summaryrefslogtreecommitdiffstats
path: root/web/web_test.go
diff options
context:
space:
mode:
Diffstat (limited to 'web/web_test.go')
-rw-r--r--web/web_test.go139
1 files changed, 0 insertions, 139 deletions
diff --git a/web/web_test.go b/web/web_test.go
index 8db0eb91c..03cacdddf 100644
--- a/web/web_test.go
+++ b/web/web_test.go
@@ -4,8 +4,6 @@
package web
import (
- "net/url"
- "strings"
"testing"
"time"
@@ -62,143 +60,6 @@ func TestStatic(t *testing.T) {
}
*/
-func TestGetAccessToken(t *testing.T) {
- Setup()
-
- user := model.User{Email: strings.ToLower(model.NewId()) + "success+test@simulator.amazonses.com", Password: "passwd1"}
- ruser := ApiClient.Must(ApiClient.CreateUser(&user, "")).Data.(*model.User)
- store.Must(app.Srv.Store.User().VerifyEmail(ruser.Id))
-
- ApiClient.Must(ApiClient.LoginById(ruser.Id, "passwd1"))
-
- team := model.Team{DisplayName: "Name", Name: "z-z-" + model.NewId() + "a", Email: "test@nowhere.com", Type: model.TEAM_OPEN}
- rteam, _ := ApiClient.CreateTeam(&team)
-
- oauthApp := &model.OAuthApp{Name: "TestApp" + model.NewId(), Homepage: "https://nowhere.com", Description: "test", CallbackUrls: []string{"https://nowhere.com"}}
-
- utils.Cfg.ServiceSettings.EnableOAuthServiceProvider = false
- data := url.Values{"grant_type": []string{"junk"}, "client_id": []string{"12345678901234567890123456"}, "client_secret": []string{"12345678901234567890123456"}, "code": []string{"junk"}, "redirect_uri": []string{oauthApp.CallbackUrls[0]}}
-
- if _, err := ApiClient.GetAccessToken(data); err == nil {
- t.Fatal("should have failed - oauth providing turned off")
- }
- utils.Cfg.ServiceSettings.EnableOAuthServiceProvider = true
-
- ApiClient.Must(ApiClient.LoginById(ruser.Id, "passwd1"))
- ApiClient.SetTeamId(rteam.Data.(*model.Team).Id)
- *utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = false
- utils.SetDefaultRolesBasedOnConfig()
- oauthApp = ApiClient.Must(ApiClient.RegisterApp(oauthApp)).Data.(*model.OAuthApp)
- *utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations = true
- utils.SetDefaultRolesBasedOnConfig()
-
- redirect := ApiClient.Must(ApiClient.AllowOAuth(model.AUTHCODE_RESPONSE_TYPE, oauthApp.Id, oauthApp.CallbackUrls[0], "all", "123")).Data.(map[string]string)["redirect"]
- rurl, _ := url.Parse(redirect)
-
- teamId := rteam.Data.(*model.Team).Id
-
- ApiClient.Logout()
-
- data = url.Values{"grant_type": []string{"junk"}, "client_id": []string{oauthApp.Id}, "client_secret": []string{oauthApp.ClientSecret}, "code": []string{rurl.Query().Get("code")}, "redirect_uri": []string{oauthApp.CallbackUrls[0]}}
-
- if _, err := ApiClient.GetAccessToken(data); err == nil {
- t.Fatal("should have failed - bad grant type")
- }
-
- data.Set("grant_type", model.ACCESS_TOKEN_GRANT_TYPE)
- data.Set("client_id", "")
- if _, err := ApiClient.GetAccessToken(data); err == nil {
- t.Fatal("should have failed - missing client id")
- }
- data.Set("client_id", "junk")
- if _, err := ApiClient.GetAccessToken(data); err == nil {
- t.Fatal("should have failed - bad client id")
- }
-
- data.Set("client_id", oauthApp.Id)
- data.Set("client_secret", "")
- if _, err := ApiClient.GetAccessToken(data); err == nil {
- t.Fatal("should have failed - missing client secret")
- }
-
- data.Set("client_secret", "junk")
- if _, err := ApiClient.GetAccessToken(data); err == nil {
- t.Fatal("should have failed - bad client secret")
- }
-
- data.Set("client_secret", oauthApp.ClientSecret)
- data.Set("code", "")
- if _, err := ApiClient.GetAccessToken(data); err == nil {
- t.Fatal("should have failed - missing code")
- }
-
- data.Set("code", "junk")
- if _, err := ApiClient.GetAccessToken(data); err == nil {
- t.Fatal("should have failed - bad code")
- }
-
- data.Set("code", rurl.Query().Get("code"))
- data.Set("redirect_uri", "junk")
- if _, err := ApiClient.GetAccessToken(data); err == nil {
- t.Fatal("should have failed - non-matching redirect uri")
- }
-
- // reset data for successful request
- data.Set("grant_type", model.ACCESS_TOKEN_GRANT_TYPE)
- data.Set("client_id", oauthApp.Id)
- data.Set("client_secret", oauthApp.ClientSecret)
- data.Set("code", rurl.Query().Get("code"))
- data.Set("redirect_uri", oauthApp.CallbackUrls[0])
-
- token := ""
- if result, err := ApiClient.GetAccessToken(data); err != nil {
- t.Fatal(err)
- } else {
- rsp := result.Data.(*model.AccessResponse)
- if len(rsp.AccessToken) == 0 {
- t.Fatal("access token not returned")
- } else {
- token = rsp.AccessToken
- }
- if rsp.TokenType != model.ACCESS_TOKEN_TYPE {
- t.Fatal("access token type incorrect")
- }
- }
-
- if result, err := ApiClient.DoApiGet("/teams/"+teamId+"/users/0/100?access_token="+token, "", ""); err != nil {
- t.Fatal(err)
- } else {
- userMap := model.UserMapFromJson(result.Body)
- if len(userMap) == 0 {
- t.Fatal("user map empty - did not get results correctly")
- }
- }
-
- if _, err := ApiClient.DoApiGet("/teams/"+teamId+"/users/0/100", "", ""); err == nil {
- t.Fatal("should have failed - no access token provided")
- }
-
- if _, err := ApiClient.DoApiGet("/teams/"+teamId+"/users/0/100?access_token=junk", "", ""); err == nil {
- t.Fatal("should have failed - bad access token provided")
- }
-
- ApiClient.SetOAuthToken(token)
- if result, err := ApiClient.DoApiGet("/teams/"+teamId+"/users/0/100", "", ""); err != nil {
- t.Fatal(err)
- } else {
- userMap := model.UserMapFromJson(result.Body)
- if len(userMap) == 0 {
- t.Fatal("user map empty - did not get results correctly")
- }
- }
-
- if _, err := ApiClient.GetAccessToken(data); err == nil {
- t.Fatal("should have failed - tried to reuse auth code")
- }
-
- ApiClient.ClearOAuthToken()
-}
-
func TestIncomingWebhook(t *testing.T) {
Setup()
generated by cgit v1.2.3-1-g7c22 (git 2.25.1) at 2024-06-02 06:19:53 +0000