func TestHandleTokenEndpointRequest(t *testing.T) { ctrl := gomock.NewController(t) store := internal.NewMockResourceOwnerPasswordCredentialsGrantStorage(ctrl) chgen := internal.NewMockAccessTokenStrategy(ctrl) areq := internal.NewMockAccessRequester(ctrl) aresp := internal.NewMockAccessResponder(ctrl) //mockcl := internal.NewMockClient(ctrl) defer ctrl.Finish() h := ResourceOwnerPasswordCredentialsGrantHandler{ Store: store, AccessTokenStrategy: chgen, AccessTokenLifespan: time.Hour, } for k, c := range []struct { mock func() req *http.Request expectErr error }{ { mock: func() { areq.EXPECT().GetGrantType().Return("") }, }, { mock: func() { areq.EXPECT().GetGrantType().Return("password") chgen.EXPECT().GenerateAccessToken(gomock.Any(), gomock.Any(), gomock.Any()).Return("", "", errors.New("")) }, expectErr: fosite.ErrServerError, }, { mock: func() { areq.EXPECT().GetGrantType().Return("password") chgen.EXPECT().GenerateAccessToken(gomock.Any(), gomock.Any(), gomock.Any()).Return("", "foo", nil) store.EXPECT().CreateAccessTokenSession("foo", gomock.Any()).Return(errors.New("")) }, expectErr: fosite.ErrServerError, }, { mock: func() { areq.EXPECT().GetGrantType().Return("password") chgen.EXPECT().GenerateAccessToken(gomock.Any(), gomock.Any(), gomock.Any()).Return("foo.bar", "", nil) store.EXPECT().CreateAccessTokenSession(gomock.Any(), gomock.Any()).Return(nil) aresp.EXPECT().SetAccessToken("foo.bar") aresp.EXPECT().SetTokenType("bearer") aresp.EXPECT().SetExtra("expires_in", gomock.Any()) aresp.EXPECT().SetExtra("scope", gomock.Any()) areq.EXPECT().GetGrantedScopes() }, }, } { c.mock() err := h.HandleTokenEndpointRequest(nil, c.req, areq, aresp) assert.True(t, errors.Is(c.expectErr, err), "%d\n%s\n%s", k, err, c.expectErr) t.Logf("Passed test case %d", k) } }
func TestResourceOwnerFlow_HandleTokenEndpointRequest(t *testing.T) { ctrl := gomock.NewController(t) store := internal.NewMockResourceOwnerPasswordCredentialsGrantStorage(ctrl) defer ctrl.Finish() areq := fosite.NewAccessRequest(nil) httpreq := &http.Request{PostForm: url.Values{}} h := ResourceOwnerPasswordCredentialsGrantHandler{ ResourceOwnerPasswordCredentialsGrantStorage: store, HandleHelper: &HandleHelper{ AccessTokenStorage: store, AccessTokenLifespan: time.Hour, }, ScopeStrategy: fosite.HierarchicScopeStrategy, } for k, c := range []struct { description string setup func() expectErr error }{ { description: "should fail because not responsible", expectErr: fosite.ErrUnknownRequest, setup: func() { areq.GrantTypes = fosite.Arguments{"123"} }, }, { description: "should fail because because invalid credentials", setup: func() { areq.GrantTypes = fosite.Arguments{"password"} areq.Client = &fosite.DefaultClient{GrantTypes: fosite.Arguments{"password"}} httpreq.PostForm.Set("username", "peter") httpreq.PostForm.Set("password", "pan") store.EXPECT().Authenticate(nil, "peter", "pan").Return(fosite.ErrNotFound) }, expectErr: fosite.ErrInvalidRequest, }, { description: "should fail because because error on lookup", setup: func() { store.EXPECT().Authenticate(nil, "peter", "pan").Return(errors.New("")) }, expectErr: fosite.ErrServerError, }, { description: "should pass", setup: func() { store.EXPECT().Authenticate(nil, "peter", "pan").Return(nil) }, }, } { c.setup() err := h.HandleTokenEndpointRequest(nil, httpreq, areq) assert.True(t, errors.Cause(err) == c.expectErr, "(%d) %s\n%s\n%s", k, c.description, err, c.expectErr) t.Logf("Passed test case %d", k) } }
