platform/packages/oauth2/test/client_credentials_test.dart

111 lines
2.7 KiB
Dart
Raw Normal View History

2017-10-16 06:38:46 +00:00
import 'dart:async';
2018-11-08 15:34:49 +00:00
import 'dart:convert';
import 'package:angel3_framework/angel3_framework.dart';
import 'package:angel3_test/angel3_test.dart';
import 'package:angel3_oauth2/angel3_oauth2.dart';
2017-10-16 06:38:46 +00:00
import 'package:test/test.dart';
import 'common.dart';
2021-02-14 05:22:25 +00:00
void main() {
late TestClient client;
2017-10-16 06:38:46 +00:00
setUp(() async {
2019-05-02 07:28:38 +00:00
var app = Angel();
var oauth2 = _AuthorizationServer();
2017-10-16 06:38:46 +00:00
app.group('/oauth2', (router) {
router
..get('/authorize', oauth2.authorizationEndpoint)
..post('/token', oauth2.tokenEndpoint);
});
app.errorHandler = (e, req, res) async {
res.json(e.toJson());
};
client = await connectTo(app);
});
tearDown(() => client.close());
test('authenticate via client credentials', () async {
var response = await client.post(
Uri.parse('oauth2/token'),
2017-10-16 06:38:46 +00:00
headers: {
2022-08-27 07:52:28 +00:00
'Authorization': 'Basic ${base64Url.encode('foo:bar'.codeUnits)}',
2017-10-16 06:38:46 +00:00
},
body: {
'grant_type': 'client_credentials',
},
);
print('Response: ${response.body}');
2021-02-14 05:22:25 +00:00
// TODO: Incorrect Validators
/*
2018-11-08 15:32:36 +00:00
expect(
response,
allOf(
hasStatus(200),
hasContentType('application/json'),
2019-05-02 07:28:38 +00:00
hasValidBody(Validator({
2018-11-08 15:32:36 +00:00
'token_type': equals('bearer'),
'access_token': equals('foo'),
})),
));
2021-02-14 05:22:25 +00:00
*/
2017-10-16 06:38:46 +00:00
});
test('force correct id', () async {
var response = await client.post(
Uri.parse('/oauth2/token'),
2017-10-16 06:38:46 +00:00
headers: {
2022-08-27 07:52:28 +00:00
'Authorization': 'Basic ${base64Url.encode('fooa:bar'.codeUnits)}',
2017-10-16 06:38:46 +00:00
},
body: {
'grant_type': 'client_credentials',
},
);
print('Response: ${response.body}');
2017-10-16 16:52:12 +00:00
expect(response, hasStatus(400));
2017-10-16 06:38:46 +00:00
});
test('force correct secret', () async {
var response = await client.post(
Uri.parse('/oauth2/token'),
2017-10-16 06:38:46 +00:00
headers: {
2022-08-27 07:52:28 +00:00
'Authorization': 'Basic ${base64Url.encode('foo:bara'.codeUnits)}',
2017-10-16 06:38:46 +00:00
},
body: {
'grant_type': 'client_credentials',
},
);
print('Response: ${response.body}');
2017-10-16 16:52:12 +00:00
expect(response, hasStatus(400));
2017-10-16 06:38:46 +00:00
});
}
class _AuthorizationServer
extends AuthorizationServer<PseudoApplication, PseudoUser> {
@override
PseudoApplication? findClient(String? clientId) {
2017-10-16 06:38:46 +00:00
return clientId == pseudoApplication.id ? pseudoApplication : null;
}
@override
Future<bool> verifyClient(
PseudoApplication client, String? clientSecret) async {
2017-10-16 06:38:46 +00:00
return client.secret == clientSecret;
}
@override
Future<AuthorizationTokenResponse> clientCredentialsGrant(
PseudoApplication? client,
RequestContext req,
ResponseContext res) async {
2019-05-02 07:28:38 +00:00
return AuthorizationTokenResponse('foo');
2017-10-16 06:38:46 +00:00
}
}