oauth2test

package
v2.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 15, 2021 License: MIT Imports: 10 Imported by: 0

Documentation

Overview

Package oauth2test implements reusable integration tests to run against any OAuth2 authentication server.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func AccessTokenTest 

func AccessTokenTest(t *testing.T, spec *Spec, accessToken string)

AccessTokenTest validates the specified access token by requesting the protected resource.

func AuthorizationCodeGrantTest 

func AuthorizationCodeGrantTest(t *testing.T, spec *Spec)

AuthorizationCodeGrantTest tests the authorization code grant.

func AuthorizationEndpointTest 

func AuthorizationEndpointTest(t *testing.T, spec *Spec)

AuthorizationEndpointTest executes general authorization endpoint tests.

func ClientCredentialsGrantTest 

func ClientCredentialsGrantTest(t *testing.T, spec *Spec)

ClientCredentialsGrantTest tests the client credentials grant.

func Do 

func Do(handler http.Handler, req *Request)

Do will perform the specified request on the specified handler.

func ImplicitGrantTest 

func ImplicitGrantTest(t *testing.T, spec *Spec)

ImplicitGrantTest tests the implicit grant.

func IntrospectionEndpointTest 

func IntrospectionEndpointTest(t *testing.T, spec *Spec)

IntrospectionEndpointTest executes general token introspection tests.

func PasswordGrantTest 

func PasswordGrantTest(t *testing.T, spec *Spec)

PasswordGrantTest tests the password grant.

func ProtectedResourceTest 

func ProtectedResourceTest(t *testing.T, spec *Spec)

ProtectedResourceTest validates authorization of the protected resource.

func RefreshTokenGrantTest 

func RefreshTokenGrantTest(t *testing.T, spec *Spec)

RefreshTokenGrantTest tests the refresh token grant.

func RefreshTokenTest 

func RefreshTokenTest(t *testing.T, spec *Spec, refreshToken string)

RefreshTokenTest validates the specified refreshToken by requesting a new access token and validating it as well.

func RevocationEndpointTest 

func RevocationEndpointTest(t *testing.T, spec *Spec)

RevocationEndpointTest executes general token revocation tests.

func Run 

func Run(t *testing.T, spec *Spec)

Run will run all tests using the specified spec.

func TokenEndpointTest 

func TokenEndpointTest(t *testing.T, spec *Spec)

TokenEndpointTest executes general token endpoint tests.

Types

type Request 

type Request struct {
	Method   string
	Path     string
	Header   map[string]string
	Form     map[string]string
	Username string
	Password string
	Callback func(*httptest.ResponseRecorder, *http.Request)
}

A Request is a convenience wrapper to specify test requests.

type Spec 

type Spec struct {
	// The server handler.
	Handler http.Handler

	// The token endpoint (e.g. /oauth2/token).
	TokenEndpoint string

	// The authorization endpoint (e.g. /oauth2/authorize).
	AuthorizeEndpoint string

	// The revocation endpoint (e.g. /oauth2/revoke).
	RevocationEndpoint string

	// The introspection endpoint (e.g. /oauth2/introspect).
	IntrospectionEndpoint string

	// The protected resource (e.g. /api/protected).
	ProtectedResource string

	// The supported grants.
	PasswordGrantSupport          bool
	ClientCredentialsGrantSupport bool
	ImplicitGrantSupport          bool
	AuthorizationCodeGrantSupport bool
	RefreshTokenGrantSupport      bool

	// The details of a confidential client.
	ConfidentialClientID     string
	ConfidentialClientSecret string

	// The details of a public client.
	PublicClientID string

	// The scopes that are considered invalid, valid and exceeding by the
	// authentication server.
	InvalidScope   string
	ValidScope     string
	ExceedingScope string

	// The expected "expire_in" value of returned tokens.
	ExpectedExpiresIn int

	// The tokens for the protected resource tests.
	InvalidToken      string
	UnknownToken      string
	ValidToken        string
	ExpiredToken      string
	InsufficientToken string

	// The details of the primary resource owner for the password grant test.
	//
	// Note: Only needed if the password grant is supported.
	ResourceOwnerUsername string
	ResourceOwnerPassword string

	// The redirect URI that is considered invalid and valid by the
	// authentication server.
	//
	// Note: Only needed if the implicit grant or authorization code grant is
	// supported.
	InvalidRedirectURI   string
	PrimaryRedirectURI   string
	SecondaryRedirectURI string

	// The invalid, unknown, valid and expired refresh tokens that is used
	// during the refresh token grant tests.
	//
	// Note: Only needed if the refresh token grant is supported.
	InvalidRefreshToken string
	UnknownRefreshToken string
	ValidRefreshToken   string
	ExpiredRefreshToken string

	// The invalid, unknown and expired authorization code that is used during
	// the authorization code grant tests.
	//
	// Note: Only needed if the authorization code grant is supported.
	InvalidAuthorizationCode string
	UnknownAuthorizationCode string
	ExpiredAuthorizationCode string

	// The params and headers needed to authorize the resource owner during the
	// implicit grant or authorization code grant test.
	//
	// Note: Only needed if the implicit grant or authorization code grant
	// is supported.
	InvalidAuthorizationParams  map[string]string
	InvalidAuthorizationHeaders map[string]string
	ValidAuthorizationParams    map[string]string
	ValidAuthorizationHeaders   map[string]string

	// If enabled the implementation is checked for properly revoking tokens
	// if a code replay attack is carried out.
	CodeReplayMitigation bool
}

Spec declares the needed info for testing an OAuth2 authentication server.

func Default 

func Default(handler http.Handler) *Spec

Default returns a common used spec that can be taken as a basis.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.