func TestHandleAuthorizeEndpointRequest(t *testing.T) { ctrl := gomock.NewController(t) store := internal.NewMockAuthorizeCodeGrantStorage(ctrl) chgen := internal.NewMockAuthorizeCodeStrategy(ctrl) areq := internal.NewMockAuthorizeRequester(ctrl) aresp := internal.NewMockAuthorizeResponder(ctrl) defer ctrl.Finish() h := AuthorizeExplicitGrantTypeHandler{ Store: store, AuthorizeCodeStrategy: chgen, } for k, c := range []struct { mock func() req *http.Request expectErr error }{ { mock: func() { areq.EXPECT().GetResponseTypes().Return(fosite.Arguments{}) }, }, { mock: func() { areq.EXPECT().GetResponseTypes().Return(fosite.Arguments{"foo"}) }, }, { mock: func() { areq.EXPECT().GetResponseTypes().Return(fosite.Arguments{"code"}) chgen.EXPECT().GenerateAuthorizeCode(gomock.Any(), gomock.Any(), gomock.Any()).Return("", "", fosite.ErrServerError) }, expectErr: fosite.ErrServerError, }, { req: &http.Request{Form: url.Values{"redirect_uri": {"foobar"}}}, mock: func() { areq.EXPECT().GetResponseTypes().Return(fosite.Arguments{"code"}) chgen.EXPECT().GenerateAuthorizeCode(gomock.Any(), gomock.Any(), gomock.Any()).Return("", "", nil) store.EXPECT().CreateAuthorizeCodeSession(gomock.Any(), gomock.Any()).Return(fosite.ErrTemporarilyUnavailable) }, expectErr: fosite.ErrServerError, }, { req: &http.Request{Form: url.Values{"redirect_uri": {"foobar"}}}, mock: func() { areq.EXPECT().GetResponseTypes().Return(fosite.Arguments{"code"}) chgen.EXPECT().GenerateAuthorizeCode(gomock.Any(), gomock.Any(), gomock.Any()).Return("foo.bar", "bar", nil) store.EXPECT().CreateAuthorizeCodeSession("bar", gomock.Any()).Return(nil) aresp.EXPECT().AddQuery("code", "foo.bar") aresp.EXPECT().AddQuery("scope", gomock.Any()) aresp.EXPECT().AddQuery("state", gomock.Any()) areq.EXPECT().SetResponseTypeHandled("code") areq.EXPECT().GetGrantedScopes() areq.EXPECT().GetState() }, }, } { c.mock() err := h.HandleAuthorizeEndpointRequest(nil, c.req, areq, aresp) assert.True(t, errors.Is(c.expectErr, err), "%d\n%s\n%s", k, err, c.expectErr) t.Logf("Passed test case %d", k) } }
func TestHandleTokenEndpointRequest(t *testing.T) { ctrl := gomock.NewController(t) store := internal.NewMockAuthorizeCodeGrantStorage(ctrl) ach := internal.NewMockAccessTokenStrategy(ctrl) rch := internal.NewMockRefreshTokenStrategy(ctrl) auch := internal.NewMockAuthorizeCodeStrategy(ctrl) areq := internal.NewMockAccessRequester(ctrl) aresp := internal.NewMockAccessResponder(ctrl) //mockcl := internal.NewMockClient(ctrl) defer ctrl.Finish() h := AuthorizeExplicitGrantTypeHandler{ Store: store, AuthorizeCodeStrategy: auch, AccessTokenStrategy: ach, RefreshTokenStrategy: rch, } for k, c := range []struct { mock func() req *http.Request expectErr error }{ { mock: func() { areq.EXPECT().GetGrantType().Return("13245678") }, }, { mock: func() { areq.EXPECT().GetGrantType().Return("authorization_code") ach.EXPECT().GenerateAccessToken(gomock.Any(), gomock.Any(), gomock.Any()).Return("", "", fosite.ErrServerError) }, expectErr: fosite.ErrServerError, }, { req: &http.Request{PostForm: url.Values{}}, mock: func() { areq.EXPECT().GetGrantType().Return("authorization_code") ach.EXPECT().GenerateAccessToken(gomock.Any(), gomock.Any(), gomock.Any()).Return("", "", nil) rch.EXPECT().GenerateRefreshToken(gomock.Any(), gomock.Any(), gomock.Any()).Return("", "", nil) auch.EXPECT().ValidateAuthorizeCode(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()).Return("signature", nil) store.EXPECT().GetAuthorizeCodeSession(gomock.Any(), gomock.Any()).Return(nil, errors.New("")) }, expectErr: fosite.ErrServerError, }, { req: &http.Request{PostForm: url.Values{}}, mock: