From e68820a209da598fd8214f48b3ed52d4641f4523 Mon Sep 17 00:00:00 2001 From: JT Olds Date: Sat, 6 Sep 2014 17:39:43 -0600 Subject: [PATCH 1/2] fix token exchange --- oauth2.go | 6 +----- oauth2_test.go | 53 +++++++++++++++++++++++++++++++++++++++++++++++++- 2 files changed, 53 insertions(+), 6 deletions(-) diff --git a/oauth2.go b/oauth2.go index 739e73b..a60b53a 100644 --- a/oauth2.go +++ b/oauth2.go @@ -215,10 +215,6 @@ func (c *Config) retrieveToken(v url.Values) (*Token, error) { content, _, _ := mime.ParseMediaType(r.Header.Get("Content-Type")) switch content { case "application/x-www-form-urlencoded", "text/plain": - body, err := ioutil.ReadAll(r.Body) - if err != nil { - return nil, err - } vals, err := url.ParseQuery(string(body)) if err != nil { return nil, err @@ -229,7 +225,7 @@ func (c *Config) retrieveToken(v url.Values) (*Token, error) { resp.ExpiresIn, _ = strconv.ParseInt(vals.Get("expires_in"), 10, 64) resp.IdToken = vals.Get("id_token") default: - if err = json.NewDecoder(r.Body).Decode(&resp); err != nil { + if err = json.Unmarshal(body, &resp); err != nil { return nil, err } } diff --git a/oauth2_test.go b/oauth2_test.go index c760605..ad29618 100644 --- a/oauth2_test.go +++ b/oauth2_test.go @@ -68,10 +68,61 @@ func TestExchangeRequest(t *testing.T) { if string(body) != "client_id=CLIENT_ID&code=exchange-code&grant_type=authorization_code&redirect_uri=REDIRECT_URL&scope=scope1+scope2" { t.Errorf("Unexpected exchange payload, %v is found.", string(body)) } + w.Header().Set("Content-Type", "text/plain") + w.Write([]byte("access_token=90d64460d14870c08c81352a05dedd3465940a7c&scope=user&token_type=bearer")) })) defer ts.Close() conf := newTestConf(ts.URL) - conf.Exchange("exchange-code") + tok, err := conf.Exchange("exchange-code") + if err != nil { + t.Fatal(err) + } + if tok.Expired() { + t.Fatal("token shouldn't be expired") + } + if tok.AccessToken != "90d64460d14870c08c81352a05dedd3465940a7c" { + t.Fatalf("wrong access token, %#v", tok.AccessToken) + } + if tok.TokenType != "bearer" { + t.Fatal("wrong token type, %#v", tok.TokenType) + } +} + +func TestExchangeRequest_JsonResponse(t *testing.T) { + ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + if r.URL.String() != "/token" { + t.Errorf("Unexpected exchange request URL, %v is found.", r.URL) + } + headerAuth := r.Header.Get("Authorization") + if headerAuth != "Basic Q0xJRU5UX0lEOkNMSUVOVF9TRUNSRVQ=" { + t.Errorf("Unexpected authorization header, %v is found.", headerAuth) + } + headerContentType := r.Header.Get("Content-Type") + if headerContentType != "application/x-www-form-urlencoded" { + t.Errorf("Unexpected Content-Type header, %v is found.", headerContentType) + } + body, _ := ioutil.ReadAll(r.Body) + if string(body) != "client_id=CLIENT_ID&code=exchange-code&grant_type=authorization_code&redirect_uri=REDIRECT_URL&scope=scope1+scope2" { + t.Errorf("Unexpected exchange payload, %v is found.", string(body)) + } + w.Header().Set("Content-Type", "application/json") + w.Write([]byte(`{"access_token": "90d64460d14870c08c81352a05dedd3465940a7c", "scope": "user", "token_type": "bearer"}`)) + })) + defer ts.Close() + conf := newTestConf(ts.URL) + tok, err := conf.Exchange("exchange-code") + if err != nil { + t.Fatal(err) + } + if tok.Expired() { + t.Fatal("token