OLD | NEW |
1 // Copyright (c) 2012, the Dart project authors. Please see the AUTHORS file | 1 // Copyright (c) 2012, the Dart project authors. Please see the AUTHORS file |
2 // for details. All rights reserved. Use of this source code is governed by a | 2 // for details. All rights reserved. Use of this source code is governed by a |
3 // BSD-style license that can be found in the LICENSE file. | 3 // BSD-style license that can be found in the LICENSE file. |
4 | 4 |
5 import 'dart:async'; | 5 import 'dart:async'; |
6 import 'dart:convert'; | 6 import 'dart:convert'; |
7 | 7 |
8 import 'package:http/http.dart' as http; | 8 import 'package:http/http.dart' as http; |
9 import 'package:oauth2/oauth2.dart' as oauth2; | 9 import 'package:oauth2/oauth2.dart' as oauth2; |
10 import 'package:test/test.dart'; | 10 import 'package:test/test.dart'; |
11 | 11 |
12 import 'utils.dart'; | 12 import 'utils.dart'; |
13 | 13 |
14 final Uri requestUri = Uri.parse("http://example.com/resource"); | 14 final Uri requestUri = Uri.parse("http://example.com/resource"); |
15 | 15 |
16 final Uri tokenEndpoint = Uri.parse('http://example.com/token'); | 16 final Uri tokenEndpoint = Uri.parse('http://example.com/token'); |
17 | 17 |
18 void main() { | 18 void main() { |
19 var httpClient; | 19 var httpClient; |
20 setUp(() => httpClient = new ExpectClient()); | 20 setUp(() => httpClient = new ExpectClient()); |
21 | 21 |
22 group('with expired credentials', () { | 22 group('with expired credentials', () { |
23 test("that can't be refreshed throws an ExpirationException on send", () { | 23 test("that can't be refreshed throws an ExpirationException on send", () { |
24 var expiration = new DateTime.now().subtract(new Duration(hours: 1)); | 24 var expiration = new DateTime.now().subtract(new Duration(hours: 1)); |
25 var credentials = new oauth2.Credentials( | 25 var credentials = new oauth2.Credentials( |
26 'access token', null, null, [], expiration); | 26 'access token', expiration: expiration); |
27 var client = new oauth2.Client('identifier', 'secret', credentials, | 27 var client = new oauth2.Client(credentials, |
| 28 identifier: 'identifier', |
| 29 secret: 'secret', |
28 httpClient: httpClient); | 30 httpClient: httpClient); |
29 | 31 |
30 expect(client.get(requestUri), | 32 expect(client.get(requestUri), |
31 throwsA(new isInstanceOf<oauth2.ExpirationException>())); | 33 throwsA(new isInstanceOf<oauth2.ExpirationException>())); |
32 }); | 34 }); |
33 | 35 |
34 test("that can be refreshed refreshes the credentials and sends the " | 36 test("that can be refreshed refreshes the credentials and sends the " |
35 "request", () async { | 37 "request", () async { |
36 var expiration = new DateTime.now().subtract(new Duration(hours: 1)); | 38 var expiration = new DateTime.now().subtract(new Duration(hours: 1)); |
37 var credentials = new oauth2.Credentials( | 39 var credentials = new oauth2.Credentials( |
38 'access token', 'refresh token', tokenEndpoint, [], expiration); | 40 'access token', |
39 var client = new oauth2.Client('identifier', 'secret', credentials, | 41 refreshToken: 'refresh token', |
| 42 tokenEndpoint: tokenEndpoint, |
| 43 expiration: expiration); |
| 44 var client = new oauth2.Client(credentials, |
| 45 identifier: 'identifier', |
| 46 secret: 'secret', |
40 httpClient: httpClient); | 47 httpClient: httpClient); |
41 | 48 |
42 httpClient.expectRequest((request) { | 49 httpClient.expectRequest((request) { |
43 expect(request.method, equals('POST')); | 50 expect(request.method, equals('POST')); |
44 expect(request.url.toString(), equals(tokenEndpoint.toString())); | 51 expect(request.url.toString(), equals(tokenEndpoint.toString())); |
45 return new Future.value(new http.Response(JSON.encode({ | 52 return new Future.value(new http.Response(JSON.encode({ |
46 'access_token': 'new access token', | 53 'access_token': 'new access token', |
47 'token_type': 'bearer' | 54 'token_type': 'bearer' |
48 }), 200, headers: {'content-type': 'application/json'})); | 55 }), 200, headers: {'content-type': 'application/json'})); |
49 }); | 56 }); |
50 | 57 |
51 httpClient.expectRequest((request) { | 58 httpClient.expectRequest((request) { |
52 expect(request.method, equals('GET')); | 59 expect(request.method, equals('GET')); |
53 expect(request.url.toString(), equals(requestUri.toString())); | 60 expect(request.url.toString(), equals(requestUri.toString())); |
54 expect(request.headers['authorization'], | 61 expect(request.headers['authorization'], |
55 equals('Bearer new access token')); | 62 equals('Bearer new access token')); |
56 | 63 |
57 return new Future.value(new http.Response('good job', 200)); | 64 return new Future.value(new http.Response('good job', 200)); |
