You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

159 lines
5.3 KiB

  1. // Copyright 2020 The Gitea Authors. All rights reserved.
  2. // Use of this source code is governed by a MIT-style
  3. // license that can be found in the LICENSE file.package models
  4. package integrations
  5. import (
  6. "fmt"
  7. "net/http"
  8. "testing"
  9. "code.gitea.io/gitea/models"
  10. api "code.gitea.io/gitea/modules/structs"
  11. "github.com/stretchr/testify/assert"
  12. )
  13. func TestOAuth2Application(t *testing.T) {
  14. defer prepareTestEnv(t)()
  15. testAPICreateOAuth2Application(t)
  16. testAPIListOAuth2Applications(t)
  17. testAPIGetOAuth2Application(t)
  18. testAPIUpdateOAuth2Application(t)
  19. testAPIDeleteOAuth2Application(t)
  20. }
  21. func testAPICreateOAuth2Application(t *testing.T) {
  22. user := models.AssertExistsAndLoadBean(t, &models.User{ID: 2}).(*models.User)
  23. appBody := api.CreateOAuth2ApplicationOptions{
  24. Name: "test-app-1",
  25. RedirectURIs: []string{
  26. "http://www.google.com",
  27. },
  28. }
  29. req := NewRequestWithJSON(t, "POST", "/api/v1/user/applications/oauth2", &appBody)
  30. req = AddBasicAuthHeader(req, user.Name)
  31. resp := MakeRequest(t, req, http.StatusCreated)
  32. var createdApp *api.OAuth2Application
  33. DecodeJSON(t, resp, &createdApp)
  34. assert.EqualValues(t, appBody.Name, createdApp.Name)
  35. assert.Len(t, createdApp.ClientSecret, 44)
  36. assert.Len(t, createdApp.ClientID, 36)
  37. assert.NotEmpty(t, createdApp.Created)
  38. assert.EqualValues(t, appBody.RedirectURIs[0], createdApp.RedirectURIs[0])
  39. models.AssertExistsAndLoadBean(t, &models.OAuth2Application{UID: user.ID, Name: createdApp.Name})
  40. }
  41. func testAPIListOAuth2Applications(t *testing.T) {
  42. user := models.AssertExistsAndLoadBean(t, &models.User{ID: 2}).(*models.User)
  43. session := loginUser(t, user.Name)
  44. token := getTokenForLoggedInUser(t, session)
  45. existApp := models.AssertExistsAndLoadBean(t, &models.OAuth2Application{
  46. UID: user.ID,
  47. Name: "test-app-1",
  48. RedirectURIs: []string{
  49. "http://www.google.com",
  50. },
  51. }).(*models.OAuth2Application)
  52. urlStr := fmt.Sprintf("/api/v1/user/applications/oauth2?token=%s", token)
  53. req := NewRequest(t, "GET", urlStr)
  54. resp := session.MakeRequest(t, req, http.StatusOK)
  55. var appList api.OAuth2ApplicationList
  56. DecodeJSON(t, resp, &appList)
  57. expectedApp := appList[0]
  58. assert.EqualValues(t, existApp.Name, expectedApp.Name)
  59. assert.EqualValues(t, existApp.ClientID, expectedApp.ClientID)
  60. assert.Len(t, expectedApp.ClientID, 36)
  61. assert.Empty(t, expectedApp.ClientSecret)
  62. assert.EqualValues(t, existApp.RedirectURIs[0], expectedApp.RedirectURIs[0])
  63. models.AssertExistsAndLoadBean(t, &models.OAuth2Application{ID: expectedApp.ID, Name: expectedApp.Name})
  64. }
  65. func testAPIDeleteOAuth2Application(t *testing.T) {
  66. user := models.AssertExistsAndLoadBean(t, &models.User{ID: 2}).(*models.User)
  67. session := loginUser(t, user.Name)
  68. token := getTokenForLoggedInUser(t, session)
  69. oldApp := models.AssertExistsAndLoadBean(t, &models.OAuth2Application{
  70. UID: user.ID,
  71. Name: "test-app-1",
  72. }).(*models.OAuth2Application)
  73. urlStr := fmt.Sprintf("/api/v1/user/applications/oauth2/%d?token=%s", oldApp.ID, token)
  74. req := NewRequest(t, "DELETE", urlStr)
  75. session.MakeRequest(t, req, http.StatusNoContent)
  76. models.AssertNotExistsBean(t, &models.OAuth2Application{UID: oldApp.UID, Name: oldApp.Name})
  77. }
  78. func testAPIGetOAuth2Application(t *testing.T) {
  79. user := models.AssertExistsAndLoadBean(t, &models.User{ID: 2}).(*models.User)
  80. session := loginUser(t, user.Name)
  81. token := getTokenForLoggedInUser(t, session)
  82. existApp := models.AssertExistsAndLoadBean(t, &models.OAuth2Application{
  83. UID: user.ID,
  84. Name: "test-app-1",
  85. RedirectURIs: []string{
  86. "http://www.google.com",
  87. },
  88. }).(*models.OAuth2Application)
  89. urlStr := fmt.Sprintf("/api/v1/user/applications/oauth2/%d?token=%s", existApp.ID, token)
  90. req := NewRequest(t, "GET", urlStr)
  91. resp := session.MakeRequest(t, req, http.StatusOK)
  92. var app api.OAuth2Application
  93. DecodeJSON(t, resp, &app)
  94. expectedApp := app
  95. assert.EqualValues(t, existApp.Name, expectedApp.Name)
  96. assert.EqualValues(t, existApp.ClientID, expectedApp.ClientID)
  97. assert.Len(t, expectedApp.ClientID, 36)
  98. assert.Empty(t, expectedApp.ClientSecret)
  99. assert.EqualValues(t, len(expectedApp.RedirectURIs), 1)
  100. assert.EqualValues(t, existApp.RedirectURIs[0], expectedApp.RedirectURIs[0])
  101. models.AssertExistsAndLoadBean(t, &models.OAuth2Application{ID: expectedApp.ID, Name: expectedApp.Name})
  102. }
  103. func testAPIUpdateOAuth2Application(t *testing.T) {
  104. user := models.AssertExistsAndLoadBean(t, &models.User{ID: 2}).(*models.User)
  105. existApp := models.AssertExistsAndLoadBean(t, &models.OAuth2Application{
  106. UID: user.ID,
  107. Name: "test-app-1",
  108. RedirectURIs: []string{
  109. "http://www.google.com",
  110. },
  111. }).(*models.OAuth2Application)
  112. appBody := api.CreateOAuth2ApplicationOptions{
  113. Name: "test-app-1",
  114. RedirectURIs: []string{
  115. "http://www.google.com/",
  116. "http://www.github.com/",
  117. },
  118. }
  119. urlStr := fmt.Sprintf("/api/v1/user/applications/oauth2/%d", existApp.ID)
  120. req := NewRequestWithJSON(t, "PATCH", urlStr, &appBody)
  121. req = AddBasicAuthHeader(req, user.Name)
  122. resp := MakeRequest(t, req, http.StatusOK)
  123. var app api.OAuth2Application
  124. DecodeJSON(t, resp, &app)
  125. expectedApp := app
  126. assert.EqualValues(t, len(expectedApp.RedirectURIs), 2)
  127. assert.EqualValues(t, expectedApp.RedirectURIs[0], appBody.RedirectURIs[0])
  128. assert.EqualValues(t, expectedApp.RedirectURIs[1], appBody.RedirectURIs[1])
  129. models.AssertExistsAndLoadBean(t, &models.OAuth2Application{ID: expectedApp.ID, Name: expectedApp.Name})
  130. }