func tokenInfoHandler(t *testing.T, oauth2 fosite.OAuth2Provider, session fosite.Session) func(rw http.ResponseWriter, req *http.Request) {
return func(rw http.ResponseWriter, req *http.Request) {
ctx := fosite.NewContext()
if _, err := oauth2.IntrospectToken(ctx, fosite.AccessTokenFromRequest(req), fosite.AccessToken, session); err != nil {
rfcerr := fosite.ErrorToRFC6749Error(err)
t.Logf("Info request failed because `%s`.", err.Error())
t.Logf("Stack: %s", err.(stackTracer).StackTrace())
http.Error(rw, rfcerr.Description, rfcerr.StatusCode)
return
}
rw.WriteHeader(http.StatusNoContent)
}
}
func TestIntrospectToken(t *testing.T) {
ctrl := gomock.NewController(t)
store := internal.NewMockCoreStorage(ctrl)
chgen := internal.NewMockCoreStrategy(ctrl)
areq := fosite.NewAccessRequest(nil)
defer ctrl.Finish()
v := &CoreValidator{
CoreStrategy: chgen,
CoreStorage: store,
}
httpreq := &http.Request{Header: http.Header{}}
for k, c := range []struct {
description string
setup func()
expectErr error
}{
{
description: "should fail because no bearer token set",
setup: func() {
httpreq.Header.Set("Authorization", "bearer")
chgen.EXPECT().AccessTokenSignature("").Return("")
store.EXPECT().GetAccessTokenSession(nil, "", nil).Return(nil, errors.New(""))
chgen.EXPECT().RefreshTokenSignature("").Return("")
store.EXPECT().GetRefreshTokenSession(nil, "", nil).Return(nil, errors.New(""))
chgen.EXPECT().AuthorizeCodeSignature("").Return("")
store.EXPECT().GetAuthorizeCodeSession(nil, "", nil).Return(nil, errors.New(""))
},
expectErr: fosite.ErrRequestUnauthorized,
},
{
description: "should fail because retrieval fails",
setup: func() {
httpreq.Header.Set("Authorization", "bearer 1234")
chgen.EXPECT().AccessTokenSignature("1234").AnyTimes().Return("asdf")
store.EXPECT().GetAccessTokenSession(nil, "asdf", nil).Return(nil, errors.New(""))
chgen.EXPECT().RefreshTokenSignature("1234").Return("asdf")
store.EXPECT().GetRefreshTokenSession(nil, "asdf", nil).Return(nil, errors.New(""))
chgen.EXPECT().AuthorizeCodeSignature("1234").Return("asdf")
store.EXPECT().GetAuthorizeCodeSession(nil, "asdf", nil).Return(nil, errors.New(""))
},
expectErr: fosite.ErrRequestUnauthorized,
},
{
description: "should fail because validation fails",
setup: func() {
store.EXPECT().GetAccessTokenSession(nil, "asdf", nil).AnyTimes().Return(areq, nil)
chgen.EXPECT().ValidateAccessToken(nil, areq, "1234").Return(errors.Wrap(fosite.ErrTokenExpired, ""))
chgen.EXPECT().RefreshTokenSignature("1234").Return("asdf")
store.EXPECT().GetRefreshTokenSession(nil, "asdf", nil).Return(nil, errors.New(""))
chgen.EXPECT().AuthorizeCodeSignature("1234").Return("asdf")
store.EXPECT().GetAuthorizeCodeSession(nil, "asdf", nil).Return(nil, errors.New(""))
},
expectErr: fosite.ErrTokenExpired,
},
{
description: "should pass",
setup: func() {
chgen.EXPECT().ValidateAccessToken(nil, areq, "1234").Return(nil)
},
},
} {
c.setup()
err := v.IntrospectToken(nil, fosite.AccessTokenFromRequest(httpreq), fosite.AccessToken, areq, []string{})
assert.True(t, errors.Cause(err) == c.expectErr, "(%d) %s\n%s\n%s", k, c.description, err, c.expectErr)
t.Logf("Passed test case %d", k)
}
}