Commit c2c7f03f authored by Eric Chiang's avatar Eric Chiang

Merge pull request #409 from Tecsisa/408-test-handleToken

tests: add HandleTokenFunc test
parents 58d9ae90 d3d2db8e
......@@ -332,6 +332,137 @@ func TestHandleAuthFuncResponsesMultipleRedirectURLs(t *testing.T) {
}
}
func TestHandleTokenFunc(t *testing.T) {
fx, err := makeTestFixtures()
if err != nil {
t.Fatalf("could not run test fixtures: %v", err)
}
tests := []struct {
query url.Values
user string
passwd string
wantCode int
}{
// bad grant_type
{
query: url.Values{
"grant_type": []string{"invalid!"},
"code": []string{"someCode"},
},
user: "XXX",
passwd: base64.URLEncoding.EncodeToString([]byte("secrete")),
wantCode: http.StatusBadRequest,
},
// authorization_code needs code param
{
query: url.Values{
"grant_type": []string{"authorization_code"},
},
user: "XXX",
passwd: base64.URLEncoding.EncodeToString([]byte("secrete")),
wantCode: http.StatusBadRequest,
},
// empty code
{
query: url.Values{
"grant_type": []string{"authorization_code"},
"code": []string{""},
},
user: "XXX",
passwd: base64.URLEncoding.EncodeToString([]byte("secrete")),
wantCode: http.StatusBadRequest,
},
// valid code but bad creds
{
query: url.Values{
"grant_type": []string{"authorization_code"},
"code": []string{"code-2"},
},
user: "XASD",
passwd: base64.URLEncoding.EncodeToString([]byte("failSecrete")),
wantCode: http.StatusUnauthorized,
},
// bad code
{
query: url.Values{
"grant_type": []string{"authorization_code"},
"code": []string{"asdasd"},
},
user: "XXX",
passwd: base64.URLEncoding.EncodeToString([]byte("secrete")),
wantCode: http.StatusBadRequest,
},
// OK testcase
{
query: url.Values{
"grant_type": []string{"authorization_code"},
"code": []string{"code-2"},
},
user: "XXX",
passwd: base64.URLEncoding.EncodeToString([]byte("secrete")),
wantCode: http.StatusOK,
},
}
for i, tt := range tests {
hdlr := handleTokenFunc(fx.srv)
w := httptest.NewRecorder()
req, err := http.NewRequest("POST", "http://example.com/token", strings.NewReader(tt.query.Encode()))
if err != nil {
t.Errorf("unable to create HTTP request, error=%v", err)
continue
}
req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
req.SetBasicAuth(tt.user, tt.passwd)
// need to create session in order to exchange the code (generated by the NewSessionKey func) for token
setSession := func() error {
sid, err := fx.sessionManager.NewSession("local", "XXX", "", testRedirectURL, "", true, []string{"openid"})
if err != nil {
return fmt.Errorf("case %d: cannot create session, error=%v", i, err)
}
_, err = fx.sessionManager.AttachRemoteIdentity(sid, oidc.Identity{})
if err != nil {
return fmt.Errorf("case %d: cannot attach remoteID, error=%v", i, err)
}
_, err = fx.sessionManager.AttachUser(sid, "ID-Verified")
if err != nil {
return fmt.Errorf("case %d: cannot attach user, error=%v", i, err)
}
_, err = fx.sessionManager.NewSessionKey(sid)
if err != nil {
return fmt.Errorf("case %d: cannot create session code, error=%v", i, err)
}
return nil
}
if err := setSession(); err != nil {
t.Errorf("case %d: %v", i, err)
continue
}
hdlr.ServeHTTP(w, req)
if tt.wantCode != w.Code {
t.Errorf("case %d: expected HTTP %d, got %v", i, tt.wantCode, w.Code)
}
}
}
func TestHandleTokenFuncMethodNotAllowed(t *testing.T) {
for _, m := range []string{"GET", "PUT", "DELETE"} {
hdlr := handleTokenFunc(nil)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment