oauth2/internal/token_test.go

// Copyright 2014 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.

// Package internal contains support packages for oauth2 package.
package internal

import (
	"fmt"
	"net/http"
	"net/http/httptest"
	"net/url"
	"testing"

	"golang.org/x/net/context"
)

func TestRegisterBrokenAuthHeaderProvider(t *testing.T) {
	RegisterBrokenAuthHeaderProvider("https://aaa.com/")
	tokenURL := "https://aaa.com/token"
	if providerAuthHeaderWorks(tokenURL) {
		t.Errorf("got %q as unbroken; want broken", tokenURL)
	}
}

func TestRetrieveTokenBustedNoSecret(t *testing.T) {
	const clientID = "client-id"

	ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		if got, want := r.FormValue("client_id"), clientID; got != want {
			t.Errorf("client_id = %q; want %q", got, want)
		}
		if got, want := r.FormValue("client_secret"), ""; got != want {
			t.Errorf("client_secret = %q; want empty", got)
		}
	}))
	defer ts.Close()

	RegisterBrokenAuthHeaderProvider(ts.URL)
	_, err := RetrieveToken(context.Background(), clientID, "", ts.URL, url.Values{})
	if err != nil {
		t.Errorf("RetrieveToken = %v; want no error", err)
	}
}

func Test_providerAuthHeaderWorks(t *testing.T) {
	for _, p := range brokenAuthHeaderProviders {
		if providerAuthHeaderWorks(p) {
			t.Errorf("got %q as unbroken; want broken", p)
		}
		p := fmt.Sprintf("%ssomesuffix", p)
		if providerAuthHeaderWorks(p) {
			t.Errorf("got %q as unbroken; want broken", p)
		}
	}
	p := "https://api.not-in-the-list-example.com/"
	if !providerAuthHeaderWorks(p) {
		t.Errorf("got %q as unbroken; want broken", p)
	}
}
all: change copyright to 'Go Authors' Fixes golang/go#12354 Change-Id: Ie4bbe9445e2a840c9db830c9bd52a783b7a6f9bc Reviewed-on: https://go-review.googlesource.com/13952 Reviewed-by: Russ Cox <rsc@golang.org> 2015-08-26 20:42:02 -04:00			`// Copyright 2014 The Go Authors. All rights reserved.`
oauth2: add support for client credential grant type Creates a new package called clientcredentials and adds transport and token information to the internal package. Also modifies the oauth2 package to make use of the newly added files in the internal package. The clientcredentials package allows for token requests using a "client credentials" grant type. Fixes https://github.com/golang/oauth2/issues/7 Change-Id: Iec649d1029870c27a2d1023baa9d52db42ff45e8 Reviewed-on: https://go-review.googlesource.com/2983 Reviewed-by: Burcu Dogan <jbd@google.com> Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> 2015-01-16 17:43:33 -05:00			`// Use of this source code is governed by a BSD-style`
			`// license that can be found in the LICENSE file.`

			`// Package internal contains support packages for oauth2 package.`
			`package internal`

			`import (`
			`"fmt"`
internal: don't set client_id and client_secret form values if empty Fixes golang/oauth2#220. Change-Id: Ic43b10971e102a8571c7bc895c3ad02b80b685ee Reviewed-on: https://go-review.googlesource.com/38135 Reviewed-by: Chris Broadfoot <cbro@golang.org> 2017-03-13 15:46:53 -04:00			`"net/http"`
			`"net/http/httptest"`
			`"net/url"`
oauth2: add support for client credential grant type Creates a new package called clientcredentials and adds transport and token information to the internal package. Also modifies the oauth2 package to make use of the newly added files in the internal package. The clientcredentials package allows for token requests using a "client credentials" grant type. Fixes https://github.com/golang/oauth2/issues/7 Change-Id: Iec649d1029870c27a2d1023baa9d52db42ff45e8 Reviewed-on: https://go-review.googlesource.com/2983 Reviewed-by: Burcu Dogan <jbd@google.com> Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> 2015-01-16 17:43:33 -05:00			`"testing"`
internal: don't set client_id and client_secret form values if empty Fixes golang/oauth2#220. Change-Id: Ic43b10971e102a8571c7bc895c3ad02b80b685ee Reviewed-on: https://go-review.googlesource.com/38135 Reviewed-by: Chris Broadfoot <cbro@golang.org> 2017-03-13 15:46:53 -04:00
			`"golang.org/x/net/context"`
oauth2: add support for client credential grant type Creates a new package called clientcredentials and adds transport and token information to the internal package. Also modifies the oauth2 package to make use of the newly added files in the internal package. The clientcredentials package allows for token requests using a "client credentials" grant type. Fixes https://github.com/golang/oauth2/issues/7 Change-Id: Iec649d1029870c27a2d1023baa9d52db42ff45e8 Reviewed-on: https://go-review.googlesource.com/2983 Reviewed-by: Burcu Dogan <jbd@google.com> Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> 2015-01-16 17:43:33 -05:00			`)`

