Add test for oauth2.Callback() handler

This test ensures that the Callback handler sets a cookie in its response to the browser when the provider returns a 200
2017-02-17 12:41:14 -05:00 · 2017-02-17 12:41:14 -05:00 · a527b90636
parent e5457e7e5b
commit a527b90636
2 changed files with 87 additions and 23 deletions
--- a/oauth2/mux_test.go
+++ b/oauth2/mux_test.go
@ -14,28 +14,55 @@ import (

 var testTime time.Time = time.Date(1985, time.October, 25, 18, 0, 0, 0, time.UTC)

-func Test_JWTMux_Logout_DeletesSessionCookie(t *testing.T) {
-	t.Parallel()
+// setupMuxTest produces an http.Client and an httptest.Server configured to
+// use a particular http.Handler selected from a JWTMux. As this selection is
+// done during the setup process, this configuration is performed by providing
+// a function, and returning the desired handler. Cleanup is still the
+// responsibility of the test writer, so the httptest.Server's Close() method
+// should be deferred.
+func setupMuxTest(selector func(*oauth2.JWTMux) http.Handler) (*http.Client, *httptest.Server, *httptest.Server) {
+	provider := httptest.NewServer(http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
+		rw.WriteHeader(http.StatusOK)
+	}))
+
+	mp := &MockProvider{"biff@example.com", provider.URL}

-	mp := &MockProvider{"biff@example.com"}
 	jm := oauth2.NewJWTMux(mp, &YesManAuthenticator{}, clog.New(clog.ParseLevel("debug")))

 	jm.Now = func() time.Time {
 		return testTime
 	}

-	ts := httptest.NewServer(jm.Logout())
-	defer ts.Close()
-
-	tsUrl, _ := url.Parse(ts.URL)
+	ts := httptest.NewServer(selector(jm))

 	jar, _ := cookiejar.New(nil)
+
 	hc := http.Client{
 		Jar: jar,
 		CheckRedirect: func(r *http.Request, via []*http.Request) error {
 			return http.ErrUseLastResponse
 		},
 	}
+	return &hc, ts, provider
+}
+
+// teardownMuxTest cleans up any resources created by setupMuxTest. This should
+// be deferred in your test after setupMuxTest is called
+func teardownMuxTest(hc *http.Client, backend *httptest.Server, provider *httptest.Server) {
+	provider.Close()
+	backend.Close()
+}
+
+func Test_JWTMux_Logout_DeletesSessionCookie(t *testing.T) {
+	t.Parallel()
+
+	hc, ts, prov := setupMuxTest(func(j *oauth2.JWTMux) http.Handler {
+		return j.Logout()
+	})
+	defer teardownMuxTest(hc, ts, prov)
+
+	tsUrl, _ := url.Parse(ts.URL)
+
 	hc.Jar.SetCookies(tsUrl, []*http.Cookie{
 		&http.Cookie{
 			Name:  oauth2.DefaultCookieName,
@ -66,21 +93,10 @@ func Test_JWTMux_Logout_DeletesSessionCookie(t *testing.T) {
 func Test_JWTMux_Login_RedirectsToCorrectURL(t *testing.T) {
 	t.Parallel()

-	mp := &MockProvider{"biff@example.com"}
-	jm := oauth2.NewJWTMux(mp, &YesManAuthenticator{}, clog.New(clog.ParseLevel("debug")))
-
-	jm.Now = func() time.Time {
-		return testTime
-	}
-
-	ts := httptest.NewServer(jm.Login())
-	defer ts.Close()
-
-	hc := http.Client{
-		CheckRedirect: func(r *http.Request, via []*http.Request) error {
-			return http.ErrUseLastResponse
-		},
-	}
+	hc, ts, prov := setupMuxTest(func(j *oauth2.JWTMux) http.Handler {
+		return j.Login() // Use Login handler for httptest server.
+	})
+	defer teardownMuxTest(hc, ts, prov)

 	resp, err := hc.Get(ts.URL)
 	if err != nil {
@ -101,3 +117,41 @@ func Test_JWTMux_Login_RedirectsToCorrectURL(t *testing.T) {
 		t.Fatal("Expected state to be set but was", state)
 	}
 }
+
+func Test_JWTMux_Callback_SetsCookie(t *testing.T) {
+	hc, ts, prov := setupMuxTest(func(j *oauth2.JWTMux) http.Handler {
+		return j.Callback()
+	})
+	defer teardownMuxTest(hc, ts, prov)
+
+	tsURL, _ := url.Parse(ts.URL)
+
+	v := url.Values{
+		"code":  {"4815162342"},
+		"state": {"foobar"},
+	}
+
+	tsURL.RawQuery = v.Encode()
+
+	resp, err := hc.Get(tsURL.String())
+	if err != nil {
+		t.Fatal("Error communicating with Callback() handler: err", err)
+	}
+
+	// Ensure we were redirected
+	if resp.StatusCode < 300 || resp.StatusCode >= 400 {
+		t.Fatal("Expected to be redirected, but received status code", resp.StatusCode)
+	}
+
+	// Check that cookie was set
+	cookies := resp.Cookies()
+	if count := len(cookies); count != 1 {
+		t.Fatal("Expected exactly one cookie to be set but found", count)
+	}
+
+	c := cookies[0]
+
+	if c.Name != oauth2.DefaultCookieName {
+		t.Fatal("Expected cookie to be named", oauth2.DefaultCookieName, "but was", c.Name)
+	}
+}
--- a/oauth2/oauth2_test.go
+++ b/oauth2/oauth2_test.go
@ -17,10 +17,20 @@ var _ oauth2.Provider = &MockProvider{}

 type MockProvider struct {
 	Email string
+
+	ProviderURL string
 }

 func (mp *MockProvider) Config() *goauth.Config {
-	return &goauth.Config{}
+	return &goauth.Config{
+		RedirectURL:  "http://www.example.com",
+		ClientID:     "4815162342",
+		ClientSecret: "8675309",
+		Endpoint: goauth.Endpoint{
+			mp.ProviderURL + "/oauth/auth",
+			mp.ProviderURL + "/oauth/token",
+		},
+	}
 }

 func (mp *MockProvider) ID() string {