(t *testing.T)
| 84 | } |
| 85 | |
| 86 | func TestFetcher_FetchTokenScopes(t *testing.T) { |
| 87 | tests := []struct { |
| 88 | name string |
| 89 | handler http.HandlerFunc |
| 90 | expectedScopes []string |
| 91 | expectError bool |
| 92 | errorContains string |
| 93 | }{ |
| 94 | { |
| 95 | name: "successful fetch with multiple scopes", |
| 96 | handler: func(w http.ResponseWriter, _ *http.Request) { |
| 97 | w.Header().Set("X-OAuth-Scopes", "repo, user, gist") |
| 98 | w.WriteHeader(http.StatusOK) |
| 99 | }, |
| 100 | expectedScopes: []string{"repo", "user", "gist"}, |
| 101 | expectError: false, |
| 102 | }, |
| 103 | { |
| 104 | name: "successful fetch with single scope", |
| 105 | handler: func(w http.ResponseWriter, _ *http.Request) { |
| 106 | w.Header().Set("X-OAuth-Scopes", "repo") |
| 107 | w.WriteHeader(http.StatusOK) |
| 108 | }, |
| 109 | expectedScopes: []string{"repo"}, |
| 110 | expectError: false, |
| 111 | }, |
| 112 | { |
| 113 | name: "fine-grained PAT returns empty scopes", |
| 114 | handler: func(w http.ResponseWriter, _ *http.Request) { |
| 115 | // Fine-grained PATs don't return X-OAuth-Scopes |
| 116 | w.WriteHeader(http.StatusOK) |
| 117 | }, |
| 118 | expectedScopes: []string{}, |
| 119 | expectError: false, |
| 120 | }, |
| 121 | { |
| 122 | name: "unauthorized token", |
| 123 | handler: func(w http.ResponseWriter, _ *http.Request) { |
| 124 | w.WriteHeader(http.StatusUnauthorized) |
| 125 | }, |
| 126 | expectError: true, |
| 127 | errorContains: "invalid or expired token", |
| 128 | }, |
| 129 | { |
| 130 | name: "server error", |
| 131 | handler: func(w http.ResponseWriter, _ *http.Request) { |
| 132 | w.WriteHeader(http.StatusInternalServerError) |
| 133 | }, |
| 134 | expectError: true, |
| 135 | errorContains: "unexpected status code: 500", |
| 136 | }, |
| 137 | { |
| 138 | name: "verifies authorization header is set", |
| 139 | handler: func(w http.ResponseWriter, r *http.Request) { |
| 140 | authHeader := r.Header.Get("Authorization") |
| 141 | if authHeader != "Bearer test-token" { |
| 142 | w.WriteHeader(http.StatusUnauthorized) |
| 143 | return |
nothing calls this directly
no test coverage detected