github.com/wgh-/mattermost-server@v4.8.0-rc2+incompatible/api4/oauth_test.go (about) 1 // Copyright (c) 2017 Mattermost, Inc. All Rights Reserved. 2 // See License.txt for license information. 3 4 package api4 5 6 import ( 7 "net/http" 8 "net/url" 9 "strconv" 10 "testing" 11 12 "github.com/mattermost/mattermost-server/model" 13 ) 14 15 func TestCreateOAuthApp(t *testing.T) { 16 th := Setup().InitBasic().InitSystemAdmin() 17 defer th.TearDown() 18 Client := th.Client 19 AdminClient := th.SystemAdminClient 20 21 th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableOAuthServiceProvider = true }) 22 23 oapp := &model.OAuthApp{Name: GenerateTestAppName(), Homepage: "https://nowhere.com", Description: "test", CallbackUrls: []string{"https://nowhere.com"}, IsTrusted: true} 24 25 rapp, resp := AdminClient.CreateOAuthApp(oapp) 26 CheckNoError(t, resp) 27 CheckCreatedStatus(t, resp) 28 29 if rapp.Name != oapp.Name { 30 t.Fatal("names did not match") 31 } 32 33 if rapp.IsTrusted != oapp.IsTrusted { 34 t.Fatal("trusted did no match") 35 } 36 37 th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableOnlyAdminIntegrations = true }) 38 _, resp = Client.CreateOAuthApp(oapp) 39 CheckForbiddenStatus(t, resp) 40 41 th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableOnlyAdminIntegrations = false }) 42 rapp, resp = Client.CreateOAuthApp(oapp) 43 CheckNoError(t, resp) 44 CheckCreatedStatus(t, resp) 45 46 if rapp.IsTrusted { 47 t.Fatal("trusted should be false - created by non admin") 48 } 49 50 oapp.Name = "" 51 _, resp = AdminClient.CreateOAuthApp(oapp) 52 CheckBadRequestStatus(t, resp) 53 54 if r, err := Client.DoApiPost("/oauth/apps", "garbage"); err == nil { 55 t.Fatal("should have failed") 56 } else { 57 if r.StatusCode != http.StatusBadRequest { 58 t.Log("actual: " + strconv.Itoa(r.StatusCode)) 59 t.Log("expected: " + strconv.Itoa(http.StatusBadRequest)) 60 t.Fatal("wrong status code") 61 } 62 } 63 64 Client.Logout() 65 _, resp = Client.CreateOAuthApp(oapp) 66 CheckUnauthorizedStatus(t, resp) 67 68 th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableOAuthServiceProvider = false }) 69 oapp.Name = GenerateTestAppName() 70 _, resp = AdminClient.CreateOAuthApp(oapp) 71 CheckNotImplementedStatus(t, resp) 72 } 73 74 func TestUpdateOAuthApp(t *testing.T) { 75 th := Setup().InitBasic().InitSystemAdmin() 76 defer th.TearDown() 77 Client := th.Client 78 AdminClient := th.SystemAdminClient 79 80 th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableOAuthServiceProvider = true }) 81 82 oapp := &model.OAuthApp{ 83 Name: "oapp", 84 IsTrusted: false, 85 IconURL: "https://nowhere.com/img", 86 Homepage: "https://nowhere.com", 87 Description: "test", 88 CallbackUrls: []string{"https://callback.com"}, 89 } 90 91 oapp, _ = AdminClient.CreateOAuthApp(oapp) 92 93 oapp.Name = "oapp_update" 94 oapp.IsTrusted = true 95 oapp.IconURL = "https://nowhere.com/img_update" 96 oapp.Homepage = "https://nowhere_update.com" 97 oapp.Description = "test_update" 98 oapp.CallbackUrls = []string{"https://callback_update.com", "https://another_callback.com"} 99 100 updatedApp, resp := AdminClient.UpdateOAuthApp(oapp) 101 CheckNoError(t, resp) 102 103 if updatedApp.Id != oapp.Id { 104 t.Fatal("Id should have not updated") 105 } 106 107 if updatedApp.CreatorId != oapp.CreatorId { 108 t.Fatal("CreatorId should have not updated") 109 } 110 111 if updatedApp.CreateAt != oapp.CreateAt { 112 t.Fatal("CreateAt