diff options
| author | JoramWilander <jwawilander@gmail.com> | 2017-09-06 16:24:34 -0400 |
|---|---|---|
| committer | JoramWilander <jwawilander@gmail.com> | 2017-09-06 16:24:34 -0400 |
| commit | d38328976e2c8bb0fab91e656042a0d8ac37bc76 (patch) | |
| tree | 7e3d1a96a007accfcea499857541f96890846122 /api/oauth_test.go | |
| parent | f968c56890bd84295672ee0d46cc846cac2dbd47 (diff) | |
| download | chat-d38328976e2c8bb0fab91e656042a0d8ac37bc76.tar.gz chat-d38328976e2c8bb0fab91e656042a0d8ac37bc76.tar.bz2 chat-d38328976e2c8bb0fab91e656042a0d8ac37bc76.zip | |
Various patches
Diffstat (limited to 'api/oauth_test.go')
| -rw-r--r-- | api/oauth_test.go | 42 |
1 files changed, 37 insertions, 5 deletions
diff --git a/api/oauth_test.go b/api/oauth_test.go index 584b4183b..612563622 100644 --- a/api/oauth_test.go +++ b/api/oauth_test.go @@ -22,7 +22,7 @@ func TestOAuthRegisterApp(t *testing.T) { th := Setup().InitBasic().InitSystemAdmin() Client := th.BasicClient - oauthApp := &model.OAuthApp{Name: "TestApp" + model.NewId(), Homepage: "https://nowhere.com", Description: "test", CallbackUrls: []string{"https://nowhere.com"}} + oauthApp := &model.OAuthApp{Name: "TestApp" + model.NewId(), Homepage: "https://nowhere.com", Description: "test", CallbackUrls: []string{"https://nowhere.com"}, IsTrusted: true} utils.Cfg.ServiceSettings.EnableOAuthServiceProvider = false if !utils.Cfg.ServiceSettings.EnableOAuthServiceProvider { @@ -82,10 +82,29 @@ func TestOAuthRegisterApp(t *testing.T) { Client.Logout() Client.Login(user.Email, user.Password) - oauthApp = &model.OAuthApp{Name: "TestApp" + model.NewId(), Homepage: "https://nowhere.com", Description: "test", CallbackUrls: []string{"https://nowhere.com"}} + oauthApp = &model.OAuthApp{Name: "TestApp" + model.NewId(), Homepage: "https://nowhere.com", Description: "test", CallbackUrls: []string{"https://nowhere.com"}, IsTrusted: true} if _, err := Client.RegisterApp(oauthApp); err == nil { t.Fatal("should have failed. not enough permissions") } + + adminOnly := *utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations + defer func() { + *utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = adminOnly + utils.SetDefaultRolesBasedOnConfig() + }() + *utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = false + utils.SetDefaultRolesBasedOnConfig() + + th.LoginBasic() + + if result, err := th.BasicClient.RegisterApp(oauthApp); err != nil { + t.Fatal(err) + } else { + rapp := result.Data.(*model.OAuthApp) + if rapp.IsTrusted { + t.Fatal("trusted should be false - created by non admin") + } + } } func TestOAuthAllow(t *testing.T) { @@ -463,7 +482,17 @@ func TestOAuthAuthorize(t *testing.T) { th := Setup().InitBasic() Client := th.BasicClient + enableOAuth := utils.Cfg.ServiceSettings.EnableOAuthServiceProvider + adminOnly := *utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations + defer func() { + utils.Cfg.ServiceSettings.EnableOAuthServiceProvider = enableOAuth + *utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = adminOnly + utils.SetDefaultRolesBasedOnConfig() + }() utils.Cfg.ServiceSettings.EnableOAuthServiceProvider = false + *utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = false + utils.SetDefaultRolesBasedOnConfig() + if !utils.Cfg.ServiceSettings.EnableOAuthServiceProvider { if r, err := HttpGet(Client.Url+"/oauth/authorize", Client.HttpClient, "", true); err == nil { t.Fatal("should have failed - oauth providing turned off") @@ -483,7 +512,7 @@ func TestOAuthAuthorize(t *testing.T) { } // register an app to authorize it - oauthApp := &model.OAuthApp{Name: "TestApp" + model.NewId(), Homepage: "https://nowhere.com", Description: "test", CallbackUrls: []string{"https://nowhere.com"}} + oauthApp := &model.OAuthApp{Name: "TestApp" + model.NewId(), Homepage: "https://nowhere.com", Description: "test", CallbackUrls: []string{"https://example.com"}} oauthApp = Client.Must(Client.RegisterApp(oauthApp)).Data.(*model.OAuthApp) if r, err := HttpGet(Client.Url+"/oauth/authorize?client_id="+oauthApp.Id+"&&redirect_uri=http://example.com&response_type="+model.AUTHCODE_RESPONSE_TYPE, Client.HttpClient, "", true); err == nil { t.Fatal("should have failed - user not logged") @@ -491,9 +520,12 @@ func TestOAuthAuthorize(t *testing.T) { } authToken := Client.AuthType + " " + Client.AuthToken - if r, err := HttpGet(Client.Url+"/oauth/authorize?client_id="+oauthApp.Id+"&redirect_uri=http://example.com&response_type="+model.AUTHCODE_RESPONSE_TYPE, Client.HttpClient, authToken, true); err != nil { + if _, err := HttpGet(Client.Url+"/oauth/authorize?client_id="+oauthApp.Id+"&redirect_uri=http://bad-redirect.com&response_type="+model.AUTHCODE_RESPONSE_TYPE, Client.HttpClient, authToken, true); err == nil { + t.Fatal("should have failed - bad redirect uri") + } + + if _, err := HttpGet(Client.Url+"/oauth/authorize?client_id="+oauthApp.Id+"&redirect_uri=https://example.com&response_type="+model.AUTHCODE_RESPONSE_TYPE, Client.HttpClient, authToken, true); err != nil { t.Fatal(err) - closeBody(r) } // lets authorize the app |