Added "GET /oauth/authorize" tests.

2019-04-02 13:43:33 +03:00 · 2019-04-02 13:43:33 +03:00 · 15ce710460
commit 15ce710460
parent 6910fb371b
2 changed files with 323 additions and 245 deletions
--- a/test/support/factory.ex
+++ b/test/support/factory.ex
@ -216,7 +216,7 @@ def oauth_app_factory do
      redirect_uris: "https://example.com/callback",
      scopes: ["read", "write", "follow", "push"],
      website: "https://example.com",
-      client_id: "aaabbb==",
+      client_id: Ecto.UUID.generate(),
      client_secret: "aaa;/&bbb"
    }
  end
--- a/test/web/oauth/oauth_controller_test.exs
+++ b/test/web/oauth/oauth_controller_test.exs
@ -10,6 +10,81 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do
  alias Pleroma.Web.OAuth.Authorization
  alias Pleroma.Web.OAuth.Token

+  describe "GET /oauth/authorize" do
+    setup do
+      session_opts = [
+        store: :cookie,
+        key: "_test",
+        signing_salt: "cooldude"
+      ]
+
+      [
+        app: insert(:oauth_app, redirect_uris: "https://redirect.url"),
+        conn:
+          build_conn()
+          |> Plug.Session.call(Plug.Session.init(session_opts))
+          |> fetch_session()
+      ]
+    end
+
+    test "renders authentication page", %{app: app, conn: conn} do
+      conn =
+        get(
+          conn,
+          "/oauth/authorize",
+          %{
+            "response_type" => "code",
+            "client_id" => app.client_id,
+            "redirect_uri" => app.redirect_uris,
+            "scope" => "read"
+          }
+        )
+
+      assert html_response(conn, 200) =~ ~s(type="submit")
+    end
+
+    test "renders authentication page if user is already authenticated but `force_login` is tru-ish",
+         %{app: app, conn: conn} do
+      token = insert(:oauth_token, app_id: app.id)
+
+      conn =
+        conn
+        |> put_session(:oauth_token, token.token)
+        |> get(
+          "/oauth/authorize",
+          %{
+            "response_type" => "code",
+            "client_id" => app.client_id,
+            "redirect_uri" => app.redirect_uris,
+            "scope" => "read",
+            "force_login" => "true"
+          }
+        )
+
+      assert html_response(conn, 200) =~ ~s(type="submit")
+    end
+
+    test "redirects to app if user is already authenticated", %{app: app, conn: conn} do
+      token = insert(:oauth_token, app_id: app.id)
+
+      conn =
+        conn
+        |> put_session(:oauth_token, token.token)
+        |> get(
+          "/oauth/authorize",
+          %{
+            "response_type" => "code",
+            "client_id" => app.client_id,
+            "redirect_uri" => app.redirect_uris,
+            "scope" => "read"
+          }
+        )
+
+      assert redirected_to(conn) == "https://redirect.url"
+    end
+  end
+
+  describe "POST /oauth/authorize" do
    test "redirects with oauth authorization" do
      user = insert(:user)
      app = insert(:oauth_app, scopes: ["read", "write", "follow"])
@ -115,7 +190,9 @@ test "returns 401 for scopes beyond app scopes", %{conn: conn} do
      # Error message
      assert result =~ "This action is outside the authorized scopes"
    end
+  end

+  describe "POST /oauth/token" do
    test "issues a token for an all-body request" do
      user = insert(:user)
      app = insert(:oauth_app, scopes: ["read", "write"])
@ -268,3 +345,4 @@ test "rejects an invalid authorization code" do
      refute Map.has_key?(resp, "access_token")
    end
  end
+end