auth
62:dd5d23d490ee Browse Files
Add tests for invalid clients when getting a grant. Test that an invalid or missing client_id parameter when trying to obtain a grant code returns the error we expect.
1.1 --- a/http_test.go Sun Nov 02 21:13:26 2014 -0500 1.2 +++ b/http_test.go Sun Nov 02 21:14:21 2014 -0500 1.3 @@ -84,6 +84,65 @@ 1.4 } 1.5 } 1.6 1.7 +func TestGetGrantCodeInvalidClient(t *testing.T) { 1.8 + t.Parallel() 1.9 + store := NewMemstore() 1.10 + testContext := Context{ 1.11 + template: template.Must(template.New(getGrantTemplateName).Parse("{{ .error }}")), 1.12 + clients: store, 1.13 + grants: store, 1.14 + profiles: store, 1.15 + tokens: store, 1.16 + } 1.17 + client := Client{ 1.18 + ID: uuid.NewID(), 1.19 + Secret: "super secret!", 1.20 + OwnerID: uuid.NewID(), 1.21 + Name: "My test client", 1.22 + Type: "public", 1.23 + } 1.24 + err := testContext.SaveClient(client) 1.25 + if err != nil { 1.26 + t.Fatal("Can't store client:", err) 1.27 + } 1.28 + req, err := http.NewRequest("GET", "https://test.auth.secondbit.org/oauth2/grant", nil) 1.29 + if err != nil { 1.30 + t.Fatal("Can't build request:", err) 1.31 + } 1.32 + w := httptest.NewRecorder() 1.33 + params := url.Values{} 1.34 + params.Set("response_type", "code") 1.35 + params.Set("redirect_uri", "https://test.secondbit.org/") 1.36 + req.URL.RawQuery = params.Encode() 1.37 + GetGrantHandler(w, req, testContext) 1.38 + if w.Code != http.StatusBadRequest { 1.39 + t.Errorf("Expected status code to be %d, got %d", http.StatusBadRequest, w.Code) 1.40 + } 1.41 + if w.Body.String() != "Client ID must be specified in the request." { 1.42 + t.Errorf(`Expected output to be "%s", got "%s" instead.`, "Client ID must be specified in the request.", w.Body.String()) 1.43 + } 1.44 + w = httptest.NewRecorder() 1.45 + params.Set("client_id", "Not an ID") 1.46 + req.URL.RawQuery = params.Encode() 1.47 + GetGrantHandler(w, req, testContext) 1.48 + if w.Code != http.StatusBadRequest { 1.49 + t.Errorf("Expected status code to be %d, got %d", http.StatusBadRequest, w.Code) 1.50 + } 1.51 + if w.Body.String() != "client_id is not a valid Client ID." { 1.52 + t.Errorf(`Expected output to be "%s", got "%s" instead.`, "client_id is not a valid Client ID.", w.Body.String()) 1.53 + } 1.54 + w = httptest.NewRecorder() 1.55 + params.Set("client_id", uuid.NewID().String()) 1.56 + req.URL.RawQuery = params.Encode() 1.57 + GetGrantHandler(w, req, testContext) 1.58 + if w.Code != http.StatusBadRequest { 1.59 + t.Errorf("Expected status code to be %d, got %d", http.StatusBadRequest, w.Code) 1.60 + } 1.61 + if w.Body.String() != "The specified Client couldn’t be found." { 1.62 + t.Errorf(`Expected output to be "%s", got "%s" instead.`, "The specified Client couldn’t be found.", w.Body.String()) 1.63 + } 1.64 +} 1.65 + 1.66 func TestGetGrantCodeInvalidURI(t *testing.T) { 1.67 t.Parallel() 1.68 store := NewMemstore()