Compare commits
2 Commits
8ea564084b
...
7d0635c87a
Author | SHA1 | Date |
---|---|---|
Maxim Lebedev | 7d0635c87a | |
Maxim Lebedev | dc7746a6c0 |
|
@ -138,7 +138,7 @@ func (h *Handler) handleCallback(w http.ResponseWriter, r *http.Request) {
|
|||
|
||||
// TODO(toby3d): load and check state
|
||||
|
||||
if req.Iss.String() != h.client.ID.String() {
|
||||
if !req.Iss.IsEqual(h.client.ID) {
|
||||
w.WriteHeader(http.StatusBadRequest)
|
||||
layout.WriteTemplate(w, &template.Error{
|
||||
BaseOf: baseOf,
|
||||
|
|
|
@ -3,6 +3,7 @@ package http_test
|
|||
import (
|
||||
"net/http"
|
||||
"net/http/httptest"
|
||||
"net/url"
|
||||
"testing"
|
||||
|
||||
"golang.org/x/text/language"
|
||||
|
@ -10,67 +11,94 @@ import (
|
|||
|
||||
delivery "source.toby3d.me/toby3d/auth/internal/client/delivery/http"
|
||||
"source.toby3d.me/toby3d/auth/internal/domain"
|
||||
"source.toby3d.me/toby3d/auth/internal/profile"
|
||||
profilerepo "source.toby3d.me/toby3d/auth/internal/profile/repository/memory"
|
||||
"source.toby3d.me/toby3d/auth/internal/session"
|
||||
sessionrepo "source.toby3d.me/toby3d/auth/internal/session/repository/memory"
|
||||
"source.toby3d.me/toby3d/auth/internal/random"
|
||||
"source.toby3d.me/toby3d/auth/internal/token"
|
||||
tokenrepo "source.toby3d.me/toby3d/auth/internal/token/repository/memory"
|
||||
tokenucase "source.toby3d.me/toby3d/auth/internal/token/usecase"
|
||||
testutil "source.toby3d.me/toby3d/auth/internal/util/testing"
|
||||
)
|
||||
|
||||
type Dependencies struct {
|
||||
profiles profile.Repository
|
||||
token *domain.Token
|
||||
client *domain.Client
|
||||
config *domain.Config
|
||||
matcher language.Matcher
|
||||
sessions session.Repository
|
||||
tokens token.Repository
|
||||
tokenService token.UseCase
|
||||
}
|
||||
|
||||
func TestRead(t *testing.T) {
|
||||
func TestHandler_ServeHTTP(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
code, err := random.String(64)
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
|
||||
state, err := random.String(24)
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
|
||||
deps := NewDependencies(t)
|
||||
req := httptest.NewRequest(http.MethodGet, "https://app.example.com/", nil)
|
||||
w := httptest.NewRecorder()
|
||||
q := make(url.Values)
|
||||
|
||||
delivery.NewHandler(delivery.NewHandlerOptions{
|
||||
Client: *deps.client,
|
||||
Config: *deps.config,
|
||||
Matcher: deps.matcher,
|
||||
Tokens: deps.tokenService,
|
||||
}).ServeHTTP(w, req)
|
||||
for k, v := range map[string]string{
|
||||
"iss": deps.client.ID.String(),
|
||||
"code": code,
|
||||
"state": state,
|
||||
} {
|
||||
q.Add(k, v)
|
||||
}
|
||||
|
||||
if resp := w.Result(); resp.StatusCode != http.StatusOK {
|
||||
t.Errorf("%s %s = %d, want %d", req.Method, req.RequestURI, resp.StatusCode, http.StatusOK)
|
||||
for name, target := range map[string]string{
|
||||
"home": deps.client.ID.String(),
|
||||
"callback": deps.client.ID.URL().JoinPath("callback").String() + "?" + q.Encode(),
|
||||
} {
|
||||
name, target := name, target
|
||||
|
||||
t.Run(name, func(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
req := httptest.NewRequest(http.MethodGet, target, nil)
|
||||
w := httptest.NewRecorder()
|
||||
|
||||
delivery.NewHandler(delivery.NewHandlerOptions{
|
||||
Client: *deps.client,
|
||||
Config: *deps.config,
|
||||
Matcher: deps.matcher,
|
||||
Tokens: deps.tokenService,
|
||||
}).ServeHTTP(w, req)
|
||||
|
||||
resp := w.Result()
|
||||
|
||||
if resp.StatusCode != http.StatusOK {
|
||||
t.Errorf("%s %s = %d, want %d", req.Method, req.RequestURI, resp.StatusCode,
|
||||
http.StatusOK)
|
||||
}
|
||||
|
||||
testutil.GoldenEqual(t, w.Result().Body)
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
func NewDependencies(tb testing.TB) Dependencies {
|
||||
tb.Helper()
|
||||
|
||||
tkn := domain.TestToken(tb)
|
||||
// WARN(toby3d): clients MUST NOT expect what any IndieAuth tokens is
|
||||
// JWT or something hackable. It can be anything in string
|
||||
// representation. Used static generated random string for safe golden
|
||||
// output comparing.
