MCPcopy
hub / github.com/ory/hydra / TestHandler

Function TestHandler

client/handler_test.go:55–657  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

53}
54
55func TestHandler(t *testing.T) {
56 ctx := context.Background()
57 reg := testhelpers.NewRegistryMemory(t)
58 h := client.NewHandler(reg)
59
60 t.Run("create client registration tokens", func(t *testing.T) {
61 for k, tc := range []struct {
62 c *client.Client
63 dynamic bool
64 }{
65 {dynamic: true, c: new(client.Client)},
66 {c: new(client.Client)},
67 {c: &client.Client{Secret: "01bbf13a-ae3e-44d5-b4b4-dd78137041be"}},
68 } {
69 t.Run(fmt.Sprintf("case=%d/dynamic=%v", k, tc.dynamic), func(t *testing.T) {
70 var b bytes.Buffer
71 require.NoError(t, json.NewEncoder(&b).Encode(tc.c))
72 r, err := http.NewRequest("POST", "/openid/registration", &b)
73 require.NoError(t, err)
74
75 hadSecret := len(tc.c.Secret) > 0
76 c, err := h.CreateClient(r, func(ctx context.Context, c *client.Client) error {
77 return nil
78 }, tc.dynamic)
79 require.NoError(t, err)
80 require.NotEqual(t, c.NID, uuid.Nil)
81
82 except := []string{"client_id", "registration_access_token", "updated_at", "created_at", "registration_client_uri"}
83 require.NotEmpty(t, c.RegistrationAccessToken)
84 require.NotEqual(t, c.RegistrationAccessTokenSignature, c.RegistrationAccessToken)
85 if !hadSecret {
86 require.NotEmpty(t, c.Secret)
87 except = append(except, "client_secret")
88 }
89
90 if tc.dynamic {
91 require.NotEmpty(t, c.GetID())
92 assert.Equal(t, reg.Config().PublicURL(ctx).String()+"oauth2/register/"+c.GetID(), c.RegistrationClientURI)
93 except = append(except, "client_id", "client_secret", "registration_client_uri")
94 }
95
96 snapshotx.SnapshotT(t, c, snapshotx.ExceptPaths(except...))
97 })
98 }
99 })
100
101 t.Run("dynamic client registration protocol authentication", func(t *testing.T) {
102 r, err := http.NewRequest("POST", "/openid/registration", bytes.NewBufferString("{}"))
103 require.NoError(t, err)
104 expected, err := h.CreateClient(r, func(ctx context.Context, c *client.Client) error {
105 return nil
106 }, true)
107 require.NoError(t, err)
108
109 t.Run("valid auth", func(t *testing.T) {
110 actual, err := h.ValidDynamicAuth(&http.Request{Header: http.Header{"Authorization": {"Bearer " + expected.RegistrationAccessToken}}}, expected.ID)
111 require.NoError(t, err, "authentication with registration access token works")
112 assert.EqualValues(t, expected.GetID(), actual.GetID())

Callers

nothing calls this directly

Calls 15

CreateClientMethod · 0.95
ValidDynamicAuthMethod · 0.95
GetIDMethod · 0.95
SetAdminRoutesMethod · 0.95
SetPublicRoutesMethod · 0.95
NewRegistryMemoryFunction · 0.92
NewHandlerFunction · 0.92
getClientIDFunction · 0.85
newResponseSnapshotFunction · 0.85
PublicURLMethod · 0.80
MustSetMethod · 0.80
HasPrefixMethod · 0.80

Tested by

no test coverage detected