58 }); | 65 }); |
59 | 66 |
60 await client.read(requestUri); | 67 await client.read(requestUri); |
61 expect(client.credentials.accessToken, equals('new access token')); | 68 expect(client.credentials.accessToken, equals('new access token')); |
62 }); | 69 }); |
63 }); | 70 }); |
64 | 71 |
65 group('with valid credentials', () { | 72 group('with valid credentials', () { |
66 test("sends a request with bearer authorization", () { | 73 test("sends a request with bearer authorization", () { |
67 var credentials = new oauth2.Credentials('access token'); | 74 var credentials = new oauth2.Credentials('access token'); |
68 var client = new oauth2.Client('identifier', 'secret', credentials, | 75 var client = new oauth2.Client(credentials, |
| 76 identifier: 'identifier', |
| 77 secret: 'secret', |
69 httpClient: httpClient); | 78 httpClient: httpClient); |
70 | 79 |
71 httpClient.expectRequest((request) { | 80 httpClient.expectRequest((request) { |
72 expect(request.method, equals('GET')); | 81 expect(request.method, equals('GET')); |
73 expect(request.url.toString(), equals(requestUri.toString())); | 82 expect(request.url.toString(), equals(requestUri.toString())); |
74 expect(request.headers['authorization'], equals('Bearer access token')); | 83 expect(request.headers['authorization'], equals('Bearer access token')); |
75 | 84 |
76 return new Future.value(new http.Response('good job', 200)); | 85 return new Future.value(new http.Response('good job', 200)); |
77 }); | 86 }); |
78 | 87 |
79 expect(client.read(requestUri), completion(equals('good job'))); | 88 expect(client.read(requestUri), completion(equals('good job'))); |
80 }); | 89 }); |
81 | 90 |
82 test("can manually refresh the credentials", () async { | 91 test("can manually refresh the credentials", () async { |
83 var credentials = new oauth2.Credentials( | 92 var credentials = new oauth2.Credentials( |
84 'access token', 'refresh token', tokenEndpoint); | 93 'access token', |
85 var client = new oauth2.Client('identifier', 'secret', credentials, | 94 refreshToken: 'refresh token', |
| 95 tokenEndpoint: tokenEndpoint); |
| 96 var client = new oauth2.Client(credentials, |
| 97 identifier: 'identifier', |
| 98 secret: 'secret', |
86 httpClient: httpClient); | 99 httpClient: httpClient); |
87 | 100 |
88 httpClient.expectRequest((request) { | 101 httpClient.expectRequest((request) { |
89 expect(request.method, equals('POST')); | 102 expect(request.method, equals('POST')); |
90 expect(request.url.toString(), equals(tokenEndpoint.toString())); | 103 expect(request.url.toString(), equals(tokenEndpoint.toString())); |
91 return new Future.value(new http.Response(JSON.encode({ | 104 return new Future.value(new http.Response(JSON.encode({ |
92 'access_token': 'new access token', | 105 'access_token': 'new access token', |
93 'token_type': 'bearer' | 106 'token_type': 'bearer' |
94 }), 200, headers: {'content-type': 'application/json'})); | 107 }), 200, headers: {'content-type': 'application/json'})); |
95 }); | 108 }); |
96 | 109 |
97 await client.refreshCredentials(); | 110 await client.refreshCredentials(); |
98 expect(client.credentials.accessToken, equals('new access token')); | 111 expect(client.credentials.accessToken, equals('new access token')); |
99 }); | 112 }); |
100 | 113 |
101 test("without a refresh token can't manually refresh the credentials", () { | 114 test("without a refresh token can't manually refresh the credentials", () { |
102 var credentials = new oauth2.Credentials('access token'); | 115 var credentials = new oauth2.Credentials('access token'); |
103 var client = new oauth2.Client('identifier', 'secret', credentials, | 116 var client = new oauth2.Client(credentials, |
| 117 identifier: 'identifier', |
| 118 secret: 'secret', |
104 httpClient: httpClient); | 119 httpClient: httpClient); |
105 | 120 |
106 expect(client.refreshCredentials(), throwsA(isStateError)); | 121 expect(client.refreshCredentials(), throwsA(isStateError)); |
107 }); | 122 }); |
108 }); | 123 }); |
109 | 124 |
110 group('with invalid credentials', () { | 125 group('with invalid credentials', () { |
111 test('throws an AuthorizationException for a 401 response', () { | 126 test('throws an AuthorizationException for a 401 response', () { |
112 var credentials = new oauth2.Credentials('access token'); | 127 var credentials = new oauth2.Credentials('access token'); |
113 var client = new oauth2.Client('identifier', 'secret', credentials, | 128 var client = new oauth2.Client(credentials, |
| 129 identifier: 'identifier', |
| 130 secret: 'secret', |
114 httpClient: httpClient); | 131 httpClient: httpClient); |
115 | 132 |
