(t *testing.T)
| 229 | } |
| 230 | |
| 231 | func TestDeviceCodeWithDefaultStrategy(t *testing.T) { |
| 232 | t.Parallel() |
| 233 | |
| 234 | ctx := t.Context() |
| 235 | reg := testhelpers.NewRegistryMemory(t, driver.WithConfigOptions(configx.WithValues(map[string]any{ |
| 236 | config.KeyAccessTokenStrategy: "opaque", |
| 237 | config.KeyRefreshTokenHook: "", |
| 238 | }))) |
| 239 | publicTS, adminTS := testhelpers.NewOAuth2Server(ctx, t, reg) |
| 240 | |
| 241 | publicClient := hydra.NewAPIClient(hydra.NewConfiguration()) |
| 242 | publicClient.GetConfig().Servers = hydra.ServerConfigurations{{URL: publicTS.URL}} |
| 243 | adminClient := hydra.NewAPIClient(hydra.NewConfiguration()) |
| 244 | adminClient.GetConfig().Servers = hydra.ServerConfigurations{{URL: adminTS.URL}} |
| 245 | |
| 246 | getDeviceCode := func(t *testing.T, conf *oauth2.Config, c *http.Client, params ...oauth2.AuthCodeOption) (*oauth2.DeviceAuthResponse, error) { |
| 247 | return conf.DeviceAuth(ctx, params...) |
| 248 | } |
| 249 | |
| 250 | acceptUserCode := func(t *testing.T, conf *oauth2.Config, c *http.Client, devResp *oauth2.DeviceAuthResponse) *http.Response { |
| 251 | if c == nil { |
| 252 | c = testhelpers.NewEmptyJarClient(t) |
| 253 | } |
| 254 | |
| 255 | resp, err := c.Get(devResp.VerificationURIComplete) |
| 256 | require.NoError(t, err) |
| 257 | require.Contains(t, reg.Config().DeviceDoneURL(ctx).String(), resp.Request.URL.Path, "did not end up in post device URL") |
| 258 | require.Equal(t, resp.Request.URL.Query().Get("client_id"), conf.ClientID) |
| 259 | |
| 260 | return resp |
| 261 | } |
| 262 | |
| 263 | acceptDeviceHandler := func(t *testing.T, c *client.Client) http.HandlerFunc { |
| 264 | return func(w http.ResponseWriter, r *http.Request) { |
| 265 | userCode := r.URL.Query().Get("user_code") |
| 266 | payload := hydra.AcceptDeviceUserCodeRequest{ |
| 267 | UserCode: &userCode, |
| 268 | } |
| 269 | |
| 270 | v, _, err := adminClient.OAuth2API.AcceptUserCodeRequest(context.Background()). |
| 271 | DeviceChallenge(r.URL.Query().Get("device_challenge")). |
| 272 | AcceptDeviceUserCodeRequest(payload). |
| 273 | Execute() |
| 274 | require.NoError(t, err) |
| 275 | require.NotEmpty(t, v.RedirectTo) |
| 276 | http.Redirect(w, r, v.RedirectTo, http.StatusFound) |
| 277 | } |
| 278 | } |
| 279 | |
| 280 | acceptLoginHandler := func(t *testing.T, c *client.Client, subject string, scopes []string, checkRequestPayload func(request *hydra.OAuth2LoginRequest) *hydra.AcceptOAuth2LoginRequest) http.HandlerFunc { |
| 281 | return func(w http.ResponseWriter, r *http.Request) { |
| 282 | rr, _, err := adminClient.OAuth2API.GetOAuth2LoginRequest(context.Background()).LoginChallenge(r.URL.Query().Get("login_challenge")).Execute() |
| 283 | require.NoError(t, err) |
| 284 | |
| 285 | assert.EqualValues(t, c.GetID(), pointerx.Deref(rr.Client.ClientId)) |
| 286 | assert.Empty(t, pointerx.Deref(rr.Client.ClientSecret)) |
| 287 | assert.EqualValues(t, c.GrantTypes, rr.Client.GrantTypes) |
| 288 | assert.EqualValues(t, c.LogoURI, pointerx.Deref(rr.Client.LogoUri)) |
nothing calls this directly
no test coverage detected