func TestValidateTokenEndpointRequest(t *testing.T) { ctrl := gomock.NewController(t) store := internal.NewMockClientCredentialsGrantStorage(ctrl) chgen := internal.NewMockEnigma(ctrl) areq := internal.NewMockAccessRequester(ctrl) defer ctrl.Finish() h := ClientCredentialsGrantHandler{ Store: store, Enigma: chgen, AccessTokenLifespan: time.Hour, } for k, c := range []struct { mock func() req *http.Request expectErr error }{ { mock: func() { areq.EXPECT().GetGrantType().Return("") }, }, { mock: func() { areq.EXPECT().GetGrantType().Return("client_credentials") areq.EXPECT().SetGrantTypeHandled("client_credentials") }, }, } { c.mock() err := h.ValidateTokenEndpointRequest(nil, c.req, areq, nil) assert.True(t, errors.Is(c.expectErr, err), "%d\n%s\n%s", k, err, c.expectErr) t.Logf("Passed test case %d", k) } }
func TestHandleAuthorizeEndpointRequest(t *testing.T) { ctrl := gomock.NewController(t) store := internal.NewMockAuthorizeCodeGrantStorage(ctrl) chgen := internal.NewMockEnigma(ctrl) areq := internal.NewMockAuthorizeRequester(ctrl) aresp := internal.NewMockAuthorizeResponder(ctrl) defer ctrl.Finish() h := AuthorizeExplicitGrantTypeHandler{ Store: store, Enigma: chgen, } for k, c := range []struct { mock func() req *http.Request expectErr error }{ { mock: func() { areq.EXPECT().GetResponseTypes().Return(fosite.Arguments{}) }, }, { mock: func() { areq.EXPECT().GetResponseTypes().Return(fosite.Arguments{"foo"}) }, }, { mock: func() { areq.EXPECT().GetResponseTypes().Return(fosite.Arguments{"code"}) areq.EXPECT().GetClient().Return(&client.SecureClient{Secret: []byte("foosecret")}) chgen.EXPECT().GenerateChallenge(gomock.Eq([]byte("foosecret"))).Return(nil, fosite.ErrServerError) }, expectErr: fosite.ErrServerError, }, { req: &http.Request{Form: url.Values{"redirect_uri": {"foobar"}}}, mock: func() { areq.EXPECT().GetResponseTypes().Return(fosite.Arguments{"code"}) areq.EXPECT().GetClient().Return(&client.SecureClient{Secret: []byte("foosecret")}) chgen.EXPECT().GenerateChallenge(gomock.Eq([]byte("foosecret"))).Return(&enigma.Challenge{}, nil) store.EXPECT().CreateAuthorizeCodeSession(gomock.Any(), gomock.Any(), gomock.Any()).Return(fosite.ErrTemporarilyUnavailable) }, expectErr: fosite.ErrServerError, }, { req: &http.Request{Form: url.Values{"redirect_uri": {"foobar"}}}, mock: func() { areq.EXPECT().GetResponseTypes().Return(fosite.Arguments{"code"}) areq.EXPECT().GetClient().Return(&client.SecureClient{Secret: []byte("foosecret")}) chgen.EXPECT().GenerateChallenge(gomock.Eq([]byte("foosecret"))).Return(&enigma.Challenge{Key: "foo", Signature: "bar"}, nil) store.EXPECT().CreateAuthorizeCodeSession(gomock.Any(), gomock.Any(), gomock.Any()).Return(nil) aresp.EXPECT().AddQuery(gomock.Eq("code"), gomock.Eq("foo.bar")) aresp.EXPECT().AddQuery(gomock.Eq("scope"), gomock.Any()) aresp.EXPECT().AddQuery(gomock.Eq("state"), gomock.Any()) areq.EXPECT().SetResponseTypeHandled(gomock.Eq("code")) areq.EXPECT().GetGrantedScopes() areq.EXPECT().GetState() }, }, } { c.mock() err := h.HandleAuthorizeEndpointRequest(nil, c.req, areq, aresp, nil) assert.True(t, errors.Is(c.expectErr, err), "%d\n%s\n%s", k, err, c.expectErr) t.Logf("Passed test case %d", k) } }
