summaryrefslogtreecommitdiffstats
path: root/integrations
diff options
context:
space:
mode:
Diffstat (limited to 'integrations')
-rw-r--r--integrations/oauth_test.go41
1 files changed, 41 insertions, 0 deletions
diff --git a/integrations/oauth_test.go b/integrations/oauth_test.go
index 53b83bb01a..9674146f8b 100644
--- a/integrations/oauth_test.go
+++ b/integrations/oauth_test.go
@@ -136,3 +136,44 @@ func TestAccessTokenExchangeWithInvalidCredentials(t *testing.T) {
})
MakeRequest(t, req, 400)
}
+
+func TestAccessTokenExchangeWithBasicAuth(t *testing.T) {
+ prepareTestEnv(t)
+ req := NewRequestWithValues(t, "POST", "/login/oauth/access_token", map[string]string{
+ "grant_type": "authorization_code",
+ "redirect_uri": "a",
+ "code": "authcode",
+ "code_verifier": "N1Zo9-8Rfwhkt68r1r29ty8YwIraXR8eh_1Qwxg7yQXsonBt", // test PKCE additionally
+ })
+ req.Header.Add("Authorization", "Basic ZGE3ZGEzYmEtOWExMy00MTY3LTg1NmYtMzg5OWRlMGIwMTM4OjRNSzhOYTZSNTVzbWRDWTBXdUNDdW1aNmhqUlBuR1k1c2FXVlJISGpKaUE9")
+ resp := MakeRequest(t, req, 200)
+ type response struct {
+ AccessToken string `json:"access_token"`
+ TokenType string `json:"token_type"`
+ ExpiresIn int64 `json:"expires_in"`
+ RefreshToken string `json:"refresh_token"`
+ }
+ parsed := new(response)
+ assert.NoError(t, json.Unmarshal(resp.Body.Bytes(), parsed))
+ assert.True(t, len(parsed.AccessToken) > 10)
+ assert.True(t, len(parsed.RefreshToken) > 10)
+
+ // use wrong client_secret
+ req = NewRequestWithValues(t, "POST", "/login/oauth/access_token", map[string]string{
+ "grant_type": "authorization_code",
+ "redirect_uri": "a",
+ "code": "authcode",
+ "code_verifier": "N1Zo9-8Rfwhkt68r1r29ty8YwIraXR8eh_1Qwxg7yQXsonBt", // test PKCE additionally
+ })
+ req.Header.Add("Authorization", "Basic ZGE3ZGEzYmEtOWExMy00MTY3LTg1NmYtMzg5OWRlMGIwMTM4OmJsYWJsYQ==")
+ resp = MakeRequest(t, req, 400)
+
+ // missing header
+ req = NewRequestWithValues(t, "POST", "/login/oauth/access_token", map[string]string{
+ "grant_type": "authorization_code",
+ "redirect_uri": "a",
+ "code": "authcode",
+ "code_verifier": "N1Zo9-8Rfwhkt68r1r29ty8YwIraXR8eh_1Qwxg7yQXsonBt", // test PKCE additionally
+ })
+ resp = MakeRequest(t, req, 400)
+}
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-08 13:40:23 +0000