99 lines
3.1 KiB
Go
99 lines
3.1 KiB
Go
package http_test
|
|
|
|
import (
|
|
"context"
|
|
"strings"
|
|
"sync"
|
|
"testing"
|
|
|
|
"github.com/goccy/go-json"
|
|
"github.com/spf13/viper"
|
|
"github.com/stretchr/testify/assert"
|
|
"github.com/stretchr/testify/require"
|
|
http "github.com/valyala/fasthttp"
|
|
|
|
"source.toby3d.me/website/indieauth/internal/common"
|
|
configrepo "source.toby3d.me/website/indieauth/internal/config/repository/viper"
|
|
configucase "source.toby3d.me/website/indieauth/internal/config/usecase"
|
|
"source.toby3d.me/website/indieauth/internal/domain"
|
|
delivery "source.toby3d.me/website/indieauth/internal/token/delivery/http"
|
|
repository "source.toby3d.me/website/indieauth/internal/token/repository/memory"
|
|
"source.toby3d.me/website/indieauth/internal/token/usecase"
|
|
"source.toby3d.me/website/indieauth/internal/util"
|
|
)
|
|
|
|
func TestVerification(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
v := viper.New()
|
|
v.SetDefault("indieauth.jwtSigningAlgorithm", "HS256")
|
|
v.SetDefault("indieauth.jwtSecret", "hackme")
|
|
|
|
accessToken := domain.TestToken(t)
|
|
|
|
client, _, cleanup := util.TestServe(t, delivery.NewRequestHandler(usecase.NewTokenUseCase(
|
|
repository.NewMemoryTokenRepository(new(sync.Map)),
|
|
configucase.NewConfigUseCase(configrepo.NewViperConfigRepository(v)),
|
|
)).Read)
|
|
t.Cleanup(cleanup)
|
|
|
|
req := http.AcquireRequest()
|
|
defer http.ReleaseRequest(req)
|
|
req.Header.SetMethod(http.MethodGet)
|
|
req.SetRequestURI("https://app.example.com/token")
|
|
req.Header.Set(http.HeaderAccept, common.MIMEApplicationJSON)
|
|
req.Header.Set(http.HeaderAuthorization, "Bearer "+accessToken.AccessToken)
|
|
|
|
resp := http.AcquireResponse()
|
|
defer http.ReleaseResponse(resp)
|
|
|
|
require.NoError(t, client.Do(req, resp))
|
|
|
|
assert.Equal(t, http.StatusOK, resp.StatusCode())
|
|
|
|
token := new(delivery.VerificationResponse)
|
|
require.NoError(t, json.Unmarshal(resp.Body(), token))
|
|
assert.Equal(t, &delivery.VerificationResponse{
|
|
Me: accessToken.Me,
|
|
ClientID: accessToken.ClientID,
|
|
Scope: strings.Join(accessToken.Scopes, " "),
|
|
}, token)
|
|
}
|
|
|
|
func TestRevocation(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
v := viper.New()
|
|
v.SetDefault("indieauth.jwtSigningAlgorithm", "HS256")
|
|
v.SetDefault("indieauth.jwtSecret", "hackme")
|
|
|
|
tokens := repository.NewMemoryTokenRepository(new(sync.Map))
|
|
accessToken := domain.TestToken(t)
|
|
|
|
client, _, cleanup := util.TestServe(t, delivery.NewRequestHandler(
|
|
usecase.NewTokenUseCase(tokens, configucase.NewConfigUseCase(configrepo.NewViperConfigRepository(v))),
|
|
).Update)
|
|
t.Cleanup(cleanup)
|
|
|
|
req := http.AcquireRequest()
|
|
defer http.ReleaseRequest(req)
|
|
req.Header.SetMethod(http.MethodPost)
|
|
req.SetRequestURI("https://app.example.com/token")
|
|
req.Header.SetContentType(common.MIMEApplicationXWWWFormUrlencoded)
|
|
req.Header.Set(http.HeaderAccept, common.MIMEApplicationJSON)
|
|
req.PostArgs().Set("action", "revoke")
|
|
req.PostArgs().Set("token", accessToken.AccessToken)
|
|
|
|
resp := http.AcquireResponse()
|
|
defer http.ReleaseResponse(resp)
|
|
|
|
require.NoError(t, client.Do(req, resp))
|
|
|
|
assert.Equal(t, http.StatusOK, resp.StatusCode())
|
|
assert.Equal(t, `{}`, strings.TrimSpace(string(resp.Body())))
|
|
|
|
result, err := tokens.Get(context.TODO(), accessToken.AccessToken)
|
|
require.NoError(t, err)
|
|
assert.Equal(t, accessToken.AccessToken, result.AccessToken)
|
|
}
|