diff options
| author | Gustavo Marin <gustavo.marin@intelygenz.com> | 2020-02-29 07:19:32 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-02-29 03:19:32 -0300 |
| commit | af61b2249ab9d0afb7424509112d06c578dca059 (patch) | |
| tree | 1857e96d874b956136de1fe652366f00027550a5 /integrations | |
| parent | 7e8cdba18120c4588d1921f07593a9a66eaa1411 (diff) | |
| download | gitea-af61b2249ab9d0afb7424509112d06c578dca059.tar.gz gitea-af61b2249ab9d0afb7424509112d06c578dca059.zip | |
adds API endpoints to manage OAuth2 Application (list/create/delete) (#10437)
* add API endpoint to create OAuth2 Application.
* move endpoint to /user. Add swagger documentations and proper response type.
* change json tags to snake_case. add CreateOAuth2ApplicationOptions to swagger docs.
* change response status to Created (201)
* add methods to list OAuth2 apps and delete an existing OAuth2 app by ID.
* add APIFormat convert method and file header
* fixed header
* hide secret on oauth2 application list
* add Created time to API response
* add API integration tests for create/list/delete OAuth2 applications.
Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
Diffstat (limited to 'integrations')
| -rw-r--r-- | integrations/api_oauth2_apps_test.go | 96 |
1 files changed, 96 insertions, 0 deletions
diff --git a/integrations/api_oauth2_apps_test.go b/integrations/api_oauth2_apps_test.go new file mode 100644 index 0000000000..fe79582308 --- /dev/null +++ b/integrations/api_oauth2_apps_test.go @@ -0,0 +1,96 @@ +// Copyright 2020 The Gitea Authors. All rights reserved. +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file.package models + +package integrations + +import ( + "fmt" + "net/http" + "testing" + + "code.gitea.io/gitea/models" + api "code.gitea.io/gitea/modules/structs" + + "github.com/stretchr/testify/assert" +) + +func TestOAuth2Application(t *testing.T) { + defer prepareTestEnv(t)() + testAPICreateOAuth2Application(t) + testAPIListOAuth2Applications(t) + testAPIDeleteOAuth2Application(t) +} + +func testAPICreateOAuth2Application(t *testing.T) { + user := models.AssertExistsAndLoadBean(t, &models.User{ID: 2}).(*models.User) + appBody := api.CreateOAuth2ApplicationOptions{ + Name: "test-app-1", + RedirectURIs: []string{ + "http://www.google.com", + }, + } + + req := NewRequestWithJSON(t, "POST", "/api/v1/user/applications/oauth2", &appBody) + req = AddBasicAuthHeader(req, user.Name) + resp := MakeRequest(t, req, http.StatusCreated) + + var createdApp *api.OAuth2Application + DecodeJSON(t, resp, &createdApp) + + assert.EqualValues(t, appBody.Name, createdApp.Name) + assert.Len(t, createdApp.ClientSecret, 44) + assert.Len(t, createdApp.ClientID, 36) + assert.NotEmpty(t, createdApp.Created) + assert.EqualValues(t, appBody.RedirectURIs[0], createdApp.RedirectURIs[0]) + models.AssertExistsAndLoadBean(t, &models.OAuth2Application{UID: user.ID, Name: createdApp.Name}) +} + +func testAPIListOAuth2Applications(t *testing.T) { + user := models.AssertExistsAndLoadBean(t, &models.User{ID: 2}).(*models.User) + session := loginUser(t, user.Name) + token := getTokenForLoggedInUser(t, session) + + existApp := models.AssertExistsAndLoadBean(t, &models.OAuth2Application{ + UID: user.ID, + Name: "test-app-1", + RedirectURIs: []string{ + "http://www.google.com", + }, + }).(*models.OAuth2Application) + + urlStr := fmt.Sprintf("/api/v1/user/applications/oauth2?token=%s", token) + req := NewRequest(t, "GET", urlStr) + resp := session.MakeRequest(t, req, http.StatusOK) + + var appList api.OAuth2ApplicationList + DecodeJSON(t, resp, &appList) + expectedApp := appList[0] + + assert.EqualValues(t, existApp.Name, expectedApp.Name) + assert.EqualValues(t, existApp.ClientID, expectedApp.ClientID) + assert.Len(t, expectedApp.ClientID, 36) + assert.Empty(t, expectedApp.ClientSecret) + assert.EqualValues(t, existApp.RedirectURIs[0], expectedApp.RedirectURIs[0]) + models.AssertExistsAndLoadBean(t, &models.OAuth2Application{ID: expectedApp.ID, Name: expectedApp.Name}) +} + +func testAPIDeleteOAuth2Application(t *testing.T) { + user := models.AssertExistsAndLoadBean(t, &models.User{ID: 2}).(*models.User) + session := loginUser(t, user.Name) + token := getTokenForLoggedInUser(t, session) + + oldApp := models.AssertExistsAndLoadBean(t, &models.OAuth2Application{ + UID: user.ID, + Name: "test-app-1", + RedirectURIs: []string{ + "http://www.google.com", + }, + }).(*models.OAuth2Application) + + urlStr := fmt.Sprintf("/api/v1/user/applications/oauth2/%d?token=%s", oldApp.ID, token) + req := NewRequest(t, "DELETE", urlStr) + session.MakeRequest(t, req, http.StatusNoContent) + + models.AssertNotExistsBean(t, &models.OAuth2Application{UID: oldApp.UID, Name: oldApp.Name}) +} |