forked from mystiq/dex
Add oob, device and localhost redirect URI tests
Signed-off-by: Martin Heide <martin.heide@faro.com>
This commit is contained in:
parent
1ea481bb73
commit
c15e2887bc
1 changed files with 50 additions and 0 deletions
|
@ -342,6 +342,7 @@ func TestValidRedirectURI(t *testing.T) {
|
||||||
redirectURI: "http://foo.com/bar/baz",
|
redirectURI: "http://foo.com/bar/baz",
|
||||||
wantValid: false,
|
wantValid: false,
|
||||||
},
|
},
|
||||||
|
// These special desktop + device + localhost URIs are allowed by default.
|
||||||
{
|
{
|
||||||
client: storage.Client{
|
client: storage.Client{
|
||||||
Public: true,
|
Public: true,
|
||||||
|
@ -349,6 +350,13 @@ func TestValidRedirectURI(t *testing.T) {
|
||||||
redirectURI: "urn:ietf:wg:oauth:2.0:oob",
|
redirectURI: "urn:ietf:wg:oauth:2.0:oob",
|
||||||
wantValid: true,
|
wantValid: true,
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
client: storage.Client{
|
||||||
|
Public: true,
|
||||||
|
},
|
||||||
|
redirectURI: "/device/callback",
|
||||||
|
wantValid: true,
|
||||||
|
},
|
||||||
{
|
{
|
||||||
client: storage.Client{
|
client: storage.Client{
|
||||||
Public: true,
|
Public: true,
|
||||||
|
@ -387,6 +395,48 @@ func TestValidRedirectURI(t *testing.T) {
|
||||||
redirectURI: "http://foo.com/bar/baz",
|
redirectURI: "http://foo.com/bar/baz",
|
||||||
wantValid: false,
|
wantValid: false,
|
||||||
},
|
},
|
||||||
|
// These special desktop + device + localhost URIs are allowed even when RedirectURIs is non-empty.
|
||||||
|
{
|
||||||
|
client: storage.Client{
|
||||||
|
Public: true,
|
||||||
|
RedirectURIs: []string{"http://foo.com/bar"},
|
||||||
|
},
|
||||||
|
redirectURI: "urn:ietf:wg:oauth:2.0:oob",
|
||||||
|
wantValid: true,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
client: storage.Client{
|
||||||
|
Public: true,
|
||||||
|
RedirectURIs: []string{"http://foo.com/bar"},
|
||||||
|
},
|
||||||
|
redirectURI: "/device/callback",
|
||||||
|
wantValid: true,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
client: storage.Client{
|
||||||
|
Public: true,
|
||||||
|
RedirectURIs: []string{"http://foo.com/bar"},
|
||||||
|
},
|
||||||
|
redirectURI: "http://localhost:8080/",
|
||||||
|
wantValid: true,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
client: storage.Client{
|
||||||
|
Public: true,
|
||||||
|
RedirectURIs: []string{"http://foo.com/bar"},
|
||||||
|
},
|
||||||
|
redirectURI: "http://localhost:991/bar",
|
||||||
|
wantValid: true,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
client: storage.Client{
|
||||||
|
Public: true,
|
||||||
|
RedirectURIs: []string{"http://foo.com/bar"},
|
||||||
|
},
|
||||||
|
redirectURI: "http://localhost",
|
||||||
|
wantValid: true,
|
||||||
|
},
|
||||||
|
// Non-localhost URIs are not allowed implicitly.
|
||||||
{
|
{
|
||||||
client: storage.Client{
|
client: storage.Client{
|
||||||
Public: true,
|
Public: true,
|
||||||
|
|
Loading…
Reference in a new issue