should have not updated") 113 } 114 115 if updatedApp.UpdateAt == oapp.UpdateAt { 116 t.Fatal("UpdateAt should have updated") 117 } 118 119 if updatedApp.ClientSecret != oapp.ClientSecret { 120 t.Fatal("ClientSecret should have not updated") 121 } 122 123 if updatedApp.Name != oapp.Name { 124 t.Fatal("Name should have updated") 125 } 126 127 if updatedApp.Description != oapp.Description { 128 t.Fatal("Description should have updated") 129 } 130 131 if updatedApp.IconURL != oapp.IconURL { 132 t.Fatal("IconURL should have updated") 133 } 134 135 if len(updatedApp.CallbackUrls) == len(oapp.CallbackUrls) { 136 for i, callbackUrl := range updatedApp.CallbackUrls { 137 if callbackUrl != oapp.CallbackUrls[i] { 138 t.Fatal("Description should have updated") 139 } 140 } 141 } 142 143 if updatedApp.Homepage != oapp.Homepage { 144 t.Fatal("Homepage should have updated") 145 } 146 147 if updatedApp.IsTrusted != oapp.IsTrusted { 148 t.Fatal("IsTrusted should have updated") 149 } 150 151 th.LoginBasic2() 152 updatedApp.CreatorId = th.BasicUser2.Id 153 _, resp = Client.UpdateOAuthApp(oapp) 154 CheckForbiddenStatus(t, resp) 155 156 th.LoginBasic() 157 158 th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableOnlyAdminIntegrations = false }) 159 _, resp = Client.UpdateOAuthApp(oapp) 160 CheckForbiddenStatus(t, resp) 161 162 oapp.Id = "zhk9d1ggatrqz236c7h87im7bc" 163 _, resp = AdminClient.UpdateOAuthApp(oapp) 164 CheckNotFoundStatus(t, resp) 165 166 th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableOAuthServiceProvider = false }) 167 _, resp = AdminClient.UpdateOAuthApp(oapp) 168 CheckNotImplementedStatus(t, resp) 169 170 Client.Logout() 171 _, resp = Client.UpdateOAuthApp(oapp) 172 CheckUnauthorizedStatus(t, resp) 173 174 oapp.Id = "junk" 175 _, resp = AdminClient.UpdateOAuthApp(oapp) 176 CheckBadRequestStatus(t, resp) 177 } 178 179 func TestGetOAuthApps(t *testing.T) { 180 th := Setup().InitBasic().InitSystemAdmin() 181 defer th.TearDown() 182 Client := th.Client 183 AdminClient := th.SystemAdminClient 184 185 th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableOAuthServiceProvider = true }) 186 th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableOnlyAdminIntegrations = false }) 187 188 oapp := &model.OAuthApp{Name: GenerateTestAppName(), Homepage: "https://nowhere.com", Description: "test", CallbackUrls: []string{"https://nowhere.com"}} 189 190 rapp, resp := AdminClient.CreateOAuthApp(oapp) 191 CheckNoError(t, resp) 192 193 oapp.Name = GenerateTestAppName() 194 rapp2, resp := Client.CreateOAuthApp(oapp) 195 CheckNoError(t, resp) 196 197 apps, resp := AdminClient.GetOAuthApps(0, 1000) 198 CheckNoError(t, resp) 199 200 found1 := false 201 found2 := false 202 for _, a := range apps { 203 if a.Id == rapp.Id { 204 found1 = true 205 } 206 if a.Id == rapp2.Id { 207 found2 = true 208 } 209 } 210 211 if !found1 || !found2 { 212 t.Fatal("missing oauth app") 213 } 214 215 apps, resp = AdminClient.GetOAuthApps(1, 1) 216 CheckNoError(t, resp) 217 218 if len(apps) != 1 { 219 t.Fatal("paging failed") 220 } 221 222 apps, resp = Client.GetOAuthApps(0, 1000) 223 CheckNoError(t, resp) 224 225 if len(apps) != 1 && apps[0].Id != rapp2.Id { 226 t.Fatal("wrong apps returned") 227 } 228 229 th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableOnlyAdminIntegrations = true }) 230 231 _, resp = Client.GetOAuthApps(0, 1000) 232 CheckForbiddenStatus(t, resp) 233 234 Client.Logout() 