auth

Paddy 2014-07-18

0:7a6f64db7246 Go to Latest

auth/access_test.go

Start rewriting the repo. This code originally was a carbon copy of https://github.com/RangelReale/osin, but I am methodically stripping out the extensible nature of it for a simpler interface, while simultaneously bringing the style into line with the Ducky style.

Download raw file
View source Diff to previous Annotate
History
1 package oauth2
2
3 import (
4 "net/http"
5 "net/url"
6 "testing"
7 )
8
9 func TestAccessAuthorizationCode(t *testing.T) {
10 sconfig := NewServerConfig()
11 sconfig.AllowedAccessTypes = AllowedAccessType{AuthorizationCodeART}
12 server := NewServer(sconfig, NewTestingStorage())
13 server.AccessTokenGen = &TestingAccessTokenGen{}
14 resp := server.NewResponse()
15
16 req, err := http.NewRequest("POST", "http://localhost:14000/appauth", nil)
17 if err != nil {
18 t.Fatal(err)
19 }
20 req.SetBasicAuth("1234", "aabbccdd")
21
22 req.Form = make(url.Values)
23 req.Form.Set("grant_type", string(AuthorizationCodeART))
24 req.Form.Set("code", "9999")
25 req.Form.Set("state", "a")
26 req.PostForm = make(url.Values)
27
28 if ar := server.HandleAccessRequest(resp, req); ar != nil {
29 ar.Authorized = true
30 server.FinishAccessRequest(resp, req, ar)
31 }
32
33 //fmt.Printf("%+v", resp)
34
35 if resp.IsError && resp.InternalError != nil {
36 t.Fatalf("Error in response: %s", resp.InternalError)
37 }
38
39 if resp.IsError {
40 t.Fatalf("Should not be an error")
41 }
42
43 if resp.Type != DATA {
44 t.Fatalf("Response should be data")
45 }
46
47 if d := resp.Output["access_token"]; d != "1" {
48 t.Fatalf("Unexpected access token: %s", d)
49 }
50
51 if d := resp.Output["refresh_token"]; d != "r1" {
52 t.Fatalf("Unexpected refresh token: %s", d)
53 }
54 }
55
56 func TestAccessRefreshToken(t *testing.T) {
57 sconfig := NewServerConfig()
58 sconfig.AllowedAccessTypes = AllowedAccessType{REFRESH_TOKEN}
59 server := NewServer(sconfig, NewTestingStorage())
60 server.AccessTokenGen = &TestingAccessTokenGen{}
61 resp := server.NewResponse()
62
63 req, err := http.NewRequest("POST", "http://localhost:14000/appauth", nil)
64 if err != nil {
65 t.Fatal(err)
66 }
67 req.SetBasicAuth("1234", "aabbccdd")
68
69 req.Form = make(url.Values)
70 req.Form.Set("grant_type", string(REFRESH_TOKEN))
71 req.Form.Set("refresh_token", "r9999")
72 req.Form.Set("state", "a")
73 req.PostForm = make(url.Values)
74
75 if ar := server.HandleAccessRequest(resp, req); ar != nil {
76 ar.Authorized = true
77 server.FinishAccessRequest(resp, req, ar)
78 }
79
80 //fmt.Printf("%+v", resp)
81
82 if resp.IsError && resp.InternalError != nil {
83 t.Fatalf("Error in response: %s", resp.InternalError)
84 }
85
86 if resp.IsError {
87 t.Fatalf("Should not be an error")
88 }
89
90 if resp.Type != DATA {
91 t.Fatalf("Response should be data")
92 }
93
94 if d := resp.Output["access_token"]; d != "1" {
95 t.Fatalf("Unexpected access token: %s", d)
96 }
97
98 if d := resp.Output["refresh_token"]; d != "r1" {
99 t.Fatalf("Unexpected refresh token: %s", d)
100 }
101 }
102
103 func TestAccessPassword(t *testing.T) {
104 sconfig := NewServerConfig()
105 sconfig.AllowedAccessTypes = AllowedAccessType{PASSWORD}
106 server := NewServer(sconfig, NewTestingStorage())
107 server.AccessTokenGen = &TestingAccessTokenGen{}
108 resp := server.NewResponse()
109
110 req, err := http.NewRequest("POST", "http://localhost:14000/appauth", nil)
111 if err != nil {
112 t.Fatal(err)
113 }
114 req.SetBasicAuth("1234", "aabbccdd")
115
116 req.Form = make(url.Values)
117 req.Form.Set("grant_type", string(PASSWORD))
118 req.Form.Set("username", "testing")
119 req.Form.Set("password", "testing")
120 req.Form.Set("state", "a")
121 req.PostForm = make(url.Values)
122
123 if ar := server.HandleAccessRequest(resp, req); ar != nil {
124 ar.Authorized = ar.Username == "testing" && ar.Password == "testing"
125 server.FinishAccessRequest(resp, req, ar)
126 }
127
128 //fmt.Printf("%+v", resp)
129
130 if resp.IsError && resp.InternalError != nil {
131 t.Fatalf("Error in response: %s", resp.InternalError)
132 }
133
134 if resp.IsError {
135 t.Fatalf("Should not be an error")
136 }
137
138 if resp.Type != DATA {
139 t.Fatalf("Response should be data")
140 }
141
142 if d := resp.Output["access_token"]; d != "1" {
143 t.Fatalf("Unexpected access token: %s", d)
144 }
145
146 if d := resp.Output["refresh_token"]; d != "r1" {
147 t.Fatalf("Unexpected refresh token: %s", d)
148 }
149 }
150
151 func TestAccessClientCredentials(t *testing.T) {
152 sconfig := NewServerConfig()
153 sconfig.AllowedAccessTypes = AllowedAccessType{CLIENT_CREDENTIALS}
154 server := NewServer(sconfig, NewTestingStorage())
155 server.AccessTokenGen = &TestingAccessTokenGen{}
156 resp := server.NewResponse()
157
158 req, err := http.NewRequest("POST", "http://localhost:14000/appauth", nil)
159 if err != nil {
160 t.Fatal(err)
161 }
162 req.SetBasicAuth("1234", "aabbccdd")
163
164 req.Form = make(url.Values)
165 req.Form.Set("grant_type", string(CLIENT_CREDENTIALS))
166 req.Form.Set("state", "a")
167 req.PostForm = make(url.Values)
168
169 if ar := server.HandleAccessRequest(resp, req); ar != nil {
170 ar.Authorized = true
171 server.FinishAccessRequest(resp, req, ar)
172 }
173
174 //fmt.Printf("%+v", resp)
175
176 if resp.IsError && resp.InternalError != nil {
177 t.Fatalf("Error in response: %s", resp.InternalError)
178 }
179
180 if resp.IsError {
181 t.Fatalf("Should not be an error")
182 }
183
184 if resp.Type != DATA {
185 t.Fatalf("Response should be data")
186 }
187
188 if d := resp.Output["access_token"]; d != "1" {
189 t.Fatalf("Unexpected access token: %s", d)
190 }
191
192 if d := resp.Output["refresh_token"]; d != "r1" {
193 t.Fatalf("Unexpected refresh token: %s", d)
194 }
195 }