func() { areq.EXPECT().GetGrantType().Return("authorization_code") ach.EXPECT().GenerateAccessToken(gomock.Any(), gomock.Any(), gomock.Any()).Return("", "", nil) rch.EXPECT().GenerateRefreshToken(gomock.Any(), gomock.Any(), gomock.Any()).Return("", "", nil) auch.EXPECT().ValidateAuthorizeCode(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()).Return("signature", nil) store.EXPECT().GetAuthorizeCodeSession(gomock.Any(), gomock.Any()).Return(&fosite.AuthorizeRequest{}, nil) store.EXPECT().CreateAccessTokenSession(gomock.Any(), gomock.Any()).Return(errors.New("")) }, expectErr: fosite.ErrServerError, }, { req: &http.Request{PostForm: url.Values{}}, mock: func() { areq.EXPECT().GetGrantType().Return("authorization_code") ach.EXPECT().GenerateAccessToken(gomock.Any(), gomock.Any(), gomock.Any()).Return("", "", nil) rch.EXPECT().GenerateRefreshToken(gomock.Any(), gomock.Any(), gomock.Any()).Return("", "", nil) auch.EXPECT().ValidateAuthorizeCode(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()).Return("signature", nil) store.EXPECT().GetAuthorizeCodeSession(gomock.Any(), gomock.Any()).Return(&fosite.AuthorizeRequest{}, nil) store.EXPECT().CreateAccessTokenSession(gomock.Any(), gomock.Any()).Return(nil) store.EXPECT().CreateRefreshTokenSession(gomock.Any(), gomock.Any()).Return(errors.New("")) }, expectErr: fosite.ErrServerError, }, { req: &http.Request{PostForm: url.Values{}}, mock: func() { areq.EXPECT().GetGrantType().Return("authorization_code") areq.EXPECT().GetGrantedScopes() ach.EXPECT().GenerateAccessToken(gomock.Any(), gomock.Any(), gomock.Any()).Return("access.at", "at", nil) rch.EXPECT().GenerateRefreshToken(gomock.Any(), gomock.Any(), gomock.Any()).Return("refresh.rt", "rt", nil) auch.EXPECT().ValidateAuthorizeCode(gomock.Any(), gomock.Any(), gomock.Any(), gomock.Any()).Return("signature", nil) aresp.EXPECT().SetAccessToken("access.at") aresp.EXPECT().SetTokenType("bearer") aresp.EXPECT().SetExtra("refresh_token", "refresh.rt") aresp.EXPECT().SetExtra("expires_in", gomock.Any()) aresp.EXPECT().SetExtra("state", gomock.Any()) aresp.EXPECT().SetExtra("scope", gomock.Any()) store.EXPECT().DeleteAuthorizeCodeSession(gomock.Any()).Return(nil) store.EXPECT().GetAuthorizeCodeSession(gomock.Any(), gomock.Any()).Return(&fosite.AuthorizeRequest{}, nil) store.EXPECT().CreateAccessTokenSession(gomock.Any(), gomock.Any()).Return(nil) store.EXPECT().CreateRefreshTokenSession(gomock.Any(), gomock.Any()).Return(nil) }, }, } { c.mock() err := h.HandleTokenEndpointRequest(nil, c.req, areq, aresp) assert.True(t, errors.Is(c.expectErr, err), "%d\n%s\n%s", k, err, c.expectErr) t.Logf("Passed test case %d", k) } }
func TestValidateTokenEndpointRequest(t *testing.T) { ctrl := gomock.NewController(t) store := internal.NewMockAuthorizeCodeGrantStorage(ctrl) areq := internal.NewMockAccessRequester(ctrl) ach := internal.NewMockAuthorizeCodeStrategy(ctrl) authreq := internal.NewMockAuthorizeRequester(ctrl) defer ctrl.Finish() h := AuthorizeExplicitGrantTypeHandler{ Store: store, AuthorizeCodeStrategy: ach, } for k, c := range []struct { mock func() req *http.Request expectErr error }{ { mock: func() { areq.EXPECT().GetGrantType().Return("13245678") // grant_type REQUIRED. Value MUST be set to "authorization_code". }, }, { req: &http.Request{ PostForm: url.Values{"code": {"foo.bar"}}, // code REQUIRED. The authorization code received from the authorization server. }, mock: func() { areq.EXPECT().GetGrantType().Return("authorization_code") // grant_type REQUIRED. Value MUST be set to "authorization_code". ach.EXPECT().ValidateAuthorizeCode("foo.bar", gomock.Any(), gomock.Any(), gomock.Any()).Return("", errors.New("foo")) }, expectErr: