github.com/arunkumar7540/cli@v6.45.0+incompatible/integration/v6/isolated/token_refresh_test.go (about) 1 package isolated 2 3 import ( 4 "fmt" 5 6 "code.cloudfoundry.org/cli/integration/helpers" 7 "code.cloudfoundry.org/cli/util/configv3" 8 9 . "github.com/onsi/ginkgo" 10 . "github.com/onsi/gomega" 11 . "github.com/onsi/gomega/gbytes" 12 . "github.com/onsi/gomega/gexec" 13 ) 14 15 var _ = Describe("Token Refreshing", func() { 16 Describe("password grant type", func() { 17 BeforeEach(func() { 18 helpers.LoginCF() 19 }) 20 21 Describe("config file backwards compatibility", func() { 22 // If we write "password" as the grant type, versions of the CLI before 6.44.0 will not be 23 // able to use their refresh token correctly. 24 When("logging in with rewritten cf auth", func() { 25 BeforeEach(func() { 26 helpers.LoginCF() 27 }) 28 29 It("persists an empty string as the grant type in config.json", func() { 30 c := helpers.GetConfig() 31 Expect(c.UAAGrantType()).To(Equal("")) 32 }) 33 }) 34 35 When("logging in with un-rewritten cf login", func() { 36 BeforeEach(func() { 37 helpers.TurnOffExperimentalLogin() 38 u, p := helpers.GetCredentials() 39 session := helpers.CF("login", "-u", u, "-p", p) 40 Eventually(session).Should(Exit(0)) 41 }) 42 43 It("persists an empty string as the grant type in config.json", func() { 44 c := helpers.GetConfig() 45 Expect(c.UAAGrantType()).To(Equal("")) 46 }) 47 }) 48 49 When("logging in with rewritten cf login", func() { 50 BeforeEach(func() { 51 helpers.TurnOnExperimentalLogin() 52 u, p := helpers.GetCredentials() 53 session := helpers.CF("login", "-u", u, "-p", p) 54 Eventually(session).Should(Exit(0)) 55 }) 56 57 AfterEach(func() { 58 helpers.TurnOffExperimentalLogin() 59 }) 60 61 It("persists an empty string as the grant type in config.json", func() { 62 c := helpers.GetConfig() 63 Expect(c.UAAGrantType()).To(Equal("")) 64 }) 65 }) 66 }) 67 68 When("the token is invalid", func() { 69 When("password is explicitly stored as the grant type", func() { 70 BeforeEach(func() { 71 helpers.SetConfig(func(config *configv3.Config) { 72 config.ConfigFile.AccessToken = helpers.ExpiredAccessToken() 73 config.ConfigFile.TargetedOrganization.GUID = "fake-org" 74 config.ConfigFile.TargetedSpace.GUID = "fake-space" 75 config.ConfigFile.UAAGrantType = "password" 76 }) 77 }) 78 79 When("running a v6 command", func() { 80 When("the cloud controller client encounters an invalid token response", func() { 81 It("refreshes the token", func() { 82 session := helpers.CF("unbind-service", "app", "service") 83 Eventually(session.Err).Should(Say("App 'app' not found")) 84 Eventually(session).Should(Exit(1)) 85 }) 86 }) 87 88 When("the UAA client encounters an invalid token response", func() { 89 It("refreshes the token", func() { 90 username, _ := helpers.GetCredentials() 91 session := helpers.CF("create-user", username, helpers.NewPassword()) 92 Eventually(session.Err).Should(Say(fmt.Sprintf("user %s already exists", username))) 93 Eventually(session).Should(Exit(0)) 94 }) 95 }) 96 }) 97 98 When("running an unrefactored v6 command", func() { 99 It("refreshes the token", func() { 100 session := helpers.CF("stack", "some-stack") 101 Eventually(session).Should(Say("Stack some-stack not found")) 102 Eventually(session).Should(Exit(1)) 103 }) 104 }) 105 }) 106 107 When("no grant type is explicitly stored", func() { 108 BeforeEach(func() { 109 helpers.SetConfig(func(config *configv3.Config) { 110 config.ConfigFile.AccessToken = helpers.ExpiredAccessToken() 111 config.ConfigFile.TargetedOrganization.GUID = "fake-org" 112 config.ConfigFile.TargetedSpace.GUID = "fake-space" 113 config.ConfigFile.UAAGrantType = "" 114 }) 115 }) 116 117 When("running a v6 command", func() { 118 When("the cloud controller client encounters an invalid token response", func() { 119 It("refreshes the token", func() { 120 session := helpers.CF("unbind-service", "app", "service") 121 Eventually(session.Err).Should(Say("App 'app' not found")) 122 Eventually(session).Should(Exit(1)) 123 }) 124 }) 125 126 When("the UAA client encounters an invalid token response", func() { 127 It("refreshes the token", func() { 128 username, _ := helpers.GetCredentials() 129 session := helpers.CF("create-user", username, helpers.NewPassword()) 130 Eventually(session.Err).Should(Say(fmt.Sprintf("user %s already exists", username))) 131 Eventually(session).Should(Exit(0)) 132 }) 133 }) 134 }) 135 136 When("running an unrefactored v6 command", func() { 137 It("refreshes the token", func() { 138 session := helpers.CF("stack", "some-stack") 139 Eventually(session).Should(Say("Stack some-stack not found")) 140 Eventually(session).Should(Exit(1)) 141 }) 142 }) 143 }) 144 }) 145 }) 146 147 Describe("client grant type", func() { 148 BeforeEach(func() { 149 helpers.LoginCFWithClientCredentials() 150 }) 151 152 When("the token is invalid", func() { 153 BeforeEach(func() { 154 helpers.SetConfig(func(config *configv3.Config) { 155 config.ConfigFile.AccessToken = helpers.ExpiredAccessToken() 156 config.ConfigFile.TargetedOrganization.GUID = "fake-org" 157 config.ConfigFile.TargetedSpace.GUID = "fake-space" 158 }) 159 }) 160 161 When("running a v6 refactored command", func() { 162 When("the cloud controller client encounters an invalid token response", func() { 163 It("displays an error and exits 1", func() { 164 session := helpers.CF("unbind-service", "app", "service") 165 Eventually(session.Err).Should(Say(`Credentials were rejected, please try again\.`)) 166 Eventually(session).Should(Exit(1)) 167 }) 168 }) 169 170 When("the UAA client encounters an invalid token response", func() { 171 It("displays an error and exits 1", func() { 172 username := helpers.NewUsername() 173 session := helpers.CF("create-user", username, helpers.NewPassword()) 174 Eventually(session.Err).Should(Say(`Credentials were rejected, please try again\.`)) 175 Eventually(session).Should(Exit(1)) 176 }) 177 }) 178 }) 179 180 When("running a v6 unrefactored command", func() { 181 When("the cloud controller client encounters an invalid token response", func() { 182 It("displays an error and exits 1", func() { 183 username, _ := helpers.GetCredentials() 184 session := helpers.CF("quotas") 185 Eventually(session).Should(Say("Getting quotas as %s", username)) 186 Eventually(session).Should(Say("Bad credentials")) 187 Eventually(session).Should(Exit(1)) 188 }) 189 }) 190 }) 191 }) 192 193 When("the CLI has authenticated with --client-credentials", func() { 194 When("the user has manually stored the client credentials in the config file and the token is expired", func() { 195 BeforeEach(func() { 196 clientID, clientSecret := helpers.SkipIfClientCredentialsNotSet() 197 198 helpers.SetConfig(func(config *configv3.Config) { 199 config.ConfigFile.UAAGrantType = "client_credentials" 200 config.ConfigFile.UAAOAuthClient = clientID 201 config.ConfigFile.UAAOAuthClientSecret = clientSecret 202 }) 203 204 helpers.SetConfig(func(config *configv3.Config) { 205 config.ConfigFile.AccessToken = helpers.ExpiredAccessToken() 206 }) 207 }) 208 209 It("automatically gets a new access token", func() { 210 Eventually(helpers.CF("orgs")).Should(Exit(0)) 211 }) 212 }) 213 }) 214 }) 215 })