platform/test/client_credentials_test.dart

107 lines
2.6 KiB
Dart
Raw Normal View History

2017-10-16 06:38:46 +00:00
import 'dart:async';
2018-11-08 15:34:49 +00:00
import 'dart:convert';
2017-10-16 06:38:46 +00:00
import 'package:angel_framework/angel_framework.dart';
import 'package:angel_test/angel_test.dart';
import 'package:angel_oauth2/angel_oauth2.dart';
import 'package:angel_validate/angel_validate.dart';
import 'package:test/test.dart';
import 'common.dart';
main() {
TestClient client;
setUp(() async {
2019-05-02 07:28:38 +00:00
var app = Angel();
var oauth2 = _AuthorizationServer();
2017-10-16 06:38:46 +00:00
app.group('/oauth2', (router) {
router
..get('/authorize', oauth2.authorizationEndpoint)
..post('/token', oauth2.tokenEndpoint);
});
app.errorHandler = (e, req, res) async {
res.json(e.toJson());
};
client = await connectTo(app);
});
tearDown(() => client.close());
test('authenticate via client credentials', () async {
var response = await client.post(
'/oauth2/token',
headers: {
2018-07-09 15:38:29 +00:00
'Authorization': 'Basic ' + base64Url.encode('foo:bar'.codeUnits),
2017-10-16 06:38:46 +00:00
},
body: {
'grant_type': 'client_credentials',
},
);
print('Response: ${response.body}');
2018-11-08 15:32:36 +00:00
expect(
response,
allOf(
hasStatus(200),
hasContentType('application/json'),
2019-05-02 07:28:38 +00:00
hasValidBody(Validator({
2018-11-08 15:32:36 +00:00
'token_type': equals('bearer'),
'access_token': equals('foo'),
})),
));
2017-10-16 06:38:46 +00:00
});
test('force correct id', () async {
var response = await client.post(
'/oauth2/token',
headers: {
2018-07-09 15:38:29 +00:00
'Authorization': 'Basic ' + base64Url.encode('fooa:bar'.codeUnits),
2017-10-16 06:38:46 +00:00
},
body: {
'grant_type': 'client_credentials',
},
);
print('Response: ${response.body}');
2017-10-16 16:52:12 +00:00
expect(response, hasStatus(400));
2017-10-16 06:38:46 +00:00
});
test('force correct secret', () async {
var response = await client.post(
'/oauth2/token',
headers: {
2018-07-09 15:38:29 +00:00
'Authorization': 'Basic ' + base64Url.encode('foo:bara'.codeUnits),
2017-10-16 06:38:46 +00:00
},
body: {
'grant_type': 'client_credentials',
},
);
print('Response: ${response.body}');
2017-10-16 16:52:12 +00:00
expect(response, hasStatus(400));
2017-10-16 06:38:46 +00:00
});
}
class _AuthorizationServer
extends AuthorizationServer<PseudoApplication, PseudoUser> {
@override
PseudoApplication findClient(String clientId) {
return clientId == pseudoApplication.id ? pseudoApplication : null;
}
@override
Future<bool> verifyClient(
PseudoApplication client, String clientSecret) async {
return client.secret == clientSecret;
}
@override
Future<AuthorizationTokenResponse> clientCredentialsGrant(
PseudoApplication client, RequestContext req, ResponseContext res) async {
2019-05-02 07:28:38 +00:00
return AuthorizationTokenResponse('foo');
2017-10-16 06:38:46 +00:00
}
}