163 lines
4.2 KiB
Go
163 lines
4.2 KiB
Go
package api
|
|
|
|
import (
|
|
"net/http"
|
|
"net/http/httptest"
|
|
"net/url"
|
|
"strings"
|
|
"testing"
|
|
|
|
"github.com/stretchr/testify/assert"
|
|
)
|
|
|
|
func TestCreateOauthToken(t *testing.T) {
|
|
t.Run("Success", func(t *testing.T) {
|
|
app, router, _ := NewApiTest()
|
|
CreateOauthToken(router)
|
|
|
|
var method = "POST"
|
|
var path = "/api/v1/oauth/token"
|
|
|
|
data := url.Values{
|
|
"grant_type": {"client_credentials"},
|
|
"client_id": {"cs5cpu17n6gj2qo5"},
|
|
"client_secret": {"xcCbOrw6I0vcoXzhnOmXhjpVSyFq0l0e"},
|
|
"scope": {"metrics"},
|
|
}
|
|
|
|
req, _ := http.NewRequest(method, path, strings.NewReader(data.Encode()))
|
|
req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
|
|
|
|
w := httptest.NewRecorder()
|
|
app.ServeHTTP(w, req)
|
|
|
|
t.Logf("Header: %s", w.Header())
|
|
t.Logf("BODY: %s", w.Body.String())
|
|
assert.Equal(t, http.StatusOK, w.Code)
|
|
})
|
|
|
|
t.Run("InvalidClientID", func(t *testing.T) {
|
|
app, router, _ := NewApiTest()
|
|
CreateOauthToken(router)
|
|
|
|
var method = "POST"
|
|
var path = "/api/v1/oauth/token"
|
|
|
|
data := url.Values{
|
|
"grant_type": {"client_credentials"},
|
|
"client_id": {"123"},
|
|
"client_secret": {"xcCbOrw6I0vcoXzhnOmXhjpVSyFq0l0e"},
|
|
"scope": {"metrics"},
|
|
}
|
|
|
|
req, _ := http.NewRequest(method, path, strings.NewReader(data.Encode()))
|
|
req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
|
|
|
|
w := httptest.NewRecorder()
|
|
app.ServeHTTP(w, req)
|
|
|
|
t.Logf("Header: %s", w.Header())
|
|
t.Logf("BODY: %s", w.Body.String())
|
|
assert.Equal(t, http.StatusUnauthorized, w.Code)
|
|
})
|
|
|
|
t.Run("WrongClient", func(t *testing.T) {
|
|
app, router, _ := NewApiTest()
|
|
CreateOauthToken(router)
|
|
|
|
var method = "POST"
|
|
var path = "/api/v1/oauth/token"
|
|
|
|
data := url.Values{
|
|
"grant_type": {"client_credentials"},
|
|
"client_id": {"cs5cpu17n6gj2yy6"},
|
|
"client_secret": {"xcCbOrw6I0vcoXzhnOmXhjpVSyFq0l0e"},
|
|
"scope": {"metrics"},
|
|
}
|
|
|
|
req, _ := http.NewRequest(method, path, strings.NewReader(data.Encode()))
|
|
req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
|
|
|
|
w := httptest.NewRecorder()
|
|
app.ServeHTTP(w, req)
|
|
|
|
t.Logf("Header: %s", w.Header())
|
|
t.Logf("BODY: %s", w.Body.String())
|
|
assert.Equal(t, http.StatusUnauthorized, w.Code)
|
|
})
|
|
|
|
t.Run("WrongSecret", func(t *testing.T) {
|
|
app, router, _ := NewApiTest()
|
|
CreateOauthToken(router)
|
|
|
|
var method = "POST"
|
|
var path = "/api/v1/oauth/token"
|
|
|
|
data := url.Values{
|
|
"grant_type": {"client_credentials"},
|
|
"client_id": {"cs5cpu17n6gj2qo5"},
|
|
"client_secret": {"xcCbOrw6I0vcoXzhnOmXhjpVSyFq0l0f"},
|
|
"scope": {"metrics"},
|
|
}
|
|
|
|
req, _ := http.NewRequest(method, path, strings.NewReader(data.Encode()))
|
|
req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
|
|
|
|
w := httptest.NewRecorder()
|
|
app.ServeHTTP(w, req)
|
|
|
|
t.Logf("Header: %s", w.Header())
|
|
t.Logf("BODY: %s", w.Body.String())
|
|
assert.Equal(t, http.StatusUnauthorized, w.Code)
|
|
})
|
|
|
|
t.Run("AuthNotEnabled", func(t *testing.T) {
|
|
app, router, _ := NewApiTest()
|
|
CreateOauthToken(router)
|
|
|
|
var method = "POST"
|
|
var path = "/api/v1/oauth/token"
|
|
|
|
data := url.Values{
|
|
"grant_type": {"client_credentials"},
|
|
"client_id": {"cs5gfsvbd7ejzn8m"},
|
|
"client_secret": {"aaCbOrw6I0vcoXzhnOmXhjpVSyFq0l0e"},
|
|
"scope": {"metrics"},
|
|
}
|
|
|
|
req, _ := http.NewRequest(method, path, strings.NewReader(data.Encode()))
|
|
req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
|
|
|
|
w := httptest.NewRecorder()
|
|
app.ServeHTTP(w, req)
|
|
|
|
t.Logf("Header: %s", w.Header())
|
|
t.Logf("BODY: %s", w.Body.String())
|
|
assert.Equal(t, http.StatusUnauthorized, w.Code)
|
|
})
|
|
|
|
t.Run("UnknownAuthMethod", func(t *testing.T) {
|
|
app, router, _ := NewApiTest()
|
|
CreateOauthToken(router)
|
|
|
|
var method = "POST"
|
|
var path = "/api/v1/oauth/token"
|
|
|
|
data := url.Values{
|
|
"grant_type": {"client_credentials"},
|
|
"client_id": {"cs5cpu17n6gj2jh6"},
|
|
"client_secret": {"aaCbOrw6I0vcoXzhnOmXhjpVSyFq0l0e"},
|
|
"scope": {"*"},
|
|
}
|
|
|
|
req, _ := http.NewRequest(method, path, strings.NewReader(data.Encode()))
|
|
req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
|
|
|
|
w := httptest.NewRecorder()
|
|
app.ServeHTTP(w, req)
|
|
|
|
t.Logf("Header: %s", w.Header())
|
|
t.Logf("BODY: %s", w.Body.String())
|
|
assert.Equal(t, http.StatusUnauthorized, w.Code)
|
|
})
|
|
}
|