92 if err != nil { |
| paddy@77 | 93 t.Errorf("Error retrieving sessions by profile from %T: %s", store, err) |
| paddy@77 | 94 } |
| paddy@77 | 95 if len(retrievedList) != 0 { |
| paddy@77 | 96 t.Errorf("Expected 0 sessions retrieved by profile from %T, got %d", store, len(retrievedList)) |
| paddy@77 | 97 } |
| paddy@116 | 98 err = context.RemoveSession(session.ID) |
| paddy@77 | 99 if err != ErrSessionNotFound { |
| paddy@77 | 100 t.Errorf("Expected ErrSessionNotFound from %T, got %s", store, err) |
| paddy@77 | 101 } |
| paddy@77 | 102 } |
| paddy@77 | 103 } |
| paddy@128 | 104 |
| paddy@128 | 105 // BUG(paddy): We need to test the CreateSessionHandler. |
| paddy@128 | 106 // BUG(paddy): We need to test the credentialsValidate function. |