235 236 _, resp = Client.GetOAuthApps(0, 1000) 237 CheckUnauthorizedStatus(t, resp) 238 239 th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableOAuthServiceProvider = false }) 240 _, resp = AdminClient.GetOAuthApps(0, 1000) 241 CheckNotImplementedStatus(t, resp) 242 } 243 244 func TestGetOAuthApp(t *testing.T) { 245 th := Setup().InitBasic().InitSystemAdmin() 246 defer th.TearDown() 247 Client := th.Client 248 AdminClient := th.SystemAdminClient 249 250 th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableOAuthServiceProvider = true }) 251 th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableOnlyAdminIntegrations = false }) 252 253 oapp := &model.OAuthApp{Name: GenerateTestAppName(), Homepage: "https://nowhere.com", Description: "test", CallbackUrls: []string{"https://nowhere.com"}} 254 255 rapp, resp := AdminClient.CreateOAuthApp(oapp) 256 CheckNoError(t, resp) 257 258 oapp.Name = GenerateTestAppName() 259 rapp2, resp := Client.CreateOAuthApp(oapp) 260 CheckNoError(t, resp) 261 262 rrapp, resp := AdminClient.GetOAuthApp(rapp.Id) 263 CheckNoError(t, resp) 264 265 if rapp.Id != rrapp.Id { 266 t.Fatal("wrong app") 267 } 268 269 if rrapp.ClientSecret == "" { 270 t.Fatal("should not be sanitized") 271 } 272 273 rrapp2, resp := AdminClient.GetOAuthApp(rapp2.Id) 274 CheckNoError(t, resp) 275 276 if rapp2.Id != rrapp2.Id { 277 t.Fatal("wrong app") 278 } 279 280 if rrapp2.ClientSecret == "" { 281 t.Fatal("should not be sanitized") 282 } 283 284 _, resp = Client.GetOAuthApp(rapp2.Id) 285 CheckNoError(t, resp) 286 287 _, resp = Client.GetOAuthApp(rapp.Id) 288 CheckForbiddenStatus(t, resp) 289 290 th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableOnlyAdminIntegrations = true }) 291 292 _, resp = Client.GetOAuthApp(rapp2.Id) 293 CheckForbiddenStatus(t, resp) 294 295 Client.Logout() 296 297 _, resp = Client.GetOAuthApp(rapp2.Id) 298 CheckUnauthorizedStatus(t, resp) 299 300 _, resp = AdminClient.GetOAuthApp("junk") 301 CheckBadRequestStatus(t, resp) 302 303 _, resp = AdminClient.GetOAuthApp(model.NewId()) 304 CheckNotFoundStatus(t, resp) 305 306 th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableOAuthServiceProvider = false }) 307 _, resp = AdminClient.GetOAuthApp(rapp.Id) 308 CheckNotImplementedStatus(t, resp) 309 } 310 311 func TestGetOAuthAppInfo(t *testing.T) { 312 th := Setup().InitBasic().InitSystemAdmin() 313 defer th.TearDown() 314 Client := th.Client 315 AdminClient := th.SystemAdminClient 316 317 th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableOAuthServiceProvider = true }) 318 th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableOnlyAdminIntegrations = false }) 319 320 oapp := &model.OAuthApp{Name: GenerateTestAppName(), Homepage: "https://nowhere.com", Description: "test", CallbackUrls: []string{"https://nowhere.com"}} 321 322 rapp, resp := AdminClient.CreateOAuthApp(oapp) 323 CheckNoError(t, resp) 324 325 oapp.Name = GenerateTestAppName() 326 rapp2, resp := Client.CreateOAuthApp(oapp) 327 CheckNoError(t, resp) 328 329 rrapp, resp := AdminClient.GetOAuthAppInfo(rapp.Id) 330 CheckNoError(t, resp) 331 332 if rapp.Id != rrapp.Id { 333 t.Fatal("wrong app") 334 } 335 336 if rrapp.ClientSecret != "" { 337 t.Fatal("should be sanitized") 338 } 339 340 rrapp2, resp := AdminClient.GetOAuthAppInfo(rapp2.Id) 341 CheckNoError(t, resp) 342 343 if rapp2.Id != rrapp2.Id { 344 t.Fatal("wrong app") 345 } 346 347 if rrapp2.ClientSecret != "" { 348 t.Fatal("should be sanitized") 349 } 350 351 _, resp = Client.GetOAuthAppInfo(rapp2.Id) 352 CheckNoError(t, resp) 353 354 _, resp = Client.GetOAuthAppInfo(rapp.Id) 355 CheckNoError(t, resp) 356 357 th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableOnlyAdminIntegrations = true }) 358 359 _, resp = Client.GetOAuthAppInfo(rapp2.Id) 360 CheckNoError(t, resp) 361 362 Client.Logout() 363 364 _, resp = Client.GetOAuthAppInfo(rapp2.Id) 365 CheckUnauthorizedStatus(t, resp) 366 367 _, resp = AdminClient.GetOAuthAppInfo("junk") 368 CheckBadRequestStatus(t, resp) 369 370 _, resp = AdminClient.GetOAuthAppInfo(model.NewId()) 371 CheckNotFoundStatus(t, resp) 372 373 th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableOAuthServiceProvider = false }) 374 _, resp = AdminClient.GetOAuthAppInfo(rapp.Id) 375 CheckNotImplementedStatus(t, resp) 376 } 377 378 func TestDeleteOAuthApp(t *testing.T) { 379 th := Setup().InitBasic().InitSystemAdmin() 380 defer th.TearDown() 381 Client := th.Client 382 AdminClient := th.SystemAdminClient 383 384 th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableOAuthServiceProvider = true }) 385 th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableOnlyAdminIntegrations = false }) 386 387 oapp := &model.OAuthApp{Name: GenerateTestAppName(), Homepage: "https://nowhere.com", Description: "test", CallbackUrls: []string{"https://nowhere.com"}} 388 389 rapp, resp := AdminClient.CreateOAuthApp(oapp) 390 CheckNoError(t, resp) 391 392 oapp.Name = GenerateTestAppName() 393 rapp2, resp := Client.CreateOAuthApp(oapp) 394 CheckNoError(t, resp) 395 396 pass, resp := AdminClient.DeleteOAuthApp(rapp.Id) 397 CheckNoError(t, resp) 398 399 if !pass { 400 t.Fatal("should have passed") 401 } 402 403 _, resp = AdminClient.DeleteOAuthApp(rapp2.Id) 404 CheckNoError(t, resp) 405 406 rapp, resp = AdminClient.CreateOAuthApp(oapp) 407 CheckNoError(t, resp) 408 409 oapp.Name = GenerateTestAppName() 410 rapp2, resp = Client.CreateOAuthApp(oapp) 411 CheckNoError(t, resp) 412 413 _, resp = Client.DeleteOAuthApp(rapp.Id) 414 CheckForbiddenStatus(t, resp) 415 416 _, resp = Client.DeleteOAuthApp(rapp2.Id) 417 CheckNoError(t, resp) 418 419 th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableOnlyAdminIntegrations = false }) 420 _, resp = Client.DeleteOAuthApp(rapp.Id) 421 CheckForbiddenStatus(t, resp) 422 423 Client.Logout() 424 _, resp = Client.DeleteOAuthApp(rapp.Id) 425 CheckUnauthorizedStatus(t, resp) 426 427 _, resp = AdminClient.DeleteOAuthApp("junk") 428 CheckBadRequestStatus(t, resp) 429 430 _, resp = AdminClient.DeleteOAuthApp(model.NewId()) 431 CheckNotFoundStatus(t, resp) 432 433 th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableOAuthServiceProvider = false }) 434 _, resp = AdminClient.DeleteOAuthApp(rapp.Id) 435 CheckNotImplementedStatus(t, resp) 436 } 437 438 func TestRegenerateOAuthAppSecret(t *testing.T) { 439 th := Setup().InitBasic().InitSystemAdmin() 440 defer th.TearDown() 441 Client := th.Client 442 AdminClient := th.SystemAdminClient 443 444 th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableOAuthServiceProvider = true }) 445 th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableOnlyAdminIntegrations = false }) 446 447 oapp := &model.OAuthApp{Name: GenerateTestAppName(), Homepage: "https://nowhere.com", Description: "test", CallbackUrls: []string{"https://nowhere.com"}} 448 449 rapp, resp := AdminClient.CreateOAuthApp(oapp) 