|
||||
tkn.AccessToken = "dqHhu6z0NcTy2trL7DuwXd0fMhLQ61ak"
|
||||
|
||||
client := domain.TestClient(tb)
|
||||
config := domain.TestConfig(tb)
|
||||
matcher := language.NewMatcher(message.DefaultCatalog.Languages())
|
||||
sessions := sessionrepo.NewMemorySessionRepository(*config)
|
||||
tokens := tokenrepo.NewMemoryTokenRepository()
|
||||
profiles := profilerepo.NewMemoryProfileRepository()
|
||||
tokenService := tokenucase.NewTokenUseCase(tokenucase.Config{
|
||||
Config: *config,
|
||||
Profiles: profiles,
|
||||
Sessions: sessions,
|
||||
Tokens: tokens,
|
||||
})
|
||||
tokenService := token.NewStubTokenUseCase(tkn, nil, nil)
|
||||
|
||||
return Dependencies{
|
||||
token: tkn,
|
||||
client: client,
|
||||
config: config,
|
||||
matcher: matcher,
|
||||
sessions: sessions,
|
||||
profiles: profiles,
|
||||
tokens: tokens,
|
||||
tokenService: tokenService,
|
||||
}
|
||||
}
|
||||
|
|
1
internal/client/delivery/http/testdata/TestHandler_ServeHTTP/callback.golden
vendored
Executable file
1
internal/client/delivery/http/testdata/TestHandler_ServeHTTP/callback.golden
vendored
Executable file
|
@ -0,0 +1 @@
|
|||
<!DOCTYPE html><html class="page" lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><link rel="icon" href="/favicon.ico" sizes="any"><link rel="icon" href="/icon.svg" type="image/svg+xml"><link rel="apple-touch-icon" href="/apple-touch-icon.png"><link rel="manifest" href="/manifest.webmanifest"><title>IndieAuth</title></head><body class="page__body body"><h1>https://user.example.net/</h1><small>dqHhu6z0NcTy2trL7DuwXd0fMhLQ61ak</small></body></html>
|
|
@ -0,0 +1 @@
|
|||
<!DOCTYPE html><html class="page" lang="en"><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><link rel="icon" href="/favicon.ico" sizes="any"><link rel="icon" href="/icon.svg" type="image/svg+xml"><link rel="apple-touch-icon" href="/apple-touch-icon.png"><link rel="manifest" href="/manifest.webmanifest"><link rel="redirect_uri" href="https://app.example.com/redirect"><link rel="redirect_uri" href="https://app.example.net/redirect"><title>IndieAuth</title></head><body class="page__body body"><header class="h-app h-x-app"><img class="u-logo" src="https://app.example.com/logo.png" alt="Example App" crossorigin="anonymous" decoding="async" height="140" importance="high" referrerpolicy="no-referrer-when-downgrade" width="140"><h1><a class="p-name u-url" href="https://app.example.com/">Example App</a></h1></header><main><form class="" method="get" action="/authorize" enctype="application/x-www-form-urlencoded" accept-charset="utf-8" target="_self"><input type="hidden" name="client_id" value="https://127.0.0.1/"><input type="hidden" name="redirect_uri" value="https://app.example.com/redirect"><input type="hidden" name="response_type" value="code"><input type="hidden" name="scope" value="email profile"><input type="hidden" name="state" value="hackme"><input type="url" name="me" placeholder="https://example.com/" inputmode="url" autocomplete="url" required><button type="submit">Sign In</button></form></main></body></html>
|
Loading…
Reference in New Issue