func TestSetGet(t *testing.T) {
type tempKey int
const (
srcKey tempKey = iota
key
)
randString := func(n int) string {
var letterRunes = []rune("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ")
b := make([]rune, n)
for i := range b {
b[i] = letterRunes[rand.Intn(len(letterRunes))]
}
return string(b)
}
msg := randString(20)
ch := make(chan int)
// prepare the context
ctx := func(msg interface{}, ch chan<- int) context.Context {
dummySrc := func() (conn store.Conn, err error) {
conn = tConn{msg, ch}
return
}
factory := store.NewFactory()
factory.SetSource(srcKey, store.SourceFunc(dummySrc))
factory.Set(key, srcKey, func(sess interface{}) (s store.Store, err error) {
err = fmt.Errorf("%s", sess)
return
})
return store.WithFactory(context.Background(), factory)
}(msg, ch)
// get a store
if _, err := store.Get(ctx, key); err == nil {
t.Error("unexpected nil error")
} else if want, have := msg, err.Error(); want != have {
t.Errorf("expected %#v, got %#v", want, have)
}
// test if store would close before timeout
d, _ := time.ParseDuration("1s")
timeout := time.After(d)
store.CloseAllIn(ctx)
select {
case <-timeout:
t.Error("tConn not closed before timeout")
case <-ch:
t.Log("tConn closed")
}
}
func TestStorage_AuthorizeData(t *testing.T) {
// define test db
getContext := func() context.Context {
factory := store.NewFactory()
factory.SetSource(store.DefaultSrc, defaultTestSrc())
factory.Set(oauth2.KeyAccess, store.DefaultSrc, oauth2.AccessDataStoreProvider)
factory.Set(oauth2.KeyAuth, store.DefaultSrc, oauth2.AuthorizeDataStoreProvider)
factory.Set(oauth2.KeyClient, store.DefaultSrc, oauth2.ClientStoreProvider)
factory.Set(oauth2.KeyUser, store.DefaultSrc, oauth2.UserStoreProvider)
return store.WithFactory(context.Background(), factory)
}
// create dummy Client and user
ctx := getContext()
defer store.CloseAllIn(ctx)
storage := &oauth2.Storage{}
storage.SetContext(ctx)
c, u := createStoreDummies(ctx, "password", "http://foobar.com/redirect")
ad := dummyNewAuth(c, u)
storage.SaveAuthorize(ad.ToOsin())
// load the osin.AuthorizeData form store
oad, err := storage.LoadAuthorize(ad.Code)
if err != nil {
t.Errorf("error: %#v", err.Error())
}
// Test if loaded Client equals to client in original one
if want, have := c.GetId(), oad.Client.GetId(); want != have {
t.Errorf("expected %#v, got %#v", want, have)
}
if want, have := c.GetRedirectUri(), oad.Client.GetRedirectUri(); want != have {
t.Errorf("expected %#v, got %#v", want, have)
}
if want, have := c.GetSecret(), oad.Client.GetSecret(); want != have {
t.Errorf("expected %#v, got %#v", want, have)
}
// Test if UserData equals to original one
if u1, u2 := ad.UserData.(*oauth2.User), oad.UserData.(*oauth2.User); true {
} else if want, have := u1.ID, u2.ID; want != have {
t.Errorf("expected %#v, got %#v", want, have)
} else if want, have := u1.Email, u2.Email; want != have {
t.Errorf("expected %#v, got %#v", want, have)
} else if want, have := u1.Name, u2.Name; want != have {
t.Errorf("expected %#v, got %#v", want, have)
} else if want, have := u1.Password, u2.Password; want != have {
t.Errorf("expected %#v, got %#v", want, have)
} else if want, have := u1.Created, u2.Created; want.Unix() != have.Unix() {
t.Errorf("expected %#v, got %#v", want, have)
} else if want, have := u1.Updated, u2.Updated; want.Unix() != have.Unix() {
t.Errorf("expected %#v, got %#v", want, have)
}
}
// example server web app
func testOAuth2Server(t *testing.T, baseURL, msg string) http.Handler {
rtr := pat.New()
// oauth2 manager
m := oauth2.NewManager()
type tempKey int
const (
testDB tempKey = iota
)
// define store factory for storage
factory := store.NewFactory()
factory.SetSource(testDB, defaultTestSrc())
