2019-03-08 17:42:50 +01:00
// Copyright 2019 The Gitea Authors. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.
package models
import (
"testing"
"github.com/stretchr/testify/assert"
)
//////////////////// Application
func TestOAuth2Application_GenerateClientSecret ( t * testing . T ) {
assert . NoError ( t , PrepareTestDatabase ( ) )
app := AssertExistsAndLoadBean ( t , & OAuth2Application { ID : 1 } ) . ( * OAuth2Application )
secret , err := app . GenerateClientSecret ( )
assert . NoError ( t , err )
assert . True ( t , len ( secret ) > 0 )
AssertExistsAndLoadBean ( t , & OAuth2Application { ID : 1 , ClientSecret : app . ClientSecret } )
}
func BenchmarkOAuth2Application_GenerateClientSecret ( b * testing . B ) {
assert . NoError ( b , PrepareTestDatabase ( ) )
app := AssertExistsAndLoadBean ( b , & OAuth2Application { ID : 1 } ) . ( * OAuth2Application )
for i := 0 ; i < b . N ; i ++ {
_ , _ = app . GenerateClientSecret ( )
}
}
func TestOAuth2Application_ContainsRedirectURI ( t * testing . T ) {
app := & OAuth2Application {
RedirectURIs : [ ] string { "a" , "b" , "c" } ,
}
assert . True ( t , app . ContainsRedirectURI ( "a" ) )
assert . True ( t , app . ContainsRedirectURI ( "b" ) )
assert . True ( t , app . ContainsRedirectURI ( "c" ) )
assert . False ( t , app . ContainsRedirectURI ( "d" ) )
}
func TestOAuth2Application_ValidateClientSecret ( t * testing . T ) {
assert . NoError ( t , PrepareTestDatabase ( ) )
app := AssertExistsAndLoadBean ( t , & OAuth2Application { ID : 1 } ) . ( * OAuth2Application )
secret , err := app . GenerateClientSecret ( )
assert . NoError ( t , err )
assert . True ( t , app . ValidateClientSecret ( [ ] byte ( secret ) ) )
assert . False ( t , app . ValidateClientSecret ( [ ] byte ( "fewijfowejgfiowjeoifew" ) ) )
}
func TestGetOAuth2ApplicationByClientID ( t * testing . T ) {
assert . NoError ( t , PrepareTestDatabase ( ) )
app , err := GetOAuth2ApplicationByClientID ( "da7da3ba-9a13-4167-856f-3899de0b0138" )
assert . NoError ( t , err )
assert . Equal ( t , "da7da3ba-9a13-4167-856f-3899de0b0138" , app . ClientID )
app , err = GetOAuth2ApplicationByClientID ( "invalid client id" )
assert . Error ( t , err )
assert . Nil ( t , app )
}
func TestCreateOAuth2Application ( t * testing . T ) {
assert . NoError ( t , PrepareTestDatabase ( ) )
app , err := CreateOAuth2Application ( CreateOAuth2ApplicationOptions { Name : "newapp" , UserID : 1 } )
assert . NoError ( t , err )
assert . Equal ( t , "newapp" , app . Name )
assert . Len ( t , app . ClientID , 36 )
AssertExistsAndLoadBean ( t , & OAuth2Application { Name : "newapp" } )
}
func TestOAuth2Application_LoadUser ( t * testing . T ) {
assert . NoError ( t , PrepareTestDatabase ( ) )
app := AssertExistsAndLoadBean ( t , & OAuth2Application { ID : 1 } ) . ( * OAuth2Application )
assert . NoError ( t , app . LoadUser ( ) )
assert . NotNil ( t , app . User )
}
func TestOAuth2Application_TableName ( t * testing . T ) {
assert . Equal ( t , "oauth2_application" , new ( OAuth2Application ) . TableName ( ) )
}
func TestOAuth2Application_GetGrantByUserID ( t * testing . T ) {
