github.com/secman-team/gh-api@v1.8.2/pkg/cmd/auth/shared/oauth_scopes_test.go (about) 1 package shared 2 3 import ( 4 "bytes" 5 "io/ioutil" 6 "net/http" 7 "testing" 8 9 "github.com/secman-team/gh-api/pkg/httpmock" 10 "github.com/stretchr/testify/assert" 11 ) 12 13 func Test_HasMinimumScopes(t *testing.T) { 14 tests := []struct { 15 name string 16 header string 17 wantErr string 18 }{ 19 { 20 name: "no scopes", 21 header: "", 22 wantErr: "", 23 }, 24 { 25 name: "default scopes", 26 header: "repo, read:org", 27 wantErr: "", 28 }, 29 { 30 name: "admin:org satisfies read:org", 31 header: "repo, admin:org", 32 wantErr: "", 33 }, 34 { 35 name: "write:org satisfies read:org", 36 header: "repo, write:org", 37 wantErr: "", 38 }, 39 { 40 name: "insufficient scope", 41 header: "repo", 42 wantErr: "missing required scope 'read:org'", 43 }, 44 { 45 name: "insufficient scopes", 46 header: "gist", 47 wantErr: "missing required scopes 'repo', 'read:org'", 48 }, 49 } 50 for _, tt := range tests { 51 t.Run(tt.name, func(t *testing.T) { 52 fakehttp := &httpmock.Registry{} 53 defer fakehttp.Verify(t) 54 55 var gotAuthorization string 56 fakehttp.Register(httpmock.REST("GET", ""), func(req *http.Request) (*http.Response, error) { 57 gotAuthorization = req.Header.Get("authorization") 58 return &http.Response{ 59 Request: req, 60 StatusCode: 200, 61 Body: ioutil.NopCloser(&bytes.Buffer{}), 62 Header: map[string][]string{ 63 "X-Oauth-Scopes": {tt.header}, 64 }, 65 }, nil 66 }) 67 68 client := http.Client{Transport: fakehttp} 69 err := HasMinimumScopes(&client, "github.com", "ATOKEN") 70 if tt.wantErr != "" { 71 assert.EqualError(t, err, tt.wantErr) 72 } else { 73 assert.NoError(t, err) 74 } 75 assert.Equal(t, gotAuthorization, "token ATOKEN") 76 }) 77 } 78 79 }