fosite.ErrInvalidRequest, }, { req: &http.Request{ PostForm: url.Values{"code": {"foo.bar"}}, // code REQUIRED. The authorization code received from the authorization server. }, mock: func() { areq.EXPECT().GetGrantType().Return("authorization_code") // grant_type REQUIRED. Value MUST be set to "authorization_code". areq.EXPECT().GetSession().Return("asdf") ach.EXPECT().ValidateAuthorizeCode("foo.bar", gomock.Any(), gomock.Any(), gomock.Any()).Return("", nil) store.EXPECT().GetAuthorizeCodeSession(gomock.Any(), "asdf").Return(nil, pkg.ErrNotFound) }, expectErr: fosite.ErrInvalidRequest, }, { req: &http.Request{ PostForm: url.Values{"code": {"foo.bar"}}, // code REQUIRED. The authorization code received from the authorization server. }, mock: func() { areq.EXPECT().GetGrantType().Return("authorization_code") // grant_type REQUIRED. Value MUST be set to "authorization_code". areq.EXPECT().GetSession().Return(nil) ach.EXPECT().ValidateAuthorizeCode("foo.bar", gomock.Any(), gomock.Any(), gomock.Any()).Return("", nil) store.EXPECT().GetAuthorizeCodeSession(gomock.Any(), gomock.Any()).Return(nil, errors.New("foo")) }, expectErr: fosite.ErrServerError, }, { // clients mismatch req: &http.Request{ PostForm: url.Values{"code": {"foo.bar"}}, // code REQUIRED. The authorization code received from the authorization server. }, mock: func() { areq.EXPECT().GetGrantType().Return("authorization_code") // grant_type REQUIRED. Value MUST be set to "authorization_code". areq.EXPECT().GetClient().AnyTimes().Return(&client.SecureClient{ID: "foo"}) areq.EXPECT().GetSession().Return(nil) ach.EXPECT().ValidateAuthorizeCode("foo.bar", gomock.Any(), gomock.Any(), gomock.Any()).Return("bar", nil) store.EXPECT().GetAuthorizeCodeSession("bar", gomock.Any()).Return(authreq, nil) authreq.EXPECT().GetScopes().Return([]string{}) areq.EXPECT().SetScopes(gomock.Any()) authreq.EXPECT().GetClient().Return(&client.SecureClient{ID: "bar"}) }, expectErr: fosite.ErrInvalidRequest, }, { req: &http.Request{ PostForm: url.Values{ "code": {"foo.bar"}, // code REQUIRED. The authorization code received from the authorization server. }, }, mock: func() { areq.EXPECT().GetGrantType().Return("authorization_code") // grant_type REQUIRED. Value MUST be set to "authorization_code". areq.EXPECT().GetClient().AnyTimes().Return(&client.SecureClient{ID: "foo"}) areq.EXPECT().GetSession().Return(nil) ach.EXPECT().ValidateAuthorizeCode("foo.bar", gomock.Any(), gomock.Any(), gomock.Any()).Return("signature", nil) store.EXPECT().GetAuthorizeCodeSession("signature", gomock.Any()).Return(authreq, nil) authreq.EXPECT().GetScopes().Return([]string{}) authreq.EXPECT().GetRequestForm().Return(url.Values{"redirect_uri": {"request-redir"}}) areq.EXPECT().SetScopes(gomock.Any()) authreq.EXPECT().GetClient().Return(&client.SecureClient{ID: "foo"}) }, expectErr: fosite.ErrInvalidRequest, }, { req: &http.Request{ PostForm: url.Values{ "code": {"foo.bar"}, // code REQUIRED. The authorization code received from the authorization server. "redirect_uri": {"request-redir"}, }, }, mock: func() { areq.EXPECT().GetGrantType().Return("authorization_code") // grant_type REQUIRED. Value MUST be set to "authorization_code". areq.EXPECT().GetClient().AnyTimes().Return(&client.SecureClient{ID: "foo"}) areq.EXPECT().GetSession().Return(nil) ach.EXPECT().ValidateAuthorizeCode("foo.bar", gomock.Any(), gomock.Any(), gomock.Any()).Return("", nil) store.EXPECT().GetAuthorizeCodeSession(gomock.Any(), gomock.Any()).Return(authreq, nil) authreq.EXPECT().GetRequestForm().Return(url.Values{"redirect_uri": {"request-redir"}}) authreq.EXPECT().GetScopes().Return([]string{}) areq.EXPECT().SetScopes(gomock.Any()) authreq.EXPECT().GetClient().Return(&client.SecureClient{ID: "foo"}) authreq.EXPECT().GetRequestedAt().Return(time.Now().Add(-time.Hour)) }, expectErr: fosite.ErrInvalidRequest, }, { req: &http.Request{ PostForm: url.Values{ "code": {"foo.bar"}, // code REQUIRED. The authorization code received from the authorization server. "redirect_uri": {"request-redir"}, }, }, mock: func() { areq.EXPECT().GetGrantType().Return("authorization_code") // grant_type REQUIRED. Value MUST be set to "authorization_code". areq.EXPECT().GetClient().AnyTimes().Return(&client.SecureClient{ID: "foo"}) areq.EXPECT().GetSession().Return(nil) ach.EXPECT().ValidateAuthorizeCode("foo.bar", gomock.Any(), gomock.Any(), gomock.Any()).Return("", nil) store.EXPECT().GetAuthorizeCodeSession(gomock.Any(), gomock.Any()).Return(authreq, nil) authreq.EXPECT().GetScopes().Return([]string{}) authreq.EXPECT().GetRequestForm().Return(url.Values{"redirect_uri": {"request-redir"}}) areq.EXPECT().SetScopes(gomock.Any()) authreq.EXPECT().GetClient().Return(&client.SecureClient{ID: "foo"}) authreq.EXPECT().GetRequestedAt().Return(time.Now().Add(-time.Hour)) }, expectErr: fosite.ErrInvalidRequest, }, { req: &http.Request{ PostForm: url.Values{ "code": {"foo.bar"}, // code REQUIRED. The authorization code received from the authorization server. }, }, mock: func() { areq.EXPECT().GetGrantType().Return("authorization_code") // grant_type REQUIRED. Value MUST be set to "authorization_code". areq.EXPECT().GetClient().AnyTimes().Return(&client.SecureClient{ID: "foo"}) areq.EXPECT().GetSession().Return(nil) ach.EXPECT().ValidateAuthorizeCode("foo.bar", gomock.Any(), gomock.Any(), gomock.Any()).Return("", nil) store.EXPECT().GetAuthorizeCodeSession(gomock.Any(), gomock.Any()).Return(authreq, nil) authreq.EXPECT().GetScopes().Return([]string{}) authreq.EXPECT().GetRequestForm().Return(url.Values{}) areq.EXPECT().SetScopes(gomock.Any()) authreq.EXPECT().GetClient().Return(&client.SecureClient{ID: "foo"}) authreq.EXPECT().GetRequestedAt().Return(time.Now().Add(time.Hour)) authreq.EXPECT().GetSession().Return("sess") areq.EXPECT().SetSession("sess") areq.EXPECT().SetGrantTypeHandled("authorization_code") }, }, } { c.mock() err := h.ValidateTokenEndpointRequest(nil, c.req, areq) assert.True(t, errors.Is(c.expectErr, err), "%d\n%s\n%s", k, err, c.expectErr) t.Logf("Passed test case %d", k) } }
func TestAuthorizeCode_PopulateTokenEndpointResponse(t *testing.T) { ctrl := gomock.NewController(t) store := internal.NewMockAuthorizeCodeGrantStorage(ctrl) ach := internal.NewMockAccessTokenStrategy(ctrl) rch := internal.NewMockRefreshTokenStrategy(ctrl) auch := internal.NewMockAuthorizeCodeStrategy(ctrl) aresp := internal.NewMockAccessResponder(ctrl) //mockcl := internal.NewMockClient(ctrl) defer ctrl.Finish() areq := fosite.NewAccessRequest(new(fosite.DefaultSession)) httpreq := &http.Request{PostForm: url.Values{}} authreq := fosite.NewAuthorizeRequest() areq.Session = new(fosite.DefaultSession) h := AuthorizeExplicitGrantHandler{ AuthorizeCodeGrantStorage: store, AuthorizeCodeStrategy: auch, AccessTokenStrategy: ach, RefreshTokenStrategy: rch, ScopeStrategy: fosite.HierarchicScopeStrategy, } for k, c := range []struct { description string setup func() expectErr error }{ { description: "should fail because not responsible", expectErr: fosite.ErrUnknownRequest, setup: func() { areq.GrantTypes = fosite.Arguments{"123"} }, }, { description: "should fail because authcode not found", setup: func() { areq.GrantTypes = fosite.Arguments{"authorization_code"} areq.Client = &fosite.DefaultClient{ GrantTypes: fosite.Arguments{"authorization_code"}, } httpreq.PostForm.Add("code", "authcode") auch.EXPECT().AuthorizeCodeSignature("authcode").AnyTimes().Return("authsig") store.EXPECT().GetAuthorizeCodeSession(nil, "authsig", gomock.Any()).Return(nil, fosite.ErrNotFound) }, expectErr: fosite.ErrServerError, }, { description: "should fail because validation failed", setup: func() { store.EXPECT().GetAuthorizeCodeSession(nil, "authsig", gomock.Any()).AnyTimes().Return(authreq, nil) auch.EXPECT().ValidateAuthorizeCode(nil, areq, "authcode").Return(errors.New("")) }, expectErr: fosite.ErrInvalidRequest, }, { description: "should fail because access token generation failed", setup: func() { authreq.GrantedScopes = []string{"offline"} auch.EXPECT().ValidateAuthorizeCode(nil, areq, "authcode").AnyTimes().Return(nil) ach.EXPECT().GenerateAccessToken(nil, areq).Return("", "", errors.New("error")) }, expectErr: fosite.ErrServerError, }, { description: "should fail because refresh token generation failed", setup: func() { ach.EXPECT().GenerateAccessToken(nil, areq).AnyTimes().Return("access.ats", "ats", nil) rch.EXPECT().GenerateRefreshToken(nil, areq).Return("", "", errors.New("error")) }, expectErr: fosite.ErrServerError, }, { description: "should fail because persisting failed", setup: func() { rch.EXPECT().GenerateRefreshToken(nil, areq).AnyTimes().Return("refresh.rts", "rts", nil) store.EXPECT().PersistAuthorizeCodeGrantSession(nil, "authsig", "ats", "rts", areq).Return(errors.New("")) }, expectErr: fosite.ErrServerError, }, { description: "should pass", setup: func() { areq.GrantedScopes = fosite.Arguments{"foo", "offline"} store.EXPECT().PersistAuthorizeCodeGrantSession(nil, "authsig", "ats", "rts", areq).Return(nil) aresp.EXPECT().SetAccessToken("access.ats") aresp.EXPECT().SetTokenType("bearer") aresp.EXPECT().SetExtra("refresh_token", "refresh.rts") aresp.EXPECT().SetExpiresIn(gomock.Any()) aresp.EXPECT().SetScopes(areq.GrantedScopes) }, }, } { c.setup() err := h.PopulateTokenEndpointResponse(nil, httpreq, areq, aresp) assert.True(t, errors.Cause(err) == c.expectErr, "(%d) %s\n%s\n%s", k, c.description, err, c.expectErr) t.Logf("Passed test case %d", k) } }
func TestAuthorizeCode_HandleTokenEndpointRequest(t *testing.T) { ctrl := gomock.NewController(t) store := internal.NewMockAuthorizeCodeGrantStorage(ctrl) ach := internal.NewMockAuthorizeCodeStrategy(ctrl) defer ctrl.Finish() authreq := fosite.NewAuthorizeRequest() areq := fosite.NewAccessRequest(nil) httpreq := &http.Request{PostForm: url.Values{}} areq.Session = new(fosite.DefaultSession) authreq.Session = new(fosite.DefaultSession) h := AuthorizeExplicitGrantHandler{ AuthorizeCodeGrantStorage: store, AuthorizeCodeStrategy: ach, ScopeStrategy: fosite.HierarchicScopeStrategy, } for k, c := range []struct { description string setup func() expectErr error }{ { description: "should fail because not responsible", expectErr: fosite.ErrUnknownRequest, setup: func() { areq.GrantTypes = fosite.Arguments{"12345678"} // grant_type REQUIRED. Value MUST be set to "authorization_code". }, }, { description: "should fail because authcode could not be retrieved (1)", setup: func() { areq.GrantTypes = fosite.Arguments{"authorization_code"} // grant_type REQUIRED. Value MUST be set to "authorization_code". httpreq.PostForm = url.Values{"code": {"foo.bar"}} ach.EXPECT().AuthorizeCodeSignature("foo.bar").AnyTimes().Return("bar") store.EXPECT().GetAuthorizeCodeSession(nil, "bar", gomock.Any()).Return(nil, fosite.ErrNotFound) }, expectErr: fosite.ErrInvalidRequest, }, { description: "should fail because authcode validation