1// Copyright 2021 The Go Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style 3// license that can be found in the LICENSE file. 4 5package authhandler 6 7import ( 8 "context" 9 "fmt" 10 "net/http" 11 "net/http/httptest" 12 "testing" 13 14 "golang.org/x/oauth2" 15) 16 17func TestTokenExchange_Success(t *testing.T) { 18 authhandler := func(authCodeURL string) (string, string, error) { 19 if authCodeURL == "testAuthCodeURL?client_id=testClientID&response_type=code&scope=pubsub&state=testState" { 20 return "testCode", "testState", nil 21 } 22 return "", "", fmt.Errorf("invalid authCodeURL: %q", authCodeURL) 23 } 24 25 ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { 26 r.ParseForm() 27 if r.Form.Get("code") == "testCode" { 28 w.Header().Set("Content-Type", "application/json") 29 w.Write([]byte(`{ 30 "access_token": "90d64460d14870c08c81352a05dedd3465940a7c", 31 "scope": "pubsub", 32 "token_type": "bearer", 33 "expires_in": 3600 34 }`)) 35 } 36 })) 37 defer ts.Close() 38 39 conf := &oauth2.Config{ 40 ClientID: "testClientID", 41 Scopes: []string{"pubsub"}, 42 Endpoint: oauth2.Endpoint{ 43 AuthURL: "testAuthCodeURL", 44 TokenURL: ts.URL, 45 }, 46 } 47 48 tok, err := TokenSource(context.Background(), conf, "testState", authhandler).Token() 49 if err != nil { 50 t.Fatal(err) 51 } 52 if !tok.Valid() { 53 t.Errorf("got invalid token: %v", tok) 54 } 55 if got, want := tok.AccessToken, "90d64460d14870c08c81352a05dedd3465940a7c"; got != want { 56 t.Errorf("access token = %q; want %q", got, want) 57 } 58 if got, want := tok.TokenType, "bearer"; got != want { 59 t.Errorf("token type = %q; want %q", got, want) 60 } 61 if got := tok.Expiry.IsZero(); got { 62 t.Errorf("token expiry is zero = %v, want false", got) 63 } 64 scope := tok.Extra("scope") 65 if got, want := scope, "pubsub"; got != want { 66 t.Errorf("scope = %q; want %q", got, want) 67 } 68} 69 70func TestTokenExchange_StateMismatch(t *testing.T) { 71 authhandler := func(authCodeURL string) (string, string, error) { 72 return "testCode", "testStateMismatch", nil 73 } 74 75 ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { 76 w.Header().Set("Content-Type", "application/json") 77 w.Write([]byte(`{ 78 "access_token": "90d64460d14870c08c81352a05dedd3465940a7c", 79 "scope": "pubsub", 80 "token_type": "bearer", 81 "expires_in": 3600 82 }`)) 83 })) 84 defer ts.Close() 85 86 conf := &oauth2.Config{ 87 ClientID: "testClientID", 88 Scopes: []string{"pubsub"}, 89 Endpoint: oauth2.Endpoint{ 90 AuthURL: "testAuthCodeURL", 91 TokenURL: ts.URL, 92 }, 93 } 94 95 _, err := TokenSource(context.Background(), conf, "testState", authhandler).Token() 96 if want_err := "state mismatch in 3-legged-OAuth flow"; err == nil || err.Error() != want_err { 97 t.Errorf("err = %q; want %q", err, want_err) 98 } 99} 100