Documentation
¶
Overview ¶
Package oauth2providertest provides comprehensive testing utilities for OAuth2 identity provider functionality. It includes helpers for creating OAuth2 apps, performing authorization flows, token exchanges, PKCE challenge generation and verification, and testing error scenarios.
Index ¶
- Constants
- Variables
- func AuthorizeOAuth2App(t *testing.T, client *codersdk.Client, baseURL string, params AuthorizeParams) string
- func CleanupOAuth2App(t *testing.T, client *codersdk.Client, appID uuid.UUID)
- func CreateTestOAuth2App(t *testing.T, client *codersdk.Client) (*codersdk.OAuth2ProviderApp, string)
- func ExchangeCodeForToken(t *testing.T, baseURL string, params TokenExchangeParams) *oauth2.Token
- func FetchOAuth2Metadata(t *testing.T, baseURL string) map[string]any
- func GenerateCodeChallenge(verifier string) string
- func GeneratePKCE(t *testing.T) (verifier, challenge string)
- func GenerateState(t *testing.T) string
- func PerformTokenExchangeExpectingError(t *testing.T, baseURL string, params TokenExchangeParams, expectedError string)
- func RequireOAuth2Error(t *testing.T, resp *http.Response, expectedError string)
- type AuthorizeParams
- type OAuth2Error
- type TokenExchangeParams
Constants ¶
const ( // TestRedirectURI is the standard test redirect URI TestRedirectURI = "http://localhost:9876/callback" // TestResourceURI is used for testing resource parameter TestResourceURI = "https://api.example.com" // Invalid PKCE verifier for negative testing InvalidCodeVerifier = "wrong-verifier" )
Test constants for OAuth2 testing
Variables ¶
var OAuth2ErrorTypes = struct { InvalidRequest string InvalidClient string InvalidGrant string UnauthorizedClient string UnsupportedGrantType string InvalidScope string }{ InvalidRequest: "invalid_request", InvalidClient: "invalid_client", InvalidGrant: "invalid_grant", UnauthorizedClient: "unauthorized_client", UnsupportedGrantType: "unsupported_grant_type", InvalidScope: "invalid_scope", }
OAuth2ErrorTypes contains standard OAuth2 error codes
Functions ¶
func AuthorizeOAuth2App ¶
func AuthorizeOAuth2App(t *testing.T, client *codersdk.Client, baseURL string, params AuthorizeParams) string
AuthorizeOAuth2App performs the OAuth2 authorization flow and returns the authorization code
func CleanupOAuth2App ¶
CleanupOAuth2App deletes an OAuth2 app (helper for test cleanup)
func CreateTestOAuth2App ¶
func CreateTestOAuth2App(t *testing.T, client *codersdk.Client) (*codersdk.OAuth2ProviderApp, string)
CreateTestOAuth2App creates an OAuth2 app for testing and returns the app and client secret
func ExchangeCodeForToken ¶
ExchangeCodeForToken exchanges an authorization code for tokens
func FetchOAuth2Metadata ¶
FetchOAuth2Metadata fetches and returns OAuth2 authorization server metadata
func GenerateCodeChallenge ¶
GenerateCodeChallenge creates an S256 code challenge from a verifier
func GeneratePKCE ¶
GeneratePKCE generates a random PKCE code verifier and challenge
func GenerateState ¶
GenerateState generates a random state parameter
func PerformTokenExchangeExpectingError ¶
func PerformTokenExchangeExpectingError(t *testing.T, baseURL string, params TokenExchangeParams, expectedError string)
PerformTokenExchangeExpectingError performs a token exchange expecting an OAuth2 error
Types ¶
type AuthorizeParams ¶
type AuthorizeParams struct {
ClientID string
ResponseType string
RedirectURI string
State string
CodeChallenge string
CodeChallengeMethod string
Resource string
Scope string
}
AuthorizeParams contains parameters for OAuth2 authorization
type OAuth2Error ¶
type OAuth2Error struct {
Error string `json:"error"`
ErrorDescription string `json:"error_description,omitempty"`
}
OAuth2Error represents an OAuth2 error response
Source Files