})
Describe("When logged in", func() {
BeforeEach(func() {
requirementsFactory.LoginSuccess = true
})
It("fails if oauth refresh fails", func() {
authRepo.RefreshTokenError = errors.New("Could not refresh")
runCommand()
Expect(ui.Outputs).To(ContainSubstrings(
[]string{"FAILED"},
[]string{"Could not refresh"},
))
})
It("returns to the user the oauth token after a refresh", func() {
authRepo.RefreshToken = "1234567890"
runCommand()
Expect(ui.Outputs).To(ContainSubstrings(
[]string{"Getting OAuth token..."},
[]string{"OK"},
[]string{"1234567890"},
))
})
})
})
authRepo.RefreshTokenError = errors.New("no token for you!")
runCommand()
Ω(authRepo.RefreshTokenCalled).To(BeTrue())
Ω(ui.Outputs).To(ContainSubstrings(
[]string{"Error refreshing oauth token", "no token for you"},
))
})
})
})
Context("setting up http client to request one time code", func() {
var fakeUAA *ghttp.Server
BeforeEach(func() {
authRepo.RefreshToken = "bearer client-bearer-token"
configRepo.SetSSLDisabled(true)
configRepo.SetSSHOAuthClient("ssh-oauth-client-id")
fakeUAA = ghttp.NewTLSServer()
configRepo.SetUaaEndpoint(fakeUAA.URL())
fakeUAA.RouteToHandler("GET", "/oauth/authorize", ghttp.CombineHandlers(
ghttp.VerifyRequest("GET", "/oauth/authorize"),
ghttp.VerifyFormKV("response_type", "code"),
ghttp.VerifyFormKV("client_id", "ssh-oauth-client-id"),
ghttp.VerifyFormKV("grant_type", "authorization_code"),
ghttp.VerifyHeaderKV("authorization", "bearer client-bearer-token"),
ghttp.RespondWith(http.StatusFound, "", http.Header{
"Location": []string{"https://uaa.example.com/login?code=abc123"},
}),
BeforeEach(func() {
requirementsFactory.LoginSuccess = true
})
It("fails if oauth refresh fails", func() {
authRepo.RefreshTokenError = errors.New("Could not refresh")
runCommand()
Expect(ui.Outputs).To(ContainSubstrings(
[]string{"FAILED"},
[]string{"Could not refresh"},
))
})
It("returns to the user the oauth token after a refresh", func() {
authRepo.RefreshToken = "1234567890"
runCommand()
Expect(ui.Outputs).To(ContainSubstrings(
[]string{"Getting OAuth token..."},
[]string{"OK"},
[]string{"1234567890"},
))
})
Context("when invoked by a plugin", func() {
var (
pluginModel plugin_models.GetOauthToken_Model
)
BeforeEach(func() {
BeforeEach(func() {
orgRepo.FindByNameReturns(models.Organization{
OrganizationFields: models.OrganizationFields{
Name: "new-org",
Guid: "new-org-guid",
},
}, nil)
space1 := models.Space{}
space1.Guid = "new-space-guid"
space1.Name = "new-space-name"
spaceRepo.ListSpacesStub = listSpacesStub([]models.Space{space1})
spaceRepo.FindByNameReturns(space1, nil)
authRepo.AccessToken = "new_access_token"
authRepo.RefreshToken = "new_refresh_token"
Flags = []string{"-u", "*****@*****.**", "-p", "password", "-o", "new-org", "-s", "new-space"}
Config.SetApiEndpoint("api.the-old-endpoint.com")
Config.SetSSLDisabled(true)
})
ItSucceeds()
ItShowsTheTarget()
It("does not update the api endpoint or SSL setting", func() {
Expect(Config.ApiEndpoint()).To(Equal("api.the-old-endpoint.com"))
Expect(Config.IsSSLDisabled()).To(BeTrue())
})
pingCli(rpcService.Port())
})
It("refreshes the token", func() {
client, err = rpc.Dial("tcp", "127.0.0.1:"+rpcService.Port())
Expect(err).ToNot(HaveOccurred())
var result string
err = client.Call("CliRpcCmd.AccessToken", "", &result)
Expect(err).ToNot(HaveOccurred())
Expect(fakeAuthenticator.RefreshTokenCalled).To(BeTrue())
})
It("returns the access token", func() {
fakeAuthenticator.RefreshToken = "fake-access-token"
client, err = rpc.Dial("tcp", "127.0.0.1:"+rpcService.Port())
Expect(err).ToNot(HaveOccurred())
var result string
err = client.Call("CliRpcCmd.AccessToken", "", &result)
Expect(err).ToNot(HaveOccurred())
Expect(result).To(Equal("fake-access-token"))
})
It("returns the error from refreshing the access token", func() {
fakeAuthenticator.RefreshTokenError = errors.New("refresh error")
client, err = rpc.Dial("tcp", "127.0.0.1:"+rpcService.Port())
Expect(err).ToNot(HaveOccurred())
