1
2
3
4
5 package jira
6
7 import (
8 "context"
9 "encoding/base64"
10 "encoding/json"
11 "net/http"
12 "net/http/httptest"
13 "strings"
14 "testing"
15
16 "golang.org/x/oauth2"
17 "golang.org/x/oauth2/jws"
18 )
19
20 func TestJWTFetch_JSONResponse(t *testing.T) {
21 ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
22 w.Header().Set("Content-Type", "application/json")
23 w.Write([]byte(`{
24 "access_token": "90d64460d14870c08c81352a05dedd3465940a7c",
25 "token_type": "Bearer",
26 "expires_in": 3600
27 }`))
28 }))
29 defer ts.Close()
30
31 conf := &Config{
32 BaseURL: "https://my.app.com",
33 Subject: "useraccountId",
34 Config: oauth2.Config{
35 ClientID: "super_secret_client_id",
36 ClientSecret: "super_shared_secret",
37 Scopes: []string{"read", "write"},
38 Endpoint: oauth2.Endpoint{
39 AuthURL: "https://example.com",
40 TokenURL: ts.URL,
41 },
42 },
43 }
44
45 tok, err := conf.TokenSource(context.Background()).Token()
46 if err != nil {
47 t.Fatal(err)
48 }
49 if !tok.Valid() {
50 t.Errorf("got invalid token: %v", tok)
51 }
52 if got, want := tok.AccessToken, "90d64460d14870c08c81352a05dedd3465940a7c"; got != want {
53 t.Errorf("access token = %q; want %q", got, want)
54 }
55 if got, want := tok.TokenType, "Bearer"; got != want {
56 t.Errorf("token type = %q; want %q", got, want)
57 }
58 if got := tok.Expiry.IsZero(); got {
59 t.Errorf("token expiry = %v, want none", got)
60 }
61 }
62
63 func TestJWTFetch_BadResponse(t *testing.T) {
64 ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
65 w.Header().Set("Content-Type", "application/json")
66 w.Write([]byte(`{"token_type": "Bearer"}`))
67 }))
68 defer ts.Close()
69
70 conf := &Config{
71 BaseURL: "https://my.app.com",
72 Subject: "useraccountId",
73 Config: oauth2.Config{
74 ClientID: "super_secret_client_id",
75 ClientSecret: "super_shared_secret",
76 Scopes: []string{"read", "write"},
77 Endpoint: oauth2.Endpoint{
78 AuthURL: "https://example.com",
79 TokenURL: ts.URL,
80 },
81 },
82 }
83
84 tok, err := conf.TokenSource(context.Background()).Token()
85 if err != nil {
86 t.Fatal(err)
87 }
88 if tok == nil {
89 t.Fatalf("got nil token; want token")
90 }
91 if tok.Valid() {
92 t.Errorf("got invalid token: %v", tok)
93 }
94 if got, want := tok.AccessToken, ""; got != want {
95 t.Errorf("access token = %q; want %q", got, want)
96 }
97 if got, want := tok.TokenType, "Bearer"; got != want {
98 t.Errorf("token type = %q; want %q", got, want)
99 }
100 }
101
102 func TestJWTFetch_BadResponseType(t *testing.T) {
103 ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
104 w.Header().Set("Content-Type", "application/json")
105 w.Write([]byte(`{"access_token":123, "token_type": "Bearer"}`))
106 }))
107 defer ts.Close()
108
109 conf := &Config{
110 BaseURL: "https://my.app.com",
111 Subject: "useraccountId",
112 Config: oauth2.Config{
113 ClientID: "super_secret_client_id",
114 ClientSecret: "super_shared_secret",
115 Endpoint: oauth2.Endpoint{
116 AuthURL: "https://example.com",
117 TokenURL: ts.URL,
118 },
119 },
120 }
121
122 tok, err := conf.TokenSource(context.Background()).Token()
123 if err == nil {
124 t.Error("got a token; expected error")
125 if got, want := tok.AccessToken, ""; got != want {
126 t.Errorf("access token = %q; want %q", got, want)
127 }
128 }
129 }
130
131 func TestJWTFetch_Assertion(t *testing.T) {
132 var assertion string
133 ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
134 r.ParseForm()
135 assertion = r.Form.Get("assertion")
136
137 w.Header().Set("Content-Type", "application/json")
138 w.Write([]byte(`{
139 "access_token": "90d64460d14870c08c81352a05dedd3465940a7c",
140 "token_type": "Bearer",
141 "expires_in": 3600
142 }`))
143 }))
144 defer ts.Close()
145
146 conf := &Config{
147 BaseURL: "https://my.app.com",
148 Subject: "useraccountId",
149 Config: oauth2.Config{
150 ClientID: "super_secret_client_id",
151 ClientSecret: "super_shared_secret",
152 Endpoint: oauth2.Endpoint{
153 AuthURL: "https://example.com",
154 TokenURL: ts.URL,
155 },
156 },
157 }
158
159 _, err := conf.TokenSource(context.Background()).Token()
160 if err != nil {
161 t.Fatalf("Failed to fetch token: %v", err)
162 }
163
164 parts := strings.Split(assertion, ".")
165 if len(parts) != 3 {
166 t.Fatalf("assertion = %q; want 3 parts", assertion)
167 }
168 gotjson, err := base64.RawURLEncoding.DecodeString(parts[0])
169 if err != nil {
170 t.Fatalf("invalid token header; err = %v", err)
171 }
172
173 got := jws.Header{}
174 if err := json.Unmarshal(gotjson, &got); err != nil {
175 t.Errorf("failed to unmarshal json token header = %q; err = %v", gotjson, err)
176 }
177
178 want := jws.Header{
179 Algorithm: "HS256",
180 Typ: "JWT",
181 }
182 if got != want {
183 t.Errorf("access token header = %q; want %q", got, want)
184 }
185 }
186
View as plain text