Exemple #1
0
func TestSetGet(t *testing.T) {

	type tempKey int

	const (
		srcKey tempKey = iota
		key
	)

	randString := func(n int) string {
		var letterRunes = []rune("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ")
		b := make([]rune, n)
		for i := range b {
			b[i] = letterRunes[rand.Intn(len(letterRunes))]
		}
		return string(b)
	}

	msg := randString(20)
	ch := make(chan int)

	// prepare the context
	ctx := func(msg interface{}, ch chan<- int) context.Context {

		dummySrc := func() (conn store.Conn, err error) {
			conn = tConn{msg, ch}
			return
		}

		factory := store.NewFactory()
		factory.SetSource(srcKey, store.SourceFunc(dummySrc))
		factory.Set(key, srcKey, func(sess interface{}) (s store.Store, err error) {
			err = fmt.Errorf("%s", sess)
			return
		})

		return store.WithFactory(context.Background(), factory)

	}(msg, ch)

	// get a store
	if _, err := store.Get(ctx, key); err == nil {
		t.Error("unexpected nil error")
	} else if want, have := msg, err.Error(); want != have {
		t.Errorf("expected %#v, got %#v", want, have)
	}

	// test if store would close before timeout
	d, _ := time.ParseDuration("1s")
	timeout := time.After(d)
	store.CloseAllIn(ctx)

	select {
	case <-timeout:
		t.Error("tConn not closed before timeout")
	case <-ch:
		t.Log("tConn closed")
	}

}
Exemple #2
0
func TestStorage_AuthorizeData(t *testing.T) {

	// define test db
	getContext := func() context.Context {
		factory := store.NewFactory()
		factory.SetSource(store.DefaultSrc, defaultTestSrc())
		factory.Set(oauth2.KeyAccess, store.DefaultSrc, oauth2.AccessDataStoreProvider)
		factory.Set(oauth2.KeyAuth, store.DefaultSrc, oauth2.AuthorizeDataStoreProvider)
		factory.Set(oauth2.KeyClient, store.DefaultSrc, oauth2.ClientStoreProvider)
		factory.Set(oauth2.KeyUser, store.DefaultSrc, oauth2.UserStoreProvider)
		return store.WithFactory(context.Background(), factory)
	}

	// create dummy Client and user
	ctx := getContext()
	defer store.CloseAllIn(ctx)
	storage := &oauth2.Storage{}
	storage.SetContext(ctx)

	c, u := createStoreDummies(ctx, "password", "http://foobar.com/redirect")
	ad := dummyNewAuth(c, u)
	storage.SaveAuthorize(ad.ToOsin())

	// load the osin.AuthorizeData form store
	oad, err := storage.LoadAuthorize(ad.Code)
	if err != nil {
		t.Errorf("error: %#v", err.Error())
	}

	// Test if loaded Client equals to client in original one
	if want, have := c.GetId(), oad.Client.GetId(); want != have {
		t.Errorf("expected %#v, got %#v", want, have)
	}
	if want, have := c.GetRedirectUri(), oad.Client.GetRedirectUri(); want != have {
		t.Errorf("expected %#v, got %#v", want, have)
	}
	if want, have := c.GetSecret(), oad.Client.GetSecret(); want != have {
		t.Errorf("expected %#v, got %#v", want, have)
	}

	// Test if UserData equals to original one
	if u1, u2 := ad.UserData.(*oauth2.User), oad.UserData.(*oauth2.User); true {
	} else if want, have := u1.ID, u2.ID; want != have {
		t.Errorf("expected %#v, got %#v", want, have)
	} else if want, have := u1.Email, u2.Email; want != have {
		t.Errorf("expected %#v, got %#v", want, have)
	} else if want, have := u1.Name, u2.Name; want != have {
		t.Errorf("expected %#v, got %#v", want, have)
	} else if want, have := u1.Password, u2.Password; want != have {
		t.Errorf("expected %#v, got %#v", want, have)
	} else if want, have := u1.Created, u2.Created; want.Unix() != have.Unix() {
		t.Errorf("expected %#v, got %#v", want, have)
	} else if want, have := u1.Updated, u2.Updated; want.Unix() != have.Unix() {
		t.Errorf("expected %#v, got %#v", want, have)
	}

