unstaged

ory · Oct 14, 2016 · ae40691 · ae40691
1 parent 74b7f33
commit ae40691
Show file tree

Hide file tree

Showing 7 changed files with 226 additions and 2 deletions.
diff --git a/integration/helper_endpoints_test.go b/integration/helper_endpoints_test.go
@@ -19,6 +19,27 @@ type mySessionData struct {
 	*foauth.HMACSession
 }
 
+func tokenRevocationHandler(t *testing.T, oauth2 fosite.OAuth2Provider, session interface{}) func(rw http.ResponseWriter, req *http.Request) {
+	return func(rw http.ResponseWriter, req *http.Request) {
+		ctx := fosite.NewContext()
+		err := oauth2.NewRevocationRequest(ctx, req)
+		oauth2.WriteRevocationResponse(rw, err)
+	}
+}
+
+
+func tokenIntrospectionHandler(t *testing.T, oauth2 fosite.OAuth2Provider, session interface{}) func(rw http.ResponseWriter, req *http.Request) {
+	return func(rw http.ResponseWriter, req *http.Request) {
+		ctx := fosite.NewContext()
+		ar, err := oauth2.NewIntrospectionRequest(ctx, req, session)
+		if err != nil {
+			oauth2.WriteIntrospectionError(rw, err)
+		}
+
+		oauth2.WriteIntrospectionResponse(rw, ar)
+	}
+}
+
 func tokenInfoHandler(t *testing.T, oauth2 fosite.OAuth2Provider, session interface{}) func(rw http.ResponseWriter, req *http.Request) {
 	return func(rw http.ResponseWriter, req *http.Request) {
 		ctx := fosite.NewContext()

diff --git a/integration/helper_setup_test.go b/integration/helper_setup_test.go
@@ -86,6 +86,9 @@ func mockServer(t *testing.T, f fosite.OAuth2Provider, session interface{}) *htt
 	router.HandleFunc("/token", tokenEndpointHandler(t, f))
 	router.HandleFunc("/callback", authCallbackHandler(t))
 	router.HandleFunc("/info", tokenInfoHandler(t, f, session))
+	router.HandleFunc("/introspect", tokenIntrospectionHandler(t, f, session))
+	router.HandleFunc("/revoke", tokenRevocationHandler(t, f, session))
+
 	ts := httptest.NewServer(router)
 	return ts
 }
diff --git a/integration/introspect_token_test.go b/integration/introspect_token_test.go
@@ -0,0 +1,58 @@
+package integration_test
+
+//import (
+//	"testing"
+//
+//	"github.com/ory-am/fosite/compose"
+//	"github.com/ory-am/fosite/handler/oauth2"
+//	"github.com/stretchr/testify/assert"
+//	"github.com/stretchr/testify/require"
+//	goauth "golang.org/x/oauth2"
+//	"github.com/ory-am/fosite"
+//)
+//
+//func TestIntrospectToken(t *testing.T) {
+//	for _, strategy := range []oauth2.AccessTokenStrategy{
+//		hmacStrategy,
+//	} {
+//		runIntrospectTokenTest(t, strategy)
+//	}
+//}
+//
+//func runIntrospectTokenTest(t *testing.T, strategy oauth2.AccessTokenStrategy) {
+//	f := compose.Compose(new(compose.Config), fositeStore, strategy, compose.OAuth2ClientCredentialsGrantFactory)
+//	ts := mockServer(t, f, &mySessionData{
+//		HMACSession: new(oauth2.HMACSession),
+//	})
+//	defer ts.Close()
+//
+//	oauthClient := newOAuth2AppClient(ts)
+//	resp := new(fosite.IntrospectionResponse)
+//	for k, c := range []struct {
+//		description string
+//		setup       func()
+//		err         bool
+//		expect func()
+//	}{
+//		{
+//			description: "should pass",
+//			setup: func() {
+//
+//			},
+//			expect: func() {
+//
+//			},
+//		},
+//	} {
+//		c.setup()
+//
+//		token, err := oauthClient.Token(goauth.NoContext)
+//		require.Equal(t, c.err, err != nil, "(%d) %s\n%s\n%s", k, c.description, c.err, err)
+//		if !c.err {
+//			assert.NotEmpty(t, token.AccessToken, "(%d) %s\n%s", k, c.description, token)
+//		}
+//		t.Logf("Passed test case %d", k)
+//
+//
+//	}
+//}
diff --git a/introspection_request_handler.go b/introspection_request_handler.go
@@ -96,7 +96,6 @@ func (f *Fosite) NewIntrospectionRequest(ctx context.Context, r *http.Request, s
 	tokenType := r.PostForm.Get("token_type")
 	scope := r.PostForm.Get("scope")
 
