-
-
Notifications
You must be signed in to change notification settings - Fork 367
/
access_error_test.go
102 lines (86 loc) · 3.34 KB
/
access_error_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
// Copyright © 2024 Ory Corp
// SPDX-License-Identifier: Apache-2.0
package fosite_test
import (
"context"
"encoding/json"
"fmt"
"net/http"
"net/http/httptest"
"testing"
"github.com/golang/mock/gomock"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
. "github.com/ory/fosite"
. "github.com/ory/fosite/internal"
)
func TestWriteAccessError(t *testing.T) {
f := &Fosite{Config: new(Config)}
header := http.Header{}
ctrl := gomock.NewController(t)
rw := NewMockResponseWriter(ctrl)
defer ctrl.Finish()
rw.EXPECT().Header().AnyTimes().Return(header)
rw.EXPECT().WriteHeader(http.StatusBadRequest)
rw.EXPECT().Write(gomock.Any())
f.WriteAccessError(context.Background(), rw, nil, ErrInvalidRequest)
}
func TestWriteAccessError_RFC6749(t *testing.T) {
// https://tools.ietf.org/html/rfc6749#section-5.2
config := new(Config)
f := &Fosite{Config: config}
for k, c := range []struct {
err *RFC6749Error
code string
debug bool
expectDebugMessage string
includeExtraFields bool
}{
{ErrInvalidRequest.WithDebug("some-debug"), "invalid_request", true, "some-debug", true},
{ErrInvalidRequest.WithDebugf("some-debug-%d", 1234), "invalid_request", true, "some-debug-1234", true},
{ErrInvalidRequest.WithDebug("some-debug"), "invalid_request", false, "some-debug", true},
{ErrInvalidClient.WithDebug("some-debug"), "invalid_client", false, "some-debug", true},
{ErrInvalidGrant.WithDebug("some-debug"), "invalid_grant", false, "some-debug", true},
{ErrInvalidScope.WithDebug("some-debug"), "invalid_scope", false, "some-debug", true},
{ErrUnauthorizedClient.WithDebug("some-debug"), "unauthorized_client", false, "some-debug", true},
{ErrUnsupportedGrantType.WithDebug("some-debug"), "unsupported_grant_type", false, "some-debug", true},
{ErrUnsupportedGrantType.WithDebug("some-debug"), "unsupported_grant_type", false, "some-debug", false},
{ErrUnsupportedGrantType.WithDebug("some-debug"), "unsupported_grant_type", true, "some-debug", false},
} {
t.Run(fmt.Sprintf("case=%d", k), func(t *testing.T) {
config.SendDebugMessagesToClients = c.debug
config.UseLegacyErrorFormat = c.includeExtraFields
rw := httptest.NewRecorder()
f.WriteAccessError(context.Background(), rw, nil, c.err)
var params struct {
Error string `json:"error"` // specified by RFC, required
Description string `json:"error_description"` // specified by RFC, optional
Debug string `json:"error_debug"`
Hint string `json:"error_hint"`
}
require.NotNil(t, rw.Body)
err := json.NewDecoder(rw.Body).Decode(¶ms)
require.NoError(t, err)
assert.Equal(t, c.code, params.Error)
if !c.includeExtraFields {
assert.Empty(t, params.Debug)
assert.Empty(t, params.Hint)
assert.Contains(t, params.Description, c.err.DescriptionField)
assert.Contains(t, params.Description, c.err.HintField)
if c.debug {
assert.Contains(t, params.Description, c.err.DebugField)
} else {
assert.NotContains(t, params.Description, c.err.DebugField)
}
} else {
assert.EqualValues(t, c.err.DescriptionField, params.Description)
assert.EqualValues(t, c.err.HintField, params.Hint)
if !c.debug {
assert.Empty(t, params.Debug)
} else {
assert.EqualValues(t, c.err.DebugField, params.Debug)
}
}
})
}
}