}
Exemple #3
0
// example server web app
func testOAuth2Server(t *testing.T, baseURL, msg string) http.Handler {

	rtr := pat.New()

	// oauth2 manager
	m := oauth2.NewManager()

	type tempKey int
	const (
		testDB tempKey = iota
	)

	// define store factory for storage
	factory := store.NewFactory()
	factory.SetSource(testDB, defaultTestSrc())
	factory.Set(oauth2.KeyUser, testDB, oauth2.UserStoreProvider)
	factory.Set(oauth2.KeyClient, testDB, oauth2.ClientStoreProvider)
	factory.Set(oauth2.KeyAccess, testDB, oauth2.AccessDataStoreProvider)
	factory.Set(oauth2.KeyAuth, testDB, oauth2.AuthorizeDataStoreProvider)

	// router function
	rtrFunc := func(path string, methods []string, h http.Handler) error {
		for i := range methods {
			rtr.Add(methods[i], path, h)
		}
		return nil
	}

	// add oauth2 endpoints to router
	// ServeEndpoints bind OAuth2 endpoints to a given base path
	// Note: this is router specific and need to be generated somehow
	oauth2.Route(rtrFunc, baseURL, m.GetEndpoints(factory))

	// add a route the requires access
	rtr.Get("/content", func(w http.ResponseWriter, r *http.Request) {

		ctx := store.WithFactory(context.Background(), factory)
		ctx = oauth2.LoadTokenAccess(oauth2.UseToken(ctx, r))
		t.Logf("Dummy content page accessed")

		// obtain access
		a := oauth2.GetAccess(ctx)
		if a == nil {
			fmt.Fprint(w, "Unable to gain Access")
			return
		}

		// no news is good news
		fmt.Fprint(w, msg)
	})

	return rtr
}
Exemple #4
0
func TestFactory_source(t *testing.T) {
	dummySrc1 := func() (conn store.Conn, err error) {
		err = fmt.Errorf("hello dummySrc")
		return
	}

	factory := store.NewFactory()
	factory.SetSource(store.DefaultSrc, store.SourceFunc(dummySrc1))
	dummySrc2 := factory.GetSource(store.DefaultSrc)

	if _, err1 := dummySrc1(); err1 == nil {
		t.Errorf("unexpected nil value")
	} else if _, err2 := dummySrc2.Open(); err2 == nil {
		t.Errorf("unexpected nil value")
	} else if want, have := err1.Error(), err2.Error(); want != have {
		t.Errorf("expected %#v, got %#v", want, have)
	}
}
Exemple #5
0
func TestFactory_store(t *testing.T) {
	dummyPrvdr1 := func(sess interface{}) (s store.Store, err error) {
		err = fmt.Errorf("hello dummyPrvdr")
		return
	}

	type tempKey int
	var srcKey, storeKey tempKey = 0, 1

	factory := store.NewFactory()
	factory.Set(storeKey, srcKey, dummyPrvdr1)
	_, dummyPrvdr2 := factory.Get(storeKey)

	if _, err1 := dummyPrvdr1(nil); err1 == nil {
		t.Errorf("unexpected nil value")
	} else if _, err2 := dummyPrvdr2(nil); err2 == nil {
		t.Errorf("unexpected nil value")
	} else if want, have := err1.Error(), err2.Error(); want != have {
		t.Errorf("expected %#v, got %#v", want, have)
	}
}
Exemple #6
0
// TestOAuth2HTTP tests the stack with
// actual HTTP call against httptest.Server
// wrapped handlers
func TestOAuth2HTTP(t *testing.T) {

	var err error

	// a dummy password for dummy user
	password := "******"
	message := "Success"

