auth

Paddy 2014-10-22 Parent:28d48fdb0dd1 Child:b3cd7765a7c8

56:a5987795707e Go to Latest

auth/http_test.go

Actually validate grant requests. Write the logic to validate grant requests and stub out the rendering/error handling/redirecting locations. Finally, we get to the good stuff: implementing the specification. Write some tests to verify that granting requests works the way we think it does.

Download raw file
View source Diff to previous Annotate
History 
     1.1 --- a/http_test.go	Wed Oct 22 00:29:05 2014 -0400
     1.2 +++ b/http_test.go	Wed Oct 22 00:30:28 2014 -0400
     1.3 @@ -6,12 +6,16 @@
     1.4  	"net/http/httptest"
     1.5  	"net/url"
     1.6  	"testing"
     1.7 +	"time"
     1.8 +
     1.9 +	"code.secondbit.org/uuid"
    1.10  )
    1.11  
    1.12  const (
    1.13  	scopeSet = 1 << iota
    1.14  	stateSet
    1.15  	uriSet
    1.16 +	uriExact
    1.17  )
    1.18  
    1.19  func TestGetGrantCodeSuccess(t *testing.T) {
    1.20 @@ -24,18 +28,49 @@
    1.21  		profiles: store,
    1.22  		tokens:   store,
    1.23  	}
    1.24 +	client := Client{
    1.25 +		ID:      uuid.NewID(),
    1.26 +		Secret:  "super secret!",
    1.27 +		OwnerID: uuid.NewID(),
    1.28 +		Name:    "My test client",
    1.29 +		Logo:    "https://secondbit.org/logo.png",
    1.30 +		Website: "https://secondbit.org",
    1.31 +		Type:    "public",
    1.32 +	}
    1.33 +	uri, err := url.Parse("https://test.secondbit.org/redirect")
    1.34 +	if err != nil {
    1.35 +		t.Fatal("Can't parse URL:", err)
    1.36 +	}
    1.37 +	endpoint := Endpoint{
    1.38 +		ID:       uuid.NewID(),
    1.39 +		ClientID: client.ID,
    1.40 +		URI:      *uri,
    1.41 +		Added:    time.Now(),
    1.42 +	}
    1.43 +	err = testContext.SaveClient(client)
    1.44 +	if err != nil {
    1.45 +		t.Fatal("Can't store client:", err)
    1.46 +	}
    1.47 +	err = testContext.AddEndpoint(client.ID, endpoint)
    1.48 +	if err != nil {
    1.49 +		t.Fatal("Can't store endpoint:", err)
    1.50 +	}
    1.51  	req, err := http.NewRequest("GET", "https://test.auth.secondbit.org/oauth2/grant", nil)
    1.52  	if err != nil {
    1.53  		t.Fatal("Can't build request:", err)
    1.54  	}
    1.55 -	for i := 0; i < 1<<3; i++ {
    1.56 +	for i := 0; i < 1<<4; i++ {
    1.57  		w := httptest.NewRecorder()
    1.58  		params := url.Values{}
    1.59  		// see OAuth 2.0 spec, section 4.1.1
    1.60  		params.Set("response_type", "code")
    1.61 -		params.Set("client_id", "test_client_id")
    1.62 +		params.Set("client_id", client.ID.String())
    1.63  		if i&uriSet != 0 {
    1.64 -			params.Set("redirect_uri", "https://test.secondbit.org/redirect")
    1.65 +			if i&uriExact != 0 {
    1.66 +				params.Set("redirect_uri", endpoint.URI.String())
    1.67 +			} else {
    1.68 +				params.Set("redirect_uri", endpoint.URI.String()+"/inexact")
    1.69 +			}
    1.70  		}
    1.71  		if i&scopeSet != 0 {
    1.72  			params.Set("scope", "testscope")
    1.73 @@ -53,3 +88,57 @@
    1.74  		}
    1.75  	}
    1.76  }
    1.77 +
    1.78 +func TestGetGrantCodeInvalidURI(t *testing.T) {
    1.79 +	t.Parallel()
    1.80 +	store := NewMemstore()
    1.81 +	testContext := Context{
    1.82 +		template: template.Must(template.New(getGrantTemplateName).Parse("{{ .error }}")),
    1.83 +		clients:  store,
    1.84 +		grants:   store,
    1.85 +		profiles: store,
    1.86 +		tokens:   store,
    1.87 +	}
    1.88 +	client := Client{
    1.89 +		ID:      uuid.NewID(),
    1.90 +		Secret:  "super secret!",
    1.91 +		OwnerID: uuid.NewID(),
    1.92 +		Name:    "My test client",
    1.93 +		Type:    "public",
    1.94 +	}
    1.95 +	uri, err := url.Parse("https://test.secondbit.org/redirect")
    1.96 +	if err != nil {
    1.97 +		t.Fatal("Can't parse URL:", err)
    1.98 +	}
    1.99 +	endpoint := Endpoint{
   1.100 +		ID:       uuid.NewID(),
   1.101 +		ClientID: client.ID,
   1.102 +		URI:      *uri,
   1.103 +		Added:    time.Now(),
   1.104 +	}
   1.105 +	err = testContext.SaveClient(client)
   1.106 +	if err != nil {
   1.107 +		t.Fatal("Can't store client:", err)
   1.108 +	}
   1.109 +	err = testContext.AddEndpoint(client.ID, endpoint)
   1.110 +	if err != nil {
   1.111 +		t.Fatal("Can't store endpoint:", err)
   1.112 +	}
   1.113 +	req, err := http.NewRequest("GET", "https://test.auth.secondbit.org/oauth2/grant", nil)
   1.114 +	if err != nil {
   1.115 +		t.Fatal("Can't build request:", err)
   1.116 +	}
   1.117 +	w := httptest.NewRecorder()
   1.118 +	params := url.Values{}
   1.119 +	params.Set("response_type", "code")
   1.120 +	params.Set("client_id", client.ID.String())
   1.121 +	params.Set("redirect_uri", "https://test.secondbit.org/wrong")
   1.122 +	req.URL.RawQuery = params.Encode()
   1.123 +	GetGrantHandler(w, req, testContext)
   1.124 +	if w.Code != http.StatusBadRequest {
   1.125 +		t.Errorf("Expected status code to be %d, got %d", http.StatusBadRequest, w.Code)
   1.126 +	}
   1.127 +	if w.Body.String() != "The redirect_uri specified is not valid." {
   1.128 +		t.Errorf(`Expected output to be "%s", got "%s" instead.`, "The redirect_uri specified is not valid.", w.Body.String())
   1.129 +	}
   1.130 +}