auth

Paddy 2014-10-16 Parent:aff6863e3cb3 Child:0f80a3e391b8

53:28d48fdb0dd1 Browse Files

Test all possible successful requests, fix query setting in test. Test all the possible successful requests for an authorization code grant. Fix a bug wherein the query string wasn't actually set for the test.

http_test.go 

     1.1 --- a/http_test.go	Wed Oct 15 23:52:49 2014 -0400
     1.2 +++ b/http_test.go	Thu Oct 16 00:18:14 2014 -0400
     1.3 @@ -4,9 +4,16 @@
     1.4  	"html/template"
     1.5  	"net/http"
     1.6  	"net/http/httptest"
     1.7 +	"net/url"
     1.8  	"testing"
     1.9  )
    1.10  
    1.11 +const (
    1.12 +	scopeSet = 1 << iota
    1.13 +	stateSet
    1.14 +	uriSet
    1.15 +)
    1.16 +
    1.17  func TestGetGrantCodeSuccess(t *testing.T) {
    1.18  	t.Parallel()
    1.19  	store := NewMemstore()
    1.20 @@ -17,22 +24,32 @@
    1.21  		profiles: store,
    1.22  		tokens:   store,
    1.23  	}
    1.24 -	w := httptest.NewRecorder()
    1.25  	req, err := http.NewRequest("GET", "https://test.auth.secondbit.org/oauth2/grant", nil)
    1.26  	if err != nil {
    1.27  		t.Fatal("Can't build request:", err)
    1.28  	}
    1.29 -	// see OAuth 2.0 spec, section 4.1.1
    1.30 -	req.URL.Query().Set("response_type", "code")
    1.31 -	req.URL.Query().Set("client_id", "test_client_id")
    1.32 -	req.URL.Query().Set("redirect_uri", "https://test.secondbit.org/redirect")
    1.33 -	req.URL.Query().Set("scope", "testscope")
    1.34 -	req.URL.Query().Set("state", "my super secure state string")
    1.35 -	GetGrantHandler(w, req, testContext)
    1.36 -	if w.Code != http.StatusOK {
    1.37 -		t.Errorf("Expected status code to be %d, got %d", http.StatusOK, w.Code)
    1.38 -	}
    1.39 -	if w.Body.String() != "Get auth grant" {
    1.40 -		t.Errorf("Expected body to be `%s`, got `%s`", "Get auth grant", w.Body.String())
    1.41 +	for i := 0; i < 1<<3; i++ {
    1.42 +		w := httptest.NewRecorder()
    1.43 +		params := url.Values{}
    1.44 +		// see OAuth 2.0 spec, section 4.1.1
    1.45 +		params.Set("response_type", "code")
    1.46 +		params.Set("client_id", "test_client_id")
    1.47 +		if i&uriSet != 0 {
    1.48 +			params.Set("redirect_uri", "https://test.secondbit.org/redirect")
    1.49 +		}
    1.50 +		if i&scopeSet != 0 {
    1.51 +			params.Set("scope", "testscope")
    1.52 +		}
    1.53 +		if i&stateSet != 0 {
    1.54 +			params.Set("state", "my super secure state string")
    1.55 +		}
    1.56 +		req.URL.RawQuery = params.Encode()
    1.57 +		GetGrantHandler(w, req, testContext)
    1.58 +		if w.Code != http.StatusOK {
    1.59 +			t.Errorf("Expected status code to be %d, got %d for %s", http.StatusOK, w.Code, req.URL.String())
    1.60 +		}
    1.61 +		if w.Body.String() != "Get auth grant" {
    1.62 +			t.Errorf("Expected body to be `%s`, got `%s` for %s", "Get auth grant", w.Body.String(), req.URL.String())
    1.63 +		}
    1.64  	}
    1.65  }