(t *testing.T)
| 268 | } |
| 269 | |
| 270 | func TestAcceptCodeDeviceRequest(t *testing.T) { |
| 271 | requestURL := "https://hydra.example.com/" + oauth2.DeviceVerificationPath |
| 272 | |
| 273 | reg := testhelpers.NewRegistryMemory(t) |
| 274 | |
| 275 | cl := &client.Client{ID: "client"} |
| 276 | require.NoError(t, reg.ClientManager().CreateClient(t.Context(), cl)) |
| 277 | f := &flow.Flow{ |
| 278 | Client: cl, |
| 279 | RequestURL: requestURL, |
| 280 | RequestedAt: time.Now(), |
| 281 | State: flow.DeviceFlowStateUnused, |
| 282 | } |
| 283 | f.NID = reg.Networker().NetworkID(t.Context()) |
| 284 | challenge, err := f.ToDeviceChallenge(t.Context(), reg) |
| 285 | require.NoError(t, err) |
| 286 | |
| 287 | h := NewHandler(reg) |
| 288 | r := httprouterx.NewTestRouterAdminWithPrefix(t) |
| 289 | h.SetRoutes(r) |
| 290 | ts := httptest.NewServer(r) |
| 291 | t.Cleanup(ts.Close) |
| 292 | |
| 293 | submitCode := func(t *testing.T, reqBody any, challenge string) *http.Response { |
| 294 | body, err := json.Marshal(reqBody) |
| 295 | require.NoError(t, err) |
| 296 | |
| 297 | // set the HTTP method, url, and request body |
| 298 | req, err := http.NewRequest(http.MethodPut, ts.URL+"/admin"+DevicePath+"/accept?device_challenge="+challenge, bytes.NewReader(body)) |
| 299 | require.NoError(t, err) |
| 300 | |
| 301 | resp, err := ts.Client().Do(req) |
| 302 | require.NoError(t, err) |
| 303 | |
| 304 | return resp |
| 305 | } |
| 306 | |
| 307 | t.Run("case=successful user_code submission", func(t *testing.T) { |
| 308 | deviceRequest := fosite.NewDeviceRequest() |
| 309 | deviceRequest.Client = cl |
| 310 | deviceRequest.SetSession(oauth2.NewTestSession(t, "test-subject")) |
| 311 | |
| 312 | _, deviceCodeSig, err := reg.DeviceCodeStrategy().GenerateDeviceCode(t.Context()) |
| 313 | require.NoError(t, err) |
| 314 | userCode, sig, err := reg.UserCodeStrategy().GenerateUserCode(t.Context()) |
| 315 | require.NoError(t, err) |
| 316 | require.NoError(t, reg.OAuth2Storage().CreateDeviceAuthSession(t.Context(), deviceCodeSig, sig, deviceRequest)) |
| 317 | |
| 318 | resp := submitCode(t, &flow.AcceptDeviceUserCodeRequest{UserCode: userCode}, challenge) |
| 319 | require.EqualValues(t, http.StatusOK, resp.StatusCode) |
| 320 | |
| 321 | var result flow.OAuth2RedirectTo |
| 322 | require.NoError(t, json.NewDecoder(resp.Body).Decode(&result)) |
| 323 | assert.Contains(t, result.RedirectTo, requestURL) |
| 324 | assert.Contains(t, result.RedirectTo, "device_verifier") |
| 325 | |
| 326 | t.Run("double submit", func(t *testing.T) { |
| 327 | resp := submitCode(t, &flow.AcceptDeviceUserCodeRequest{UserCode: userCode}, challenge) |
nothing calls this directly
no test coverage detected