450 CheckNoError(t, resp) 451 452 oapp.Name = GenerateTestAppName() 453 rapp2, resp := Client.CreateOAuthApp(oapp) 454 CheckNoError(t, resp) 455 456 rrapp, resp := AdminClient.RegenerateOAuthAppSecret(rapp.Id) 457 CheckNoError(t, resp) 458 459 if rrapp.Id != rapp.Id { 460 t.Fatal("wrong app") 461 } 462 463 if rrapp.ClientSecret == rapp.ClientSecret { 464 t.Fatal("secret didn't change") 465 } 466 467 _, resp = AdminClient.RegenerateOAuthAppSecret(rapp2.Id) 468 CheckNoError(t, resp) 469 470 rapp, resp = AdminClient.CreateOAuthApp(oapp) 471 CheckNoError(t, resp) 472 473 oapp.Name = GenerateTestAppName() 474 rapp2, resp = Client.CreateOAuthApp(oapp) 475 CheckNoError(t, resp) 476 477 _, resp = Client.RegenerateOAuthAppSecret(rapp.Id) 478 CheckForbiddenStatus(t, resp) 479 480 _, resp = Client.RegenerateOAuthAppSecret(rapp2.Id) 481 CheckNoError(t, resp) 482 483 th.App.UpdateConfig(func(cfg *model.Config) { *cfg.ServiceSettings.EnableOnlyAdminIntegrations = false }) 484 _, resp = Client.RegenerateOAuthAppSecret(rapp.Id) 485 CheckForbiddenStatus(t, resp) 486 487 Client.Logout() 488 _, resp = Client.RegenerateOAuthAppSecret(rapp.Id) 489 CheckUnauthorizedStatus(t, resp) 490 491 _, resp = AdminClient.RegenerateOAuthAppSecret("junk") 492 CheckBadRequestStatus(t, resp) 493 494 _, resp = AdminClient.RegenerateOAuthAppSecret(model.NewId()) 495 CheckNotFoundStatus(t, resp) 496 497 th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableOAuthServiceProvider = false }) 498 _, resp = AdminClient.RegenerateOAuthAppSecret(rapp.Id) 499 CheckNotImplementedStatus(t, resp) 500 } 501 502 func TestGetAuthorizedOAuthAppsForUser(t *testing.T) { 503 th := Setup().InitBasic().InitSystemAdmin() 504 defer th.TearDown() 505 Client := th.Client 506 AdminClient := th.SystemAdminClient 507 508 enableOAuth := th.App.Config().ServiceSettings.EnableOAuthServiceProvider 509 defer func() { 510 th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableOAuthServiceProvider = enableOAuth }) 511 }() 512 th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableOAuthServiceProvider = true }) 513 514 oapp := &model.OAuthApp{Name: GenerateTestAppName(), Homepage: "https://nowhere.com", Description: "test", CallbackUrls: []string{"https://nowhere.com"}} 515 516 rapp, resp := AdminClient.CreateOAuthApp(oapp) 517 CheckNoError(t, resp) 518 519 authRequest := &model.AuthorizeRequest{ 520 ResponseType: model.AUTHCODE_RESPONSE_TYPE, 521 ClientId: rapp.Id, 522 RedirectUri: rapp.CallbackUrls[0], 523 Scope: "", 524 State: "123", 525 } 526 527 _, resp = Client.AuthorizeOAuthApp(authRequest) 528 CheckNoError(t, resp) 529 530 apps, resp := Client.GetAuthorizedOAuthAppsForUser(th.BasicUser.Id, 0, 1000) 531 CheckNoError(t, resp) 532 533 found := false 534 for _, a := range apps { 535 if a.Id == rapp.Id { 536 found = true 537 } 538 539 if a.ClientSecret != "" { 540 t.Fatal("not sanitized") 541 } 542 } 543 544 if !found { 545 t.Fatal("missing app") 546 } 547 548 _, resp = Client.GetAuthorizedOAuthAppsForUser(th.BasicUser2.Id, 0, 1000) 549 CheckForbiddenStatus(t, resp) 550 551 _, resp = Client.GetAuthorizedOAuthAppsForUser("junk", 0, 1000) 552 CheckBadRequestStatus(t, resp) 553 554 Client.Logout() 555 _, resp = Client.GetAuthorizedOAuthAppsForUser(th.BasicUser.Id, 0, 1000) 556 CheckUnauthorizedStatus(t, resp) 557 558 _, resp = AdminClient.GetAuthorizedOAuthAppsForUser(th.BasicUser.Id, 0, 1000) 559 CheckNoError(t, resp) 