auth
auth/token_test.go
Make static error messages HTML safe. We may, at some point, want to use links or HTML elements in these static error messages. Since they're hardcoded, let's pass them as safe HTML strings.
1 package auth
3 import (
4 "testing"
5 "time"
7 "code.secondbit.org/uuid"
8 )
10 var tokenStores = []tokenStore{NewMemstore()}
12 func compareTokens(token1, token2 Token) (success bool, field string, val1, val2 interface{}) {
13 if token1.AccessToken != token2.AccessToken {
14 return false, "access token", token1.AccessToken, token2.AccessToken
15 }
16 if token1.RefreshToken != token2.RefreshToken {
17 return false, "refresh token", token1.RefreshToken, token2.RefreshToken
18 }
19 if !token1.Created.Equal(token2.Created) {
20 return false, "created", token1.Created, token2.Created
21 }
22 if token1.ExpiresIn != token2.ExpiresIn {
23 return false, "expires in", token1.ExpiresIn, token2.ExpiresIn
24 }
25 if token1.TokenType != token2.TokenType {
26 return false, "token type", token1.TokenType, token2.TokenType
27 }
28 if token1.Scope != token2.Scope {
29 return false, "scope", token1.Scope, token2.Scope
30 }
31 if !token1.ProfileID.Equal(token2.ProfileID) {
32 return false, "profile ID", token1.ProfileID, token2.ProfileID
33 }
34 return true, "", nil, nil
35 }
37 func TestTokenStoreSuccess(t *testing.T) {
38 t.Parallel()
39 token := Token{
40 AccessToken: "access",
41 RefreshToken: "refresh",
42 Created: time.Now(),
43 ExpiresIn: 3600,
44 TokenType: "bearer",
45 Scope: "scope",
46 ProfileID: uuid.NewID(),
47 }
48 for _, store := range tokenStores {
49 err := store.saveToken(token)
50 if err != nil {
51 t.Errorf("Error saving token to %T: %s", store, err)
52 }
53 err = store.saveToken(token)
54 if err != ErrTokenAlreadyExists {
55 t.Errorf("Expected ErrTokenAlreadyExists from %T, got %s", store, err)
56 }
57 retrievedAccess, err := store.getToken(token.AccessToken, false)
58 if err != nil {
59 t.Errorf("Error retrieving token from %T: %s", store, err)
60 }
61 success, field, expectation, result := compareTokens(token, retrievedAccess)
62 if !success {
63 t.Errorf("Expected field %s to be %v, but got %v from %T", field, expectation, result, store)
64 }
65 retrievedRefresh, err := store.getToken(token.RefreshToken, true)
66 if err != nil {
67 t.Errorf("Error retrieving refresh token from %T: %s", store, err)
68 }
69 success, field, expectation, result = compareTokens(token, retrievedRefresh)
70 if !success {
71 t.Errorf("Expected field %s to be %v, but got %v from %T", field, expectation, result, store)
72 }
73 retrievedProfile, err := store.getTokensByProfileID(token.ProfileID, 25, 0)
74 if err != nil {
75 t.Errorf("Error retrieving token by profile from %T: %s", store, err)
76 }
77 if len(retrievedProfile) != 1 {
78 t.Errorf("Expected 1 token retrieved by profile ID from %T, got %+v", store, retrievedProfile)
79 }
80 success, field, expectation, result = compareTokens(token, retrievedProfile[0])
81 if !success {
82 t.Errorf("Expected field %s to be %v, but got %v from %T", field, expectation, result, store)
83 }
84 err = store.removeToken(token.AccessToken)
85 if err != nil {
86 t.Errorf("Error removing token from %T: %s", store, err)
87 }
88 _, err = store.getToken(token.AccessToken, false)
89 if err != ErrTokenNotFound {
90 t.Errorf("Expected ErrTokenNotFound from %T, got %s", store, err)
91 }
92 _, err = store.getToken(token.RefreshToken, true)
93 if err != ErrTokenNotFound {
94 t.Errorf("Expected ErrTokenNotFound from %T, got %s", store, err)
95 }
96 retrievedProfile, err = store.getTokensByProfileID(token.ProfileID, 25, 0)
97 if err != nil {
98 t.Errorf("Error retrieving token by profile from %T: %s", store, err)
99 }
100 if len(retrievedProfile) != 0 {
101 t.Errorf("Expected list of 0 tokens from %T, got %+v", store, retrievedProfile)
102 }
103 err = store.removeToken(token.AccessToken)
104 if err != ErrTokenNotFound {
105 t.Errorf("Expected ErrTokenNotFound from %T, got %s", store, err)
106 }
107 }
108 }