本站源代码
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

229 lines
7.5KB

  1. // Copyright 2019 The Gitea Authors. All rights reserved.
  2. // Use of this source code is governed by a MIT-style
  3. // license that can be found in the LICENSE file.
  4. package models
  5. import (
  6. "testing"
  7. "github.com/stretchr/testify/assert"
  8. )
  9. //////////////////// Application
  10. func TestOAuth2Application_GenerateClientSecret(t *testing.T) {
  11. assert.NoError(t, PrepareTestDatabase())
  12. app := AssertExistsAndLoadBean(t, &OAuth2Application{ID: 1}).(*OAuth2Application)
  13. secret, err := app.GenerateClientSecret()
  14. assert.NoError(t, err)
  15. assert.True(t, len(secret) > 0)
  16. AssertExistsAndLoadBean(t, &OAuth2Application{ID: 1, ClientSecret: app.ClientSecret})
  17. }
  18. func BenchmarkOAuth2Application_GenerateClientSecret(b *testing.B) {
  19. assert.NoError(b, PrepareTestDatabase())
  20. app := AssertExistsAndLoadBean(b, &OAuth2Application{ID: 1}).(*OAuth2Application)
  21. for i := 0; i < b.N; i++ {
  22. _, _ = app.GenerateClientSecret()
  23. }
  24. }
  25. func TestOAuth2Application_ContainsRedirectURI(t *testing.T) {
  26. app := &OAuth2Application{
  27. RedirectURIs: []string{"a", "b", "c"},
  28. }
  29. assert.True(t, app.ContainsRedirectURI("a"))
  30. assert.True(t, app.ContainsRedirectURI("b"))
  31. assert.True(t, app.ContainsRedirectURI("c"))
  32. assert.False(t, app.ContainsRedirectURI("d"))
  33. }
  34. func TestOAuth2Application_ValidateClientSecret(t *testing.T) {
  35. assert.NoError(t, PrepareTestDatabase())
  36. app := AssertExistsAndLoadBean(t, &OAuth2Application{ID: 1}).(*OAuth2Application)
  37. secret, err := app.GenerateClientSecret()
  38. assert.NoError(t, err)
  39. assert.True(t, app.ValidateClientSecret([]byte(secret)))
  40. assert.False(t, app.ValidateClientSecret([]byte("fewijfowejgfiowjeoifew")))
  41. }
  42. func TestGetOAuth2ApplicationByClientID(t *testing.T) {
  43. assert.NoError(t, PrepareTestDatabase())
  44. app, err := GetOAuth2ApplicationByClientID("da7da3ba-9a13-4167-856f-3899de0b0138")
  45. assert.NoError(t, err)
  46. assert.Equal(t, "da7da3ba-9a13-4167-856f-3899de0b0138", app.ClientID)
  47. app, err = GetOAuth2ApplicationByClientID("invalid client id")
  48. assert.Error(t, err)
  49. assert.Nil(t, app)
  50. }
  51. func TestCreateOAuth2Application(t *testing.T) {
  52. assert.NoError(t, PrepareTestDatabase())
  53. app, err := CreateOAuth2Application(CreateOAuth2ApplicationOptions{Name: "newapp", UserID: 1})
  54. assert.NoError(t, err)
  55. assert.Equal(t, "newapp", app.Name)
  56. assert.Len(t, app.ClientID, 36)
  57. AssertExistsAndLoadBean(t, &OAuth2Application{Name: "newapp"})
  58. }
  59. func TestOAuth2Application_LoadUser(t *testing.T) {
  60. assert.NoError(t, PrepareTestDatabase())
  61. app := AssertExistsAndLoadBean(t, &OAuth2Application{ID: 1}).(*OAuth2Application)
  62. assert.NoError(t, app.LoadUser())
  63. assert.NotNil(t, app.User)
  64. }
  65. func TestOAuth2Application_TableName(t *testing.T) {
  66. assert.Equal(t, "oauth2_application", new(OAuth2Application).TableName())
  67. }
  68. func TestOAuth2Application_GetGrantByUserID(t *testing.T) {
  69. assert.NoError(t, PrepareTestDatabase())
  70. app := AssertExistsAndLoadBean(t, &OAuth2Application{ID: 1}).(*OAuth2Application)
  71. grant, err := app.GetGrantByUserID(1)
  72. assert.NoError(t, err)
  73. assert.Equal(t, int64(1), grant.UserID)
  74. grant, err = app.GetGrantByUserID(34923458)
  75. assert.NoError(t, err)
  76. assert.Nil(t, grant)
  77. }
  78. func TestOAuth2Application_CreateGrant(t *testing.T) {
  79. assert.NoError(t, PrepareTestDatabase())
  80. app := AssertExistsAndLoadBean(t, &OAuth2Application{ID: 1}).(*OAuth2Application)
  81. grant, err := app.CreateGrant(2)
  82. assert.NoError(t, err)
  83. assert.NotNil(t, grant)
  84. assert.Equal(t, int64(2), grant.UserID)
  85. assert.Equal(t, int64(1), grant.ApplicationID)
  86. }
  87. //////////////////// Grant
  88. func TestGetOAuth2GrantByID(t *testing.T) {
  89. assert.NoError(t, PrepareTestDatabase())
  90. grant, err := GetOAuth2GrantByID(1)
  91. assert.NoError(t, err)
  92. assert.Equal(t, int64(1), grant.ID)
  93. grant, err = GetOAuth2GrantByID(34923458)
  94. assert.NoError(t, err)
  95. assert.Nil(t, grant)
  96. }
  97. func TestOAuth2Grant_IncreaseCounter(t *testing.T) {
