161 lines
4.4 KiB
Go
161 lines
4.4 KiB
Go
package domain_test
|
|
|
|
//nolint:gosec // support old clients
|
|
|
|
import (
|
|
"crypto/md5"
|
|
"crypto/sha1"
|
|
"crypto/sha256"
|
|
"crypto/sha512"
|
|
"encoding/base64"
|
|
"hash"
|
|
"testing"
|
|
|
|
"github.com/brianvoe/gofakeit/v6"
|
|
|
|
"source.toby3d.me/toby3d/auth/internal/domain"
|
|
"source.toby3d.me/toby3d/auth/internal/random"
|
|
)
|
|
|
|
func TestParseCodeChallengeMethod(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
for name, tc := range map[string]struct {
|
|
input string
|
|
expect domain.CodeChallengeMethod
|
|
}{
|
|
"PLAIN": {input: "plain", expect: domain.CodeChallengeMethodPLAIN},
|
|
"MD5": {input: "md5", expect: domain.CodeChallengeMethodMD5},
|
|
"S1": {input: "s1", expect: domain.CodeChallengeMethodS1},
|
|
"S256": {input: "s256", expect: domain.CodeChallengeMethodS256},
|
|
"S512": {input: "s512", expect: domain.CodeChallengeMethodS512},
|
|
} {
|
|
t.Run(name, func(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
actual, err := domain.ParseCodeChallengeMethod(tc.input)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
|
|
if actual != tc.expect {
|
|
t.Errorf("ParseCodeChallengeMethod(%s) = %v, want %v", tc.input, actual, tc.expect)
|
|
}
|
|
})
|
|
}
|
|
}
|
|
|
|
func TestCodeChallengeMethod_UnmarshalForm(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
input := []byte("s256")
|
|
actual := domain.CodeChallengeMethodUnd
|
|
|
|
if err := actual.UnmarshalForm(input); err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
|
|
if actual != domain.CodeChallengeMethodS256 {
|
|
t.Errorf("UnmarshalForm(%s) = %v, want %v", input, actual, domain.CodeChallengeMethodS256)
|
|
}
|
|
}
|
|
|
|
func TestCodeChallengeMethod_UnmarshalJSON(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
input := []byte(`"S256"`)
|
|
actual := domain.CodeChallengeMethodUnd
|
|
|
|
if err := actual.UnmarshalJSON(input); err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
|
|
if actual != domain.CodeChallengeMethodS256 {
|
|
t.Errorf("UnmarshalJSON(%s) = %v, want %v", input, actual, domain.CodeChallengeMethodS256)
|
|
}
|
|
}
|
|
|
|
func TestCodeChallengeMethod_String(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
for name, tc := range map[string]struct {
|
|
input domain.CodeChallengeMethod
|
|
expect string
|
|
}{
|
|
"plain": {input: domain.CodeChallengeMethodPLAIN, expect: "PLAIN"},
|
|
"md5": {input: domain.CodeChallengeMethodMD5, expect: "MD5"},
|
|
"s1": {input: domain.CodeChallengeMethodS1, expect: "S1"},
|
|
"s256": {input: domain.CodeChallengeMethodS256, expect: "S256"},
|
|
"s512": {input: domain.CodeChallengeMethodS512, expect: "S512"},
|
|
} {
|
|
t.Run(name, func(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
if actual := tc.input.String(); actual != tc.expect {
|
|
t.Errorf("String() = %v, want %v", actual, tc.expect)
|
|
}
|
|
})
|
|
}
|
|
}
|
|
|
|
//nolint:gosec // support old clients
|
|
func TestCodeChallengeMethod_Validate(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
verifier, err := random.String(uint8(gofakeit.Number(43, 128)))
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
|
|
for name, tc := range map[string]struct {
|
|
hash hash.Hash
|
|
input domain.CodeChallengeMethod
|
|
ok bool
|
|
}{
|
|
"invalid": {input: domain.CodeChallengeMethodS256, hash: md5.New(), ok: true},
|
|
"MD5": {input: domain.CodeChallengeMethodMD5, hash: md5.New(), ok: false},
|
|
"plain": {input: domain.CodeChallengeMethodPLAIN, hash: nil, ok: false},
|
|
"S1": {input: domain.CodeChallengeMethodS1, hash: sha1.New(), ok: false},
|
|
"S256": {input: domain.CodeChallengeMethodS256, hash: sha256.New(), ok: false},
|
|
"S512": {input: domain.CodeChallengeMethodS512, hash: sha512.New(), ok: false},
|
|
"Und": {input: domain.CodeChallengeMethodUnd, hash: nil, ok: true},
|
|
} {
|
|
t.Run(name, func(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
var codeChallenge string
|
|
|
|
switch tc.input {
|
|
case domain.CodeChallengeMethodUnd, domain.CodeChallengeMethodPLAIN:
|
|
codeChallenge = verifier
|
|
default:
|
|
hash := tc.hash
|
|
hash.Reset()
|
|
|
|
if _, err := hash.Write([]byte(verifier)); err != nil {
|
|
t.Error(err)
|
|
}
|
|
|
|
codeChallenge = base64.RawURLEncoding.EncodeToString(hash.Sum(nil))
|
|
}
|
|
|
|
if actual := tc.input.Validate(codeChallenge, verifier); actual != !tc.ok {
|
|
t.Errorf("Validate(%s, %s) = %t, want %t", codeChallenge, verifier, actual, tc.ok)
|
|
}
|
|
})
|
|
}
|
|
}
|
|
|
|
func TestCodeChallengeMethod_Validate_IndieAuth(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
if ok := domain.CodeChallengeMethodS256.Validate(
|
|
"ALiMNf5FvF_LIWLhSkd9tjPKh3PEmai2OrdDBzrVZ3M",
|
|
"6f535c952339f0670311b4bbec5c41c00805e83291fc7eb15ca4963f82a4d57595787dcc6ee90571fb7789cbd521fe0178ed",
|
|
); !ok {
|
|
t.Errorf("Validate(%s, %s) = %t, want %t", "ALiMNf5FvF_LIWLhSkd9tjPKh3PEmai2OrdDBzrVZ3M",
|
|
"6f535c952339f0670311b4bbec5c41c00805e83291fc7eb15ca4963f82a4d57595787dcc6ee90571fb7789cbd521"+
|
|
"fe0178ed", ok, true)
|
|
}
|
|
}
|