auth

Paddy 2014-07-18

0:7a6f64db7246 Go to Latest

auth/authorize_test.go

Start rewriting the repo. This code originally was a carbon copy of https://github.com/RangelReale/osin, but I am methodically stripping out the extensible nature of it for a simpler interface, while simultaneously bringing the style into line with the Ducky style.

Download raw file
View source Diff to previous Annotate
History
1 package oauth2
2
3 import (
4 "net/http"
5 "net/url"
6 "testing"
7 )
8
9 func TestAuthorizeCode(t *testing.T) {
10 sconfig := NewServerConfig()
11 sconfig.AllowedAuthorizeTypes = AllowedAuthorizeType{CODE}
12 server := NewServer(sconfig, NewTestingStorage())
13 server.AuthorizeTokenGen = &TestingAuthorizeTokenGen{}
14 resp := server.NewResponse()
15
16 req, err := http.NewRequest("GET", "http://localhost:14000/appauth", nil)
17 if err != nil {
18 t.Fatal(err)
19 }
20 req.Form = make(url.Values)
21 req.Form.Set("response_type", string(CODE))
22 req.Form.Set("client_id", "1234")
23 req.Form.Set("state", "a")
24
25 if ar := server.HandleAuthorizeRequest(resp, req); ar != nil {
26 ar.Authorized = true
27 server.FinishAuthorizeRequest(resp, req, ar)
28 }
29
30 //fmt.Printf("%+v", resp)
31
32 if resp.IsError && resp.InternalError != nil {
33 t.Fatalf("Error in response: %s", resp.InternalError)
34 }
35
36 if resp.IsError {
37 t.Fatalf("Should not be an error")
38 }
39
40 if resp.Type != REDIRECT {
41 t.Fatalf("Response should be a redirect")
42 }
43
44 if d := resp.Output["code"]; d != "1" {
45 t.Fatalf("Unexpected authorization code: %s", d)
46 }
47 }
48
49 func TestAuthorizeToken(t *testing.T) {
50 sconfig := NewServerConfig()
51 sconfig.AllowedAuthorizeTypes = AllowedAuthorizeType{TOKEN}
52 server := NewServer(sconfig, NewTestingStorage())
53 server.AuthorizeTokenGen = &TestingAuthorizeTokenGen{}
54 server.AccessTokenGen = &TestingAccessTokenGen{}
55 resp := server.NewResponse()
56
57 req, err := http.NewRequest("GET", "http://localhost:14000/appauth", nil)
58 if err != nil {
59 t.Fatal(err)
60 }
61 req.Form = make(url.Values)
62 req.Form.Set("response_type", string(TOKEN))
63 req.Form.Set("client_id", "1234")
64 req.Form.Set("state", "a")
65
66 if ar := server.HandleAuthorizeRequest(resp, req); ar != nil {
67 ar.Authorized = true
68 server.FinishAuthorizeRequest(resp, req, ar)
69 }
70
71 //fmt.Printf("%+v", resp)
72
73 if resp.IsError && resp.InternalError != nil {
74 t.Fatalf("Error in response: %s", resp.InternalError)
75 }
76
77 if resp.IsError {
78 t.Fatalf("Should not be an error")
79 }
80
81 if resp.Type != REDIRECT || !resp.RedirectInFragment {
82 t.Fatalf("Response should be a redirect with fragment")
83 }
84
85 if d := resp.Output["access_token"]; d != "1" {
86 t.Fatalf("Unexpected access token: %s", d)
87 }
88 }