diff options
author | enahum <nahumhbl@gmail.com> | 2017-04-03 14:37:58 -0300 |
---|---|---|
committer | Corey Hulen <corey@hulen.com> | 2017-04-03 10:37:58 -0700 |
commit | 1cbe6e797517089140ee2db12d73c0781f5e3e6b (patch) | |
tree | 5671819dcbfdc6f359410e3558135090d3724e4c /web | |
parent | 68bb5a2ec85a6d34726a137bad65157d0ff65247 (diff) | |
download | chat-1cbe6e797517089140ee2db12d73c0781f5e3e6b.tar.gz chat-1cbe6e797517089140ee2db12d73c0781f5e3e6b.tar.bz2 chat-1cbe6e797517089140ee2db12d73c0781f5e3e6b.zip |
Add more OAuth unit tests (#5946)
Diffstat (limited to 'web')
-rw-r--r-- | web/web_test.go | 139 |
1 files changed, 0 insertions, 139 deletions
diff --git a/web/web_test.go b/web/web_test.go index 8db0eb91c..03cacdddf 100644 --- a/web/web_test.go +++ b/web/web_test.go @@ -4,8 +4,6 @@ package web import ( - "net/url" - "strings" "testing" "time" @@ -62,143 +60,6 @@ func TestStatic(t *testing.T) { } */ -func TestGetAccessToken(t *testing.T) { - Setup() - - user := model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Password: "passwd1"} - ruser := ApiClient.Must(ApiClient.CreateUser(&user, "")).Data.(*model.User) - store.Must(app.Srv.Store.User().VerifyEmail(ruser.Id)) - - ApiClient.Must(ApiClient.LoginById(ruser.Id, "passwd1")) - - team := model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN} - rteam, _ := ApiClient.CreateTeam(&team) - - oauthApp := &model.OAuthApp{Name: "TestApp" + model.NewId(), Homepage: "https://nowhere.com", Description: "test", CallbackUrls: []string{"https://nowhere.com"}} - - utils.Cfg.ServiceSettings.EnableOAuthServiceProvider = false - data := url.Values{"grant_type": []string{"junk"}, "client_id": []string{"12345678901234567890123456"}, "client_secret": []string{"12345678901234567890123456"}, "code": []string{"junk"}, "redirect_uri": []string{oauthApp.CallbackUrls[0]}} - - if _, err := ApiClient.GetAccessToken(data); err == nil { - t.Fatal("should have failed - oauth providing turned off") - } - utils.Cfg.ServiceSettings.EnableOAuthServiceProvider = true - - ApiClient.Must(ApiClient.LoginById(ruser.Id, "passwd1")) - ApiClient.SetTeamId(rteam.Data.(*model.Team).Id) - *utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = false - utils.SetDefaultRolesBasedOnConfig() - oauthApp = ApiClient.Must(ApiClient.RegisterApp(oauthApp)).Data.(*model.OAuthApp) - *utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = true - utils.SetDefaultRolesBasedOnConfig() - - redirect := ApiClient.Must(ApiClient.AllowOAuth(model.AUTHCODE_RESPONSE_TYPE, oauthApp.Id, oauthApp.CallbackUrls[0], "all", "123")).Data.(map[string]string)["redirect"] - rurl, _ := url.Parse(redirect) - - teamId := rteam.Data.(*model.Team).Id - - ApiClient.Logout() - - data = url.Values{"grant_type": []string{"junk"}, "client_id": []string{oauthApp.Id}, "client_secret": []string{oauthApp.ClientSecret}, "code": []string{rurl.Query().Get("code")}, "redirect_uri": []string{oauthApp.CallbackUrls[0]}} - - if _, err := ApiClient.GetAccessToken(data); err == nil { - t.Fatal("should have failed - bad grant type") - } - - data.Set("grant_type", model.ACCESS_TOKEN_GRANT_TYPE) - data.Set("client_id", "") - if _, err := ApiClient.GetAccessToken(data); err == nil { - t.Fatal("should have failed - missing client id") - } - data.Set("client_id", "junk") - if _, err := ApiClient.GetAccessToken(data); err == nil { - t.Fatal("should have failed - bad client id") - } - - data.Set("client_id", oauthApp.Id) - data.Set("client_secret", "") - if _, err := ApiClient.GetAccessToken(data); err == nil { - t.Fatal("should have failed - missing client secret") - } - - data.Set("client_secret", "junk") - if _, err := ApiClient.GetAccessToken(data); err == nil { - t.Fatal("should have failed - bad client secret") - } - - data.Set("client_secret", oauthApp.ClientSecret) - data.Set("code", "") - if _, err := ApiClient.GetAccessToken(data); err == nil { - t.Fatal("should have failed - missing code") - } - - data.Set("code", "junk") - if _, err := ApiClient.GetAccessToken(data); err == nil { - t.Fatal("should have failed - bad code") - } - - data.Set("code", rurl.Query().Get("code")) - data.Set("redirect_uri", "junk") - if _, err := ApiClient.GetAccessToken(data); err == nil { - t.Fatal("should have failed - non-matching redirect uri") - } - - // reset data for successful request - data.Set("grant_type", model.ACCESS_TOKEN_GRANT_TYPE) - data.Set("client_id", oauthApp.Id) - data.Set("client_secret", oauthApp.ClientSecret) - data.Set("code", rurl.Query().Get("code")) - data.Set("redirect_uri", oauthApp.CallbackUrls[0]) - - token := "" - if result, err := ApiClient.GetAccessToken(data); err != nil { - t.Fatal(err) - } else { - rsp := result.Data.(*model.AccessResponse) - if len(rsp.AccessToken) == 0 { - t.Fatal("access token not returned") - } else { - token = rsp.AccessToken - } - if rsp.TokenType != model.ACCESS_TOKEN_TYPE { - t.Fatal("access token type incorrect") - } - } - - if result, err := ApiClient.DoApiGet("/teams/"+teamId+"/users/0/100?access_token="+token, "", ""); err != nil { - t.Fatal(err) - } else { - userMap := model.UserMapFromJson(result.Body) - if len(userMap) == 0 { - t.Fatal("user map empty - did not get results correctly") - } - } - - if _, err := ApiClient.DoApiGet("/teams/"+teamId+"/users/0/100", "", ""); err == nil { - t.Fatal("should have failed - no access token provided") - } - - if _, err := ApiClient.DoApiGet("/teams/"+teamId+"/users/0/100?access_token=junk", "", ""); err == nil { - t.Fatal("should have failed - bad access token provided") - } - - ApiClient.SetOAuthToken(token) - if result, err := ApiClient.DoApiGet("/teams/"+teamId+"/users/0/100", "", ""); err != nil { - t.Fatal(err) - } else { - userMap := model.UserMapFromJson(result.Body) - if len(userMap) == 0 { - t.Fatal("user map empty - did not get results correctly") - } - } - - if _, err := ApiClient.GetAccessToken(data); err == nil { - t.Fatal("should have failed - tried to reuse auth code") - } - - ApiClient.ClearOAuthToken() -} - func TestIncomingWebhook(t *testing.T) { Setup() |