func TestHandleTokenEndpointRequest(t *testing.T) { ctrl := gomock.NewController(t) store := internal.NewMockAuthorizeCodeGrantStorage(ctrl) ach := internal.NewMockAccessTokenStrategy(ctrl) rch := internal.NewMockRefreshTokenStrategy(ctrl) auch := internal.NewMockAuthorizeCodeStrategy(ctrl) areq := internal.NewMockAccessRequester(ctrl) aresp := internal.NewMockAccessResponder(ctrl) //mockcl := internal.NewMockClient(ctrl) defer ctrl.Finish() h := AuthorizeExplicitGrantTypeHandler{ Store: store, AuthorizeCodeStrategy: auch, AccessTokenStrategy: ach, RefreshTokenStrategy: rch, } for k, c := range []struct { mock func() req *http.Request expectErr error }{ { mock: func() { areq.EXPECT().GetGrantType().Return("13245678") }, }, { mock: func() { areq.EXPECT().GetGrantType().Return("authorization_code") ach.EXPECT().GenerateAccessToken(gomock.Any(), gomock.Any(), gomock.Any()).Return("", "", fosite.ErrServerError) }, expectErr: fosite.ErrServerError, }, { req: &http.Request{PostForm: url.Values{}}, mock: func() { areq.EXPECT().GetGrantType().Return("authorization_code") ach.EXPECT().GenerateAccessToken(gomock.Any(), gomock.Any(), gomock.Any()).Return("", "", nil) rch.EXPECT().GenerateRefreshToken(gomock.Any(), gomock.Any(), gomock.Any()).Return("", "", nil) auch.EXPECT().ValidateAuthorizeCode(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()).Return("signature", nil) store.EXPECT().GetAuthorizeCodeSession(gomock.Any(), gomock.Any()).Return(nil, errors.New("")) }, expectErr: fosite.ErrServerError, }, { req: &http.Request{PostForm: url.Values{}}, mock: func() { areq.EXPECT().GetGrantType().Return("authorization_code") ach.EXPECT().GenerateAccessToken(gomock.Any(), gomock.Any(), gomock.Any()).Return("", "", nil) rch.EXPECT().GenerateRefreshToken(gomock.Any(), gomock.Any(), gomock.Any()).Return("", "", nil) auch.EXPECT().ValidateAuthorizeCode(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()).Return("signature", nil) store.EXPECT().GetAuthorizeCodeSession(gomock.Any(), gomock.Any()).Return(&fosite.AuthorizeRequest{}, nil) store.EXPECT().CreateAccessTokenSession(gomock.Any(), gomock.Any()).Return(errors.New("")) }, expectErr: fosite.ErrServerError, }, { req: &http.Request{PostForm: url.Values{}}, mock: func() { areq.EXPECT().GetGrantType().Return("authorization_code") ach.EXPECT().GenerateAccessToken(gomock.Any(), gomock.Any(), gomock.Any()).Return("", "", nil) rch.EXPECT().GenerateRefreshToken(gomock.Any(), gomock.Any(), gomock.Any()).Return("", "", nil) auch.EXPECT().ValidateAuthorizeCode(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()).Return("signature", nil) store.EXPECT().GetAuthorizeCodeSession(gomock.Any(), gomock.Any()).Return(&fosite.AuthorizeRequest{}, nil) store.EXPECT().CreateAccessTokenSession(gomock.Any(), gomock.Any()).Return(nil) store.EXPECT().CreateRefreshTokenSession(gomock.Any(), gomock.Any()).Return(errors.New("")) }, expectErr: fosite.ErrServerError, }, { req: &http.Request{PostForm: url.Values{}}, mock: