auth
auth/oauth2_test.go
Add our BUG notices. Rather than keeping the list of things to implement or test on sticky notes attached to my monitor, let's give them BUG designations within the code. Now `godoc . bugs` will list them out for us. Isn't that nice?
1.1 --- a/oauth2_test.go Mon Jan 19 06:01:51 2015 -0500 1.2 +++ b/oauth2_test.go Mon Jan 19 06:42:42 2015 -0500 1.3 @@ -324,6 +324,7 @@ 1.4 if w.Body.String() != "The redirect_uri specified is not valid." { 1.5 t.Errorf(`Expected output to be "%s", got "%s" instead.`, "The redirect_uri specified is not valid.", w.Body.String()) 1.6 } 1.7 + // BUG(paddy): Need to test that setting redirect_uri to a non-URL redirect_uri returns the correct error. 1.8 } 1.9 1.10 func TestGetAuthorizationCodeCodeInvalidResponseType(t *testing.T) { 1.11 @@ -548,6 +549,8 @@ 1.12 } 1.13 } 1.14 1.15 +// BUG(paddy): Need to test for implicit grant flow 1.16 + 1.17 func TestCheckCookie(t *testing.T) { 1.18 t.Parallel() 1.19 req, err := http.NewRequest("GET", "https://auth.secondbit.org", nil) 1.20 @@ -768,6 +771,7 @@ 1.21 if err != nil { 1.22 t.Error("Error saving client:", err) 1.23 } 1.24 + // BUG(paddy): We're only testing that GetTokenHandler returns the right values when we have the right input. But what about when we have the wrong input? We should test for invalid client errors and invalid grant errors to make sure they're triggered. 1.25 data := url.Values{} 1.26 data.Set("grant_type", "authorization_code") 1.27 data.Set("code", authCode.Code) 1.28 @@ -818,4 +822,7 @@ 1.29 if tokens[0].TokenType != resp.TokenType { 1.30 t.Errorf(`Expected token type to be %s, got %s`, tokens[0].TokenType, resp.TokenType) 1.31 } 1.32 + // BUG(paddy): We need to test for the refresh_token grant type, too. 1.33 + // BUG(paddy): We need to test for the password grant type, too. 1.34 + // BUG(paddy): We need to test for the client_credentials grant type, too. 1.35 }