func TestCallbackHandler_AccessTokenError(t *testing.T) {
requestSecret := "request_secret"
_, server := testutils.NewErrorServer("OAuth1 Service Down", http.StatusInternalServerError)
defer server.Close()
config := &oauth1.Config{
Endpoint: oauth1.Endpoint{
AccessTokenURL: server.URL,
},
}
success := testutils.AssertSuccessNotCalled(t)
failure := func(ctx context.Context, w http.ResponseWriter, req *http.Request) {
err := gologin.ErrorFromContext(ctx)
if assert.NotNil(t, err) {
assert.Equal(t, "oauth1: Response missing oauth_token or oauth_token_secret", err.Error())
}
fmt.Fprintf(w, "failure handler called")
}
// CallbackHandler cannot get the OAuth1 access token, assert that:
// - failure handler is called
// - error about missing oauth_token and oauth_token_secret is added to the ctx
callbackHandler := CallbackHandler(config, success, ctxh.ContextHandlerFunc(failure))
w := httptest.NewRecorder()
req, _ := http.NewRequest("GET", "/?oauth_token=any_token&oauth_verifier=any_verifier", nil)
ctx := WithRequestToken(context.Background(), "", requestSecret)
callbackHandler.ServeHTTP(ctx, w, req)
assert.Equal(t, "failure handler called", w.Body.String())
}
func TestLoginHandler_RequestTokenError(t *testing.T) {
_, server := testutils.NewErrorServer("OAuth1 Service Down", http.StatusInternalServerError)
defer server.Close()
config := &oauth1.Config{
Endpoint: oauth1.Endpoint{
RequestTokenURL: server.URL,
},
}
success := testutils.AssertSuccessNotCalled(t)
failure := func(ctx context.Context, w http.ResponseWriter, req *http.Request) {
err := gologin.ErrorFromContext(ctx)
if assert.NotNil(t, err) {
// first validation in OAuth1 impl failed
assert.Equal(t, "oauth1: oauth_callback_confirmed was not true", err.Error())
}
fmt.Fprintf(w, "failure handler called")
}
// LoginHandler cannot get the OAuth1 request token, assert that:
// - failure handler is called
// - error is added to the ctx of the failure handler
loginHandler := LoginHandler(config, success, ctxh.ContextHandlerFunc(failure))
w := httptest.NewRecorder()
req, _ := http.NewRequest("GET", "/", nil)
loginHandler.ServeHTTP(context.Background(), w, req)
assert.Equal(t, "failure handler called", w.Body.String())
}
func TestGithubHandler_ErrorGettingUser(t *testing.T) {
proxyClient, server := testutils.NewErrorServer("Github Service Down", http.StatusInternalServerError)
defer server.Close()
// oauth2 Client will use the proxy client's base Transport
ctx := context.WithValue(context.Background(), oauth2.HTTPClient, proxyClient)
anyToken := &oauth2.Token{AccessToken: "any-token"}
ctx = oauth2Login.WithToken(ctx, anyToken)
config := &oauth2.Config{}
success := testutils.AssertSuccessNotCalled(t)
failure := func(ctx context.Context, w http.ResponseWriter, req *http.Request) {
err := gologin.ErrorFromContext(ctx)
if assert.NotNil(t, err) {
assert.Equal(t, ErrUnableToGetGithubUser, err)
}
fmt.Fprintf(w, "failure handler called")
}
// GithubHandler cannot get Github User, assert that:
// - failure handler is called
// - error cannot get Github User added to the failure handler ctx
githubHandler := githubHandler(config, success, ctxh.ContextHandlerFunc(failure))
w := httptest.NewRecorder()
req, _ := http.NewRequest("GET", "/", nil)
githubHandler.ServeHTTP(ctx, w, req)
assert.Equal(t, "failure handler called", w.Body.String())
}
func TestCallbackHandler_ExchangeError(t *testing.T) {