func TestValidateTokenEndpointRequest(t *testing.T) { ctrl := gomock.NewController(t) store := internal.NewMockResourceOwnerPasswordCredentialsGrantStorage(ctrl) areq := internal.NewMockAccessRequester(ctrl) defer ctrl.Finish() h := ResourceOwnerPasswordCredentialsGrantHandler{ Store: store, AccessTokenLifespan: time.Hour, } for k, c := range []struct { mock func() req *http.Request expectErr error }{ { mock: func() { areq.EXPECT().GetGrantType().Return("") }, }, { req: &http.Request{PostForm: url.Values{"username": {"peter"}}}, mock: func() { areq.EXPECT().GetGrantType().Return("password") }, expectErr: fosite.ErrInvalidRequest, }, { req: &http.Request{PostForm: url.Values{"password": {"pan"}}}, mock: func() { areq.EXPECT().GetGrantType().Return("password") }, expectErr: fosite.ErrInvalidRequest, }, { req: &http.Request{PostForm: url.Values{"username": {"peter"}, "password": {"pan"}}}, mock: func() { areq.EXPECT().GetGrantType().Return("password") store.EXPECT().DoCredentialsAuthenticate("peter", "pan").Return(pkg.ErrNotFound) }, expectErr: fosite.ErrInvalidRequest, }, { req: &http.Request{PostForm: url.Values{"username": {"peter"}, "password": {"pan"}}}, mock: func() { areq.EXPECT().GetGrantType().Return("password") store.EXPECT().DoCredentialsAuthenticate("peter", "pan").Return(errors.New("")) }, expectErr: fosite.ErrServerError, }, { req: &http.Request{PostForm: url.Values{"username": {"peter"}, "password": {"pan"}}}, mock: func() { areq.EXPECT().GetGrantType().Return("password") store.EXPECT().DoCredentialsAuthenticate("peter", "pan").Return(nil) areq.EXPECT().GetRequestForm().Return(url.Values{}) areq.EXPECT().SetGrantTypeHandled("password") }, }, } { c.mock() err := h.ValidateTokenEndpointRequest(nil, c.req, areq) assert.True(t, errors.Is(c.expectErr, err), "%d\n%s\n%s", k, err, c.expectErr) t.Logf("Passed test case %d", k) } }
func TestResourceOwnerFlow_PopulateTokenEndpointResponse(t *testing.T) { ctrl := gomock.NewController(t) store := internal.NewMockResourceOwnerPasswordCredentialsGrantStorage(ctrl) chgen := internal.NewMockAccessTokenStrategy(ctrl) rtstr := internal.NewMockRefreshTokenStrategy(ctrl) aresp := fosite.NewAccessResponse() mockAT := "accesstoken.foo.bar" mockRT := "refreshtoken.bar.foo" defer ctrl.Finish() areq := fosite.NewAccessRequest(nil) httpreq := &http.Request{PostForm: url.Values{}} h := ResourceOwnerPasswordCredentialsGrantHandler{ ResourceOwnerPasswordCredentialsGrantStorage: store, HandleHelper: &HandleHelper{ AccessTokenStorage: store, AccessTokenStrategy: chgen, AccessTokenLifespan: time.Hour, }, RefreshTokenStrategy: rtstr, } for k, c := range []struct { description string setup func() expectErr error expect func() }{ { description: "should fail because not responsible", expectErr: fosite.ErrUnknownRequest, setup: func() { areq.GrantTypes = fosite.Arguments{""} }, }, { description: "should pass", setup: func() { areq.Session = &fosite.DefaultSession{} areq.GrantTypes = fosite.Arguments{"password"} chgen.EXPECT().GenerateAccessToken(nil, areq).Return(mockAT, "bar", nil) store.EXPECT().CreateAccessTokenSession(nil, "bar", areq).Return(nil) }, expect: func() { assert.Nil(t, aresp.GetExtra("refresh_token"), "unexpected refresh token") }, }, { description: "should pass - offline scope", setup: func() { areq.GrantTypes = fosite.Arguments{"password"} areq.GrantScope("offline") rtstr.EXPECT().GenerateRefreshToken(nil, areq).Return(mockRT, "bar", nil) store.EXPECT().CreateRefreshTokenSession(nil, "bar", areq).Return(nil) chgen.EXPECT().GenerateAccessToken(nil, areq).Return(mockAT, "bar", nil) store.EXPECT().CreateAccessTokenSession(nil, "bar", areq).Return(nil) }, expect: func() { assert.NotNil(t, aresp.GetExtra("refresh_token"), "expected refresh token") }, }, } { c.setup() err := h.PopulateTokenEndpointResponse(nil, httpreq, areq, aresp) assert.True(t, errors.Cause(err) == c.expectErr, "(%d) %s\n%s\n%s", k, c.description, err, c.expectErr) if c.expect != nil { c.expect() } t.Logf("Passed test case %d", k) } }