-
 	if clientToken := AccessTokenFromRequest(r); clientToken != "" {
 		if _, err := f.IntrospectToken(ctx, clientToken, AccessToken, session); err != nil {
 			return nil, errors.Wrap(ErrRequestUnauthorized, "HTTP Authorization header missing, malformed or credentials used are invalid")
@@ -120,7 +119,7 @@ func (f *Fosite) NewIntrospectionRequest(ctx context.Context, r *http.Request, s
 
 	ar, err := f.IntrospectToken(ctx, token, TokenType(tokenType), session, strings.Split(scope, " ")...)
 	if err != nil {
-		return &IntrospectionResponse{Active: false}, err
+		return &IntrospectionResponse{Active: false}, nil
 	}
 
 	return &IntrospectionResponse{
@@ -138,9 +137,11 @@ type IntrospectionResponse struct {
 func (r *IntrospectionResponse) IsActive() bool {
 	return r.Active
 }
+
 func (r *IntrospectionResponse) GetAccessRequester() AccessRequester {
 	return r.AccessRequester
 }
+
 func (r *IntrospectionResponse) GetExpiresAt() time.Time {
 	return r.ExpiresAt
 }
diff --git a/introspection_request_handler_test.go b/introspection_request_handler_test.go
@@ -0,0 +1,97 @@
+package fosite_test
+
+import (
+	"time"
+	"testing"
+	"github.com/ory-am/fosite"
+	"github.com/stretchr/testify/assert"
+	"net/http"
+	"github.com/golang/mock/gomock"
+	"github.com/ory-am/fosite/internal"
+	"github.com/ory-am/fosite/compose"
+	"net/url"
+
+	. "github.com/ory-am/fosite"
+	"github.com/ory-am/fosite/storage"
+	"github.com/pkg/errors"
+)
+
+func TestIntrospectionResponse(t *testing.T) {
+	r := &fosite.IntrospectionResponse{
+		AccessRequester: fosite.NewAccessRequest(nil),
+		ExpiresAt: time.Now(),
+		Active: true,
+	}
+
+	assert.Equal(t, r.AccessRequester, r.GetAccessRequester())
+	assert.Equal(t, r.ExpiresAt, r.GetExpiresAt())
+	assert.Equal(t, r.Active, r.IsActive())
+}
+
+func TestNewIntrospectionRequest(t *testing.T) {
+	ctrl := gomock.NewController(t)
+	validator := internal.NewMockTokenValidator(ctrl)
+	defer ctrl.Finish()
+
+	f := compose.ComposeAllEnabled(new(compose.Config), storage.NewMemoryStore(), []byte{}, nil).(*Fosite)
+	httpreq := &http.Request{
+		Header: http.Header{},
+		Form: url.Values{},
+	}
+
+	for k, c := range []struct {
+		description string
+		setup       func()
+		expectErr   error
+		isActive    bool
+	}{
+		{
+			description: "should fail",
+			setup: func() {
+			},
+			expectErr: ErrRequestUnauthorized,
+		},
+		{
+			description: "should pass",
+			setup: func() {
+				f.TokenIntrospectionHandlers = TokenIntrospectionHandlers{validator}
+				httpreq = &http.Request{
+					Header: http.Header{
+						"Authorization": []string{"bearer some-token"},
+					},
+					PostForm: url.Values{
+						"token": []string{"introspect-token"},
+					},
+				}
+				validator.EXPECT().IntrospectToken(nil, "some-token", gomock.Any(), gomock.Any(), gomock.Any()).Return(nil)
+				validator.EXPECT().IntrospectToken(nil, "introspect-token", gomock.Any(), gomock.Any(), gomock.Any()).Return(errors.New(""))
+			},
+			isActive: false,
+		},
+		{
+			description: "should pass",
+			setup: func() {
+				f.TokenIntrospectionHandlers = TokenIntrospectionHandlers{validator}
+				httpreq = &http.Request{
+					Header: http.Header{
+						"Authorization": []string{"bearer some-token"},
+					},
+					PostForm: url.Values{
+						"token": []string{"introspect-token"},
+					},
+				}
+				validator.EXPECT().IntrospectToken(nil, "some-token", gomock.Any(), gomock.Any(), gomock.Any()).Return(nil)
+				validator.EXPECT().IntrospectToken(nil, "introspect-token", gomock.Any(), gomock.Any(), gomock.Any()).Return(nil)
+			},
+			isActive: true,
+		},
+	} {
+		c.setup()
+		res, err := f.NewIntrospectionRequest(nil, httpreq, nil)
+		assert.True(t, errors.Cause(err) == c.expectErr, "(%d) %s\n%s\n%s", k, c.description, err, c.expectErr)
+		if res != nil {
+			assert.Equal(t, c.isActive, res.IsActive())
+		}
+		t.Logf("Passed test case %d", k)
+	}
+}
diff --git a/introspection_response_writer.go b/introspection_response_writer.go
@@ -29,6 +29,10 @@ import (
 // respond with an introspection response with the "active" field set to
 // "false" as described in Section 2.2.
 func (f *Fosite) WriteIntrospectionError(rw http.ResponseWriter, err error) {
+	if err == nil {
+		return
+	}
+
 	if errors.Cause(err) == ErrRequestUnauthorized {
 		writeJsonError(rw, err)
 		return

