...

Source file src/github.com/ory/fosite/handler/oauth2/introspector_test.go

Documentation: github.com/ory/fosite/handler/oauth2 

     1  /*
     2   * Copyright © 2015-2018 Aeneas Rekkas <aeneas+oss@aeneas.io>
     3   *
     4   * Licensed under the Apache License, Version 2.0 (the "License");
     5   * you may not use this file except in compliance with the License.
     6   * You may obtain a copy of the License at
     7   *
     8   *     http://www.apache.org/licenses/LICENSE-2.0
     9   *
    10   * Unless required by applicable law or agreed to in writing, software
    11   * distributed under the License is distributed on an "AS IS" BASIS,
    12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13   * See the License for the specific language governing permissions and
    14   * limitations under the License.
    15   *
    16   * @author		Aeneas Rekkas <aeneas+oss@aeneas.io>
    17   * @copyright 	2015-2018 Aeneas Rekkas <aeneas+oss@aeneas.io>
    18   * @license 	Apache-2.0
    19   *
    20   */
    21  
    22  package oauth2
    23  
    24  import (
    25  	"fmt"
    26  	"net/http"
    27  	"testing"
    28  
    29  	"github.com/ory/x/errorsx"
    30  
    31  	"github.com/golang/mock/gomock"
    32  	"github.com/pkg/errors"
    33  	"github.com/stretchr/testify/assert"
    34  	"github.com/stretchr/testify/require"
    35  
    36  	"github.com/ory/fosite"
    37  	"github.com/ory/fosite/internal"
    38  )
    39  
    40  func TestIntrospectToken(t *testing.T) {
    41  	ctrl := gomock.NewController(t)
    42  	store := internal.NewMockCoreStorage(ctrl)
    43  	chgen := internal.NewMockCoreStrategy(ctrl)
    44  	areq := fosite.NewAccessRequest(nil)
    45  	defer ctrl.Finish()
    46  
    47  	v := &CoreValidator{
    48  		CoreStrategy: chgen,
    49  		CoreStorage:  store,
    50  	}
    51  	httpreq := &http.Request{Header: http.Header{}}
    52  
    53  	for k, c := range []struct {
    54  		description string
    55  		setup       func()
    56  		expectErr   error
    57  		expectTU    fosite.TokenUse
    58  	}{
    59  		{
    60  			description: "should fail because no bearer token set",
    61  			setup: func() {
    62  				httpreq.Header.Set("Authorization", "bearer")
    63  				chgen.EXPECT().AccessTokenSignature("").Return("")
    64  				store.EXPECT().GetAccessTokenSession(nil, "", nil).Return(nil, errors.New(""))
    65  				chgen.EXPECT().RefreshTokenSignature("").Return("")
    66  				store.EXPECT().GetRefreshTokenSession(nil, "", nil).Return(nil, errors.New(""))
    67  			},
    68  			expectErr: fosite.ErrRequestUnauthorized,
    69  		},
    70  		{
    71  			description: "should fail because retrieval fails",
    72  			setup: func() {
    73  				httpreq.Header.Set("Authorization", "bearer 1234")
    74  				chgen.EXPECT().AccessTokenSignature("1234").AnyTimes().Return("asdf")
    75  				store.EXPECT().GetAccessTokenSession(nil, "asdf", nil).Return(nil, errors.New(""))
    76  				chgen.EXPECT().RefreshTokenSignature("1234").Return("asdf")
    77  				store.EXPECT().GetRefreshTokenSession(nil, "asdf", nil).Return(nil, errors.New(""))
    78  			},
    79  			expectErr: fosite.ErrRequestUnauthorized,
    80  		},
    81  		{
    82  			description: "should fail because validation fails",
    83  			setup: func() {
    84  				store.EXPECT().GetAccessTokenSession(nil, "asdf", nil).AnyTimes().Return(areq, nil)
    85  				chgen.EXPECT().ValidateAccessToken(nil, areq, "1234").Return(errorsx.WithStack(fosite.ErrTokenExpired))
    86  				chgen.EXPECT().RefreshTokenSignature("1234").Return("asdf")
    87  				store.EXPECT().GetRefreshTokenSession(nil, "asdf", nil).Return(nil, errors.New(""))
    88  			},
    89  			expectErr: fosite.ErrTokenExpired,
    90  		},
    91  		{
    92  			description: "should fail because access token invalid",
    93  			setup: func() {
    94  				v.DisableRefreshTokenValidation = true
    95  				chgen.EXPECT().ValidateAccessToken(nil, areq, "1234").Return(errorsx.WithStack(fosite.ErrInvalidTokenFormat))
    96  			},
    97  			expectErr: fosite.ErrInvalidTokenFormat,
    98  		},
    99  		{
   100  			description: "should pass",
   101  			setup: func() {
   102  				chgen.EXPECT().ValidateAccessToken(nil, areq, "1234").Return(nil)
   103  			},
   104  			expectTU: fosite.AccessToken,
   105  		},
   106  	} {
   107  		t.Run(fmt.Sprintf("case=%d", k), func(t *testing.T) {
   108  			c.setup()
   109  			tu, err := v.IntrospectToken(nil, fosite.AccessTokenFromRequest(httpreq), fosite.AccessToken, areq, []string{})
   110  
   111  			if c.expectErr != nil {
   112  				require.EqualError(t, err, c.expectErr.Error())
   113  			} else {
   114  				require.NoError(t, err)
   115  				assert.Equal(t, c.expectTU, tu)
   116  			}
   117  		})
   118  	}
   119  }
   120  

View as plain text