github.com/jxgolibs/go-oauth2-server@v1.0.1/oauth/access_token_test.go (about) 1 package oauth_test 2 3 import ( 4 "time" 5 6 "github.com/RichardKnop/go-oauth2-server/models" 7 "github.com/RichardKnop/uuid" 8 "github.com/stretchr/testify/assert" 9 ) 10 11 func (suite *OauthTestSuite) TestGrantAccessToken() { 12 var ( 13 accessToken *models.OauthAccessToken 14 err error 15 tokens []*models.OauthAccessToken 16 ) 17 18 // Grant a client only access token 19 accessToken, err = suite.service.GrantAccessToken( 20 suite.clients[0], // client 21 nil, // user 22 3600, // expires in 23 "scope doesn't matter", // scope 24 ) 25 26 // Error should be Nil 27 assert.Nil(suite.T(), err) 28 29 // Correct access token object should be returned 30 if assert.NotNil(suite.T(), accessToken) { 31 // Fetch all access tokens 32 models.OauthAccessTokenPreload(suite.db).Order("created_at").Find(&tokens) 33 34 // There should be just one right now 35 assert.Equal(suite.T(), 1, len(tokens)) 36 37 // And the token should match the one returned by the grant method 38 assert.Equal(suite.T(), tokens[0].Token, accessToken.Token) 39 40 // Client id should be set 41 assert.True(suite.T(), tokens[0].ClientID.Valid) 42 assert.Equal(suite.T(), string(suite.clients[0].ID), tokens[0].ClientID.String) 43 44 // User id should be nil 45 assert.False(suite.T(), tokens[0].UserID.Valid) 46 } 47 48 // Grant a user specific access token 49 accessToken, err = suite.service.GrantAccessToken( 50 suite.clients[0], // client 51 suite.users[0], // user 52 3600, // expires in 53 "scope doesn't matter", // scope 54 ) 55 56 // Error should be Nil 57 assert.Nil(suite.T(), err) 58 59 // Correct access token object should be returned 60 if assert.NotNil(suite.T(), accessToken) { 61 // Fetch all access tokens 62 models.OauthAccessTokenPreload(suite.db).Order("created_at").Find(&tokens) 63 64 // There should be 2 tokens now 65 assert.Equal(suite.T(), 2, len(tokens)) 66 67 // And the second token should match the one returned by the grant method 68 assert.Equal(suite.T(), tokens[1].Token, accessToken.Token) 69 70 // Client id should be set 71 assert.True(suite.T(), tokens[1].ClientID.Valid) 72 assert.Equal(suite.T(), string(suite.clients[0].ID), tokens[1].ClientID.String) 73 74 // User id should be set 75 assert.True(suite.T(), tokens[1].UserID.Valid) 76 assert.Equal(suite.T(), string(suite.users[0].ID), tokens[1].UserID.String) 77 } 78 } 79 80 func (suite *OauthTestSuite) TestGrantAccessTokenDeletesExpiredTokens() { 81 var ( 82 testAccessTokens = []*models.OauthAccessToken{ 83 // Expired access token with a user 84 { 85 MyGormModel: models.MyGormModel{ 86 ID: uuid.New(), 87 CreatedAt: time.Now().UTC(), 88 }, 89 Token: "test_token_1", 90 ExpiresAt: time.Now().UTC().Add(-10 * time.Second), 91 Client: suite.clients[0], 92 User: suite.users[0], 93 }, 94 // Expired access token without a user 95 { 96 MyGormModel: models.MyGormModel{ 97 ID: uuid.New(), 98 CreatedAt: time.Now().UTC(), 99 }, 100 Token: "test_token_2", 101 ExpiresAt: time.Now().UTC().Add(-10 * time.Second), 102 Client: suite.clients[0], 103 }, 104 // Access token with a user 105 { 106 MyGormModel: models.MyGormModel{ 107 ID: uuid.New(), 108 CreatedAt: time.Now().UTC(), 109 }, 110 Token: "test_token_3", 111 ExpiresAt: time.Now().UTC().Add(+10 * time.Second), 112 Client: suite.clients[0], 113 User: suite.users[0], 114 }, 115 // Access token without a user 116 { 117 MyGormModel: models.MyGormModel{ 118 ID: uuid.New(), 119 CreatedAt: time.Now().UTC(), 120 }, 121 Token: "test_token_4", 122 ExpiresAt: time.Now().UTC().Add(+10 * time.Second), 123 Client: suite.clients[0], 124 }, 125 } 126 err error 127 notFound bool 128 existingTokens []string 129 ) 130 131 // Insert test access tokens 132 for _, testAccessToken := range testAccessTokens { 133 err = suite.db.Create(testAccessToken).Error 134 assert.NoError(suite.T(), err, "Inserting test data failed") 135 } 136 137 // This should only delete test_token_1 138 _, err = suite.service.GrantAccessToken( 139 suite.clients[0], // client 140 suite.users[0], // user 141 3600, // expires in 142 "scope doesn't matter", // scope 143 ) 144 assert.NoError(suite.T(), err) 145 146 // Check the test_token_1 was deleted 147 notFound = suite.db.Unscoped().Where("token = ?", "test_token_1"). 148 First(new(models.OauthAccessToken)).RecordNotFound() 149 assert.True(suite.T(), notFound) 150 151 // Check the other three tokens are still around 152 existingTokens = []string{ 153 "test_token_2", 154 "test_token_3", 155 "test_token_4", 156 } 157 for _, token := range existingTokens { 158 notFound = suite.db.Unscoped().Where("token = ?", token). 159 First(new(models.OauthAccessToken)).RecordNotFound() 160 assert.False(suite.T(), notFound) 161 } 162 163 // This should only delete test_token_2 164 _, err = suite.service.GrantAccessToken( 165 suite.clients[0], // client 166 nil, // user 167 3600, // expires in 168 "scope doesn't matter", // scope 169 ) 170 assert.NoError(suite.T(), err) 171 172 // Check the test_token_2 was deleted 173 notFound = suite.db.Unscoped().Where("token = ?", "test_token_2"). 174 First(new(models.OauthAccessToken)).RecordNotFound() 175 assert.True(suite.T(), notFound) 176 177 // Check that last two tokens are still around 178 existingTokens = []string{ 179 "test_token_3", 180 "test_token_4", 181 } 182 for _, token := range existingTokens { 183 notFound := suite.db.Unscoped().Where("token = ?", token). 184 First(new(models.OauthAccessToken)).RecordNotFound() 185 assert.False(suite.T(), notFound) 186 } 187 }