2021-11-23 20:58:12 +00:00
|
|
|
package main
|
|
|
|
|
|
|
|
import (
|
|
|
|
"net/http"
|
|
|
|
"net/http/httptest"
|
|
|
|
"path/filepath"
|
|
|
|
"strings"
|
|
|
|
"testing"
|
|
|
|
|
2022-03-18 07:17:22 +00:00
|
|
|
"github.com/hacdias/indieauth/v2"
|
2021-11-23 20:58:12 +00:00
|
|
|
"github.com/stretchr/testify/assert"
|
|
|
|
)
|
|
|
|
|
|
|
|
func Test_checkIndieAuth(t *testing.T) {
|
|
|
|
|
|
|
|
app := &goBlog{
|
2021-12-07 17:23:57 +00:00
|
|
|
httpClient: newFakeHttpClient().Client,
|
2021-11-23 20:58:12 +00:00
|
|
|
cfg: &config{
|
|
|
|
Db: &configDb{
|
|
|
|
File: filepath.Join(t.TempDir(), "test.db"),
|
|
|
|
},
|
|
|
|
Server: &configServer{},
|
|
|
|
DefaultBlog: "en",
|
|
|
|
Blogs: map[string]*configBlog{
|
|
|
|
"en": {
|
|
|
|
Lang: "en",
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
|
|
|
}
|
|
|
|
|
|
|
|
_ = app.initDatabase(false)
|
2022-01-26 19:16:26 +00:00
|
|
|
defer app.db.close()
|
2021-11-23 20:58:12 +00:00
|
|
|
app.initComponents(false)
|
|
|
|
|
|
|
|
req := httptest.NewRequest(http.MethodGet, "/", nil)
|
|
|
|
rec := httptest.NewRecorder()
|
|
|
|
|
|
|
|
checked1 := false
|
|
|
|
app.checkIndieAuth(http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
|
|
|
|
checked1 = true
|
|
|
|
})).ServeHTTP(rec, req)
|
|
|
|
assert.False(t, checked1)
|
|
|
|
|
|
|
|
token, err := app.db.indieAuthSaveToken(&indieauth.AuthenticationRequest{
|
|
|
|
ClientID: "https://example.com/",
|
|
|
|
Scopes: strings.Split("create update delete", " "),
|
|
|
|
})
|
|
|
|
assert.NoError(t, err)
|
|
|
|
assert.NotEmpty(t, token)
|
|
|
|
|
|
|
|
req.Header.Set("Authorization", "Bearer "+token)
|
|
|
|
|
|
|
|
checked2 := false
|
|
|
|
app.checkIndieAuth(http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
|
|
|
|
assert.Equal(t, "create update delete", r.Context().Value(indieAuthScope).(string))
|
|
|
|
checked2 = true
|
|
|
|
})).ServeHTTP(rec, req)
|
|
|
|
assert.True(t, checked2)
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
func Test_addAllScopes(t *testing.T) {
|
|
|
|
|
|
|
|
req := httptest.NewRequest(http.MethodGet, "/", nil)
|
|
|
|
rec := httptest.NewRecorder()
|
|
|
|
|
|
|
|
checked := false
|
|
|
|
addAllScopes(http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
|
|
|
|
scope := r.Context().Value(indieAuthScope).(string)
|
|
|
|
assert.Contains(t, scope, "create")
|
|
|
|
assert.Contains(t, scope, "update")
|
|
|
|
assert.Contains(t, scope, "delete")
|
2022-01-03 12:55:44 +00:00
|
|
|
assert.Contains(t, scope, "undelete")
|
2021-11-23 20:58:12 +00:00
|
|
|
assert.Contains(t, scope, "media")
|
|
|
|
checked = true
|
|
|
|
})).ServeHTTP(rec, req)
|
|
|
|
assert.True(t, checked)
|
|
|
|
|
|
|
|
}
|