auth

Paddy 2014-12-07 Parent:e45bfa2abc00 Child:a8b86f5fba78

85:1dc4e152e3b0 Go to Latest

auth/token_test.go

Break client verification out, break token returns out. Break client verification out into a helper function to avoid rewriting it for pretty much every grant. Break token returns out into a new function as part of the GrantType, so that implicit grants can redirect with the token value. Split returning the token as JSON into its own exported function, which can be used in multiple grants. Return more relevant information to the template when a user is deciding whether or not to authorize a grant.

Download raw file
View source Diff to previous Annotate
History
1 package auth
2
3 import (
4 "testing"
5 "time"
6
7 "code.secondbit.org/uuid"
8 )
9
10 var tokenStores = []tokenStore{NewMemstore()}
11
12 func compareTokens(token1, token2 Token) (success bool, field string, val1, val2 interface{}) {
13 if token1.AccessToken != token2.AccessToken {
14 return false, "access token", token1.AccessToken, token2.AccessToken
15 }
16 if token1.RefreshToken != token2.RefreshToken {
17 return false, "refresh token", token1.RefreshToken, token2.RefreshToken
18 }
19 if !token1.Created.Equal(token2.Created) {
20 return false, "created", token1.Created, token2.Created
21 }
22 if token1.ExpiresIn != token2.ExpiresIn {
23 return false, "expires in", token1.ExpiresIn, token2.ExpiresIn
24 }
25 if token1.TokenType != token2.TokenType {
26 return false, "token type", token1.TokenType, token2.TokenType
27 }
28 if token1.Scope != token2.Scope {
29 return false, "scope", token1.Scope, token2.Scope
30 }
31 if !token1.ProfileID.Equal(token2.ProfileID) {
32 return false, "profile ID", token1.ProfileID, token2.ProfileID
33 }
34 return true, "", nil, nil
35 }
36
37 func TestTokenStoreSuccess(t *testing.T) {
38 t.Parallel()
39 token := Token{
40 AccessToken: "access",
41 RefreshToken: "refresh",
42 Created: time.Now(),
43 ExpiresIn: 3600,
44 TokenType: "bearer",
45 Scope: "scope",
46 ProfileID: uuid.NewID(),
47 }
48 for _, store := range tokenStores {
49 err := store.saveToken(token)
50 if err != nil {
51 t.Errorf("Error saving token to %T: %s", store, err)
52 }
53 err = store.saveToken(token)
54 if err != ErrTokenAlreadyExists {
55 t.Errorf("Expected ErrTokenAlreadyExists from %T, got %s", store, err)
56 }
57 retrievedAccess, err := store.getToken(token.AccessToken, false)
58 if err != nil {
59 t.Errorf("Error retrieving token from %T: %s", store, err)
60 }
61 success, field, expectation, result := compareTokens(token, retrievedAccess)
62 if !success {
63 t.Errorf("Expected field %s to be %v, but got %v from %T", field, expectation, result, store)
64 }
65 retrievedRefresh, err := store.getToken(token.RefreshToken, true)
66 if err != nil {
67 t.Errorf("Error retrieving refresh token from %T: %s", store, err)
68 }
69 success, field, expectation, result = compareTokens(token, retrievedRefresh)
70 if !success {
71 t.Errorf("Expected field %s to be %v, but got %v from %T", field, expectation, result, store)
72 }
73 retrievedProfile, err := store.getTokensByProfileID(token.ProfileID, 25, 0)
74 if err != nil {
75 t.Errorf("Error retrieving token by profile from %T: %s", store, err)
76 }
77 if len(retrievedProfile) != 1 {
78 t.Errorf("Expected 1 token retrieved by profile ID from %T, got %+v", store, retrievedProfile)
79 }
80 success, field, expectation, result = compareTokens(token, retrievedProfile[0])
81 if !success {
82 t.Errorf("Expected field %s to be %v, but got %v from %T", field, expectation, result, store)
83 }
84 err = store.removeToken(token.AccessToken)
85 if err != nil {
86 t.Errorf("Error removing token from %T: %s", store, err)
87 }
88 _, err = store.getToken(token.AccessToken, false)
89 if err != ErrTokenNotFound {
90 t.Errorf("Expected ErrTokenNotFound from %T, got %s", store, err)
91 }
92 _, err = store.getToken(token.RefreshToken, true)
93 if err != ErrTokenNotFound {
94 t.Errorf("Expected ErrTokenNotFound from %T, got %s", store, err)
95 }
96 retrievedProfile, err = store.getTokensByProfileID(token.ProfileID, 25, 0)
97 if err != nil {
98 t.Errorf("Error retrieving token by profile from %T: %s", store, err)
99 }
100 if len(retrievedProfile) != 0 {
101 t.Errorf("Expected list of 0 tokens from %T, got %+v", store, retrievedProfile)
102 }
103 err = store.removeToken(token.AccessToken)
104 if err != ErrTokenNotFound {
105 t.Errorf("Expected ErrTokenNotFound from %T, got %s", store, err)
106 }
107 }
108 }