_, server := testutils.NewErrorServer("OAuth2 Service Down", http.StatusInternalServerError)
defer server.Close()
config := &oauth2.Config{
Endpoint: oauth2.Endpoint{
TokenURL: server.URL,
},
}
success := testutils.AssertSuccessNotCalled(t)
failure := func(ctx context.Context, w http.ResponseWriter, req *http.Request) {
err := gologin.ErrorFromContext(ctx)
if assert.NotNil(t, err) {
// error from golang.org/x/oauth2 config.Exchange as provider is down
assert.True(t, strings.HasPrefix(err.Error(), "oauth2: cannot fetch token"))
}
fmt.Fprintf(w, "failure handler called")
}
// CallbackHandler cannot exchange for an Access Token, assert that:
// - failure handler is called
// - error with the reason the exchange failed is added to the ctx
callbackHandler := CallbackHandler(config, success, ctxh.ContextHandlerFunc(failure))
w := httptest.NewRecorder()
req, _ := http.NewRequest("GET", "/?code=any_code&state=d4e5f6", nil)
ctx := WithState(context.Background(), "d4e5f6")
callbackHandler.ServeHTTP(ctx, w, req)
assert.Equal(t, "failure handler called", w.Body.String())
}
func TestTokenHandler_ErrorVerifyingToken(t *testing.T) {
proxyClient, server := testutils.NewErrorServer("Digits Account Endpoint Down", http.StatusInternalServerError)
defer server.Close()
// oauth1 Client will use the proxy client's base Transport
ctx := context.WithValue(context.Background(), oauth1.HTTPClient, proxyClient)
config := &oauth1.Config{}
handler := TokenHandler(config, testutils.AssertSuccessNotCalled(t), nil)
ts := httptest.NewServer(ctxh.NewHandlerWithContext(ctx, handler))
// assert that error occurs indicating the Digits Account could not be confirmed
resp, _ := http.PostForm(ts.URL, url.Values{accessTokenField: {testDigitsToken}, accessTokenSecretField: {testDigitsSecret}})
testutils.AssertBodyString(t, resp.Body, ErrUnableToGetDigitsAccount.Error()+"\n")
}
func TestWebHandler_ErrorGettingRequestToken(t *testing.T) {
proxyClient, server := testutils.NewErrorServer("OAuth1 Service Down", http.StatusInternalServerError)
defer server.Close()
config := &Config{
ConsumerKey: testConsumerKey,
Client: proxyClient,
}
handler := LoginHandler(config, testutils.AssertSuccessNotCalled(t), nil)
ts := httptest.NewServer(ctxh.NewHandler(handler))
// assert that error occurs indicating the Digits Account cound not be confirmed
resp, _ := http.PostForm(ts.URL, url.Values{accountEndpointField: {testAccountEndpoint}, accountRequestHeaderField: {testAccountRequestHeader}})
testutils.AssertBodyString(t, resp.Body, ErrUnableToGetDigitsAccount.Error()+"\n")
}
func TestTokenHandler_ErrorVerifyingTokenPassesError(t *testing.T) {
proxyClient, server := testutils.NewErrorServer("Twitter Verify Credentials Down", http.StatusInternalServerError)
defer server.Close()
// oauth1 Client will use the proxy client's base Transport
ctx := context.WithValue(context.Background(), oauth1.HTTPClient, proxyClient)
config := &oauth1.Config{}
failure := func(ctx context.Context, w http.ResponseWriter, req *http.Request) {
// assert that error passed through ctx
err := gologin.ErrorFromContext(ctx)
if assert.Error(t, err) {
assert.Equal(t, err, ErrUnableToGetTwitterUser)
}
}
handler := TokenHandler(config, testutils.AssertSuccessNotCalled(t), ctxh.ContextHandlerFunc(failure))
ts := httptest.NewServer(ctxh.NewHandlerWithContext(ctx, handler))
http.PostForm(ts.URL, url.Values{accessTokenField: {testTwitterToken}, accessTokenSecretField: {testTwitterTokenSecret}})
}