assert . NoError ( t , PrepareTestDatabase ( ) )
app := AssertExistsAndLoadBean ( t , & OAuth2Application { ID : 1 } ) . ( * OAuth2Application )
grant , err := app . GetGrantByUserID ( 1 )
assert . NoError ( t , err )
assert . Equal ( t , int64 ( 1 ) , grant . UserID )
grant , err = app . GetGrantByUserID ( 34923458 )
assert . NoError ( t , err )
assert . Nil ( t , grant )
}
func TestOAuth2Application_CreateGrant ( t * testing . T ) {
assert . NoError ( t , PrepareTestDatabase ( ) )
app := AssertExistsAndLoadBean ( t , & OAuth2Application { ID : 1 } ) . ( * OAuth2Application )
2021-01-01 17:33:27 +01:00
grant , err := app . CreateGrant ( 2 , "" )
2019-03-08 17:42:50 +01:00
assert . NoError ( t , err )
assert . NotNil ( t , grant )
assert . Equal ( t , int64 ( 2 ) , grant . UserID )
assert . Equal ( t , int64 ( 1 ) , grant . ApplicationID )
2021-01-01 17:33:27 +01:00
assert . Equal ( t , "" , grant . Scope )
2019-03-08 17:42:50 +01:00
}
//////////////////// Grant
func TestGetOAuth2GrantByID ( t * testing . T ) {
assert . NoError ( t , PrepareTestDatabase ( ) )
grant , err := GetOAuth2GrantByID ( 1 )
assert . NoError ( t , err )
assert . Equal ( t , int64 ( 1 ) , grant . ID )
grant , err = GetOAuth2GrantByID ( 34923458 )
assert . NoError ( t , err )
assert . Nil ( t , grant )
}
func TestOAuth2Grant_IncreaseCounter ( t * testing . T ) {
assert . NoError ( t , PrepareTestDatabase ( ) )
grant := AssertExistsAndLoadBean ( t , & OAuth2Grant { ID : 1 , Counter : 1 } ) . ( * OAuth2Grant )
assert . NoError ( t , grant . IncreaseCounter ( ) )
assert . Equal ( t , int64 ( 2 ) , grant . Counter )
AssertExistsAndLoadBean ( t , & OAuth2Grant { ID : 1 , Counter : 2 } )
}
2021-01-01 17:33:27 +01:00
func TestOAuth2Grant_ScopeContains ( t * testing . T ) {
assert . NoError ( t , PrepareTestDatabase ( ) )
grant := AssertExistsAndLoadBean ( t , & OAuth2Grant { ID : 1 , Scope : "openid profile" } ) . ( * OAuth2Grant )
assert . True ( t , grant . ScopeContains ( "openid" ) )
assert . True ( t , grant . ScopeContains ( "profile" ) )
assert . False ( t , grant . ScopeContains ( "profil" ) )
assert . False ( t , grant . ScopeContains ( "profile2" ) )
}
2019-03-08 17:42:50 +01:00
func TestOAuth2Grant_GenerateNewAuthorizationCode ( t * testing . T ) {
assert . NoError ( t , PrepareTestDatabase ( ) )
grant := AssertExistsAndLoadBean ( t , & OAuth2Grant { ID : 1 } ) . ( * OAuth2Grant )
code , err := grant . GenerateNewAuthorizationCode ( "https://example2.com/callback" , "CjvyTLSdR47G5zYenDA-eDWW4lRrO8yvjcWwbD_deOg" , "S256" )
assert . NoError ( t , err )
assert . NotNil ( t , code )
assert . True ( t , len ( code . Code ) > 32 ) // secret length > 32
}
func TestOAuth2Grant_TableName ( t * testing . T ) {
assert . Equal ( t , "oauth2_grant" , new ( OAuth2Grant ) . TableName ( ) )
}
2019-04-17 10:18:16 +02:00
func TestGetOAuth2GrantsByUserID ( t * testing . T ) {
assert . NoError ( t , PrepareTestDatabase ( ) )
result , err := GetOAuth2GrantsByUserID ( 1 )
assert . NoError ( t , err )
assert . Len ( t , result , 1 )
assert . Equal ( t , int64 ( 1 ) , result [ 0 ] . ID )