func() { areq.EXPECT().GetGrantType().Return("authorization_code") areq.EXPECT().GetGrantedScopes() ach.EXPECT().GenerateAccessToken(gomock.Any(), gomock.Any(), gomock.Any()).Return("access.at", "at", nil) rch.EXPECT().GenerateRefreshToken(gomock.Any(), gomock.Any(), gomock.Any()).Return("refresh.rt", "rt", nil) auch.EXPECT().ValidateAuthorizeCode(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()).Return("signature", nil) aresp.EXPECT().SetAccessToken("access.at") aresp.EXPECT().SetTokenType("bearer") aresp.EXPECT().SetExtra("refresh_token", "refresh.rt") aresp.EXPECT().SetExtra("expires_in", gomock.Any()) aresp.EXPECT().SetExtra("state", gomock.Any()) aresp.EXPECT().SetExtra("scope", gomock.Any()) store.EXPECT().DeleteAuthorizeCodeSession(gomock.Any()).Return(nil) store.EXPECT().GetAuthorizeCodeSession(gomock.Any(), gomock.Any()).Return(&fosite.AuthorizeRequest{}, nil) store.EXPECT().CreateAccessTokenSession(gomock.Any(), gomock.Any()).Return(nil) store.EXPECT().CreateRefreshTokenSession(gomock.Any(), gomock.Any()).Return(nil) }, }, } { c.mock() err := h.HandleTokenEndpointRequest(nil, c.req, areq, aresp) assert.True(t, errors.Is(c.expectErr, err), "%d\n%s\n%s", k, err, c.expectErr) t.Logf("Passed test case %d", k) } }
func TestResourceOwnerFlow_PopulateTokenEndpointResponse(t *testing.T) { ctrl := gomock.NewController(t) store := internal.NewMockResourceOwnerPasswordCredentialsGrantStorage(ctrl) chgen := internal.NewMockAccessTokenStrategy(ctrl) rtstr := internal.NewMockRefreshTokenStrategy(ctrl) aresp := fosite.NewAccessResponse() mockAT := "accesstoken.foo.bar" mockRT := "refreshtoken.bar.foo" defer ctrl.Finish() areq := fosite.NewAccessRequest(nil) httpreq := &http.Request{PostForm: url.Values{}} h := ResourceOwnerPasswordCredentialsGrantHandler{ ResourceOwnerPasswordCredentialsGrantStorage: store, HandleHelper: &HandleHelper{ AccessTokenStorage: store, AccessTokenStrategy: chgen, AccessTokenLifespan: time.Hour, }, RefreshTokenStrategy: rtstr, } for k, c := range []struct { description string setup func() expectErr error expect func() }{ { description: "should fail because not responsible", expectErr: fosite.ErrUnknownRequest, setup: func() { areq.GrantTypes = fosite.Arguments{""} }, }, { description: "should pass", setup: func() { areq.Session = &fosite.DefaultSession{} areq.GrantTypes = fosite.Arguments{"password"} chgen.EXPECT().GenerateAccessToken(nil, areq).Return(mockAT, "bar", nil) store.EXPECT().CreateAccessTokenSession(nil, "bar", areq).Return(nil) }, expect: func() { assert.Nil(t, aresp.GetExtra("refresh_token"), "unexpected refresh token") }, }, { description: "should pass - offline scope", setup: func() { areq.GrantTypes = fosite.Arguments{"password"} areq.GrantScope("offline") rtstr.EXPECT().GenerateRefreshToken(nil, areq).Return(mockRT, "bar", nil) store.EXPECT().CreateRefreshTokenSession(nil, "bar", areq).Return(nil) chgen.EXPECT().GenerateAccessToken(nil, areq).Return(mockAT, "bar", nil) store.EXPECT().CreateAccessTokenSession(nil, "bar", areq).Return(nil) }, expect: func() { assert.NotNil(t, aresp.GetExtra("refresh_token"), "expected refresh token") }, }, } { c.setup() err := h.PopulateTokenEndpointResponse(nil, httpreq, areq, aresp) assert.True(t, errors.Cause(err) == c.expectErr, "(%d) %s\n%s\n%s", k, c.description, err, c.expectErr) if c.expect != nil { c.expect() } t.Logf("Passed test case %d", k) } }
