github.com/resonatecoop/id@v1.1.0-43/oauth/grant_type_authorization_code_test.go

github.com/resonatecoop/id@v1.1.0-43/oauth/grant_type_authorization_code_test.go (about)

     1  package oauth_test
     2  
     3  import (
     4  	"context"
     5  	"net/http"
     6  	"net/http/httptest"
     7  	"net/url"
     8  	"time"
     9  
    10  	"github.com/resonatecoop/id/oauth"
    11  	"github.com/resonatecoop/id/oauth/tokentypes"
    12  	testutil "github.com/resonatecoop/id/test-util"
    13  	"github.com/resonatecoop/id/util"
    14  	"github.com/resonatecoop/user-api/model"
    15  	"github.com/stretchr/testify/assert"
    16  )
    17  
    18  func (suite *OauthTestSuite) TestAuthorizationCodeGrantEmptyNotFound() {
    19  	// Prepare a request
    20  	r, err := http.NewRequest("POST", "http://1.2.3.4/v1/oauth/tokens", nil)
    21  	assert.NoError(suite.T(), err, "Request setup should not get an error")
    22  	r.SetBasicAuth("test_client_1", "test_secret")
    23  	r.PostForm = url.Values{
    24  		"grant_type": {"authorization_code"},
    25  		"code":       {""},
    26  	}
    27  
    28  	// Serve the request
    29  	w := httptest.NewRecorder()
    30  	suite.router.ServeHTTP(w, r)
    31  
    32  	// Check the response
    33  	testutil.TestResponseForError(
    34  		suite.T(),
    35  		w,
    36  		oauth.ErrAuthorizationCodeNotFound.Error(),
    37  		404,
    38  	)
    39  }
    40  
    41  func (suite *OauthTestSuite) TestAuthorizationCodeGrantBogusNotFound() {
    42  	// Prepare a request
    43  	r, err := http.NewRequest("POST", "http://1.2.3.4/v1/oauth/tokens", nil)
    44  	assert.NoError(suite.T(), err, "Request setup should not get an error")
    45  	r.SetBasicAuth("test_client_1", "test_secret")
    46  	r.PostForm = url.Values{
    47  		"grant_type": {"authorization_code"},
    48  		"code":       {"bogus"},
    49  	}
    50  
    51  	// Serve the request
    52  	w := httptest.NewRecorder()
    53  	suite.router.ServeHTTP(w, r)
    54  
    55  	// Check the response
    56  	testutil.TestResponseForError(
    57  		suite.T(),
    58  		w,
    59  		oauth.ErrAuthorizationCodeNotFound.Error(),
    60  		404,
    61  	)
    62  }
    63  
    64  func (suite *OauthTestSuite) TestAuthorizationCodeGrantExpired() {
    65  	// Insert a test authorization code
    66  
    67  	ctx := context.Background()
    68  
    69  	authorizationcode := &model.AuthorizationCode{
    70  		IDRecord:    model.IDRecord{CreatedAt: time.Now().UTC()},
    71  		Code:        "test_code",
    72  		ExpiresAt:   time.Now().UTC().Add(-10 * time.Second),
    73  		ClientID:    suite.clients[0].ID,
    74  		UserID:      suite.users[0].ID,
    75  		RedirectURI: util.StringOrNull("https://www.example.com"),
    76  		Scope:       "read_write",
    77  	}
    78  
    79  	_, err := suite.db.NewInsert().
    80  		Model(authorizationcode).
    81  		Exec(ctx)
    82  
    83  	assert.NoError(suite.T(), err, "Inserting test data failed")
    84  
    85  	// Prepare a request
    86  	r, err := http.NewRequest("POST", "http://1.2.3.4/v1/oauth/tokens", nil)
    87  	assert.NoError(suite.T(), err, "Request setup should not get an error")
    88  	r.SetBasicAuth("test_client_1", "test_secret")
    89  	r.PostForm = url.Values{
    90  		"grant_type":   {"authorization_code"},
    91  		"code":         {"test_code"},
    92  		"redirect_uri": {"https://www.example.com"},
    93  	}
    94  
    95  	// Serve the request
    96  	w := httptest.NewRecorder()
    97  	suite.router.ServeHTTP(w, r)
    98  
    99  	// Check the response
   100  	testutil.TestResponseForError(
   101  		suite.T(),
   102  		w,
   103  		oauth.ErrAuthorizationCodeExpired.Error(),
   104  		400,
   105  	)
   106  }
   107  
   108  func (suite *OauthTestSuite) TestAuthorizationCodeGrantInvalidRedirectURI() {
   109  	// Insert a test authorization code
   110  
   111  	ctx := context.Background()
   112  
   113  	authorizationCode := &model.AuthorizationCode{
   114  		IDRecord:    model.IDRecord{CreatedAt: time.Now().UTC()},
   115  		Code:        "test_code",
   116  		ExpiresAt:   time.Now().UTC().Add(+10 * time.Second),
   117  		ClientID:    suite.clients[0].ID,
   118  		UserID:      suite.users[0].ID,
   119  		RedirectURI: util.StringOrNull("https://www.example.com"),
   120  		Scope:       "read_write",
   121  	}
   122  
   123  	_, err := suite.db.NewInsert().
