-
Notifications
You must be signed in to change notification settings - Fork 13
/
test_authorize.js
140 lines (125 loc) · 4.38 KB
/
test_authorize.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
var assert = require('nodetk/testing/custom_assert')
, server = require('../../lib/server')
, tools = require('nodetk/testing/tools')
, expect_oauth_error = require('./tools').expect_oauth_error
, extend = require('nodetk/utils').extend
;
// To reinit some faked / mocked stuff in the end:
original_RFactory = server.RFactory;
original_authentication = server.authentication;
original_oauth_error = server.oauth_error;
var reinit = function(callback) {
server.RFactory = original_RFactory;
server.authentication = original_authentication;
server.oauth_error = original_oauth_error;
callback();
};
exports.module_close = reinit;
exports.setup = reinit;
function assert_authorize_ok(params) {
// make 3 assertions
var res = "res obj", req = {};
server.authentication = {login: function(req_, res_, data) {
assert.equal(res, res_);
assert.equal(req, req_);
assert.deepEqual(data, {
client_id: 'cid'
, client_name: 'cname'
, redirect_uri: 'some_uri'
, state: 'somestate'
});
}};
server.authorize(params, req, res);
}
exports.tests = [
['Missing parameter', 9, function() {
var params = {client_id: 1, response_type: 1, redirect_uri: 1};
Object.keys(params).forEach(function(missing_param) {
var mparams = extend(params);
delete mparams[missing_param];
var res = "res obj", req = {};
expect_oauth_error(res, 'eua', 'invalid_request');
server.authorize(params, req, res);
});
}],
['Unsupported response_type', 3, function() {
var params = {client_id: 1, response_type: 1, redirect_uri: 1};
var res = "res obj", req = {};
expect_oauth_error(res, 'eua', 'unsupported_response_type');
server.authorize(params, req, res);
}],
['Unsupported response_type (token and code_and_token)', 6, function() {
server.RFactory = function(){ // To be sure the server stop after replying
assert.ok(false, 'Must not be called');
}
var params = {client_id: 1, redirect_uri: 1};
var req = {};
['token', 'code_and_token'].forEach(function(type) {
var params2 = extend({response_type: type}, params);
var res = tools.get_expected_res(501);
server.authorize(params2, req, res);
});
}],
['No client retrieved from DB', 3, function() {
server.RFactory = function() {return {
Client: {get: function(query, callback) {
callback(null);
}}
}};
var params = {client_id: 1, response_type: 'code', redirect_uri: 1};
var res = "res obj", req = {};
expect_oauth_error(res, 'eua', 'invalid_client');
server.authorize(params, req, res);
}],
['Mismatching redirect_uri', 3, function() {
server.RFactory = function() {return {
Client: {get: function(query, callback) {
callback({redirect_uri: 'other_uri'});
}}
}};
var params = {client_id: 1, response_type: 'code', redirect_uri: 'some_uri'};
var res = "res obj", req = {};
expect_oauth_error(res, 'eua', 'redirect_uri_mismatch');
server.authorize(params, req, res);
}],
['Error while retrieving client from DB', 3, function() {
server.RFactory = function() {return {
Client: {get: function(query, callback, fallback) {
fallback('error');
}}
}};
var params = {client_id: 1, response_type: 'code', redirect_uri: 1};
var req = {};
var res = tools.get_expected_res(500);
server.authorize(params, req, res);
}],
['Client without redirect_uri but with redirect_uri param: OK', 3, function() {
server.RFactory = function() {return {
Client: {get: function(query, callback) {
callback({id: 'cid', name: 'cname', redirect_uri: ''});
}}
}};
var params = {client_id: 'cid', response_type: 'code', redirect_uri: 'some_uri', state: 'somestate'};
assert_authorize_ok(params);
}],
['Client with redirect_uri but without redirect_uri param: OK', 3, function() {
server.RFactory = function() {return {
Client: {get: function(query, callback) {
callback({redirect_uri: 'some_uri', name: 'cname', id: 'cid'});
}}
}};
var params = {client_id: 'cid', response_type: 'code',
state: 'somestate'};
assert_authorize_ok(params);
}],
['Client with redirect_uri and redirect_uri param: OK', 3, function() {
server.RFactory = function() {return {
Client: {get: function(query, callback) {
callback({redirect_uri: 'some_uri', name: 'cname', id: 'cid'});
}}
}};
var params = {client_id: 'cid', response_type: 'code',
redirect_uri: 'some_uri', state: 'somestate'};
assert_authorize_ok(params);
}],
];