func TestAuthorizeCode_PopulateTokenEndpointResponse(t *testing.T) { ctrl := gomock.NewController(t) store := internal.NewMockAuthorizeCodeGrantStorage(ctrl) ach := internal.NewMockAccessTokenStrategy(ctrl) rch := internal.NewMockRefreshTokenStrategy(ctrl) auch := internal.NewMockAuthorizeCodeStrategy(ctrl) aresp := internal.NewMockAccessResponder(ctrl) //mockcl := internal.NewMockClient(ctrl) defer ctrl.Finish() areq := fosite.NewAccessRequest(new(fosite.DefaultSession)) httpreq := &http.Request{PostForm: url.Values{}} authreq := fosite.NewAuthorizeRequest() areq.Session = new(fosite.DefaultSession) h := AuthorizeExplicitGrantHandler{ AuthorizeCodeGrantStorage: store, AuthorizeCodeStrategy: auch, AccessTokenStrategy: ach, RefreshTokenStrategy: rch, ScopeStrategy: fosite.HierarchicScopeStrategy, } for k, c := range []struct { description string setup func() expectErr error }{ { description: "should fail because not responsible", expectErr: fosite.ErrUnknownRequest, setup: func() { areq.GrantTypes = fosite.Arguments{"123"} }, }, { description: "should fail because authcode not found", setup: func() { areq.GrantTypes = fosite.Arguments{"authorization_code"} areq.Client = &fosite.DefaultClient{ GrantTypes: fosite.Arguments{"authorization_code"}, } httpreq.PostForm.Add("code", "authcode") auch.EXPECT().AuthorizeCodeSignature("authcode").AnyTimes().Return("authsig") store.EXPECT().GetAuthorizeCodeSession(nil, "authsig", gomock.Any()).Return(nil, fosite.ErrNotFound) }, expectErr: fosite.ErrServerError, }, { description: "should fail because validation failed", setup: func() { store.EXPECT().GetAuthorizeCodeSession(nil, "authsig", gomock.Any()).AnyTimes().Return(authreq, nil) auch.EXPECT().ValidateAuthorizeCode(nil, areq, "authcode").Return(errors.New("")) }, expectErr: fosite.ErrInvalidRequest, }, { description: "should fail because access token generation failed", setup: func() { authreq.GrantedScopes = []string{"offline"} auch.EXPECT().ValidateAuthorizeCode(nil, areq, "authcode").AnyTimes().Return(nil) ach.EXPECT().GenerateAccessToken(nil, areq).Return("", "", errors.New("error")) }, expectErr: fosite.ErrServerError, }, { description: "should fail because refresh token generation failed", setup: func() { ach.EXPECT().GenerateAccessToken(nil, areq).AnyTimes().Return("access.ats", "ats", nil) rch.EXPECT().GenerateRefreshToken(nil, areq).Return("", "", errors.New("error")) }, expectErr: fosite.ErrServerError, }, { description: "should fail because persisting failed", setup: func() { rch.EXPECT().GenerateRefreshToken(nil, areq).AnyTimes().Return("refresh.rts", "rts", nil) store.EXPECT().PersistAuthorizeCodeGrantSession(nil, "authsig", "ats", "rts", areq).Return(errors.New("")) }, expectErr: fosite.ErrServerError, }, { description: "should pass", setup: func() { areq.GrantedScopes = fosite.Arguments{"foo", "offline"} store.EXPECT().PersistAuthorizeCodeGrantSession(nil, "authsig", "ats", "rts", areq).Return(nil) aresp.EXPECT().SetAccessToken("access.ats") aresp.EXPECT().SetTokenType("bearer") aresp.EXPECT().SetExtra("refresh_token", "refresh.rts") aresp.EXPECT().SetExpiresIn(gomock.Any()) aresp.EXPECT().SetScopes(areq.GrantedScopes) }, }, } { c.setup() err := h.PopulateTokenEndpointResponse(nil, httpreq, areq, aresp) assert.True(t, errors.Cause(err) == c.expectErr, "(%d) %s\n%s\n%s", k, c.description, err, c.expectErr) t.Logf("Passed test case %d", k) } }