   124  		Model(authorizationCode).
   125  		Exec(ctx)
   126  
   127  	assert.NoError(suite.T(), err, "Inserting test data failed")
   128  
   129  	// Prepare a request
   130  	r, err := http.NewRequest("POST", "http://1.2.3.4/v1/oauth/tokens", nil)
   131  	assert.NoError(suite.T(), err, "Request setup should not get an error")
   132  	r.SetBasicAuth("test_client_1", "test_secret")
   133  	r.PostForm = url.Values{
   134  		"grant_type":   {"authorization_code"},
   135  		"code":         {"test_code"},
   136  		"redirect_uri": {"https://bogus"},
   137  	}
   138  
   139  	// Serve the request
   140  	w := httptest.NewRecorder()
   141  	suite.router.ServeHTTP(w, r)
   142  
   143  	// Check the response
   144  	testutil.TestResponseForError(
   145  		suite.T(),
   146  		w,
   147  		oauth.ErrInvalidRedirectURI.Error(),
   148  		400,
   149  	)
   150  }
   151  
   152  func (suite *OauthTestSuite) TestAuthorizationCodeGrant() {
   153  	ctx := context.Background()
   154  	// Insert a test authorization code
   155  	authorizationcode := &model.AuthorizationCode{
   156  		IDRecord:    model.IDRecord{CreatedAt: time.Now().UTC()},
   157  		Code:        "test_code",
   158  		ExpiresAt:   time.Now().UTC().Add(+10 * time.Second),
   159  		ClientID:    suite.clients[0].ID,
   160  		UserID:      suite.users[0].ID,
   161  		RedirectURI: util.StringOrNull("https://www.example.com"),
   162  		Scope:       "read_write tenantadmin",
   163  	}
   164  
   165  	_, err := suite.db.NewInsert().
   166  		Model(authorizationcode).
   167  		Exec(ctx)
   168  
   169  	assert.NoError(suite.T(), err, "Inserting test data failed")
   170  
   171  	// Prepare a request
   172  	r, err := http.NewRequest("POST", "http://1.2.3.4/v1/oauth/tokens", nil)
   173  	assert.NoError(suite.T(), err, "Request setup should not get an error")
   174  	r.SetBasicAuth("test_client_1", "test_secret")
   175  	r.PostForm = url.Values{
   176  		"grant_type":   {"authorization_code"},
   177  		"code":         {"test_code"},
   178  		"redirect_uri": {"https://www.example.com"},
   179  	}
   180  
   181  	// Serve the request
   182  	w := httptest.NewRecorder()
   183  	suite.router.ServeHTTP(w, r)
   184  
   185  	// Fetch data
   186  	accessToken, refreshToken := new(model.AccessToken), new(model.RefreshToken)
   187  
   188  	err = suite.db.NewSelect().
   189  		Model(accessToken).
   190  		Order("created_at DESC").
   191  		Limit(1).
   192  		Scan(ctx)
   193  
   194  	assert.Nil(suite.T(), err)
   195  
   196  	err = suite.db.NewSelect().
   197  		Model(refreshToken).
   198  		Order("created_at DESC").
   199  		Limit(1).
   200  		Scan(ctx)
   201  
   202  	assert.Nil(suite.T(), err)
   203  
   204  	// Check the response
   205  	expected := &oauth.AccessTokenResponse{
   206  		UserID:       accessToken.UserID.String(),
   207  		AccessToken:  accessToken.Token,
   208  		ExpiresIn:    3600,
   209  		TokenType:    tokentypes.Bearer,
   210  		Scope:        "read_write tenantadmin",
   211  		RefreshToken: refreshToken.Token,
   212  	}
   213  	testutil.TestResponseObject(suite.T(), w, expected, 200)
   214  
   215  	// The authorization code should get deleted after use
   216  
   217  	err = suite.db.NewSelect().
   218  		Model(new(model.AuthorizationCode)).
   219  		Limit(1).
   220  		Scan(ctx)
   221  
   222  	assert.NotNil(suite.T(), err)
   223  }