	// test store context
	type tempKey int
	const (
		testDB tempKey = iota
	)
	factory := store.NewFactory()
	factory.SetSource(testDB, defaultTestSrc())
	factory.Set(oauth2.KeyUser, testDB, oauth2.UserStoreProvider)
	factory.Set(oauth2.KeyClient, testDB, oauth2.ClientStoreProvider)
	factory.Set(oauth2.KeyAccess, testDB, oauth2.AccessDataStoreProvider)
	factory.Set(oauth2.KeyAuth, testDB, oauth2.AuthorizeDataStoreProvider)
	ctx := store.WithFactory(context.Background(), factory)

	testCtx := &testContext{
		password:     password,
		t:            t,
		redirectBase: "https://test.foobar/example_app/",
		redirectURL:  "https://test.foobar/example_app/code",
		oauth2Path:   "/oauth2",
	}

	// create test oauth2 server
	ts := httptest.NewServer(testOAuth2Server(t, testCtx.oauth2Path, message))
	defer ts.Close()
	testCtx.oauth2Base = ts.URL

	t.Logf("auth endpoint %#v", testCtx.AuthEndpoint())

	// create dummy client and user
	testCtx.client, testCtx.user = createStoreDummies(ctx, testCtx.password, testCtx.redirectBase)
	store.CloseAllIn(ctx)

	// create dummy oauth client and user
	testCtx.code, err = getCodeHTTP(t, getCodeRequest(testCtx))
	if err != nil {
		t.Error(err.Error())
		return
	}

	// retrieve token from token endpoint
	// get response from client web app redirect uri
	testCtx.token, testCtx.refresh, err = getTokenHTTP(t, getTokenRequest(testCtx))
	if err != nil {
		t.Errorf(err.Error())
		return
	}

	// try to refresh token
	t.Logf(`refresh_token=%s token=%s msg="refresh token test"`, testCtx.refresh, testCtx.token)
	testCtx.token, testCtx.refresh, err = getTokenHTTP(t, getRefreshRequest(testCtx))
	if err != nil {
		t.Errorf(err.Error())
		return
	}
	t.Logf(`refresh_token=%s token=%s msg="refresh token test success"`, testCtx.refresh, testCtx.token)

	// retrieve a testing content path
	body, err := getContentHTTP(t, getContentRequest(testCtx.token, ts.URL+"/content"))
	if err != nil {
		t.Logf("hello: %#v", err)
		t.Errorf(err.Error())
		return
	}

	// final result
	if want, have := message, body; want != have {
		t.Errorf("expected: %#v, got: %#v", want, have)
	}
	t.Logf("result: %#v", string(body))

}
Exemple #7
0
func TestGetAccess_Session(t *testing.T) {

	var err error

	// test oauth2 server (router only)
	testCtx := &testContext{
		password:     "******",
		t:            t,
		redirectBase: "https://test.foobar/example_app/",
		redirectURL:  "https://test.foobar/example_app/code",
		oauth2Path:   "/oauth2/dummy",
	}

	message := "Success"
	oauth2Srvr := testOAuth2Server(t, testCtx.oauth2Path, message)
	contentURL := "/content"

	// test oauth2 client app (router only)
	//redirectURL := "/application/redirect"

	// test store context
	type tempKey int
	const (
		testDB tempKey = iota
	)
	factory := store.NewFactory()
	factory.SetSource(testDB, defaultTestSrc())
	factory.Set(oauth2.KeyUser, testDB, oauth2.UserStoreProvider)
	factory.Set(oauth2.KeyClient, testDB, oauth2.ClientStoreProvider)
	factory.Set(oauth2.KeyAccess, testDB, oauth2.AccessDataStoreProvider)
	factory.Set(oauth2.KeyAuth, testDB, oauth2.AuthorizeDataStoreProvider)
	ctx := store.WithFactory(context.Background(), factory)
	defer store.CloseAllIn(ctx)