assert . Equal ( t , result [ 0 ] . ApplicationID , result [ 0 ] . Application . ID )
result , err = GetOAuth2GrantsByUserID ( 34134 )
assert . NoError ( t , err )
assert . Empty ( t , result )
}
func TestRevokeOAuth2Grant ( t * testing . T ) {
assert . NoError ( t , PrepareTestDatabase ( ) )
assert . NoError ( t , RevokeOAuth2Grant ( 1 , 1 ) )
AssertNotExistsBean ( t , & OAuth2Grant { ID : 1 , UserID : 1 } )
}
2019-03-08 17:42:50 +01:00
//////////////////// Authorization Code
func TestGetOAuth2AuthorizationByCode ( t * testing . T ) {
assert . NoError ( t , PrepareTestDatabase ( ) )
code , err := GetOAuth2AuthorizationByCode ( "authcode" )
assert . NoError ( t , err )
assert . NotNil ( t , code )
assert . Equal ( t , "authcode" , code . Code )
assert . Equal ( t , int64 ( 1 ) , code . ID )
code , err = GetOAuth2AuthorizationByCode ( "does not exist" )
assert . NoError ( t , err )
assert . Nil ( t , code )
}
func TestOAuth2AuthorizationCode_ValidateCodeChallenge ( t * testing . T ) {
// test plain
code := & OAuth2AuthorizationCode {
CodeChallengeMethod : "plain" ,
CodeChallenge : "test123" ,
}
assert . True ( t , code . ValidateCodeChallenge ( "test123" ) )
assert . False ( t , code . ValidateCodeChallenge ( "ierwgjoergjio" ) )
// test S256
code = & OAuth2AuthorizationCode {
CodeChallengeMethod : "S256" ,
CodeChallenge : "CjvyTLSdR47G5zYenDA-eDWW4lRrO8yvjcWwbD_deOg" ,
}
assert . True ( t , code . ValidateCodeChallenge ( "N1Zo9-8Rfwhkt68r1r29ty8YwIraXR8eh_1Qwxg7yQXsonBt" ) )
assert . False ( t , code . ValidateCodeChallenge ( "wiogjerogorewngoenrgoiuenorg" ) )
// test unknown
code = & OAuth2AuthorizationCode {
CodeChallengeMethod : "monkey" ,
CodeChallenge : "foiwgjioriogeiogjerger" ,
}
assert . False ( t , code . ValidateCodeChallenge ( "foiwgjioriogeiogjerger" ) )
// test no code challenge
code = & OAuth2AuthorizationCode {
CodeChallengeMethod : "" ,
CodeChallenge : "foierjiogerogerg" ,
}
assert . True ( t , code . ValidateCodeChallenge ( "" ) )
}
func TestOAuth2AuthorizationCode_GenerateRedirectURI ( t * testing . T ) {
code := & OAuth2AuthorizationCode {
RedirectURI : "https://example.com/callback" ,
Code : "thecode" ,
}
redirect , err := code . GenerateRedirectURI ( "thestate" )
assert . NoError ( t , err )
2021-06-07 07:27:09 +02:00
assert . Equal ( t , "https://example.com/callback?code=thecode&state=thestate" , redirect . String ( ) )
2019-03-08 17:42:50 +01:00
redirect , err = code . GenerateRedirectURI ( "" )
assert . NoError ( t , err )
2021-06-07 07:27:09 +02:00
assert . Equal ( t , "https://example.com/callback?code=thecode" , redirect . String ( ) )
2019-03-08 17:42:50 +01:00
}
func TestOAuth2AuthorizationCode_Invalidate ( t * testing . T ) {
assert . NoError ( t , PrepareTestDatabase ( ) )
code := AssertExistsAndLoadBean ( t , & OAuth2AuthorizationCode { Code : "authcode" } ) . ( * OAuth2AuthorizationCode )
assert . NoError ( t , code . Invalidate ( ) )
AssertNotExistsBean ( t , & OAuth2AuthorizationCode { Code : "authcode" } )
}
func TestOAuth2AuthorizationCode_TableName ( t * testing . T ) {
assert . Equal ( t , "oauth2_authorization_code" , new ( OAuth2AuthorizationCode ) . TableName ( ) )
}