func TestHandleTokenEndpointRequest(t *testing.T) { ctrl := gomock.NewController(t) store := internal.NewMockRefreshTokenGrantStorage(ctrl) rcts := internal.NewMockRefreshTokenStrategy(ctrl) acts := internal.NewMockAccessTokenStrategy(ctrl) areq := internal.NewMockAccessRequester(ctrl) aresp := internal.NewMockAccessResponder(ctrl) //mockcl := internal.NewMockClient(ctrl) defer ctrl.Finish() areq.EXPECT().GetClient().AnyTimes().Return(&client.SecureClient{}) h := RefreshTokenGrantHandler{ Store: store, RefreshTokenStrategy: rcts, AccessTokenStrategy: acts, AccessTokenLifespan: time.Hour, } for k, c := range []struct { mock func() req *http.Request expectErr error }{ { mock: func() { areq.EXPECT().GetGrantType().Return("") }, }, { mock: func() { areq.EXPECT().GetGrantType().Return("refresh_token") acts.EXPECT().GenerateAccessToken(gomock.Any(), gomock.Any(), gomock.Any()).Return("", "", errors.New("")) }, expectErr: fosite.ErrServerError, }, { req: &http.Request{PostForm: url.Values{}}, mock: func() { areq.EXPECT().GetGrantType().Return("refresh_token") acts.EXPECT().GenerateAccessToken(gomock.Any(), gomock.Any(), gomock.Any()).Return("", "access", nil) rcts.EXPECT().GenerateRefreshToken(gomock.Any(), gomock.Any(), gomock.Any()).Return("", "refresh", nil) store.EXPECT().CreateAccessTokenSession("access", gomock.Any()).Return(nil) store.EXPECT().CreateRefreshTokenSession("refresh", gomock.Any()).Return(errors.New("")) }, expectErr: fosite.ErrServerError, }, { req: &http.Request{PostForm: url.Values{}}, mock: func() { areq.EXPECT().GetGrantType().Return("refresh_token") acts.EXPECT().GenerateAccessToken(gomock.Any(), gomock.Any(), gomock.Any()).Return("", "access", nil) rcts.EXPECT().GenerateRefreshToken(gomock.Any(), gomock.Any(), gomock.Any()).Return("", "refresh", nil) rcts.EXPECT().ValidateRefreshToken(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()).Return("signature", nil) store.EXPECT().CreateAccessTokenSession("access", gomock.Any()).Return(nil) store.EXPECT().CreateRefreshTokenSession("refresh", gomock.Any()).Return(nil) store.EXPECT().DeleteRefreshTokenSession(gomock.Any()).Return(errors.New("")) }, expectErr: fosite.ErrServerError, }, { req: &http.Request{PostForm: url.Values{}}, mock: func() { areq.EXPECT().GetGrantType().Return("refresh_token") acts.EXPECT().GenerateAccessToken(gomock.Any(), gomock.Any(), gomock.Any()).Return("access.token", "access", nil) rcts.EXPECT().GenerateRefreshToken(gomock.Any(), gomock.Any(), gomock.Any()).Return("refresh.token", "refresh", nil) rcts.EXPECT().ValidateRefreshToken(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()).Return("signature", nil) store.EXPECT().CreateAccessTokenSession("access", gomock.Any()).Return(nil) store.EXPECT().CreateRefreshTokenSession("refresh", gomock.Any()).Return(nil) store.EXPECT().DeleteRefreshTokenSession(gomock.Any()).Return(nil) aresp.EXPECT().SetAccessToken("access.token") aresp.EXPECT().SetTokenType("bearer") aresp.EXPECT().SetExtra("expires_in", gomock.Any()) aresp.EXPECT().SetExtra("scope", gomock.Any()) aresp.EXPECT().SetExtra("refresh_token", "refresh.token") areq.EXPECT().GetGrantedScopes() }, }, } { c.mock() err := h.HandleTokenEndpointRequest(nil, c.req, areq, aresp) assert.True(t, errors.Is(c.expectErr, err), "%d\n%s\n%s", k, err, c.expectErr) t.Logf("Passed test case %d", k) } }
func TestValidateTokenEndpointRequest(t *testing.T) { ctrl := gomock.NewController(t) store := internal.NewMockRefreshTokenGrantStorage(ctrl) chgen := internal.NewMockRefreshTokenStrategy(ctrl) areq := internal.NewMockAccessRequester(ctrl) defer ctrl.Finish() h := RefreshTokenGrantHandler{ Store: store, RefreshTokenStrategy: chgen, AccessTokenLifespan: time.Hour, } for k, c := range []struct { mock func() req *http.Request expectErr error }{ { mock: func() { areq.EXPECT().GetGrantType().Return("") }, }, { req: &http.Request{PostForm: url.Values{}}, mock: func() { areq.EXPECT().GetGrantType().Return("refresh_token") chgen.EXPECT().ValidateRefreshToken("", gomock.Any(), gomock.Any(), gomock.Any()).Return("", errors.New("")) }, expectErr: fosite.ErrInvalidRequest, }, { req: &http.Request{PostForm: url.Values{}}, mock: func() { areq.EXPECT().GetGrantType().Return("refresh_token") chgen.EXPECT().ValidateRefreshToken("", gomock.Any(), gomock.Any(), gomock.Any()).Return("signature", nil) store.EXPECT().GetRefreshTokenSession("signature", gomock.Any()).Return(nil, pkg.ErrNotFound) }, expectErr: fosite.ErrInvalidRequest, }, { req: &http.Request{PostForm: url.Values{}}, mock: func() { areq.EXPECT().GetGrantType().Return("refresh_token") chgen.EXPECT().ValidateRefreshToken("", gomock.Any(), gomock.Any(), gomock.Any()).Return("signature", nil) store.EXPECT().GetRefreshTokenSession(gomock.Any(), gomock.Any()).Return(nil, errors.New("")) }, expectErr: fosite.ErrServerError, }, { req: &http.Request{PostForm: url.Values{}}, mock: func() { areq.EXPECT().GetGrantType().Return("refresh_token") areq.EXPECT().GetClient().Return(&client.SecureClient{ID: "foo"}) chgen.EXPECT().ValidateRefreshToken("", gomock.Any(), gomock.Any(), gomock.Any()).Return("signature", nil) store.EXPECT().GetRefreshTokenSession(gomock.Any(), gomock.Any()).Return(&fosite.Request{Client: &client.SecureClient{ID: ""}}, nil) }, expectErr: fosite.ErrInvalidRequest, }, { req: &http.Request{PostForm: url.Values{}}, mock: func() { areq.EXPECT().GetGrantType().Return("refresh_token") areq.EXPECT().GetClient().Return(&client.SecureClient{ID: "foo"}) chgen.EXPECT().ValidateRefreshToken("", gomock.Any(), gomock.Any(), gomock.Any()).Return("signature", nil) store.EXPECT().GetRefreshTokenSession(gomock.Any(), gomock.Any()).Return(&fosite.Request{Client: &client.SecureClient{ID: "foo"}}, nil) areq.EXPECT().SetGrantTypeHandled("refresh_token") }, }, } { c.mock() err := h.ValidateTokenEndpointRequest(nil, c.req, areq) assert.True(t, errors.Is(c.expectErr, err), "%d\n%s\n%s", k, err, c.expectErr) t.Logf("Passed test case %d", k) } }
