auth

Paddy 2015-01-19 Parent:dcd2125c4f57 Child:b714af0578dc

126:34de07217709 Go to Latest

auth/token_test.go

Test around client types and secrets. Implement a test that the CreateClient handler will correctly create a confidential client and issue a secret for it. Also, just generally test that clients that are confidential are issued secrets and clients that are public are not.

Download raw file
View source Diff to previous Annotate
History
1 package auth
2
3 import (
4 "testing"
5 "time"
6
7 "code.secondbit.org/uuid.hg"
8 )
9
10 var tokenStores = []tokenStore{NewMemstore()}
11
12 func compareTokens(token1, token2 Token) (success bool, field string, val1, val2 interface{}) {
13 if token1.AccessToken != token2.AccessToken {
14 return false, "access token", token1.AccessToken, token2.AccessToken
15 }
16 if token1.RefreshToken != token2.RefreshToken {
17 return false, "refresh token", token1.RefreshToken, token2.RefreshToken
18 }
19 if !token1.Created.Equal(token2.Created) {
20 return false, "created", token1.Created, token2.Created
21 }
22 if token1.CreatedFrom != token2.CreatedFrom {
23 return false, "created from", token1.CreatedFrom, token2.CreatedFrom
24 }
25 if token1.ExpiresIn != token2.ExpiresIn {
26 return false, "expires in", token1.ExpiresIn, token2.ExpiresIn
27 }
28 if token1.TokenType != token2.TokenType {
29 return false, "token type", token1.TokenType, token2.TokenType
30 }
31 if token1.Scope != token2.Scope {
32 return false, "scope", token1.Scope, token2.Scope
33 }
34 if !token1.ProfileID.Equal(token2.ProfileID) {
35 return false, "profile ID", token1.ProfileID, token2.ProfileID
36 }
37 if token1.Revoked != token2.Revoked {
38 return false, "revoked", token1.Revoked, token2.Revoked
39 }
40 return true, "", nil, nil
41 }
42
43 func TestTokenStoreSuccess(t *testing.T) {
44 t.Parallel()
45 token := Token{
46 AccessToken: "access",
47 RefreshToken: "refresh",
48 Created: time.Now(),
49 ExpiresIn: 3600,
50 TokenType: "bearer",
51 Scope: "scope",
52 ProfileID: uuid.NewID(),
53 }
54 for _, store := range tokenStores {
55 context := Context{tokens: store}
56 err := context.SaveToken(token)
57 if err != nil {
58 t.Errorf("Error saving token to %T: %s", store, err)
59 }
60 err = context.SaveToken(token)
61 if err != ErrTokenAlreadyExists {
62 t.Errorf("Expected ErrTokenAlreadyExists from %T, got %s", store, err)
63 }
64 retrievedAccess, err := context.GetToken(token.AccessToken, false)
65 if err != nil {
66 t.Errorf("Error retrieving token from %T: %s", store, err)
67 }
68 success, field, expectation, result := compareTokens(token, retrievedAccess)
69 if !success {
70 t.Errorf("Expected field %s to be %v, but got %v from %T", field, expectation, result, store)
71 }
72 retrievedRefresh, err := context.GetToken(token.RefreshToken, true)
73 if err != nil {
74 t.Errorf("Error retrieving refresh token from %T: %s", store, err)
75 }
76 success, field, expectation, result = compareTokens(token, retrievedRefresh)
77 if !success {
78 t.Errorf("Expected field %s to be %v, but got %v from %T", field, expectation, result, store)
79 }
80 retrievedProfile, err := context.GetTokensByProfileID(token.ProfileID, 25, 0)
81 if err != nil {
82 t.Errorf("Error retrieving token by profile from %T: %s", store, err)
83 }
84 if len(retrievedProfile) != 1 {
85 t.Errorf("Expected 1 token retrieved by profile ID from %T, got %+v", store, retrievedProfile)
86 }
87 success, field, expectation, result = compareTokens(token, retrievedProfile[0])
88 if !success {
89 t.Errorf("Expected field %s to be %v, but got %v from %T", field, expectation, result, store)
90 }
91 err = context.RevokeToken(token.AccessToken, false)
92 if err != nil {
93 t.Errorf("Error revoking token in %T: %s", store, err)
94 }
95 retrievedRevoked, err := context.GetToken(token.AccessToken, false)
96 if err != nil {
97 t.Errorf("Error retrieving token from %T: %s", store, err)
98 }
99 token.Revoked = true
100 success, field, expectation, result = compareTokens(token, retrievedRevoked)
101 if !success {
102 t.Errorf("Expected field %s to be %v, but got %v from %T", field, expectation, result, store)
103 }
104 // TODO(paddy): test revoking by refresh token.
105 err = context.RemoveToken(token.AccessToken)
106 if err != nil {
107 t.Errorf("Error removing token from %T: %s", store, err)
108 }
109 _, err = context.GetToken(token.AccessToken, false)
110 if err != ErrTokenNotFound {
111 t.Errorf("Expected ErrTokenNotFound from %T, got %s", store, err)
112 }
113 _, err = context.GetToken(token.RefreshToken, true)
114 if err != ErrTokenNotFound {
115 t.Errorf("Expected ErrTokenNotFound from %T, got %s", store, err)
116 }
117 retrievedProfile, err = context.GetTokensByProfileID(token.ProfileID, 25, 0)
118 if err != nil {
119 t.Errorf("Error retrieving token by profile from %T: %s", store, err)
120 }
121 if len(retrievedProfile) != 0 {
122 t.Errorf("Expected list of 0 tokens from %T, got %+v", store, retrievedProfile)
123 }
124 err = context.RemoveToken(token.AccessToken)
125 if err != ErrTokenNotFound {
126 t.Errorf("Expected ErrTokenNotFound from %T, got %s", store, err)
127 }
128 err = context.RevokeToken(token.AccessToken, false)
129 if err != ErrTokenNotFound {
130 t.Errorf("Expected ErrTokenNotFound from %T, got %s", store, err)
131 }
132 err = context.RevokeToken(token.RefreshToken, true)
133 if err != ErrTokenNotFound {
134 t.Errorf("Expected ErrTokenNotFound from %T, got %s", store, err)
135 }
136 }
137 }