gotosocial/internal/oauth/oauth_test.go

161 lines
4.9 KiB
Go
Raw Normal View History

2021-03-17 10:33:06 +00:00
package oauth
import (
"context"
2021-03-20 18:44:18 +00:00
"fmt"
2021-03-17 10:33:06 +00:00
"testing"
"time"
"github.com/go-pg/pg/v10"
"github.com/go-pg/pg/v10/orm"
2021-03-22 16:02:09 +00:00
"github.com/google/uuid"
2021-03-17 10:33:06 +00:00
"github.com/gotosocial/gotosocial/internal/api"
"github.com/gotosocial/gotosocial/internal/config"
"github.com/gotosocial/gotosocial/internal/gtsmodel"
"github.com/gotosocial/oauth2/v4"
"github.com/sirupsen/logrus"
"github.com/stretchr/testify/suite"
"golang.org/x/crypto/bcrypt"
)
type OauthTestSuite struct {
suite.Suite
2021-03-22 16:02:09 +00:00
tokenStore oauth2.TokenStore
clientStore oauth2.ClientStore
conn *pg.DB
testAccount *gtsmodel.Account
testApplication *gtsmodel.Application
testUser *gtsmodel.User
testClient *oauthClient
config *config.Config
2021-03-17 10:33:06 +00:00
}
// SetupSuite sets some variables on the suite that we can use as consts (more or less) throughout
func (suite *OauthTestSuite) SetupSuite() {
2021-03-20 22:29:11 +00:00
c := config.Empty()
// we're running on localhost without https so set the protocol to http
c.Protocol = "http"
// just for testing
c.Host = "localhost:8080"
// because go tests are run within the test package directory, we need to fiddle with the templateconfig
// basedir in a way that we wouldn't normally have to do when running the binary, in order to make
// the templates actually load
c.TemplateConfig.BaseDir = "../../web/template/"
suite.config = c
2021-03-20 23:48:37 +00:00
2021-03-20 22:29:11 +00:00
encryptedPassword, err := bcrypt.GenerateFromPassword([]byte("password"), bcrypt.DefaultCost)
2021-03-17 10:33:06 +00:00
if err != nil {
logrus.Panicf("error encrypting user pass: %s", err)
}
2021-03-17 15:01:31 +00:00
2021-03-22 16:02:09 +00:00
acctID := uuid.NewString()
suite.testAccount = &gtsmodel.Account{
ID: acctID,
Username: "test_user",
}
2021-03-17 10:33:06 +00:00
suite.testUser = &gtsmodel.User{
EncryptedPassword: string(encryptedPassword),
2021-03-20 22:29:11 +00:00
Email: "user@example.org",
2021-03-22 16:02:09 +00:00
AccountID: acctID,
2021-03-17 15:01:31 +00:00
}
suite.testClient = &oauthClient{
ID: "a-known-client-id",
Secret: "some-secret",
2021-03-20 22:29:11 +00:00
Domain: fmt.Sprintf("%s://%s", c.Protocol, c.Host),
2021-03-17 10:33:06 +00:00
}
2021-03-22 16:02:09 +00:00
suite.testApplication = &gtsmodel.Application{
Name: "a test application",
Website: "https://some-application-website.com",
RedirectURI: "http://localhost:8080",
ClientID: "a-known-client-id",
ClientSecret: "some-secret",
Scopes: "read",
VapidKey: uuid.NewString(),
}
2021-03-17 10:33:06 +00:00
}
// SetupTest creates a postgres connection and creates the oauth_clients table before each test
func (suite *OauthTestSuite) SetupTest() {
suite.conn = pg.Connect(&pg.Options{})
if err := suite.conn.Ping(context.Background()); err != nil {
logrus.Panicf("db connection error: %s", err)
}
models := []interface{}{
&oauthClient{},
&oauthToken{},
&gtsmodel.User{},
2021-03-20 18:06:28 +00:00
&gtsmodel.Account{},
&gtsmodel.Application{},
2021-03-17 10:33:06 +00:00
}
for _, m := range models {
if err := suite.conn.Model(m).CreateTable(&orm.CreateTableOptions{
IfNotExists: true,
}); err != nil {
logrus.Panicf("db connection error: %s", err)
}
}
suite.tokenStore = NewPGTokenStore(context.Background(), suite.conn, logrus.New())
suite.clientStore = NewPGClientStore(suite.conn)
2021-03-22 16:02:09 +00:00
if _, err := suite.conn.Model(suite.testAccount).Insert(); err != nil {
logrus.Panicf("could not insert test account into db: %s", err)
}
2021-03-17 10:33:06 +00:00
if _, err := suite.conn.Model(suite.testUser).Insert(); err != nil {
logrus.Panicf("could not insert test user into db: %s", err)
}
2021-03-17 15:01:31 +00:00
if _, err := suite.conn.Model(suite.testClient).Insert(); err != nil {
logrus.Panicf("could not insert test client into db: %s", err)
}
2021-03-22 16:02:09 +00:00
if _, err := suite.conn.Model(suite.testApplication).Insert(); err != nil {
logrus.Panicf("could not insert test application into db: %s", err)
}
2021-03-17 10:33:06 +00:00
}
// TearDownTest drops the oauth_clients table and closes the pg connection after each test
func (suite *OauthTestSuite) TearDownTest() {
models := []interface{}{
&oauthClient{},
&oauthToken{},
&gtsmodel.User{},
2021-03-20 18:06:28 +00:00
&gtsmodel.Account{},
&gtsmodel.Application{},
2021-03-17 10:33:06 +00:00
}
for _, m := range models {
if err := suite.conn.Model(m).DropTable(&orm.DropTableOptions{}); err != nil {
logrus.Panicf("drop table error: %s", err)
}
}
if err := suite.conn.Close(); err != nil {
logrus.Panicf("error closing db connection: %s", err)
}
suite.conn = nil
}
func (suite *OauthTestSuite) TestAPIInitialize() {
log := logrus.New()
2021-03-17 18:52:36 +00:00
log.SetLevel(logrus.TraceLevel)
2021-03-17 10:33:06 +00:00
r := api.New(suite.config, log)
api := New(suite.tokenStore, suite.clientStore, suite.conn, log)
2021-03-20 23:48:17 +00:00
if err := api.Route(r); err != nil {
2021-03-20 18:44:18 +00:00
suite.FailNow(fmt.Sprintf("error initializing api: %s", err))
}
2021-03-17 10:33:06 +00:00
go r.Start()
2021-03-20 22:29:11 +00:00
time.Sleep(60 * time.Second)
2021-03-22 16:02:09 +00:00
// http://localhost:8080/oauth/authorize?client_id=a-known-client-id&response_type=code&redirect_uri=http://localhost:8080&scope=read
2021-03-20 22:29:11 +00:00
// curl -v -F client_id=a-known-client-id -F client_secret=some-secret -F redirect_uri=http://localhost:8080 -F code=[ INSERT CODE HERE ] -F grant_type=authorization_code localhost:8080/oauth/token
2021-03-22 16:02:09 +00:00
// curl -v -H "Authorization: Bearer [INSERT TOKEN HERE]" http://localhost:8080
2021-03-17 10:33:06 +00:00
}
func TestOauthTestSuite(t *testing.T) {
suite.Run(t, new(OauthTestSuite))
}