failed", setup: func() { store.EXPECT().GetAuthorizeCodeSession(nil, "bar", gomock.Any()).AnyTimes().Return(authreq, nil) ach.EXPECT().ValidateAuthorizeCode(nil, areq, "foo.bar").Return(errors.New("")) }, expectErr: fosite.ErrInvalidRequest, }, { description: "should fail because client mismatch", setup: func() { ach.EXPECT().ValidateAuthorizeCode(nil, areq, "foo.bar").AnyTimes().Return(nil) areq.Client = &fosite.DefaultClient{ID: "foo"} authreq.Scopes = fosite.Arguments{"a", "b"} authreq.Client = &fosite.DefaultClient{ID: "bar"} }, expectErr: fosite.ErrInvalidRequest, }, { description: "should fail because redirect uri not provided", setup: func() { authreq.Form.Add("redirect_uri", "request-redir") authreq.Client = &fosite.DefaultClient{ID: "foo"} }, expectErr: fosite.ErrInvalidRequest, }, { description: "should pass (2)", setup: func() { httpreq.PostForm = url.Values{"code": []string{"foo.bar"}} authreq.Form.Del("redirect_uri") authreq.RequestedAt = time.Now().Add(time.Hour) }, }, } { c.setup() err := h.HandleTokenEndpointRequest(nil, httpreq, areq) assert.True(t, errors.Cause(err) == c.expectErr, "(%d) %s\n%s\n%s", k, c.description, err, c.expectErr) t.Logf("Passed test case %d", k) } }
func TestAuthorizeCode_HandleAuthorizeEndpointRequest(t *testing.T) { ctrl := gomock.NewController(t) store := internal.NewMockAuthorizeCodeGrantStorage(ctrl) chgen := internal.NewMockAuthorizeCodeStrategy(ctrl) aresp := internal.NewMockAuthorizeResponder(ctrl) defer ctrl.Finish() areq := fosite.NewAuthorizeRequest() httpreq := &http.Request{Form: url.Values{}} areq.Session = new(fosite.DefaultSession) h := AuthorizeExplicitGrantHandler{ AuthorizeCodeGrantStorage: store, AuthorizeCodeStrategy: chgen, ScopeStrategy: fosite.HierarchicScopeStrategy, } for k, c := range []struct { description string setup func() expectErr error }{ { description: "should pass because not responsible for handling an empty response type", setup: func() { areq.ResponseTypes = fosite.Arguments{""} }, }, { description: "should pass because not responsible for handling an invalid response type", setup: func() { areq.ResponseTypes = fosite.Arguments{"foo"} }, }, { description: "should fail because redirect uri is not https", setup: func() { areq.ResponseTypes = fosite.Arguments{"code"} areq.Client = &fosite.DefaultClient{ResponseTypes: fosite.Arguments{"code"}} areq.RedirectURI, _ = url.Parse("http://asdf.de/cb") }, expectErr: fosite.ErrInvalidRequest, }, { description: "should fail because authorize code generation failed", setup: func() { areq.RedirectURI, _ = url.Parse("https://foobar.com/cb") chgen.EXPECT().GenerateAuthorizeCode(nil, areq).Return("", "", errors.New("")) }, expectErr: fosite.ErrServerError, }, { description: "should fail because could not presist authorize code session", setup: func() { chgen.EXPECT().GenerateAuthorizeCode(nil, areq).AnyTimes().Return("someauthcode.authsig", "authsig", nil) store.EXPECT().CreateAuthorizeCodeSession(nil, "authsig", areq).Return(errors.New("")) }, expectErr: fosite.ErrServerError, }, { description: "should pass", setup: func() { areq.GrantedScopes = fosite.Arguments{"a", "b"} areq.State = "superstate" store.EXPECT().CreateAuthorizeCodeSession(nil, "authsig", areq).Return(nil) aresp.EXPECT().AddQuery("code", "someauthcode.authsig") aresp.EXPECT().AddQuery("scope", strings.Join(areq.GrantedScopes, " ")) aresp.EXPECT().AddQuery("state", areq.State) }, }, } { c.setup() err := h.HandleAuthorizeEndpointRequest(nil, httpreq, areq, aresp) assert.True(t, errors.Cause(err) == c.expectErr, "(%d) %s\n%s\n%s", k, c.description, err, c.expectErr) t.Logf("Passed test case %d", k) } }