auth
auth/grant.go
Add tests for invalid clients when getting a grant. Test that an invalid or missing client_id parameter when trying to obtain a grant code returns the error we expect.
1 package auth
3 import (
4 "errors"
5 "time"
7 "code.secondbit.org/uuid"
8 )
10 var (
11 // ErrNoGrantStore is returned when a Context tries to act on a grantStore without setting one first.
12 ErrNoGrantStore = errors.New("no grantStore was specified for the Context")
13 // ErrGrantNotFound is returned when a Grant is requested but not found in the grantStore.
14 ErrGrantNotFound = errors.New("grant not found in grantStore")
15 // ErrGrantAlreadyExists is returned when a Grant is added to a grantStore, but another Grant with the
16 // same Code already exists in the grantStore.
17 ErrGrantAlreadyExists = errors.New("grant already exists in grantStore")
18 )
20 // Grant represents an authorization grant made by a user to a Client, to
21 // access user data within a defined Scope for a limited amount of time.
22 type Grant struct {
23 Code string
24 Created time.Time
25 ExpiresIn int32
26 ClientID uuid.ID
27 Scope string
28 RedirectURI string
29 State string
30 }
32 type grantStore interface {
33 getGrant(code string) (Grant, error)
34 saveGrant(grant Grant) error
35 deleteGrant(code string) error
36 }
38 func (m *memstore) getGrant(code string) (Grant, error) {
39 m.grantLock.RLock()
40 defer m.grantLock.RUnlock()
41 grant, ok := m.grants[code]
42 if !ok {
43 return Grant{}, ErrGrantNotFound
44 }
45 return grant, nil
46 }
48 func (m *memstore) saveGrant(grant Grant) error {
49 m.grantLock.Lock()
50 defer m.grantLock.Unlock()
51 _, ok := m.grants[grant.Code]
52 if ok {
53 return ErrGrantAlreadyExists
54 }
55 m.grants[grant.Code] = grant
56 return nil
57 }
59 func (m *memstore) deleteGrant(code string) error {
60 m.grantLock.Lock()
61 defer m.grantLock.Unlock()
62 _, ok := m.grants[code]
63 if !ok {
64 return ErrGrantNotFound
65 }
66 delete(m.grants, code)
67 return nil
68 }