In this test case one handler requires client auth and another handler not.
(t *testing.T)
| 348 | |
| 349 | // In this test case one handler requires client auth and another handler not. |
| 350 | func TestNewAccessRequestWithMixedClientAuth(t *testing.T) { |
| 351 | ctrl := gomock.NewController(t) |
| 352 | store := internal.NewMockStorage(ctrl) |
| 353 | clientManager := internal.NewMockClientManager(ctrl) |
| 354 | |
| 355 | handlerWithClientAuth := internal.NewMockTokenEndpointHandler(ctrl) |
| 356 | handlerWithClientAuth.EXPECT().CanHandleTokenEndpointRequest(gomock.Any(), gomock.Any()).Return(true).AnyTimes() |
| 357 | handlerWithClientAuth.EXPECT().CanSkipClientAuth(gomock.Any(), gomock.Any()).Return(false).AnyTimes() |
| 358 | |
| 359 | handlerWithoutClientAuth := internal.NewMockTokenEndpointHandler(ctrl) |
| 360 | handlerWithoutClientAuth.EXPECT().CanHandleTokenEndpointRequest(gomock.Any(), gomock.Any()).Return(true).AnyTimes() |
| 361 | handlerWithoutClientAuth.EXPECT().CanSkipClientAuth(gomock.Any(), gomock.Any()).Return(true).AnyTimes() |
| 362 | |
| 363 | hasher := internal.NewMockHasher(ctrl) |
| 364 | t.Cleanup(ctrl.Finish) |
| 365 | |
| 366 | client := &DefaultClient{} |
| 367 | config := &Config{ClientSecretsHasher: hasher, AudienceMatchingStrategy: DefaultAudienceMatchingStrategy} |
| 368 | fosite := &Fosite{Store: store, Config: config} |
| 369 | for k, c := range []struct { |
| 370 | header http.Header |
| 371 | form url.Values |
| 372 | mock func() |
| 373 | method string |
| 374 | expectErr error |
| 375 | expect *AccessRequest |
| 376 | handlers TokenEndpointHandlers |
| 377 | }{ |
| 378 | { |
| 379 | header: http.Header{ |
| 380 | "Authorization": {basicAuth("foo", "bar")}, |
| 381 | }, |
| 382 | form: url.Values{ |
| 383 | "grant_type": {"foo"}, |
| 384 | }, |
| 385 | mock: func() { |
| 386 | store.EXPECT().FositeClientManager().Return(clientManager).Times(1) |
| 387 | clientManager.EXPECT().GetClient(gomock.Any(), gomock.Eq("foo")).Return(client, nil) |
| 388 | client.Public = false |
| 389 | client.Secret = []byte("foo") |
| 390 | hasher.EXPECT().Compare(gomock.Any(), gomock.Eq([]byte("foo")), gomock.Eq([]byte("bar"))).Return(errors.New("hash err")) |
| 391 | handlerWithoutClientAuth.EXPECT().HandleTokenEndpointRequest(gomock.Any(), gomock.Any()).Return(nil) |
| 392 | }, |
| 393 | method: "POST", |
| 394 | expectErr: ErrInvalidClient, |
| 395 | handlers: TokenEndpointHandlers{handlerWithoutClientAuth, handlerWithClientAuth}, |
| 396 | }, |
| 397 | { |
| 398 | header: http.Header{ |
| 399 | "Authorization": {basicAuth("foo", "bar")}, |
| 400 | }, |
| 401 | form: url.Values{ |
| 402 | "grant_type": {"foo"}, |
| 403 | }, |
| 404 | mock: func() { |
| 405 | store.EXPECT().FositeClientManager().Return(clientManager).Times(1) |
| 406 | clientManager.EXPECT().GetClient(gomock.Any(), gomock.Eq("foo")).Return(client, nil) |
| 407 | client.Public = false |
nothing calls this directly
no test coverage detected