From d3d2db8e05aef1f6a86d37395cd82a0aea569dc1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Adri=C3=A1n=20L=C3=B3pez=20G=C3=B3mez?= Date: Thu, 14 Apr 2016 11:54:21 +0200 Subject: [PATCH] tests: add HandleTokenFunc test Fixes #408 --- server/http_test.go | 131 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 131 insertions(+) diff --git a/server/http_test.go b/server/http_test.go index 94912bc7..319f9d91 100644 --- a/server/http_test.go +++ b/server/http_test.go @@ -332,6 +332,137 @@ func TestHandleAuthFuncResponsesMultipleRedirectURLs(t *testing.T) { } } +func TestHandleTokenFunc(t *testing.T) { + + fx, err := makeTestFixtures() + if err != nil { + t.Fatalf("could not run test fixtures: %v", err) + } + + tests := []struct { + query url.Values + user string + passwd string + wantCode int + }{ + // bad grant_type + { + query: url.Values{ + "grant_type": []string{"invalid!"}, + "code": []string{"someCode"}, + }, + user: "XXX", + passwd: base64.URLEncoding.EncodeToString([]byte("secrete")), + wantCode: http.StatusBadRequest, + }, + + // authorization_code needs code param + { + query: url.Values{ + "grant_type": []string{"authorization_code"}, + }, + user: "XXX", + passwd: base64.URLEncoding.EncodeToString([]byte("secrete")), + wantCode: http.StatusBadRequest, + }, + + // empty code + { + query: url.Values{ + "grant_type": []string{"authorization_code"}, + "code": []string{""}, + }, + user: "XXX", + passwd: base64.URLEncoding.EncodeToString([]byte("secrete")), + wantCode: http.StatusBadRequest, + }, + + // valid code but bad creds + { + query: url.Values{ + "grant_type": []string{"authorization_code"}, + "code": []string{"code-2"}, + }, + user: "XASD", + passwd: base64.URLEncoding.EncodeToString([]byte("failSecrete")), + wantCode: http.StatusUnauthorized, + }, + + // bad code + { + query: url.Values{ + "grant_type": []string{"authorization_code"}, + "code": []string{"asdasd"}, + }, + user: "XXX", + passwd: base64.URLEncoding.EncodeToString([]byte("secrete")), + wantCode: http.StatusBadRequest, + }, + + // OK testcase + { + query: url.Values{ + "grant_type": []string{"authorization_code"}, + "code": []string{"code-2"}, + }, + user: "XXX", + passwd: base64.URLEncoding.EncodeToString([]byte("secrete")), + wantCode: http.StatusOK, + }, + } + + for i, tt := range tests { + hdlr := handleTokenFunc(fx.srv) + w := httptest.NewRecorder() + + req, err := http.NewRequest("POST", "http://example.com/token", strings.NewReader(tt.query.Encode())) + if err != nil { + t.Errorf("unable to create HTTP request, error=%v", err) + continue + } + req.Header.Set("Content-Type", "application/x-www-form-urlencoded") + req.SetBasicAuth(tt.user, tt.passwd) + + // need to create session in order to exchange the code (generated by the NewSessionKey func) for token + setSession := func() error { + sid, err := fx.sessionManager.NewSession("local", "XXX", "", testRedirectURL, "", true, []string{"openid"}) + if err != nil { + return fmt.Errorf("case %d: cannot create session, error=%v", i, err) + } + + _, err = fx.sessionManager.AttachRemoteIdentity(sid, oidc.Identity{}) + if err != nil { + return fmt.Errorf("case %d: cannot attach remoteID, error=%v", i, err) + } + + _, err = fx.sessionManager.AttachUser(sid, "ID-Verified") + if err != nil { + return fmt.Errorf("case %d: cannot attach user, error=%v", i, err) + } + + _, err = fx.sessionManager.NewSessionKey(sid) + if err != nil { + return fmt.Errorf("case %d: cannot create session code, error=%v", i, err) + } + + return nil + + } + + if err := setSession(); err != nil { + t.Errorf("case %d: %v", i, err) + continue + } + + hdlr.ServeHTTP(w, req) + if tt.wantCode != w.Code { + t.Errorf("case %d: expected HTTP %d, got %v", i, tt.wantCode, w.Code) + } + + } + +} + func TestHandleTokenFuncMethodNotAllowed(t *testing.T) { for _, m := range []string{"GET", "PUT", "DELETE"} { hdlr := handleTokenFunc(nil)