func TestRefreshFlow_HandleTokenEndpointRequest(t *testing.T) { ctrl := gomock.NewController(t) store := internal.NewMockRefreshTokenGrantStorage(ctrl) chgen := internal.NewMockRefreshTokenStrategy(ctrl) defer ctrl.Finish() areq := fosite.NewAccessRequest(nil) sess := &fosite.DefaultSession{Subject: "othersub"} httpreq := &http.Request{PostForm: url.Values{}} h := RefreshTokenGrantHandler{ RefreshTokenGrantStorage: store, RefreshTokenStrategy: chgen, AccessTokenLifespan: time.Hour, } for k, c := range []struct { description string setup func() expectErr error expect func() }{ { description: "should fail because not responsible", expectErr: fosite.ErrUnknownRequest, setup: func() { areq.GrantTypes = fosite.Arguments{"123"} }, }, { description: "should fail because lookup failed", setup: func() { areq.GrantTypes = fosite.Arguments{"refresh_token"} areq.Client = &fosite.DefaultClient{GrantTypes: fosite.Arguments{"refresh_token"}} httpreq.PostForm.Add("refresh_token", "some.refreshtokensig") chgen.EXPECT().RefreshTokenSignature("some.refreshtokensig").AnyTimes().Return("refreshtokensig") store.EXPECT().GetRefreshTokenSession(nil, "refreshtokensig", nil).Return(nil, fosite.ErrNotFound) }, expectErr: fosite.ErrInvalidRequest, }, { description: "should fail because validation failed", setup: func() { store.EXPECT().GetRefreshTokenSession(nil, "refreshtokensig", nil).Return(&fosite.Request{ GrantedScopes: []string{"offline"}, }, nil) chgen.EXPECT().ValidateRefreshToken(nil, areq, "some.refreshtokensig").Return(errors.New("")) }, expectErr: fosite.ErrInvalidRequest, }, { description: "should fail because client mismatches", setup: func() { areq.Client = &fosite.DefaultClient{ ID: "foo", GrantTypes: fosite.Arguments{"refresh_token"}, } store.EXPECT().GetRefreshTokenSession(nil, "refreshtokensig", nil).Return(&fosite.Request{ Client: &fosite.DefaultClient{ID: ""}, GrantedScopes: []string{"offline"}, }, nil) chgen.EXPECT().ValidateRefreshToken(nil, areq, "some.refreshtokensig").AnyTimes().Return(nil) }, expectErr: fosite.ErrInvalidRequest, }, { description: "should pass", setup: func() { store.EXPECT().GetRefreshTokenSession(nil, "refreshtokensig", nil).Return(&fosite.Request{ Client: &fosite.DefaultClient{ID: "foo"}, GrantedScopes: fosite.Arguments{"foo", "offline"}, Scopes: fosite.Arguments{"foo", "bar"}, Session: sess, Form: url.Values{"foo": []string{"bar"}}, RequestedAt: time.Now().Add(-time.Hour).Round(time.Hour), }, nil) }, expect: func() { assert.Equal(t, sess, areq.Session) assert.NotEqual(t, time.Now().Add(-time.Hour).Round(time.Hour), areq.RequestedAt) assert.Equal(t, fosite.Arguments{"foo", "offline"}, areq.GrantedScopes) assert.Equal(t, fosite.Arguments{"foo", "bar"}, areq.Scopes) assert.NotEqual(t, url.Values{"foo": []string{"bar"}}, areq.Form) }, }, } { c.setup() err := h.HandleTokenEndpointRequest(nil, httpreq, areq) assert.True(t, errors.Cause(err) == c.expectErr, "(%d) %s\n%s\n%s", k, c.description, err, c.expectErr) if c.expect != nil { c.expect() } t.Logf("Passed test case %d", k) } }
