local/oauth2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Revert "too much effort into the garbage"

Browse Source 
This reverts commit a2e84379a9.
This commit is contained in:
bel
2024-03-10 10:41:35 -06:00
parent a2e84379a9
commit 6ae4b401b1
5 changed files with 58 additions and 128 deletions
Download Patch File Download Diff File Expand all files Collapse all files

105
oauth2test/package_test.go
View File

@@ -1,11 +1,13 @@
package oauth2
import (
"context"
"errors"
"fmt"
"io"
"net"
"gitea.inhome.blapointe.com/local/oauth2"
"gitea.inhome.blapointe.com/local/oauth2/oauth2client"
"gitea.inhome.blapointe.com/local/oauth2/oauth2server/config"
"gitea.inhome.blapointe.com/local/oauth2/oauth2server/server"
"log"
"net/http"
"net/http/cookiejar"
"net/http/httptest"
@@ -13,16 +15,9 @@ import (
"regexp"
"strings"
"testing"
"gitea.inhome.blapointe.com/local/oauth2"
"gitea.inhome.blapointe.com/local/oauth2/oauth2client"
"gitea.inhome.blapointe.com/local/oauth2/oauth2server/config"
"gitea.inhome.blapointe.com/local/oauth2/oauth2server/server"
)
func TestAll(t *testing.T) {
oauth2client.HTTPClient.Transport = makeTransport()
oauth2server, err := launchServer()
if err != nil {
t.Fatal(err)
@@ -30,38 +25,24 @@ func TestAll(t *testing.T) {
defer oauth2server.Close()
oauth2server.URL = strings.ReplaceAll(oauth2server.URL, "127.0.0.1", "echo.belbox.dev")
s := dummyServer(t, oauth2server.URL)
s := dummyServer(oauth2server.URL)
defer s.Close()
t.Log("createUser...")
if err := createUser(oauth2server.URL); err != nil {
t.Fatal(err)
}
t.Log("loginAsUser...")
if err := loginAsuser(oauth2server.URL); err != nil {
if err := logUser(oauth2server.URL); err != nil {
t.Fatal(err)
}
t.Log("shouldRedir...")
if err := shouldRedir(s.URL); err != nil {
t.Fatal(err)
}
t.Log("testAuth...")
if err := testAuth(oauth2server.URL, s.URL); err != nil {
t.Fatal(err)
}
t.Log("testAuthViaBadBasicAuth...")
if err := testAuthViaBadBasicAuth(s.URL); err != nil {
t.Fatal(err)
}
t.Log("testAuthViaBasicAuth...")
if err := testAuthViaBasicAuth(s.URL); err != nil {
t.Fatal(err)
}
}
func launchServer() (*httptest.Server, error) {
@@ -82,22 +63,18 @@ func launchServer() (*httptest.Server, error) {
return s, err
}
func dummyServer(t *testing.T, oauth2server string) *httptest.Server {
func dummyServer(oauth2server string) *httptest.Server {
return httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
err := oauth2client.Authenticate(oauth2server, "scope", w, r)
if err != nil {
t.Logf("dummy: %s: %v", r.URL.Path, err)
return
}
t.Logf("dummy: %s: :D", r.URL.Path)
fmt.Fprintln(w, "dummy server serving authenticated")
}))
}
func createUser(oauth2server string) error {
req, _ := http.NewRequest(http.MethodPost, oauth2server+"/users/submit/scope", strings.NewReader("username=abc"))
req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
resp, err := makeClient().Do(req)
resp, err := http.Post(oauth2server+"/users/submit/scope", "application/x-www-form-urlencoded", strings.NewReader("username=abc"))
if err != nil {
return err
}
@@ -108,10 +85,8 @@ func createUser(oauth2server string) error {
return nil
}
func loginAsuser(oauth2server string) error {
req, _ := http.NewRequest(http.MethodPost, oauth2server+"/authorize/scope", strings.NewReader("username=abc"))
req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
resp, err := makeClient().Do(req)
func logUser(oauth2server string) error {
resp, err := http.Post(oauth2server+"/authorize/scope", "application/x-www-form-urlencoded", strings.NewReader("username=abc"))
if err != nil {
return err
}
@@ -134,8 +109,8 @@ func clientShouldRedir(c *http.Client, dummy string) error {
return err
}
defer resp.Body.Close()
if resp.StatusCode != 403 || resp.Header.Get("WWW-Authenticate") == "" {
return fmt.Errorf("did not need redir without auth: (%d) %q", resp.StatusCode, resp.Header.Get("WWW-Authenticate"))
if resp.Request.URL.Path != "/users/log/scope" {
return fmt.Errorf("did not need redir without auth: %v", resp.Request.URL)
}
return nil
}
@@ -155,13 +130,16 @@ func clientShouldNotRedir(c *http.Client, dummy string) error {
func testAuth(oauth2server, dummy string) error {
c := makeClient()
log.Println("should redir...")
if err := clientShouldRedir(c, dummy); err != nil {
return err
}
log.Println("client login...")
access, err := clientLogin(c, oauth2server)
if err != nil {
return err
}
log.Println("client should not redir...")
if err := clientShouldNotRedir(c, dummy+"?"+oauth2.NEWCOOKIE+"="+access); err != nil {
return err
}
@@ -200,58 +178,9 @@ func clientLogin(c *http.Client, oauth2server string) (string, error) {
return a, nil
}
func testAuthViaBadBasicAuth(dummy string) error {
c := makeClient()
req, _ := http.NewRequest(http.MethodGet, dummy, nil)
req.SetBasicAuth("u", "p")
resp, err := c.Do(req)
if err != nil {
return err
}
defer resp.Body.Close()
if resp.StatusCode != 403 {
b, _ := io.ReadAll(resp.Body)
return fmt.Errorf("got through with bad basic auth set: (%d) %s", resp.StatusCode, b)
}
return nil
}
func testAuthViaBasicAuth(dummy string) error {
c := makeClient()
req, _ := http.NewRequest(http.MethodGet, dummy, nil)
req.SetBasicAuth("", "abc")
resp, err := c.Do(req)
if err != nil {
return err
}
defer resp.Body.Close()
if resp.StatusCode != http.StatusOK {
b, _ := io.ReadAll(resp.Body)
return fmt.Errorf("failed to get through with basic auth set: (%d) %s", resp.StatusCode, b)
}
if !strings.Contains(fmt.Sprint(c.Jar), oauth2.COOKIE) {
return errors.New("cookie jar empty:" + fmt.Sprint(c.Jar))
}
return nil
}
func makeClient() *http.Client {
jar, _ := cookiejar.New(&cookiejar.Options{})
return &http.Client{
Jar: jar,
Transport: makeTransport(),
}
}
func makeTransport() *http.Transport {
return &http.Transport{
DialContext: func(ctx context.Context, network string, addr string) (net.Conn, error) {
parts := strings.Split(addr, ":")
port := "80"
if len(parts) > 0 {
port = parts[1]
}
return (&net.Dialer{}).DialContext(ctx, "tcp4", fmt.Sprintf("127.0.0.1:%s", port))
},
Jar: jar,
}
}