func TestAuthorizeImplicitEndpointHandler(t *testing.T) { ctrl := gomock.NewController(t) store := internal.NewMockImplicitGrantStorage(ctrl) chgen := internal.NewMockEnigma(ctrl) areq := internal.NewMockAuthorizeRequester(ctrl) aresp := internal.NewMockAuthorizeResponder(ctrl) defer ctrl.Finish() h := AuthorizeImplicitGrantTypeHandler{ Store: store, Enigma: chgen, AccessTokenLifespan: time.Hour, } for k, c := range []struct { mock func() req *http.Request expectErr error }{ {mock: func() { areq.EXPECT().GetResponseTypes().Return(fosite.Arguments{}) }}, { mock: func() { areq.EXPECT().GetResponseTypes().Return(fosite.Arguments{"token"}) areq.EXPECT().GetClient().Return(&client.SecureClient{}) chgen.EXPECT().GenerateChallenge(gomock.Any()).Return(nil, errors.New("")) }, expectErr: fosite.ErrServerError, }, { req: &http.Request{Form: url.Values{}}, mock: func() { areq.EXPECT().GetResponseTypes().Return(fosite.Arguments{"token"}) areq.EXPECT().GetClient().Return(&client.SecureClient{}) chgen.EXPECT().GenerateChallenge(gomock.Any()).Return(&enigma.Challenge{Signature: "foo"}, nil) store.EXPECT().CreateImplicitAccessTokenSession("foo", gomock.Any(), gomock.Any()).Return(errors.New("")) }, expectErr: fosite.ErrServerError, }, { req: &http.Request{Form: url.Values{}}, mock: func() { areq.EXPECT().GetResponseTypes().Return(fosite.Arguments{"token"}) areq.EXPECT().GetClient().Return(&client.SecureClient{}) chgen.EXPECT().GenerateChallenge(gomock.Any()).Return(&enigma.Challenge{Signature: "foo"}, nil) store.EXPECT().CreateImplicitAccessTokenSession("foo", gomock.Any(), gomock.Any()).Return(nil) aresp.EXPECT().AddFragment("access_token", gomock.Any()) aresp.EXPECT().AddFragment("expires_in", strconv.Itoa(int(h.AccessTokenLifespan/time.Second))) aresp.EXPECT().AddFragment("token_type", "bearer") aresp.EXPECT().AddFragment("state", gomock.Any()) aresp.EXPECT().AddFragment("scope", gomock.Any()) areq.EXPECT().SetResponseTypeHandled("token") areq.EXPECT().GetState() areq.EXPECT().GetGrantedScopes() }, expectErr: nil, }, } { c.mock() err := h.HandleAuthorizeEndpointRequest(nil, c.req, areq, aresp, nil) assert.True(t, errors.Is(c.expectErr, err), "%d\n%s\n%s", k, err, c.expectErr) t.Logf("Passed test case %d", k) } }
func TestHandleTokenEndpointRequest(t *testing.T) { ctrl := gomock.NewController(t) store := internal.NewMockClientCredentialsGrantStorage(ctrl) chgen := internal.NewMockEnigma(ctrl) areq := internal.NewMockAccessRequester(ctrl) aresp := internal.NewMockAccessResponder(ctrl) //mockcl := internal.NewMockClient(ctrl) defer ctrl.Finish() h := ClientCredentialsGrantHandler{ Store: store, Enigma: chgen, AccessTokenLifespan: time.Hour, } for k, c := range []struct { mock func() req *http.Request expectErr error }{ { mock: func() { areq.EXPECT().GetGrantType().Return("") }, }, { mock: func() { areq.EXPECT().GetGrantType().Return("client_credentials") areq.EXPECT().GetClient().Return(&client.SecureClient{}) chgen.EXPECT().GenerateChallenge(gomock.Any()).Return(nil, errors.New("")) }, expectErr: fosite.ErrServerError, }, { mock: func() { areq.EXPECT().GetGrantType().Return("client_credentials") areq.EXPECT().GetClient().Return(&client.SecureClient{}) chgen.EXPECT().GenerateChallenge(gomock.Any()).Return(&enigma.Challenge{}, nil) store.EXPECT().CreateAccessTokenSession(gomock.Any(), gomock.Any(), gomock.Any()).Return(errors.New("")) }, expectErr: fosite.ErrServerError, }, { mock: func() { areq.EXPECT().GetGrantType().Return("client_credentials") areq.EXPECT().GetClient().Return(&client.SecureClient{}) chgen.EXPECT().GenerateChallenge(gomock.Any()).Return(&enigma.Challenge{}, nil) store.EXPECT().CreateAccessTokenSession(gomock.Any(), gomock.Any(), gomock.Any()).Return(nil) areq.EXPECT().GetGrantedScopes() aresp.EXPECT().SetAccessToken(".") aresp.EXPECT().SetTokenType("bearer") aresp.EXPECT().SetExtra("expires_in", gomock.Any()) aresp.EXPECT().SetExtra("scope", gomock.Any()) }, }, } { c.mock() err := h.HandleTokenEndpointRequest(nil, c.req, areq, aresp, nil) assert.True(t, errors.Is(c.expectErr, err), "%d\n%s\n%s", k, err, c.expectErr) t.Logf("Passed test case %d", k) } }
func TestValidateTokenEndpointRequest(t *testing.T) { ctrl := gomock.NewController(t) store := internal.NewMockResourceOwnerPasswordCredentialsGrantStorage(ctrl) chgen := internal.NewMockEnigma(ctrl) areq := internal.NewMockAccessRequester(ctrl) defer ctrl.Finish() h := ResourceOwnerPasswordCredentialsGrantHandler{ Store: store, Enigma: chgen, AccessTokenLifespan: time.Hour, } for k, c := range []struct { mock func() req *http.Request expectErr error }{ { mock: func() { areq.EXPECT().GetGrantType().Return("") }, }, { req: &http.Request{PostForm: url.Values{"username": {"peter"}}}, mock: func() { areq.EXPECT().GetGrantType().Return("password") }, expectErr: fosite.ErrInvalidRequest, }, { req: &http.Request{PostForm: url.Values{"password": {"pan"}}}, mock: func() { areq.EXPECT().GetGrantType().Return("password") }, expectErr: fosite.ErrInvalidRequest, }, { req: &http.Request{PostForm: url.Values{"username": {"peter"}, "password": {"pan"}}}, mock: func() { areq.EXPECT().GetGrantType().Return("password") store.EXPECT().DoCredentialsAuthenticate("peter", "pan").Return(pkg.ErrNotFound) }, expectErr: fosite.ErrInvalidRequest, }, { req: &http.Request{PostForm: url.Values{"username": {"peter"}, "password": {"pan"}}}, mock: func() { areq.EXPECT().GetGrantType().Return("password") store.EXPECT().DoCredentialsAuthenticate("peter", "pan").Return(errors.New("")) }, expectErr: fosite.ErrServerError, }, { req: &http.Request{PostForm: url.Values{"username": {"peter"}, "password": {"pan"}}}, mock: func() { areq.EXPECT().GetGrantType().Return("password") store.EXPECT().DoCredentialsAuthenticate("peter", "pan").Return(nil) areq.EXPECT().SetGrantTypeHandled("password") }, }, } { c.mock() err := h.ValidateTokenEndpointRequest(nil, c.req, areq, nil) assert.True(t, errors.Is(c.expectErr, err), "%d\n%s\n%s", k, err, c.expectErr) t.Logf("Passed test case %d", k) } }
func TestValidateTokenEndpointRequest(t *testing.T) { ctrl := gomock.NewController(t) store := internal.NewMockRefreshTokenGrantStorage(ctrl) chgen := internal.NewMockEnigma(ctrl) areq := internal.NewMockAccessRequester(ctrl) defer ctrl.Finish() h := RefreshTokenGrantHandler{ Store: store, Enigma: chgen, AccessTokenLifespan: time.Hour, } for k, c := range []struct { mock func() req *http.Request expectErr error }{ { mock: func() { areq.EXPECT().GetGrantType().Return("") }, }, { req: &http.Request{PostForm: url.Values{}}, mock: func() { areq.EXPECT().GetGrantType().Return("refresh_token") areq.EXPECT().GetClient().Return(&client.SecureClient{}) chgen.EXPECT().ValidateChallenge(gomock.Any(), gomock.Any()).Return(errors.New("")) }, expectErr: fosite.ErrInvalidRequest, }, { req: &http.Request{PostForm: url.Values{}}, mock: func() { areq.EXPECT().GetGrantType().Return("refresh_token") areq.EXPECT().GetClient().Return(&client.SecureClient{}) chgen.EXPECT().ValidateChallenge(gomock.Any(), gomock.Any()).Return(nil) store.EXPECT().GetRefreshTokenSession(gomock.Any(), gomock.Any()).Return(nil, pkg.ErrNotFound) }, expectErr: fosite.ErrInvalidRequest, }, { req: &http.Request{PostForm: url.Values{}}, mock: func() { areq.EXPECT().GetGrantType().Return("refresh_token") areq.EXPECT().GetClient().Return(&client.SecureClient{}) chgen.EXPECT().ValidateChallenge(gomock.Any(), gomock.Any()).Return(nil) store.EXPECT().GetRefreshTokenSession(gomock.Any(), gomock.Any()).Return(nil, errors.New("")) }, expectErr: fosite.ErrServerError, }, { req: &http.Request{PostForm: url.Values{}}, mock: func() { areq.EXPECT().GetGrantType().Return("refresh_token") areq.EXPECT().GetClient().Return(&client.SecureClient{ID: "foo"}) areq.EXPECT().GetClient().Return(&client.SecureClient{ID: "foo"}) chgen.EXPECT().ValidateChallenge(gomock.Any(), gomock.Any()).Return(nil) store.EXPECT().GetRefreshTokenSession(gomock.Any(), gomock.Any()).Return(&fosite.AccessRequest{Client: &client.SecureClient{ID: ""}}, nil) }, expectErr: fosite.ErrInvalidRequest, }, { req: &http.Request{PostForm: url.Values{}}, mock: func() { areq.EXPECT().GetGrantType().Return("refresh_token") areq.EXPECT().GetClient().Return(&client.SecureClient{ID: "foo"}) areq.EXPECT().GetClient().Return(&client.SecureClient{ID: "foo"}) chgen.EXPECT().ValidateChallenge(gomock.Any(), gomock.Any()).Return(nil) store.EXPECT().GetRefreshTokenSession(gomock.Any(), gomock.Any()).Return(&fosite.AccessRequest{Client: &client.SecureClient{ID: "foo"}}, nil) areq.EXPECT().SetGrantTypeHandled("refresh_token") }, }, } { c.mock() err := h.ValidateTokenEndpointRequest(nil, c.req, areq, nil) assert.True(t, errors.Is(c.expectErr, err), "%d\n%s\n%s", k, err, c.expectErr) t.Logf("Passed test case %d", k) } }
func TestHandleTokenEndpointRequest(t *testing.T) { ctrl := gomock.NewController(t) store := internal.NewMockAuthorizeCodeGrantStorage(ctrl) chgen := internal.NewMockEnigma(ctrl) areq := internal.NewMockAccessRequester(ctrl) aresp := internal.NewMockAccessResponder(ctrl) //mockcl := internal.NewMockClient(ctrl) defer ctrl.Finish() h := AuthorizeExplicitGrantTypeHandler{ Store: store, Enigma: chgen, } for k, c := range []struct { mock func() req *http.Request expectErr error }{ { mock: func() { areq.EXPECT().GetGrantType().Return("13245678") }, }, { mock: func() { areq.EXPECT().GetGrantType().Return("authorization_code") areq.EXPECT().GetClient().Return(&client.SecureClient{}) chgen.EXPECT().GenerateChallenge(gomock.Any()).Return(&enigma.Challenge{}, errors.New("foo")) }, expectErr: fosite.ErrServerError, }, { req: &http.Request{PostForm: url.Values{}}, mock: func() { areq.EXPECT().GetGrantType().Return("authorization_code") areq.EXPECT().GetClient().Return(&client.SecureClient{}) areq.EXPECT().GetClient().Return(&client.SecureClient{}) chgen.EXPECT().GenerateChallenge(gomock.Any()).Return(&enigma.Challenge{}, nil) chgen.EXPECT().GenerateChallenge(gomock.Any()).Return(&enigma.Challenge{}, nil) store.EXPECT().GetAuthorizeCodeSession(gomock.Any(), gomock.Any()).Return(nil, errors.New("")) }, expectErr: fosite.ErrServerError, }, { req: &http.Request{PostForm: url.Values{}}, mock: func() { areq.EXPECT().GetGrantType().Return("authorization_code") areq.EXPECT().GetClient().Return(&client.SecureClient{}) areq.EXPECT().GetClient().Return(&client.SecureClient{}) chgen.EXPECT().GenerateChallenge(gomock.Any()).Return(&enigma.Challenge{}, nil) chgen.EXPECT().GenerateChallenge(gomock.Any()).Return(&enigma.Challenge{}, nil) store.EXPECT().GetAuthorizeCodeSession(gomock.Any(), gomock.Any()).Return(&fosite.AuthorizeRequest{}, nil) store.EXPECT().DeleteAuthorizeCodeSession(gomock.Any()).Return(nil) store.EXPECT().CreateAccessTokenSession(gomock.Any(), gomock.Any(), gomock.Any()).Return(errors.New("")) }, expectErr: fosite.ErrServerError, }, { req: &http.Request{PostForm: url.Values{}}, mock: func() { areq.EXPECT().GetGrantType().Return("authorization_code") areq.EXPECT().GetClient().Return(&client.SecureClient{}) areq.EXPECT().GetClient().Return(&client.SecureClient{}) chgen.EXPECT().GenerateChallenge(gomock.Any()).Return(&enigma.Challenge{}, nil) chgen.EXPECT().GenerateChallenge(gomock.Any()).Return(&enigma.Challenge{}, nil) store.EXPECT().DeleteAuthorizeCodeSession(gomock.Any()).Return(nil) store.EXPECT().GetAuthorizeCodeSession(gomock.Any(), gomock.Any()).Return(&fosite.AuthorizeRequest{}, nil) store.EXPECT().CreateAccessTokenSession(gomock.Any(), gomock.Any(), gomock.Any()).Return(nil) store.EXPECT().CreateRefreshTokenSession(gomock.Any(), gomock.Any(), gomock.Any()).Return(errors.New("")) }, expectErr: fosite.ErrServerError, }, { req: &http.Request{PostForm: url.Values{}}, mock: func() { areq.EXPECT().GetGrantType().Return("authorization_code") areq.EXPECT().GetGrantedScopes() areq.EXPECT().GetClient().Return(&client.SecureClient{}) areq.EXPECT().GetClient().Return(&client.SecureClient{}) chgen.EXPECT().GenerateChallenge(gomock.Any()).Return(&enigma.Challenge{}, nil) chgen.EXPECT().GenerateChallenge(gomock.Any()).Return(&enigma.Challenge{}, nil) aresp.EXPECT().SetAccessToken(gomock.Eq(".")) aresp.EXPECT().SetTokenType(gomock.Eq("bearer")) aresp.EXPECT().SetExtra(gomock.Eq("refresh_token"), gomock.Any()) aresp.EXPECT().SetExtra(gomock.Eq("expires_in"), gomock.Any()) aresp.EXPECT().SetExtra(gomock.Eq("state"), gomock.Any()) aresp.EXPECT().SetExtra(gomock.Eq("scope"), gomock.Any()) store.EXPECT().DeleteAuthorizeCodeSession(gomock.Any()).Return(nil) store.EXPECT().GetAuthorizeCodeSession(gomock.Any(), gomock.Any()).Return(&fosite.AuthorizeRequest{}, nil) store.EXPECT().CreateAccessTokenSession(gomock.Any(), gomock.Any(), gomock.Any()).Return(nil) store.EXPECT().CreateRefreshTokenSession(gomock.Any(), gomock.Any(), gomock.Any()).Return(nil) }, }, } { c.mock() err := h.HandleTokenEndpointRequest(nil, c.req, areq, aresp, nil) assert.True(t, errors.Is(c.expectErr, err), "%d\n%s\n%s", k, err, c.expectErr) t.Logf("Passed test case %d", k) } }
func TestValidateTokenEndpointRequest(t *testing.T) { ctrl := gomock.NewController(t) store := internal.NewMockAuthorizeCodeGrantStorage(ctrl) chgen := internal.NewMockEnigma(ctrl) areq := internal.NewMockAccessRequester(ctrl) authreq := internal.NewMockAuthorizeRequester(ctrl) defer ctrl.Finish() h := AuthorizeExplicitGrantTypeHandler{ Store: store, Enigma: chgen, } for k, c := range []struct { mock func() req *http.Request expectErr error }{ { mock: func() { areq.EXPECT().GetGrantType().Return("13245678") // grant_type REQUIRED. Value MUST be set to "authorization_code". }, }, { req: &http.Request{ PostForm: url.Values{"foo": {"bar"}}, // code REQUIRED. The authorization code received from the authorization server. }, mock: func() { areq.EXPECT().GetGrantType().Return("authorization_code") // grant_type REQUIRED. Value MUST be set to "authorization_code". }, expectErr: fosite.ErrInvalidRequest, }, { req: &http.Request{ PostForm: url.Values{"code": {".bar"}}, // code REQUIRED. The authorization code received from the authorization server. }, mock: func() { areq.EXPECT().GetGrantType().Return("authorization_code") // grant_type REQUIRED. Value MUST be set to "authorization_code". }, expectErr: fosite.ErrInvalidRequest, }, { req: &http.Request{ PostForm: url.Values{"code": {"."}}, // code REQUIRED. The authorization code received from the authorization server. }, mock: func() { areq.EXPECT().GetGrantType().Return("authorization_code") // grant_type REQUIRED. Value MUST be set to "authorization_code". }, expectErr: fosite.ErrInvalidRequest, }, { req: &http.Request{ PostForm: url.Values{"code": {"foo.bar"}}, // code REQUIRED. The authorization code received from the authorization server. }, mock: func() { areq.EXPECT().GetGrantType().Return("authorization_code") // grant_type REQUIRED. Value MUST be set to "authorization_code". areq.EXPECT().GetClient().Return(&client.SecureClient{}) chgen.EXPECT().ValidateChallenge(gomock.Any(), gomock.Any()).Return(errors.New("foo")) }, expectErr: fosite.ErrInvalidRequest, }, { req: &http.Request{ PostForm: url.Values{"code": {"foo.bar"}}, // code REQUIRED. The authorization code received from the authorization server. }, mock: func() { areq.EXPECT().GetGrantType().Return("authorization_code") // grant_type REQUIRED. Value MUST be set to "authorization_code". areq.EXPECT().GetClient().Return(&client.SecureClient{}) chgen.EXPECT().ValidateChallenge(gomock.Any(), gomock.Any()).Return(nil) store.EXPECT().GetAuthorizeCodeSession(gomock.Any(), gomock.Any()).Return(nil, pkg.ErrNotFound) }, expectErr: fosite.ErrInvalidRequest, }, { req: &http.Request{ PostForm: url.Values{"code": {"foo.bar"}}, // code REQUIRED. The authorization code received from the authorization server. }, mock: func() { areq.EXPECT().GetGrantType().Return("authorization_code") // grant_type REQUIRED. Value MUST be set to "authorization_code". areq.EXPECT().GetClient().Return(&client.SecureClient{}) chgen.EXPECT().ValidateChallenge(gomock.Any(), gomock.Any()).Return(nil) store.EXPECT().GetAuthorizeCodeSession(gomock.Any(), gomock.Any()).Return(nil, errors.New("foo")) }, expectErr: fosite.ErrServerError, }, { // clients mismatch req: &http.Request{ PostForm: url.Values{"code": {"foo.bar"}}, // code REQUIRED. The authorization code received from the authorization server. }, mock: func() { areq.EXPECT().GetGrantType().Return("authorization_code") // grant_type REQUIRED. Value MUST be set to "authorization_code". areq.EXPECT().GetClient().AnyTimes().Return(&client.SecureClient{ID: "foo"}) chgen.EXPECT().ValidateChallenge(gomock.Any(), gomock.Any()).Return(nil) store.EXPECT().GetAuthorizeCodeSession(gomock.Any(), gomock.Any()).Return(authreq, nil) authreq.EXPECT().GetScopes().Return([]string{}) areq.EXPECT().SetScopes(gomock.Any()) authreq.EXPECT().GetClient().Return(&client.SecureClient{ID: "bar"}) }, expectErr: fosite.ErrInvalidRequest, }, { req: &http.Request{ PostForm: url.Values{ "code": {"foo.bar"}, // code REQUIRED. The authorization code received from the authorization server. }, }, mock: func() { areq.EXPECT().GetGrantType().Return("authorization_code") // grant_type