560 } 561 562 func TestAuthorizeOAuthApp(t *testing.T) { 563 th := Setup().InitBasic().InitSystemAdmin() 564 defer th.TearDown() 565 Client := th.Client 566 AdminClient := th.SystemAdminClient 567 568 th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableOAuthServiceProvider = true }) 569 570 oapp := &model.OAuthApp{Name: GenerateTestAppName(), Homepage: "https://nowhere.com", Description: "test", CallbackUrls: []string{"https://nowhere.com"}} 571 572 rapp, resp := AdminClient.CreateOAuthApp(oapp) 573 CheckNoError(t, resp) 574 575 authRequest := &model.AuthorizeRequest{ 576 ResponseType: model.AUTHCODE_RESPONSE_TYPE, 577 ClientId: rapp.Id, 578 RedirectUri: rapp.CallbackUrls[0], 579 Scope: "", 580 State: "123", 581 } 582 583 ruri, resp := Client.AuthorizeOAuthApp(authRequest) 584 CheckNoError(t, resp) 585 586 if len(ruri) == 0 { 587 t.Fatal("redirect url should be set") 588 } 589 590 ru, _ := url.Parse(ruri) 591 if ru == nil { 592 t.Fatal("redirect url unparseable") 593 } else { 594 if len(ru.Query().Get("code")) == 0 { 595 t.Fatal("authorization code not returned") 596 } 597 if ru.Query().Get("state") != authRequest.State { 598 t.Fatal("returned state doesn't match") 599 } 600 } 601 602 authRequest.RedirectUri = "" 603 _, resp = Client.AuthorizeOAuthApp(authRequest) 604 CheckBadRequestStatus(t, resp) 605 606 authRequest.RedirectUri = "http://somewhereelse.com" 607 _, resp = Client.AuthorizeOAuthApp(authRequest) 608 CheckBadRequestStatus(t, resp) 609 610 authRequest.RedirectUri = rapp.CallbackUrls[0] 611 authRequest.ResponseType = "" 612 _, resp = Client.AuthorizeOAuthApp(authRequest) 613 CheckBadRequestStatus(t, resp) 614 615 authRequest.ResponseType = model.AUTHCODE_RESPONSE_TYPE 616 authRequest.ClientId = "" 617 _, resp = Client.AuthorizeOAuthApp(authRequest) 618 CheckBadRequestStatus(t, resp) 619 620 authRequest.ClientId = model.NewId() 621 _, resp = Client.AuthorizeOAuthApp(authRequest) 622 CheckNotFoundStatus(t, resp) 623 } 624 625 func TestDeauthorizeOAuthApp(t *testing.T) { 626 th := Setup().InitBasic().InitSystemAdmin() 627 defer th.TearDown() 628 Client := th.Client 629 AdminClient := th.SystemAdminClient 630 631 enableOAuth := th.App.Config().ServiceSettings.EnableOAuthServiceProvider 632 defer func() { 633 th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableOAuthServiceProvider = enableOAuth }) 634 }() 635 th.App.UpdateConfig(func(cfg *model.Config) { cfg.ServiceSettings.EnableOAuthServiceProvider = true }) 636 637 oapp := &model.OAuthApp{Name: GenerateTestAppName(), Homepage: "https://nowhere.com", Description: "test", CallbackUrls: []string{"https://nowhere.com"}} 638 639 rapp, resp := AdminClient.CreateOAuthApp(oapp) 640 CheckNoError(t, resp) 641 642 authRequest := &model.AuthorizeRequest{ 643 ResponseType: model.AUTHCODE_RESPONSE_TYPE, 644 ClientId: rapp.Id, 645 RedirectUri: rapp.CallbackUrls[0], 646 Scope: "", 647 State: "123", 648 } 649 650 _, resp = Client.AuthorizeOAuthApp(authRequest) 651 CheckNoError(t, resp) 652 653 pass, resp := Client.DeauthorizeOAuthApp(rapp.Id) 654 CheckNoError(t, resp) 655 656 if !pass { 657 t.Fatal("should have passed") 658 } 659 660 _, resp = Client.DeauthorizeOAuthApp("junk") 661 CheckBadRequestStatus(t, resp) 662 663 _, resp = Client.DeauthorizeOAuthApp(model.NewId()) 664 CheckNoError(t, resp) 665 666 Client.Logout() 667 _, resp = Client.DeauthorizeOAuthApp(rapp.Id) 668 CheckUnauthorizedStatus(t, resp) 669 }