factory.Set(oauth2.KeyUser, testDB, oauth2.UserStoreProvider)
factory.Set(oauth2.KeyClient, testDB, oauth2.ClientStoreProvider)
factory.Set(oauth2.KeyAccess, testDB, oauth2.AccessDataStoreProvider)
factory.Set(oauth2.KeyAuth, testDB, oauth2.AuthorizeDataStoreProvider)
// router function
rtrFunc := func(path string, methods []string, h http.Handler) error {
for i := range methods {
rtr.Add(methods[i], path, h)
}
return nil
}
// add oauth2 endpoints to router
// ServeEndpoints bind OAuth2 endpoints to a given base path
// Note: this is router specific and need to be generated somehow
oauth2.Route(rtrFunc, baseURL, m.GetEndpoints(factory))
// add a route the requires access
rtr.Get("/content", func(w http.ResponseWriter, r *http.Request) {
ctx := store.WithFactory(context.Background(), factory)
ctx = oauth2.LoadTokenAccess(oauth2.UseToken(ctx, r))
t.Logf("Dummy content page accessed")
// obtain access
a := oauth2.GetAccess(ctx)
if a == nil {
fmt.Fprint(w, "Unable to gain Access")
return
}
// no news is good news
fmt.Fprint(w, msg)
})
return rtr
}
func TestFactory_source(t *testing.T) {
dummySrc1 := func() (conn store.Conn, err error) {
err = fmt.Errorf("hello dummySrc")
return
}
factory := store.NewFactory()
factory.SetSource(store.DefaultSrc, store.SourceFunc(dummySrc1))
dummySrc2 := factory.GetSource(store.DefaultSrc)
if _, err1 := dummySrc1(); err1 == nil {
t.Errorf("unexpected nil value")
} else if _, err2 := dummySrc2.Open(); err2 == nil {
t.Errorf("unexpected nil value")
} else if want, have := err1.Error(), err2.Error(); want != have {
t.Errorf("expected %#v, got %#v", want, have)
}
}
func TestFactory_store(t *testing.T) {
dummyPrvdr1 := func(sess interface{}) (s store.Store, err error) {
err = fmt.Errorf("hello dummyPrvdr")
return
}
type tempKey int
var srcKey, storeKey tempKey = 0, 1
factory := store.NewFactory()
factory.Set(storeKey, srcKey, dummyPrvdr1)
_, dummyPrvdr2 := factory.Get(storeKey)
if _, err1 := dummyPrvdr1(nil); err1 == nil {
t.Errorf("unexpected nil value")
} else if _, err2 := dummyPrvdr2(nil); err2 == nil {
t.Errorf("unexpected nil value")
} else if want, have := err1.Error(), err2.Error(); want != have {
t.Errorf("expected %#v, got %#v", want, have)
}
}
// TestOAuth2HTTP tests the stack with
// actual HTTP call against httptest.Server
// wrapped handlers
func TestOAuth2HTTP(t *testing.T) {
var err error
// a dummy password for dummy user
password := "******"
message := "Success"
// test store context
type tempKey int
const (
testDB tempKey = iota
)
factory := store.NewFactory()
factory.SetSource(testDB, defaultTestSrc())
factory.Set(oauth2.KeyUser, testDB, oauth2.UserStoreProvider)
factory.Set(oauth2.KeyClient, testDB, oauth2.ClientStoreProvider)
factory.Set(oauth2.KeyAccess, testDB, oauth2.AccessDataStoreProvider)
factory.Set(oauth2.KeyAuth, testDB, oauth2.AuthorizeDataStoreProvider)
ctx := store.WithFactory(context.Background(), factory)
testCtx := &testContext{
password: password,
t: t,
redirectBase: "https://test.foobar/example_app/",
redirectURL: "https://test.foobar/example_app/code",
oauth2Path: "/oauth2",
}
// create test oauth2 server
ts := httptest.NewServer(testOAuth2Server(t, testCtx.oauth2Path, message))
defer ts.Close()
testCtx.oauth2Base = ts.URL
t.Logf("auth endpoint %#v", testCtx.AuthEndpoint())
// create dummy client and user
testCtx.client, testCtx.user = createStoreDummies(ctx, testCtx.password, testCtx.redirectBase)
store.CloseAllIn(ctx)
// create dummy oauth client and user
testCtx.code, err = getCodeHTTP(t, getCodeRequest(testCtx))
if err != nil {
t.Error(err.Error())
return
}
// retrieve token from token endpoint
// get response from client web app redirect uri
