func TestNewIntrospectionRequest(t *testing.T) {
ctrl := gomock.NewController(t)
validator := internal.NewMockTokenIntrospector(ctrl)
defer ctrl.Finish()
f := compose.ComposeAllEnabled(new(compose.Config), storage.NewMemoryStore(), []byte{}, nil).(*Fosite)
httpreq := &http.Request{
Method: "POST",
Header: http.Header{},
Form: url.Values{},
}
for k, c := range []struct {
description string
setup func()
expectErr error
isActive bool
}{
{
description: "should fail",
setup: func() {
},
expectErr: ErrInvalidRequest,
},
{
description: "should pass",
setup: func() {
f.TokenIntrospectionHandlers = TokenIntrospectionHandlers{validator}
httpreq = &http.Request{
Method: "POST",
Header: http.Header{
"Authorization": []string{"bearer some-token"},
},
PostForm: url.Values{
"token": []string{"introspect-token"},
},
}
validator.EXPECT().IntrospectToken(nil, "some-token", gomock.Any(), gomock.Any(), gomock.Any()).Return(nil)
validator.EXPECT().IntrospectToken(nil, "introspect-token", gomock.Any(), gomock.Any(), gomock.Any()).Return(errors.New(""))
},
isActive: false,
},
{
description: "should pass",
setup: func() {
f.TokenIntrospectionHandlers = TokenIntrospectionHandlers{validator}
httpreq = &http.Request{
Method: "POST",
Header: http.Header{
"Authorization": []string{"bearer some-token"},
},
PostForm: url.Values{
"token": []string{"introspect-token"},
},
}
validator.EXPECT().IntrospectToken(nil, "some-token", gomock.Any(), gomock.Any(), gomock.Any()).Return(nil)
validator.EXPECT().IntrospectToken(nil, "introspect-token", gomock.Any(), gomock.Any(), gomock.Any()).Return(nil)
},
isActive: true,
},
} {
c.setup()
res, err := f.NewIntrospectionRequest(nil, httpreq, nil)
assert.True(t, errors.Cause(err) == c.expectErr, "(%d) %s\n%s\n%s", k, c.description, err, c.expectErr)
if res != nil {
assert.Equal(t, c.isActive, res.IsActive())
}
t.Logf("Passed test case %d", k)
}
}
func TestIntrospect(t *testing.T) {
ctrl := gomock.NewController(t)
validator := internal.NewMockTokenIntrospector(ctrl)
defer ctrl.Finish()
f := compose.ComposeAllEnabled(new(compose.Config), storage.NewMemoryStore(), []byte{}, nil).(*Fosite)
httpreq := &http.Request{
Header: http.Header{
"Authorization": []string{"bearer some-token"},
},
Form: url.Values{},
}
for k, c := range []struct {
description string
scopes []string
setup func()
expectErr error
}{
{
description: "should fail",
scopes: []string{},
setup: func() {
},
expectErr: ErrRequestUnauthorized,
},
{
description: "should fail",
scopes: []string{"foo"},
setup: func() {
f.TokenIntrospectionHandlers = TokenIntrospectionHandlers{validator}
validator.EXPECT().IntrospectToken(nil, "some-token", gomock.Any(), gomock.Any(), gomock.Any()).Return(ErrUnknownRequest)
},
expectErr: ErrRequestUnauthorized,
},
{
description: "should fail",
scopes: []string{"foo"},
setup: func() {
validator.EXPECT().IntrospectToken(nil, "some-token", gomock.Any(), gomock.Any(), gomock.Any()).Return(ErrInvalidClient)
},
expectErr: ErrInvalidClient,
},
{
description: "should pass",
setup: func() {
validator.EXPECT().IntrospectToken(nil, "some-token", gomock.Any(), gomock.Any(), gomock.Any()).Do(func(ctx context.Context, _ string, _ TokenType, accessRequest AccessRequester, _ []string) {
accessRequest.(*AccessRequest).GrantedScopes = []string{"bar"}
}).Return(nil)
},
},
{
description: "should pass",
scopes: []string{"bar"},
setup: func() {
validator.EXPECT().IntrospectToken(nil, "some-token", gomock.Any(), gomock.Any(), gomock.Any()).Do(func(ctx context.Context, _ string, _ TokenType, accessRequest AccessRequester, _ []string) {
accessRequest.(*AccessRequest).GrantedScopes = []string{"bar"}
}).Return(nil)
},
},
} {
c.setup()
_, err := f.IntrospectToken(nil, AccessTokenFromRequest(httpreq), AccessToken, nil, c.scopes...)
assert.True(t, errors.Cause(err) == c.expectErr, "(%d) %s\n%s\n%s", k, c.description, err, c.expectErr)
t.Logf("Passed test case %d", k)
}
}