REQUIRED. Value MUST be set to "authorization_code". areq.EXPECT().GetClient().AnyTimes().Return(&client.SecureClient{ID: "foo"}) chgen.EXPECT().ValidateChallenge(gomock.Any(), gomock.Any()).Return(nil) store.EXPECT().GetAuthorizeCodeSession(gomock.Any(), gomock.Any()).Do(func(_ interface{}, sess *authorize.AuthorizeSession) { sess.RequestRedirectURI = "request-redir" }).Return(authreq, nil) authreq.EXPECT().GetScopes().Return([]string{}) areq.EXPECT().SetScopes(gomock.Any()) authreq.EXPECT().GetClient().Return(&client.SecureClient{ID: "foo"}) }, expectErr: fosite.ErrInvalidRequest, }, { req: &http.Request{ PostForm: url.Values{ "code": {"foo.bar"}, // code REQUIRED. The authorization code received from the authorization server. "redirect_uri": {"request-redir"}, }, }, mock: func() { areq.EXPECT().GetGrantType().Return("authorization_code") // grant_type REQUIRED. Value MUST be set to "authorization_code". areq.EXPECT().GetClient().AnyTimes().Return(&client.SecureClient{ID: "foo"}) chgen.EXPECT().ValidateChallenge(gomock.Any(), gomock.Any()).Return(nil) store.EXPECT().GetAuthorizeCodeSession(gomock.Any(), gomock.Any()).Do(func(_ interface{}, sess *authorize.AuthorizeSession) { sess.RequestRedirectURI = "request-redir" }).Return(authreq, nil) authreq.EXPECT().GetScopes().Return([]string{}) areq.EXPECT().SetScopes(gomock.Any()) authreq.EXPECT().GetClient().Return(&client.SecureClient{ID: "foo"}) authreq.EXPECT().GetRequestedAt().Return(time.Now().Add(-time.Hour)) }, expectErr: fosite.ErrInvalidRequest, }, { req: &http.Request{ PostForm: url.Values{ "code": {"foo.bar"}, // code REQUIRED. The authorization code received from the authorization server. "redirect_uri": {"request-redir"}, }, }, mock: func() { areq.EXPECT().GetGrantType().Return("authorization_code") // grant_type REQUIRED. Value MUST be set to "authorization_code". areq.EXPECT().GetClient().AnyTimes().Return(&client.SecureClient{ID: "foo"}) chgen.EXPECT().ValidateChallenge(gomock.Any(), gomock.Any()).Return(nil) store.EXPECT().GetAuthorizeCodeSession(gomock.Any(), gomock.Any()).Return(authreq, nil) authreq.EXPECT().GetScopes().Return([]string{}) areq.EXPECT().SetScopes(gomock.Any()) authreq.EXPECT().GetClient().Return(&client.SecureClient{ID: "foo"}) authreq.EXPECT().GetRequestedAt().Return(time.Now().Add(-time.Hour)) }, expectErr: fosite.ErrInvalidRequest, }, { req: &http.Request{ PostForm: url.Values{ "code": {"foo.bar"}, // code REQUIRED. The authorization code received from the authorization server. }, }, mock: func() { areq.EXPECT().GetGrantType().Return("authorization_code") // grant_type REQUIRED. Value MUST be set to "authorization_code". areq.EXPECT().GetClient().AnyTimes().Return(&client.SecureClient{ID: "foo"}) chgen.EXPECT().ValidateChallenge(gomock.Any(), gomock.Any()).Return(nil) store.EXPECT().GetAuthorizeCodeSession(gomock.Any(), gomock.Any()).Return(authreq, nil) authreq.EXPECT().GetScopes().Return([]string{}) areq.EXPECT().SetScopes(gomock.Any()) authreq.EXPECT().GetClient().Return(&client.SecureClient{ID: "foo"}) authreq.EXPECT().GetRequestedAt().Return(time.Now().Add(time.Hour)) areq.EXPECT().SetGrantTypeHandled("authorization_code") }, }, } { c.mock() err := h.ValidateTokenEndpointRequest(nil, c.req, areq, nil) assert.True(t, errors.Is(c.expectErr, err), "%d\n%s\n%s", k, err, c.expectErr) t.Logf("Passed test case %d", k) } }