shouldn't be expired") + } + if tok.AccessToken != "90d64460d14870c08c81352a05dedd3465940a7c" { + t.Fatalf("wrong access token, %#v", tok.AccessToken) + } + if tok.TokenType != "bearer" { + t.Fatal("wrong token type, %#v", tok.TokenType) + } } func TestExchangeRequest_NonBasicAuth(t *testing.T) { From 8551f9eee2e58f1414bac86d70e375a78553203b Mon Sep 17 00:00:00 2001 From: JT Olds Date: Sat, 6 Sep 2014 19:03:51 -0600 Subject: [PATCH 2/2] some pr review fixes --- oauth2_test.go | 28 +++++++++++++++++----------- 1 file changed, 17 insertions(+), 11 deletions(-) diff --git a/oauth2_test.go b/oauth2_test.go index ad29618..c231ff9 100644 --- a/oauth2_test.go +++ b/oauth2_test.go @@ -64,27 +64,30 @@ func TestExchangeRequest(t *testing.T) { if headerContentType != "application/x-www-form-urlencoded" { t.Errorf("Unexpected Content-Type header, %v is found.", headerContentType) } - body, _ := ioutil.ReadAll(r.Body) + body, err := ioutil.ReadAll(r.Body) + if err != nil { + t.Errorf("Failed reading request body: %s.", err) + } if string(body) != "client_id=CLIENT_ID&code=exchange-code&grant_type=authorization_code&redirect_uri=REDIRECT_URL&scope=scope1+scope2" { t.Errorf("Unexpected exchange payload, %v is found.", string(body)) } - w.Header().Set("Content-Type", "text/plain") + w.Header().Set("Content-Type", "application/x-www-form-urlencoded") w.Write([]byte("access_token=90d64460d14870c08c81352a05dedd3465940a7c&scope=user&token_type=bearer")) })) defer ts.Close() conf := newTestConf(ts.URL) tok, err := conf.Exchange("exchange-code") if err != nil { - t.Fatal(err) + t.Errorf("Failed retrieving token: %s.", err) } if tok.Expired() { - t.Fatal("token shouldn't be expired") + t.Errorf("Token shouldn't be expired.") } if tok.AccessToken != "90d64460d14870c08c81352a05dedd3465940a7c" { - t.Fatalf("wrong access token, %#v", tok.AccessToken) + t.Errorf("Wrong access token, %#v.", tok.AccessToken) } if tok.TokenType != "bearer" { - t.Fatal("wrong token type, %#v", tok.TokenType) + t.Errorf("Wrong token type, %#v.", tok.TokenType) } } @@ -101,7 +104,10 @@ func TestExchangeRequest_JsonResponse(t *testing.T) { if headerContentType != "application/x-www-form-urlencoded" { t.Errorf("Unexpected Content-Type header, %v is found.", headerContentType) } - body, _ := ioutil.ReadAll(r.Body) + body, err := ioutil.ReadAll(r.Body) + if err != nil { + t.Errorf("Failed reading request body: %s.", err) + } if string(body) != "client_id=CLIENT_ID&code=exchange-code&grant_type=authorization_code&redirect_uri=REDIRECT_URL&scope=scope1+scope2" { t.Errorf("Unexpected exchange payload, %v is found.", string(body)) } @@ -112,16 +118,16 @@ func TestExchangeRequest_JsonResponse(t *testing.T) { conf := newTestConf(ts.URL) tok, err := conf.Exchange("exchange-code") if err != nil { - t.Fatal(err) + t.Errorf("Failed retrieving token: %s.", err) } if tok.Expired() { - t.Fatal("token shouldn't be expired") + t.Errorf("Token shouldn't be expired.") } if tok.AccessToken != "90d64460d14870c08c81352a05dedd3465940a7c" { - t.Fatalf("wrong access token, %#v", tok.AccessToken) + t.Errorf("Wrong access token, %#v.", tok.AccessToken) } if tok.TokenType != "bearer" { - t.Fatal("wrong token type, %#v", tok.TokenType) + t.Errorf("Wrong token type, %#v.", tok.TokenType) } }