	// create dummy oauth client and user
	testCtx.client, testCtx.user = createStoreDummies(ctx,
		testCtx.password, testCtx.redirectBase)

	// run the code request
	testCtx.code, err = getCode(oauth2Srvr, getCodeRequest(testCtx))
	if err != nil {
		t.Errorf("getCode error (%#v)", err.Error())
		return
	}
	t.Logf("code:  %#v", testCtx.code)

	// get oauth2 token
	testCtx.token, err = getToken(oauth2Srvr, getTokenRequest(testCtx))
	if err != nil {
		t.Errorf("getToken error (%s)", err.Error())
		return
	}
	t.Logf("token: %#v", testCtx.token)

	if want, have := (*oauth2.AccessData)(nil), oauth2.GetAccess(ctx); want != have {
		t.Errorf("expected %#v, got %#v", want, have)
	}

	// middleware routine: WithAccess set context with proper token passed
	// test getting AccessData from supposed context with AccessData
	r := getContentRequest(testCtx.token, contentURL)
	ctx = oauth2.LoadTokenAccess(oauth2.UseToken(ctx, r))
	access := oauth2.GetAccess(ctx)
	if access == nil {
		t.Errorf("expected *AccessData, got %#v", access)
		return
	}

	if want, have := "", access.ID; want != have {
		t.Errorf("expect %#v, got %#v", want, have)
	}
	if access.ClientID == "" {
		t.Errorf("access.ClientId expected to be not empty")
	}
	if want, have := testCtx.token, access.AccessToken; want != have {
		t.Errorf("expect %#v, got %#v", want, have)
	}
	if want, have := testCtx.user.ID, access.UserID; want != have {
		t.Errorf("expect %#v, got %#v", want, have)
	}
	if access.UserData == nil {
		t.Error("expect access.UserData not nil")
	} else if want, have := testCtx.user.ID, access.UserData.(*oauth2.User).ID; want != have {
		t.Errorf("expect %#v, got %#v", want, have)
	}
	if access.RefreshToken == "" {
		t.Errorf("access.RefreshToken expected to be not empty")
	}

}
Exemple #8
0
func TestStorage_AccessData(t *testing.T) {

	authEqual := func(a1, a2 *osin.AuthorizeData) (err error) {
		if a1 == nil {
			err = fmt.Errorf("unexpected nil a1")
			return
		}
		if a2 == nil {
			err = fmt.Errorf("unexpected nil a2")
			return
		}

		if v1, v2 := a1.Code, a2.Code; v1 != v2 {
			err = fmt.Errorf("Code not equal. %#v != %#v", v1, v2)
			return
		}
		if v1, v2 := a1.ExpiresIn, a2.ExpiresIn; v1 != v2 {
			err = fmt.Errorf("Code not equal. %#v != %#v", v1, v2)
			return
		}
		return
	}

	accessMatch := func(access *oauth2.AccessData, oaccess *osin.AccessData) (err error) {
		if access == nil {
			err = fmt.Errorf("unexpected nil *oauth2.AccessData")
			return
		}
		if oaccess == nil {
			err = fmt.Errorf("unexpected nil *osin.AccessData")
			return
		}

