|
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185 |
- // Copyright 2018 The Go Authors. All rights reserved.
- // Use of this source code is governed by a BSD-style
- // license that can be found in the LICENSE file.
-
- package jira
-
- import (
- "context"
- "encoding/base64"
- "encoding/json"
- "net/http"
- "net/http/httptest"
- "strings"
- "testing"
-
- "golang.org/x/oauth2"
- "golang.org/x/oauth2/jws"
- )
-
- func TestJWTFetch_JSONResponse(t *testing.T) {
- ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
- w.Header().Set("Content-Type", "application/json")
- w.Write([]byte(`{
- "access_token": "90d64460d14870c08c81352a05dedd3465940a7c",
- "token_type": "Bearer",
- "expires_in": 3600
- }`))
- }))
- defer ts.Close()
-
- conf := &Config{
- BaseURL: "https://my.app.com",
- Subject: "userkey",
- Config: oauth2.Config{
- ClientID: "super_secret_client_id",
- ClientSecret: "super_shared_secret",
- Scopes: []string{"read", "write"},
- Endpoint: oauth2.Endpoint{
- AuthURL: "https://example.com",
- TokenURL: ts.URL,
- },
- },
- }
-
- tok, err := conf.TokenSource(context.Background()).Token()
- if err != nil {
- t.Fatal(err)
- }
- if !tok.Valid() {
- t.Errorf("got invalid token: %v", tok)
- }
- if got, want := tok.AccessToken, "90d64460d14870c08c81352a05dedd3465940a7c"; got != want {
- t.Errorf("access token = %q; want %q", got, want)
- }
- if got, want := tok.TokenType, "Bearer"; got != want {
- t.Errorf("token type = %q; want %q", got, want)
- }
- if got := tok.Expiry.IsZero(); got {
- t.Errorf("token expiry = %v, want none", got)
- }
- }
-
- func TestJWTFetch_BadResponse(t *testing.T) {
- ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
- w.Header().Set("Content-Type", "application/json")
- w.Write([]byte(`{"token_type": "Bearer"}`))
- }))
- defer ts.Close()
-
- conf := &Config{
- BaseURL: "https://my.app.com",
- Subject: "userkey",
- Config: oauth2.Config{
- ClientID: "super_secret_client_id",
- ClientSecret: "super_shared_secret",
- Scopes: []string{"read", "write"},
- Endpoint: oauth2.Endpoint{
- AuthURL: "https://example.com",
- TokenURL: ts.URL,
- },
- },
- }
-
- tok, err := conf.TokenSource(context.Background()).Token()
- if err != nil {
- t.Fatal(err)
- }
- if tok == nil {
- t.Fatalf("got nil token; want token")
- }
- if tok.Valid() {
- t.Errorf("got invalid token: %v", tok)
- }
- if got, want := tok.AccessToken, ""; got != want {
- t.Errorf("access token = %q; want %q", got, want)
- }
- if got, want := tok.TokenType, "Bearer"; got != want {
- t.Errorf("token type = %q; want %q", got, want)
- }
- }
-
- func TestJWTFetch_BadResponseType(t *testing.T) {
- ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
- w.Header().Set("Content-Type", "application/json")
- w.Write([]byte(`{"access_token":123, "token_type": "Bearer"}`))
- }))
- defer ts.Close()
-
- conf := &Config{
- BaseURL: "https://my.app.com",
- Subject: "userkey",
- Config: oauth2.Config{
- ClientID: "super_secret_client_id",
- ClientSecret: "super_shared_secret",
- Endpoint: oauth2.Endpoint{
- AuthURL: "https://example.com",
- TokenURL: ts.URL,
- },
- },
- }
-
- tok, err := conf.TokenSource(context.Background()).Token()
- if err == nil {
- t.Error("got a token; expected error")
- if got, want := tok.AccessToken, ""; got != want {
- t.Errorf("access token = %q; want %q", got, want)
- }
- }
- }
-
- func TestJWTFetch_Assertion(t *testing.T) {
- var assertion string
- ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
- r.ParseForm()
- assertion = r.Form.Get("assertion")
-
- w.Header().Set("Content-Type", "application/json")
- w.Write([]byte(`{
- "access_token": "90d64460d14870c08c81352a05dedd3465940a7c",
- "token_type": "Bearer",
- "expires_in": 3600
- }`))
- }))
- defer ts.Close()
-
- conf := &Config{
- BaseURL: "https://my.app.com",
- Subject: "userkey",
- Config: oauth2.Config{
- ClientID: "super_secret_client_id",
- ClientSecret: "super_shared_secret",
- Endpoint: oauth2.Endpoint{
- AuthURL: "https://example.com",
- TokenURL: ts.URL,
- },
- },
- }
-
- _, err := conf.TokenSource(context.Background()).Token()
- if err != nil {
- t.Fatalf("Failed to fetch token: %v", err)
- }
-
- parts := strings.Split(assertion, ".")
- if len(parts) != 3 {
- t.Fatalf("assertion = %q; want 3 parts", assertion)
- }
- gotjson, err := base64.RawURLEncoding.DecodeString(parts[0])
- if err != nil {
- t.Fatalf("invalid token header; err = %v", err)
- }
-
- got := jws.Header{}
- if err := json.Unmarshal(gotjson, &got); err != nil {
- t.Errorf("failed to unmarshal json token header = %q; err = %v", gotjson, err)
- }
-
- want := jws.Header{
- Algorithm: "HS256",
- Typ: "JWT",
- }
- if got != want {
- t.Errorf("access token header = %q; want %q", got, want)
- }
- }
|