TestAuthCodeWithMockStrategy runs the authorization_code flow against various ConsentStrategy scenarios. For that purpose, the consent strategy is mocked so all scenarios can be applied properly. This test suite checks: - [x] should pass request if strategy passes - [x] should fail because prompt=n
(t *testing.T)
| 1857 | // - [x] should pass with prompt=login when authentication time is recent |
| 1858 | // - [x] should fail with prompt=login when authentication time is in the past |
| 1859 | func TestAuthCodeWithMockStrategy(t *testing.T) { |
| 1860 | t.Parallel() |
| 1861 | |
| 1862 | ctx := context.Background() |
| 1863 | for _, strat := range []struct{ d string }{{d: "opaque"}, {d: "jwt"}} { |
| 1864 | t.Run("strategy="+strat.d, func(t *testing.T) { |
| 1865 | reg := testhelpers.NewRegistryMemory(t, driver.WithConfigOptions(configx.WithValues(map[string]any{ |
| 1866 | config.KeyAccessTokenLifespan: time.Second * 2, |
| 1867 | config.KeyScopeStrategy: "DEPRECATED_HIERARCHICAL_SCOPE_STRATEGY", |
| 1868 | config.KeyAccessTokenStrategy: strat.d, |
| 1869 | }))) |
| 1870 | testhelpers.MustEnsureRegistryKeys(t, reg, x.OpenIDConnectKeyName) |
| 1871 | testhelpers.MustEnsureRegistryKeys(t, reg, x.OAuth2JWTKeyName) |
| 1872 | |
| 1873 | consentStrategy := &consentMock{} |
| 1874 | |
| 1875 | reg.WithConsentStrategy(consentStrategy) |
| 1876 | handler := hydraoauth2.NewHandler(reg) |
| 1877 | var callbackHandler http.HandlerFunc |
| 1878 | |
| 1879 | var adminTs *httptest.Server |
| 1880 | { |
| 1881 | n := negroni.New() |
| 1882 | n.UseFunc(httprouterx.TrimTrailingSlashNegroni) |
| 1883 | n.UseFunc(httprouterx.NoCacheNegroni) |
| 1884 | n.UseFunc(httprouterx.AddAdminPrefixIfNotPresentNegroni) |
| 1885 | |
| 1886 | router := httprouterx.NewTestRouterAdminWithPrefix(t) |
| 1887 | handler.SetAdminRoutes(router) |
| 1888 | n.UseHandler(router) |
| 1889 | |
| 1890 | adminTs = httptest.NewServer(n) |
| 1891 | t.Cleanup(adminTs.Close) |
| 1892 | reg.Config().MustSet(ctx, config.KeyAdminURL, adminTs.URL) |
| 1893 | } |
| 1894 | var publicTs *httptest.Server |
| 1895 | { |
| 1896 | n := negroni.New() |
| 1897 | n.UseFunc(httprouterx.TrimTrailingSlashNegroni) |
| 1898 | n.UseFunc(httprouterx.NoCacheNegroni) |
| 1899 | |
| 1900 | router := httprouterx.NewTestRouterPublic(t) |
| 1901 | router.GET("/callback", func(w http.ResponseWriter, r *http.Request) { |
| 1902 | callbackHandler(w, r) |
| 1903 | }) |
| 1904 | handler.SetPublicRoutes(router, func(h http.Handler) http.Handler { return h }) |
| 1905 | n.UseHandler(router) |
| 1906 | |
| 1907 | publicTs = httptest.NewServer(n) |
| 1908 | t.Cleanup(publicTs.Close) |
| 1909 | reg.Config().MustSet(ctx, config.KeyAdminURL, publicTs.URL) |
| 1910 | } |
| 1911 | |
| 1912 | require.NoError(t, reg.ClientManager().CreateClient(ctx, &client.Client{ |
| 1913 | ID: "app-client", |
| 1914 | Secret: "secret", |
| 1915 | RedirectURIs: []string{publicTs.URL + "/callback"}, |
| 1916 | ResponseTypes: []string{"id_token", "code", "token"}, |
nothing calls this directly
no test coverage detected