func TestRefreshFlow_PopulateTokenEndpointResponse(t *testing.T) { ctrl := gomock.NewController(t) store := internal.NewMockRefreshTokenGrantStorage(ctrl) rcts := internal.NewMockRefreshTokenStrategy(ctrl) acts := internal.NewMockAccessTokenStrategy(ctrl) areq := fosite.NewAccessRequest(nil) aresp := internal.NewMockAccessResponder(ctrl) httpreq := &http.Request{PostForm: url.Values{}} defer ctrl.Finish() areq.Client = &fosite.DefaultClient{} h := RefreshTokenGrantHandler{ RefreshTokenGrantStorage: store, RefreshTokenStrategy: rcts, AccessTokenStrategy: acts, AccessTokenLifespan: time.Hour, } for k, c := range []struct { description string setup func() expectErr error }{ { description: "should fail because not responsible", expectErr: fosite.ErrUnknownRequest, setup: func() { areq.GrantTypes = fosite.Arguments{"313"} }, }, { description: "should fail because access token generation fails", setup: func() { areq.GrantTypes = fosite.Arguments{"refresh_token"} httpreq.PostForm.Add("refresh_token", "foo.reftokensig") rcts.EXPECT().RefreshTokenSignature("foo.reftokensig").AnyTimes().Return("reftokensig") acts.EXPECT().GenerateAccessToken(nil, areq).Return("", "", errors.New("")) }, expectErr: fosite.ErrServerError, }, { description: "should fail because access token generation fails", setup: func() { acts.EXPECT().GenerateAccessToken(nil, areq).AnyTimes().Return("access.atsig", "atsig", nil) rcts.EXPECT().GenerateRefreshToken(nil, areq).Return("", "", errors.New("")) }, expectErr: fosite.ErrServerError, }, { description: "should fail because persisting fails", setup: func() { rcts.EXPECT().GenerateRefreshToken(nil, areq).AnyTimes().Return("refresh.resig", "resig", nil) store.EXPECT().PersistRefreshTokenGrantSession(nil, "reftokensig", "atsig", "resig", areq).Return(errors.New("")) }, expectErr: fosite.ErrServerError, }, { description: "should pass", setup: func() { areq.Session = &fosite.DefaultSession{} store.EXPECT().PersistRefreshTokenGrantSession(nil, "reftokensig", "atsig", "resig", areq).AnyTimes().Return(nil) aresp.EXPECT().SetAccessToken("access.atsig") aresp.EXPECT().SetTokenType("bearer") aresp.EXPECT().SetExpiresIn(gomock.Any()) aresp.EXPECT().SetScopes(gomock.Any()) aresp.EXPECT().SetExtra("refresh_token", "refresh.resig") }, }, } { c.setup() err := h.PopulateTokenEndpointResponse(nil, httpreq, areq, aresp) assert.True(t, errors.Cause(err) == c.expectErr, "(%d) %s\n%s\n%s", k, c.description, err, c.expectErr) t.Logf("Passed test case %d", k) } }
func TestRevokeToken(t *testing.T) { ctrl := gomock.NewController(t) store := internal.NewMockTokenRevocationStorage(ctrl) atStrat := internal.NewMockAccessTokenStrategy(ctrl) rtStrat := internal.NewMockRefreshTokenStrategy(ctrl) ar := internal.NewMockAccessRequester(ctrl) defer ctrl.Finish() h := TokenRevocationHandler{ TokenRevocationStorage: store, RefreshTokenStrategy: rtStrat, AccessTokenStrategy: atStrat, } var token string var tokenType fosite.TokenType for k, c := range []struct { description string mock func() expectErr error }{ { description: "should pass - refresh token discovery first; refresh token found", expectErr: nil, mock: func() { token = "foo" tokenType = fosite.RefreshToken