  98. assert.NoError(t, PrepareTestDatabase())
  99. grant := AssertExistsAndLoadBean(t, &OAuth2Grant{ID: 1, Counter: 1}).(*OAuth2Grant)
  100. assert.NoError(t, grant.IncreaseCounter())
  101. assert.Equal(t, int64(2), grant.Counter)
  102. AssertExistsAndLoadBean(t, &OAuth2Grant{ID: 1, Counter: 2})
  103. }
  104. func TestOAuth2Grant_GenerateNewAuthorizationCode(t *testing.T) {
  105. assert.NoError(t, PrepareTestDatabase())
  106. grant := AssertExistsAndLoadBean(t, &OAuth2Grant{ID: 1}).(*OAuth2Grant)
  107. code, err := grant.GenerateNewAuthorizationCode("https://example2.com/callback", "CjvyTLSdR47G5zYenDA-eDWW4lRrO8yvjcWwbD_deOg", "S256")
  108. assert.NoError(t, err)
  109. assert.NotNil(t, code)
  110. assert.True(t, len(code.Code) > 32) // secret length > 32
  111. }
  112. func TestOAuth2Grant_TableName(t *testing.T) {
  113. assert.Equal(t, "oauth2_grant", new(OAuth2Grant).TableName())
  114. }
  115. func TestGetOAuth2GrantsByUserID(t *testing.T) {
  116. assert.NoError(t, PrepareTestDatabase())
  117. result, err := GetOAuth2GrantsByUserID(1)
  118. assert.NoError(t, err)
  119. assert.Len(t, result, 1)
  120. assert.Equal(t, int64(1), result[0].ID)
  121. assert.Equal(t, result[0].ApplicationID, result[0].Application.ID)
  122. result, err = GetOAuth2GrantsByUserID(34134)
  123. assert.NoError(t, err)
  124. assert.Empty(t, result)
  125. }
  126. func TestRevokeOAuth2Grant(t *testing.T) {
  127. assert.NoError(t, PrepareTestDatabase())
  128. assert.NoError(t, RevokeOAuth2Grant(1, 1))
  129. AssertNotExistsBean(t, &OAuth2Grant{ID: 1, UserID: 1})
  130. }
  131. //////////////////// Authorization Code
  132. func TestGetOAuth2AuthorizationByCode(t *testing.T) {
  133. assert.NoError(t, PrepareTestDatabase())
  134. code, err := GetOAuth2AuthorizationByCode("authcode")
  135. assert.NoError(t, err)
  136. assert.NotNil(t, code)
  137. assert.Equal(t, "authcode", code.Code)
  138. assert.Equal(t, int64(1), code.ID)
  139. code, err = GetOAuth2AuthorizationByCode("does not exist")
  140. assert.NoError(t, err)
  141. assert.Nil(t, code)
  142. }
  143. func TestOAuth2AuthorizationCode_ValidateCodeChallenge(t *testing.T) {
  144. // test plain
  145. code := &OAuth2AuthorizationCode{
  146. CodeChallengeMethod: "plain",
  147. CodeChallenge: "test123",
  148. }
  149. assert.True(t, code.ValidateCodeChallenge("test123"))
  150. assert.False(t, code.ValidateCodeChallenge("ierwgjoergjio"))
  151. // test S256
  152. code = &OAuth2AuthorizationCode{
  153. CodeChallengeMethod: "S256",
  154. CodeChallenge: "CjvyTLSdR47G5zYenDA-eDWW4lRrO8yvjcWwbD_deOg",
  155. }
  156. assert.True(t, code.ValidateCodeChallenge("N1Zo9-8Rfwhkt68r1r29ty8YwIraXR8eh_1Qwxg7yQXsonBt"))
  157. assert.False(t, code.ValidateCodeChallenge("wiogjerogorewngoenrgoiuenorg"))
  158. // test unknown
  159. code = &OAuth2AuthorizationCode{
  160. CodeChallengeMethod: "monkey",
  161. CodeChallenge: "foiwgjioriogeiogjerger",
  162. }
  163. assert.False(t, code.ValidateCodeChallenge("foiwgjioriogeiogjerger"))
  164. // test no code challenge
  165. code = &OAuth2AuthorizationCode{
  166. CodeChallengeMethod: "",
  167. CodeChallenge: "foierjiogerogerg",
  168. }
  169. assert.True(t, code.ValidateCodeChallenge(""))
  170. }
  171. func TestOAuth2AuthorizationCode_GenerateRedirectURI(t *testing.T) {
  172. code := &OAuth2AuthorizationCode{
  173. RedirectURI: "https://example.com/callback",
  174. Code: "thecode",
  175. }
  176. redirect, err := code.GenerateRedirectURI("thestate")
  177. assert.NoError(t, err)
  178. assert.Equal(t, redirect.String(), "https://example.com/callback?code=thecode&state=thestate")
  179. redirect, err = code.GenerateRedirectURI("")
  180. assert.NoError(t, err)
  181. assert.Equal(t, redirect.String(), "https://example.com/callback?code=thecode")
  182. }
  183. func TestOAuth2AuthorizationCode_Invalidate(t *testing.T) {
  184. assert.NoError(t, PrepareTestDatabase())
  185. code := AssertExistsAndLoadBean(t, &OAuth2AuthorizationCode{Code: "authcode"}).(*OAuth2AuthorizationCode)
  186. assert.NoError(t, code.Invalidate())
  187. AssertNotExistsBean(t, &OAuth2AuthorizationCode{Code: "authcode"})
  188. }
  189. func TestOAuth2AuthorizationCode_TableName(t *testing.T) {
  190. assert.Equal(t, "oauth2_authorization_code", new(OAuth2AuthorizationCode).TableName())
  191. }
上海开阖软件有限公司 沪ICP备12045867号-1