		if v1, v2 := access.AccessToken, oaccess.AccessToken; v1 != v2 {
			err = fmt.Errorf("AccessToken mismatch.\n*oauth2.AccessData=%#v, *osin.AccessData=%#v",
				v1, v2)
			return
		}
		if v1, v2 := access.RefreshToken, oaccess.RefreshToken; v1 != v2 {
			err = fmt.Errorf("RefreshToken mismatch.\n*oauth2.RefreshData=%#v, *osin.RefreshData=%#v",
				v1, v2)
			return
		}
		if v1, v2 := access.ExpiresIn, oaccess.ExpiresIn; v1 != v2 {
			err = fmt.Errorf("ExpiresIn mismatch.\n*oauth2.ExpiresIn=%#v, *osin.ExpiresIn=%#v",
				v1, v2)
			return
		}
		if v1, v2 := access.Scope, oaccess.Scope; v1 != v2 {
			err = fmt.Errorf("Scope mismatch.\n*oauth2.Scope=%#v, *osin.Scope=%#v",
				v1, v2)
			return
		}
		if v1, v2 := access.RedirectURI, oaccess.RedirectUri; v1 != v2 {
			err = fmt.Errorf("RedirectUri mismatch.\n*oauth2.RedirectUri=%#v, *osin.RedirectUri=%#v",
				v1, v2)
			return
		}
		if v1, v2 := access.CreatedAt, oaccess.CreatedAt; v1.Unix() != v2.Unix() {
			err = fmt.Errorf("CreatedAt mismatch.\n*oauth2.CreatedAt=%#v, *osin.CreatedAt=%#v",
				v1, v2)
			return
		}
		return
	}

	// define test db
	getContext := func() context.Context {
		factory := store.NewFactory()
		factory.SetSource(store.DefaultSrc, defaultTestSrc())
		factory.Set(oauth2.KeyAccess, store.DefaultSrc, oauth2.AccessDataStoreProvider)
		factory.Set(oauth2.KeyAuth, store.DefaultSrc, oauth2.AuthorizeDataStoreProvider)
		factory.Set(oauth2.KeyClient, store.DefaultSrc, oauth2.ClientStoreProvider)
		factory.Set(oauth2.KeyUser, store.DefaultSrc, oauth2.UserStoreProvider)
		return store.WithFactory(context.Background(), factory)
	}

	// create dummy Client and user
	ctx := getContext()
	defer store.CloseAllIn(ctx)
	storage := &oauth2.Storage{}
	storage.SetContext(ctx)

	c, u := createStoreDummies(ctx, "password", "http://foobar.com/redirect")
	ad := dummyNewAuth(c, u)
	access1 := dummyNewAccess(c, u, ad, nil)

	storage.SaveAccess(access1.ToOsin())
	oaccess1, err := storage.LoadAccess(access1.AccessToken)
	if err != nil {
		t.Errorf("unexpected error %#v", err.Error())
		return
	}

	if err := accessMatch(access1, oaccess1); err != nil {
		t.Errorf("access1 != oaccess1, err = %#v", err.Error())
	}
	if err := authEqual(access1.AuthorizeData.ToOsin(), oaccess1.AuthorizeData); err != nil {
		t.Errorf("access1.AuthorizeData != oaccess1.AuthorizeData, err = %#v", err.Error())
		t.Logf("\naccess1.AuthorizeData=%#v\noaccess1.AuthorizeData=%#v",
			access1.AuthorizeData, oaccess1.AuthorizeData)
	}

	access2 := dummyNewAccess(c, u, ad, access1)
	if access2.AccessData == nil {
		t.Error("unexpected nil value")
	} else if access2.ToOsin().AccessData == nil {
		t.Error("unexpected nil value")
	}

	storage.SaveAccess(access2.ToOsin())
	oaccess2, err := storage.LoadAccess(access2.AccessToken)
	if err != nil {
		t.Errorf("unexpected error %#v", err.Error())
		return
	}

	if err := accessMatch(access2, oaccess2); err != nil {
		t.Errorf("access2 != oaccess2, err = %#v", err.Error())
	}
	if err := authEqual(access2.AuthorizeData.ToOsin(), oaccess2.AuthorizeData); err != nil {
		t.Errorf("access2.AuthorizeData != oaccess2.AuthorizeData, err = %#v", err.Error())
		t.Logf("\naccess2.AuthorizeData=%#v\noaccess2.AuthorizeData=%#v",
			access2.AuthorizeData, oaccess2.AuthorizeData)
	}
	if err := accessMatch(access1, oaccess2.AccessData); err != nil {
		t.Errorf("access1 != oaccess2.AccessData, err = %#v", err.Error())
	}

}