auth

Paddy 2014-11-02 Parent:b3cd7765a7c8 Child:dd5d23d490ee

auth/http_test.go

Fill out redirects. Actually redirect the user when obtaining a grant. Check if the redirect_uri being passed when obtaining a grant is _actually a URL_. If it's not, return the right error. Add a test for a redirect_uri that isn't a valid URL.

Download raw file

View source Diff to previous Annotate

1 package auth

3 import (

4 "html/template"

5 "net/http"

6 "net/http/httptest"

7 "net/url"

8 "testing"

9 "time"

11 "code.secondbit.org/uuid"

12 )

14 const (

15 scopeSet = 1 << iota

16 stateSet

17 uriSet

18 )

20 func TestGetGrantCodeSuccess(t *testing.T) {

21 t.Parallel()

22 store := NewMemstore()

23 testContext := Context{

24 template: template.Must(template.New(getGrantTemplateName).Parse("Get auth grant")),

25 clients: store,

26 grants: store,

27 profiles: store,

28 tokens: store,

29 }

30 client := Client{

31 ID: uuid.NewID(),

32 Secret: "super secret!",

33 OwnerID: uuid.NewID(),

34 Name: "My test client",

35 Logo: "https://secondbit.org/logo.png",

36 Website: "https://secondbit.org",

37 Type: "public",

38 }

39 uri, err := url.Parse("https://test.secondbit.org/redirect")

40 if err != nil {

41 t.Fatal("Can't parse URL:", err)

42 }

43 endpoint := Endpoint{

44 ID: uuid.NewID(),

45 ClientID: client.ID,

46 URI: *uri,

47 Added: time.Now(),

48 }

49 err = testContext.SaveClient(client)

50 if err != nil {

51 t.Fatal("Can't store client:", err)

52 }

53 err = testContext.AddEndpoint(client.ID, endpoint)

54 if err != nil {

55 t.Fatal("Can't store endpoint:", err)

56 }

57 req, err := http.NewRequest("GET", "https://test.auth.secondbit.org/oauth2/grant", nil)

58 if err != nil {

59 t.Fatal("Can't build request:", err)

60 }

61 for i := 0; i < 1<<3; i++ {

62 w := httptest.NewRecorder()

63 params := url.Values{}

64 // see OAuth 2.0 spec, section 4.1.1

65 params.Set("response_type", "code")

66 params.Set("client_id", client.ID.String())

67 if i&uriSet != 0 {

68 params.Set("redirect_uri", endpoint.URI.String())

69 }

70 if i&scopeSet != 0 {

71 params.Set("scope", "testscope")

72 }

73 if i&stateSet != 0 {

74 params.Set("state", "my super secure state string")

75 }

76 req.URL.RawQuery = params.Encode()

77 GetGrantHandler(w, req, testContext)

78 if w.Code != http.StatusOK {

79 t.Errorf("Expected status code to be %d, got %d for %s", http.StatusOK, w.Code, req.URL.String())

80 }

81 if w.Body.String() != "Get auth grant" {

82 t.Errorf("Expected body to be `%s`, got `%s` for %s", "Get auth grant", w.Body.String(), req.URL.String())

83 }

84 }

85 }

87 func TestGetGrantCodeInvalidURI(t *testing.T) {

88 t.Parallel()

89 store := NewMemstore()

90 testContext := Context{

91 template: template.Must(template.New(getGrantTemplateName).Parse("{{ .error }}")),

92 clients: store,

93 grants: store,

94 profiles: store,

95 tokens: store,

96 }

97 client := Client{

98 ID: uuid.NewID(),

99 Secret: "super secret!",

100 OwnerID: uuid.NewID(),

101 Name: "My test client",

102 Type: "public",

103 }

104 uri, err := url.Parse("https://test.secondbit.org/redirect")

105 if err != nil {

106 t.Fatal("Can't parse URL:", err)

107 }

108 endpoint := Endpoint{

109 ID: uuid.NewID(),

110 ClientID: client.ID,

111 URI: *uri,

112 Added: time.Now(),

113 }

114 err = testContext.SaveClient(client)

115 if err != nil {

116 t.Fatal("Can't store client:", err)

117 }

118 err = testContext.AddEndpoint(client.ID, endpoint)

119 if err != nil {

120 t.Fatal("Can't store endpoint:", err)

121 }

122 req, err := http.NewRequest("GET", "https://test.auth.secondbit.org/oauth2/grant", nil)

123 if err != nil {

124 t.Fatal("Can't build request:", err)

125 }

126 w := httptest.NewRecorder()

127 params := url.Values{}

128 params.Set("response_type", "code")

129 params.Set("client_id", client.ID.String())

130 params.Set("redirect_uri", "https://test.secondbit.org/wrong")

131 req.URL.RawQuery = params.Encode()

132 GetGrantHandler(w, req, testContext)

133 if w.Code != http.StatusBadRequest {

134 t.Errorf("Expected status code to be %d, got %d", http.StatusBadRequest, w.Code)

135 }

136 if w.Body.String() != "The redirect_uri specified is not valid." {

137 t.Errorf(`Expected output to be "%s", got "%s" instead.`, "The redirect_uri specified is not valid.", w.Body.String())

138 }

139 req, err = http.NewRequest("GET", "https://test.auth.secondbit.org/oauth2/grant", nil)

140 if err != nil {

141 t.Fatal("Can't build request:", err)

142 }

143 w = httptest.NewRecorder()

144 params.Set("redirect_uri", "not a URL")

145 req.URL.RawQuery = params.Encode()

146 GetGrantHandler(w, req, testContext)

147 if w.Code != http.StatusBadRequest {

148 t.Errorf("Expected status code to be %d, got %d", http.StatusBadRequest, w.Code)

149 }

150 if w.Body.String() != "The redirect_uri specified is not valid." {

151 t.Errorf(`Expected output to be "%s", got "%s" instead.`, "The redirect_uri specified is not valid.", w.Body.String())

152 }

153 }