auth

Paddy 2014-12-14 Parent:1fb166575e69 Child:c03b5eb3179e

99:5bccbed6631b Go to Latest

auth/authcode_test.go

Add an endpoint to validate and register profiles. Add a newProfileRequest object that defines the user-specified properties of a new Profile. Add a helper that validates a newProfileRequest and modifies it for sanitization, mostly just removing leading and trailing whitespace. Add MaxNameLength, MaxUsernameLength, and MaxEmailLength constants to hold the maximum length for those properties. Add errors to be returned when a users attempts to log in with a profile that is compromised or locked. Add the bare bones of a CreateProfileHandler that validates a profile registration request adn uses it to create a Profile and at least one Login. Create a requestError struct that is used for returning API errors, along with constants for the slugs we'll use to signal those errors.

Download raw file
View source Diff to previous Annotate
History
1 package auth
2
3 import (
4 "testing"
5 "time"
6
7 "code.secondbit.org/uuid"
8 )
9
10 var authCodeStores = []authorizationCodeStore{NewMemstore()}
11
12 func compareAuthorizationCodes(authCode1, authCode2 AuthorizationCode) (success bool, field string, authCode1val, authCode2val interface{}) {
13 if authCode1.Code != authCode2.Code {
14 return false, "code", authCode1.Code, authCode2.Code
15 }
16 if !authCode1.Created.Equal(authCode2.Created) {
17 return false, "created", authCode1.Created, authCode2.Created
18 }
19 if authCode1.ExpiresIn != authCode2.ExpiresIn {
20 return false, "expires in", authCode1.ExpiresIn, authCode2.ExpiresIn
21 }
22 if !authCode1.ClientID.Equal(authCode2.ClientID) {
23 return false, "client ID", authCode1.ClientID, authCode2.ClientID
24 }
25 if authCode1.Scope != authCode2.Scope {
26 return false, "scope", authCode1.Scope, authCode2.Scope
27 }
28 if authCode1.RedirectURI != authCode2.RedirectURI {
29 return false, "redirect URI", authCode1.RedirectURI, authCode2.RedirectURI
30 }
31 if authCode1.State != authCode2.State {
32 return false, "state", authCode1.State, authCode2.State
33 }
34 return true, "", nil, nil
35 }
36
37 func TestAuthorizationCodeStoreSuccess(t *testing.T) {
38 t.Parallel()
39 authCode := AuthorizationCode{
40 Code: "code",
41 Created: time.Now(),
42 ExpiresIn: 180,
43 ClientID: uuid.NewID(),
44 Scope: "scope",
45 RedirectURI: "redirectURI",
46 State: "state",
47 }
48 for _, store := range authCodeStores {
49 err := store.saveAuthorizationCode(authCode)
50 if err != nil {
51 t.Errorf("Error saving auth code to %T: %s", store, err)
52 }
53 err = store.saveAuthorizationCode(authCode)
54 if err != ErrAuthorizationCodeAlreadyExists {
55 t.Errorf("Expected ErrAuthorizationCodeAlreadyExists from %T, got %+v", store, err)
56 }
57 retrieved, err := store.getAuthorizationCode(authCode.Code)
58 if err != nil {
59 t.Errorf("Error retrieving auth code from %T: %s", store, err)
60 }
61 match, field, expectation, result := compareAuthorizationCodes(authCode, retrieved)
62 if !match {
63 t.Errorf("Expected `%v` in the `%s` field of auth code retrieved from %T, got `%v`", expectation, field, store, result)
64 }
65 err = store.deleteAuthorizationCode(authCode.Code)
66 if err != nil {
67 t.Errorf("Error removing auth code from %T: %s", store, err)
68 }
69 retrieved, err = store.getAuthorizationCode(authCode.Code)
70 if err != ErrAuthorizationCodeNotFound {
71 t.Errorf("Expected ErrAuthorizationCodeNotFound from %T, got %+v and %+v", store, retrieved, err)
72 }
73 err = store.deleteAuthorizationCode(authCode.Code)
74 if err != ErrAuthorizationCodeNotFound {
75 t.Errorf("Expected ErrAuthorizationCodeNotFound from %T, got %+v", store, err)
76 }
77 }
78 }