github.com/coincircle/mattermost-server@v4.8.1-0.20180321182714-9d701c704416+incompatible/app/oauth_test.go

github.com/coincircle/mattermost-server@v4.8.1-0.20180321182714-9d701c704416+incompatible/app/oauth_test.go (about)

     1  // Copyright (c) 2017-present Mattermost, Inc. All Rights Reserved.
     2  // See License.txt for license information.
     3  
     4  package app
     5  
     6  import (
     7  	"testing"
     8  
     9  	"github.com/mattermost/mattermost-server/model"
    10  )
    11  
    12  func TestOAuthRevokeAccessToken(t *testing.T) {
    13  	th := Setup()
    14  	defer th.TearDown()
    15  
    16  	if err := th.App.RevokeAccessToken(model.NewRandomString(16)); err == nil {
    17  		t.Fatal("Should have failed bad token")
    18  	}
    19  
    20  	session := &model.Session{}
    21  	session.CreateAt = model.GetMillis()
    22  	session.UserId = model.NewId()
    23  	session.Token = model.NewId()
    24  	session.Roles = model.SYSTEM_USER_ROLE_ID
    25  	session.SetExpireInDays(1)
    26  
    27  	session, _ = th.App.CreateSession(session)
    28  	if err := th.App.RevokeAccessToken(session.Token); err == nil {
    29  		t.Fatal("Should have failed does not have an access token")
    30  	}
    31  
    32  	accessData := &model.AccessData{}
    33  	accessData.Token = session.Token
    34  	accessData.UserId = session.UserId
    35  	accessData.RedirectUri = "http://example.com"
    36  	accessData.ClientId = model.NewId()
    37  	accessData.ExpiresAt = session.ExpiresAt
    38  
    39  	if result := <-th.App.Srv.Store.OAuth().SaveAccessData(accessData); result.Err != nil {
    40  		t.Fatal(result.Err)
    41  	}
    42  
    43  	if err := th.App.RevokeAccessToken(accessData.Token); err != nil {
    44  		t.Fatal(err)
    45  	}
    46  }
    47  
    48  func TestOAuthDeleteApp(t *testing.T) {
    49  	th := Setup()
    50  	defer th.TearDown()
    51  
    52  	th.App.Config().ServiceSettings.EnableOAuthServiceProvider = true
    53  
    54  	a1 := &model.OAuthApp{}
    55  	a1.CreatorId = model.NewId()
    56  	a1.Name = "TestApp" + model.NewId()
    57  	a1.CallbackUrls = []string{"https://nowhere.com"}
    58  	a1.Homepage = "https://nowhere.com"
    59  
    60  	var err *model.AppError
    61  	a1, err = th.App.CreateOAuthApp(a1)
    62  	if err != nil {
    63  		t.Fatal(err)
    64  	}
    65  
    66  	session := &model.Session{}
    67  	session.CreateAt = model.GetMillis()
    68  	session.UserId = model.NewId()
    69  	session.Token = model.NewId()
    70  	session.Roles = model.SYSTEM_USER_ROLE_ID
    71  	session.IsOAuth = true
    72  	session.SetExpireInDays(1)
    73  
    74  	session, _ = th.App.CreateSession(session)
    75  
    76  	accessData := &model.AccessData{}
    77  	accessData.Token = session.Token
    78  	accessData.UserId = session.UserId
    79  	accessData.RedirectUri = "http://example.com"
    80  	accessData.ClientId = a1.Id
    81  	accessData.ExpiresAt = session.ExpiresAt
    82  
    83  	if result := <-th.App.Srv.Store.OAuth().SaveAccessData(accessData); result.Err != nil {
    84  		t.Fatal(result.Err)
    85  	}
    86  
    87  	if err := th.App.DeleteOAuthApp(a1.Id); err != nil {
    88  		t.Fatal(err)
    89  	}
    90  
    91  	if _, err := th.App.GetSession(session.Token); err == nil {
    92  		t.Fatal("should not get session from cache or db")
    93  	}
    94  }