rtStrat.EXPECT().RefreshTokenSignature(token) store.EXPECT().GetRefreshTokenSession(gomock.Any(), gomock.Any(), gomock.Any()).Return(ar, nil) ar.EXPECT().GetID() store.EXPECT().RevokeRefreshToken(gomock.Any(), gomock.Any()) store.EXPECT().RevokeAccessToken(gomock.Any(), gomock.Any()) }, }, { description: "should pass - access token discovery first; access token found", expectErr: nil, mock: func() { token = "foo" tokenType = fosite.AccessToken atStrat.EXPECT().AccessTokenSignature(token) store.EXPECT().GetAccessTokenSession(gomock.Any(), gomock.Any(), gomock.Any()).Return(ar, nil) ar.EXPECT().GetID() store.EXPECT().RevokeRefreshToken(gomock.Any(), gomock.Any()) store.EXPECT().RevokeAccessToken(gomock.Any(), gomock.Any()) }, }, { description: "should pass - refresh token discovery first; refresh token not found", expectErr: nil, mock: func() { token = "foo" tokenType = fosite.AccessToken atStrat.EXPECT().AccessTokenSignature(token) store.EXPECT().GetAccessTokenSession(gomock.Any(), gomock.Any(), gomock.Any()).Return(nil, fosite.ErrNotFound) rtStrat.EXPECT().RefreshTokenSignature(token) store.EXPECT().GetRefreshTokenSession(gomock.Any(), gomock.Any(), gomock.Any()).Return(ar, nil) ar.EXPECT().GetID() store.EXPECT().RevokeRefreshToken(gomock.Any(), gomock.Any()) store.EXPECT().RevokeAccessToken(gomock.Any(), gomock.Any()) }, }, { description: "should pass - access token discovery first; access token not found", expectErr: nil, mock: func() { token = "foo" tokenType = fosite.RefreshToken rtStrat.EXPECT().RefreshTokenSignature(token) store.EXPECT().GetRefreshTokenSession(gomock.Any(), gomock.Any(), gomock.Any()).Return(nil, fosite.ErrNotFound) atStrat.EXPECT().AccessTokenSignature(token) store.EXPECT().GetAccessTokenSession(gomock.Any(), gomock.Any(), gomock.Any()).Return(ar, nil) ar.EXPECT().GetID() store.EXPECT().RevokeRefreshToken(gomock.Any(), gomock.Any()) store.EXPECT().RevokeAccessToken(gomock.Any(), gomock.Any()) }, }, { description: "should pass - refresh token discovery first; both tokens not found", expectErr: fosite.ErrNotFound, mock: func() { token = "foo" tokenType = fosite.RefreshToken rtStrat.EXPECT().RefreshTokenSignature(token) store.EXPECT().GetRefreshTokenSession(gomock.Any(), gomock.Any(), gomock.Any()).Return(nil, fosite.ErrNotFound) atStrat.EXPECT().AccessTokenSignature(token) store.EXPECT().GetAccessTokenSession(gomock.Any(), gomock.Any(), gomock.Any()).Return(nil, fosite.ErrNotFound) }, }, { description: "should pass - access token discovery first; both tokens not found", expectErr: fosite.ErrNotFound, mock: func() { token = "foo" tokenType = fosite.AccessToken atStrat.EXPECT().AccessTokenSignature(token) store.EXPECT().GetAccessTokenSession(gomock.Any(), gomock.Any(), gomock.Any()).Return(nil, fosite.ErrNotFound) rtStrat.EXPECT().RefreshTokenSignature(token) store.EXPECT().GetRefreshTokenSession(gomock.Any(), gomock.Any(), gomock.Any()).Return(nil, fosite.ErrNotFound) }, }, } { c.mock() err := h.RevokeToken(nil, token, tokenType) assert.True(t, errors.Cause(err) == c.expectErr, "(%d) %s\n%s\n%s", k, c.description, err, c.expectErr) t.Logf("Passed test case %d", k) } }