diff --git a/introspection_response_writer_test.go b/introspection_response_writer_test.go
@@ -0,0 +1,40 @@
+package fosite_test
+
+import (
+	"github.com/pkg/errors"
+	"testing"
+	. "github.com/ory-am/fosite"
+	"github.com/ory-am/fosite/internal"
+	"github.com/golang/mock/gomock"
+	"net/http"
+)
+
+func TestWriteIntrospectionError(t *testing.T) {
+	f := new(Fosite)
+	c := gomock.NewController(t)
+	defer c.Finish()
+
+	rw := internal.NewMockResponseWriter(c)
+
+	rw.EXPECT().WriteHeader(http.StatusUnauthorized)//[]byte("{\"active\":\"false\"}"))
+	rw.EXPECT().Header().Return(http.Header{})
+	rw.EXPECT().Write(gomock.Any())
+	f.WriteIntrospectionError(rw, errors.Wrap(ErrRequestUnauthorized, ""))
+
+	rw.EXPECT().Write([]byte("{\"active\":false}\n"))
+	f.WriteIntrospectionError(rw, errors.New(""))
+
+	f.WriteIntrospectionError(rw, nil)
+}
+
+func TestWriteIntrospectionResponse(t *testing.T) {
+	f := new(Fosite)
+	c := gomock.NewController(t)
+	defer c.Finish()
+
+	rw := internal.NewMockResponseWriter(c)
+	rw.EXPECT().Write(gomock.Any()).AnyTimes()
+	f.WriteIntrospectionResponse(rw, &IntrospectionResponse{
+		AccessRequester: NewAccessRequest(nil),
+	})
+}