testCtx.token, testCtx.refresh, err = getTokenHTTP(t, getTokenRequest(testCtx))
if err != nil {
t.Errorf(err.Error())
return
}
// try to refresh token
t.Logf(`refresh_token=%s token=%s msg="refresh token test"`, testCtx.refresh, testCtx.token)
testCtx.token, testCtx.refresh, err = getTokenHTTP(t, getRefreshRequest(testCtx))
if err != nil {
t.Errorf(err.Error())
return
}
t.Logf(`refresh_token=%s token=%s msg="refresh token test success"`, testCtx.refresh, testCtx.token)
// retrieve a testing content path
body, err := getContentHTTP(t, getContentRequest(testCtx.token, ts.URL+"/content"))
if err != nil {
t.Logf("hello: %#v", err)
t.Errorf(err.Error())
return
}
// final result
if want, have := message, body; want != have {
t.Errorf("expected: %#v, got: %#v", want, have)
}
t.Logf("result: %#v", string(body))
}
func TestGetAccess_Session(t *testing.T) {
var err error
// test oauth2 server (router only)
testCtx := &testContext{
password: "******",
t: t,
redirectBase: "https://test.foobar/example_app/",
redirectURL: "https://test.foobar/example_app/code",
oauth2Path: "/oauth2/dummy",
}
message := "Success"
oauth2Srvr := testOAuth2Server(t, testCtx.oauth2Path, message)
contentURL := "/content"
// test oauth2 client app (router only)
//redirectURL := "/application/redirect"
// test store context
type tempKey int
const (
testDB tempKey = iota
)
factory := store.NewFactory()
factory.SetSource(testDB, defaultTestSrc())
factory.Set(oauth2.KeyUser, testDB, oauth2.UserStoreProvider)
factory.Set(oauth2.KeyClient, testDB, oauth2.ClientStoreProvider)
factory.Set(oauth2.KeyAccess, testDB, oauth2.AccessDataStoreProvider)
factory.Set(oauth2.KeyAuth, testDB, oauth2.AuthorizeDataStoreProvider)
ctx := store.WithFactory(context.Background(), factory)
defer store.CloseAllIn(ctx)
// create dummy oauth client and user
testCtx.client, testCtx.user = createStoreDummies(ctx,
testCtx.password, testCtx.redirectBase)
// run the code request
testCtx.code, err = getCode(oauth2Srvr, getCodeRequest(testCtx))
if err != nil {
t.Errorf("getCode error (%#v)", err.Error())
return
}
t.Logf("code: %#v", testCtx.code)
// get oauth2 token
testCtx.token, err = getToken(oauth2Srvr, getTokenRequest(testCtx))
if err != nil {
t.Errorf("getToken error (%s)", err.Error())
return
}
t.Logf("token: %#v", testCtx.token)
if want, have := (*oauth2.AccessData)(nil), oauth2.GetAccess(ctx); want != have {
t.Errorf("expected %#v, got %#v", want, have)
}
// middleware routine: WithAccess set context with proper token passed
// test getting AccessData from supposed context with AccessData
r := getContentRequest(testCtx.token, contentURL)
ctx = oauth2.LoadTokenAccess(oauth2.UseToken(ctx, r))
access := oauth2.GetAccess(ctx)
if access == nil {
t.Errorf("expected *AccessData, got %#v", access)
return
}
if want, have := "", access.ID; want != have {
t.Errorf("expect %#v, got %#v", want, have)
}
if access.ClientID == "" {
t.Errorf("access.ClientId expected to be not empty")
}
if want, have := testCtx.token, access.AccessToken; want != have {
t.Errorf("expect %#v, got %#v", want, have)
}
if want, have := testCtx.user.ID, access.UserID; want != have {
t.Errorf("expect %#v, got %#v", want, have)
}
if access.UserData == nil {
t.Error("expect access.UserData not nil")
} else if want, have := testCtx.user.ID, access.UserData.(*oauth2.User).ID; want != have {
t.Errorf("expect %#v, got %#v", want, have)
}
if access.RefreshToken == "" {
t.Errorf("access.RefreshToken expected to be not empty")
}
}
func TestStorage_AccessData(t *testing.T) {
authEqual := func(a1, a2 *osin.AuthorizeData) (err error) {
if a1 == nil {
err = fmt.Errorf("unexpected nil a1")
return
}
if a2 == nil {
err = fmt.Errorf("unexpected nil a2")
return
}
if v1, v2 := a1.Code, a2.Code; v1 != v2 {