oauth2: allow users to register broken OAuth2 implementations Fixes golang/oauth2#111. Change-Id: Iaea8adb038bcff91b4b468b1a3bdaa5c03d7e8e7 Reviewed-on: https://go-review.googlesource.com/16976 Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> 2015-11-16 16:49:40 -05:00			`func TestRegisterBrokenAuthHeaderProvider(t *testing.T) {`
			`RegisterBrokenAuthHeaderProvider("https://aaa.com/")`
			`tokenURL := "https://aaa.com/token"`
			`if providerAuthHeaderWorks(tokenURL) {`
oauth2, jws, internal: more style fixes for bad test messages Change-Id: Id2805fd77fb11d975414eb66689efab284a18805 Reviewed-on: https://go-review.googlesource.com/27911 Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> 2016-08-26 14:51:24 -04:00			`t.Errorf("got %q as unbroken; want broken", tokenURL)`
oauth2: allow users to register broken OAuth2 implementations Fixes golang/oauth2#111. Change-Id: Iaea8adb038bcff91b4b468b1a3bdaa5c03d7e8e7 Reviewed-on: https://go-review.googlesource.com/16976 Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> 2015-11-16 16:49:40 -05:00			`}`
			`}`

internal: don't set client_id and client_secret form values if empty Fixes golang/oauth2#220. Change-Id: Ic43b10971e102a8571c7bc895c3ad02b80b685ee Reviewed-on: https://go-review.googlesource.com/38135 Reviewed-by: Chris Broadfoot <cbro@golang.org> 2017-03-13 15:46:53 -04:00			`func TestRetrieveTokenBustedNoSecret(t *testing.T) {`
			`const clientID = "client-id"`

			`ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {`
			`if got, want := r.FormValue("client_id"), clientID; got != want {`
			`t.Errorf("client_id = %q; want %q", got, want)`
			`}`
			`if got, want := r.FormValue("client_secret"), ""; got != want {`
			`t.Errorf("client_secret = %q; want empty", got)`
			`}`
			`}))`
			`defer ts.Close()`

			`RegisterBrokenAuthHeaderProvider(ts.URL)`
			`_, err := RetrieveToken(context.Background(), clientID, "", ts.URL, url.Values{})`
			`if err != nil {`
			`t.Errorf("RetrieveToken = %v; want no error", err)`
			`}`
			`}`

oauth2: add support for client credential grant type Creates a new package called clientcredentials and adds transport and token information to the internal package. Also modifies the oauth2 package to make use of the newly added files in the internal package. The clientcredentials package allows for token requests using a "client credentials" grant type. Fixes https://github.com/golang/oauth2/issues/7 Change-Id: Iec649d1029870c27a2d1023baa9d52db42ff45e8 Reviewed-on: https://go-review.googlesource.com/2983 Reviewed-by: Burcu Dogan <jbd@google.com> Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> 2015-01-16 17:43:33 -05:00			`func Test_providerAuthHeaderWorks(t *testing.T) {`
			`for _, p := range brokenAuthHeaderProviders {`
			`if providerAuthHeaderWorks(p) {`
oauth2, jws, internal: more style fixes for bad test messages Change-Id: Id2805fd77fb11d975414eb66689efab284a18805 Reviewed-on: https://go-review.googlesource.com/27911 Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> 2016-08-26 14:51:24 -04:00			`t.Errorf("got %q as unbroken; want broken", p)`
oauth2: add support for client credential grant type Creates a new package called clientcredentials and adds transport and token information to the internal package. Also modifies the oauth2 package to make use of the newly added files in the internal package. The clientcredentials package allows for token requests using a "client credentials" grant type. Fixes https://github.com/golang/oauth2/issues/7 Change-Id: Iec649d1029870c27a2d1023baa9d52db42ff45e8 Reviewed-on: https://go-review.googlesource.com/2983 Reviewed-by: Burcu Dogan <jbd@google.com> Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> 2015-01-16 17:43:33 -05:00			`}`
			`p := fmt.Sprintf("%ssomesuffix", p)`
			`if providerAuthHeaderWorks(p) {`
oauth2, jws, internal: more style fixes for bad test messages Change-Id: Id2805fd77fb11d975414eb66689efab284a18805 Reviewed-on: https://go-review.googlesource.com/27911 Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> 2016-08-26 14:51:24 -04:00			`t.Errorf("got %q as unbroken; want broken", p)`
oauth2: add support for client credential grant type Creates a new package called clientcredentials and adds transport and token information to the internal package. Also modifies the oauth2 package to make use of the newly added files in the internal package. The clientcredentials package allows for token requests using a "client credentials" grant type. Fixes https://github.com/golang/oauth2/issues/7 Change-Id: Iec649d1029870c27a2d1023baa9d52db42ff45e8 Reviewed-on: https://go-review.googlesource.com/2983 Reviewed-by: Burcu Dogan <jbd@google.com> Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> 2015-01-16 17:43:33 -05:00			`}`
			`}`
			`p := "https://api.not-in-the-list-example.com/"`
			`if !providerAuthHeaderWorks(p) {`
oauth2, jws, internal: more style fixes for bad test messages Change-Id: Id2805fd77fb11d975414eb66689efab284a18805 Reviewed-on: https://go-review.googlesource.com/27911 Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> 2016-08-26 14:51:24 -04:00			`t.Errorf("got %q as unbroken; want broken", p)`
oauth2: add support for client credential grant type Creates a new package called clientcredentials and adds transport and token information to the internal package. Also modifies the oauth2 package to make use of the newly added files in the internal package. The clientcredentials package allows for token requests using a "client credentials" grant type. Fixes https://github.com/golang/oauth2/issues/7 Change-Id: Iec649d1029870c27a2d1023baa9d52db42ff45e8 Reviewed-on: https://go-review.googlesource.com/2983 Reviewed-by: Burcu Dogan <jbd@google.com> Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org> 2015-01-16 17:43:33 -05:00			`}`
			`}`