err = fmt.Errorf("Code not equal. %#v != %#v", v1, v2)
return
}
if v1, v2 := a1.ExpiresIn, a2.ExpiresIn; v1 != v2 {
err = fmt.Errorf("Code not equal. %#v != %#v", v1, v2)
return
}
return
}
accessMatch := func(access *oauth2.AccessData, oaccess *osin.AccessData) (err error) {
if access == nil {
err = fmt.Errorf("unexpected nil *oauth2.AccessData")
return
}
if oaccess == nil {
err = fmt.Errorf("unexpected nil *osin.AccessData")
return
}
if v1, v2 := access.AccessToken, oaccess.AccessToken; v1 != v2 {
err = fmt.Errorf("AccessToken mismatch.\n*oauth2.AccessData=%#v, *osin.AccessData=%#v",
v1, v2)
return
}
if v1, v2 := access.RefreshToken, oaccess.RefreshToken; v1 != v2 {
err = fmt.Errorf("RefreshToken mismatch.\n*oauth2.RefreshData=%#v, *osin.RefreshData=%#v",
v1, v2)
return
}
if v1, v2 := access.ExpiresIn, oaccess.ExpiresIn; v1 != v2 {
err = fmt.Errorf("ExpiresIn mismatch.\n*oauth2.ExpiresIn=%#v, *osin.ExpiresIn=%#v",
v1, v2)
return
}
if v1, v2 := access.Scope, oaccess.Scope; v1 != v2 {
err = fmt.Errorf("Scope mismatch.\n*oauth2.Scope=%#v, *osin.Scope=%#v",
v1, v2)
return
}
if v1, v2 := access.RedirectURI, oaccess.RedirectUri; v1 != v2 {
err = fmt.Errorf("RedirectUri mismatch.\n*oauth2.RedirectUri=%#v, *osin.RedirectUri=%#v",
v1, v2)
return
}
if v1, v2 := access.CreatedAt, oaccess.CreatedAt; v1.Unix() != v2.Unix() {
err = fmt.Errorf("CreatedAt mismatch.\n*oauth2.CreatedAt=%#v, *osin.CreatedAt=%#v",
v1, v2)
return
}
return
}
// define test db
getContext := func() context.Context {
factory := store.NewFactory()
factory.SetSource(store.DefaultSrc, defaultTestSrc())
factory.Set(oauth2.KeyAccess, store.DefaultSrc, oauth2.AccessDataStoreProvider)
factory.Set(oauth2.KeyAuth, store.DefaultSrc, oauth2.AuthorizeDataStoreProvider)
factory.Set(oauth2.KeyClient, store.DefaultSrc, oauth2.ClientStoreProvider)
factory.Set(oauth2.KeyUser, store.DefaultSrc, oauth2.UserStoreProvider)
return store.WithFactory(context.Background(), factory)
}
// create dummy Client and user
ctx := getContext()
defer store.CloseAllIn(ctx)
storage := &oauth2.Storage{}
storage.SetContext(ctx)
c, u := createStoreDummies(ctx, "password", "http://foobar.com/redirect")
ad := dummyNewAuth(c, u)
access1 := dummyNewAccess(c, u, ad, nil)
storage.SaveAccess(access1.ToOsin())
oaccess1, err := storage.LoadAccess(access1.AccessToken)
if err != nil {
t.Errorf("unexpected error %#v", err.Error())
return
}
if err := accessMatch(access1, oaccess1); err != nil {
t.Errorf("access1 != oaccess1, err = %#v", err.Error())
}
if err := authEqual(access1.AuthorizeData.ToOsin(), oaccess1.AuthorizeData); err != nil {
t.Errorf("access1.AuthorizeData != oaccess1.AuthorizeData, err = %#v", err.Error())
t.Logf("\naccess1.AuthorizeData=%#v\noaccess1.AuthorizeData=%#v",
access1.AuthorizeData, oaccess1.AuthorizeData)
}
access2 := dummyNewAccess(c, u, ad, access1)
if access2.AccessData == nil {
t.Error("unexpected nil value")
} else if access2.ToOsin().AccessData == nil {
t.Error("unexpected nil value")
}
storage.SaveAccess(access2.ToOsin())
oaccess2, err := storage.LoadAccess(access2.AccessToken)
if err != nil {
t.Errorf("unexpected error %#v", err.Error())
return
}
if err := accessMatch(access2, oaccess2); err != nil {
t.Errorf("access2 != oaccess2, err = %#v", err.Error())
}
if err := authEqual(access2.AuthorizeData.ToOsin(), oaccess2.AuthorizeData); err != nil {
t.Errorf("access2.AuthorizeData != oaccess2.AuthorizeData, err = %#v", err.Error())
t.Logf("\naccess2.AuthorizeData=%#v\noaccess2.AuthorizeData=%#v",
access2.AuthorizeData, oaccess2.AuthorizeData)
}
if err := accessMatch(access1, oaccess2.AccessData); err != nil {
t.Errorf("access1 != oaccess2.AccessData, err = %#v", err.Error())
}
}