116 httpClient.expectRequest((request) { | 133 httpClient.expectRequest((request) { |
117 expect(request.method, equals('GET')); | 134 expect(request.method, equals('GET')); |
118 expect(request.url.toString(), equals(requestUri.toString())); | 135 expect(request.url.toString(), equals(requestUri.toString())); |
119 expect(request.headers['authorization'], equals('Bearer access token')); | 136 expect(request.headers['authorization'], equals('Bearer access token')); |
120 | 137 |
121 var authenticate = 'Bearer error="invalid_token", error_description=' | 138 var authenticate = 'Bearer error="invalid_token", error_description=' |
122 '"Something is terribly wrong."'; | 139 '"Something is terribly wrong."'; |
123 return new Future.value(new http.Response('bad job', 401, | 140 return new Future.value(new http.Response('bad job', 401, |
124 headers: {'www-authenticate': authenticate})); | 141 headers: {'www-authenticate': authenticate})); |
125 }); | 142 }); |
126 | 143 |
127 expect(client.read(requestUri), | 144 expect(client.read(requestUri), |
128 throwsA(new isInstanceOf<oauth2.AuthorizationException>())); | 145 throwsA(new isInstanceOf<oauth2.AuthorizationException>())); |
129 }); | 146 }); |
130 | 147 |
131 test('passes through a 401 response without www-authenticate', () async { | 148 test('passes through a 401 response without www-authenticate', () async { |
132 var credentials = new oauth2.Credentials('access token'); | 149 var credentials = new oauth2.Credentials('access token'); |
133 var client = new oauth2.Client('identifier', 'secret', credentials, | 150 var client = new oauth2.Client(credentials, |
| 151 identifier: 'identifier', |
| 152 secret: 'secret', |
134 httpClient: httpClient); | 153 httpClient: httpClient); |
135 | 154 |
136 httpClient.expectRequest((request) { | 155 httpClient.expectRequest((request) { |
137 expect(request.method, equals('GET')); | 156 expect(request.method, equals('GET')); |
138 expect(request.url.toString(), equals(requestUri.toString())); | 157 expect(request.url.toString(), equals(requestUri.toString())); |
139 expect(request.headers['authorization'], | 158 expect(request.headers['authorization'], |
140 equals('Bearer access token')); | 159 equals('Bearer access token')); |
141 | 160 |
142 return new Future.value(new http.Response('bad job', 401)); | 161 return new Future.value(new http.Response('bad job', 401)); |
143 }); | 162 }); |
144 | 163 |
145 expect((await client.get(requestUri)).statusCode, equals(401)); | 164 expect((await client.get(requestUri)).statusCode, equals(401)); |
146 }); | 165 }); |
147 | 166 |
148 test('passes through a 401 response with invalid www-authenticate', | 167 test('passes through a 401 response with invalid www-authenticate', |
149 () async { | 168 () async { |
150 var credentials = new oauth2.Credentials('access token'); | 169 var credentials = new oauth2.Credentials('access token'); |
151 var client = new oauth2.Client('identifier', 'secret', credentials, | 170 var client = new oauth2.Client(credentials, |
| 171 identifier: 'identifier', |
| 172 secret: 'secret', |
152 httpClient: httpClient); | 173 httpClient: httpClient); |
153 | 174 |
154 httpClient.expectRequest((request) { | 175 httpClient.expectRequest((request) { |
155 expect(request.method, equals('GET')); | 176 expect(request.method, equals('GET')); |
156 expect(request.url.toString(), equals(requestUri.toString())); | 177 expect(request.url.toString(), equals(requestUri.toString())); |
157 expect(request.headers['authorization'], | 178 expect(request.headers['authorization'], |
158 equals('Bearer access token')); | 179 equals('Bearer access token')); |
159 | 180 |
160 var authenticate = 'Bearer error="invalid_token", error_description=' | 181 var authenticate = 'Bearer error="invalid_token" error_description=' |
161 '"Something is terribly wrong.", '; | 182 '"Something is terribly wrong."'; |
162 return new Future.value(new http.Response('bad job', 401, | 183 return new Future.value(new http.Response('bad job', 401, |
163 headers: {'www-authenticate': authenticate})); | 184 headers: {'www-authenticate': authenticate})); |
164 }); | 185 }); |
165 | 186 |
166 expect((await client.get(requestUri)).statusCode, equals(401)); | 187 expect((await client.get(requestUri)).statusCode, equals(401)); |
167 }); | 188 }); |
168 | 189 |
169 test('passes through a 401 response with non-bearer www-authenticate', | 190 test('passes through a 401 response with non-bearer www-authenticate', |
170 () async { | 191 () async { |
171 var credentials = new oauth2.Credentials('access token'); | 192 var credentials = new oauth2.Credentials('access token'); |
172 var client = new oauth2.Client('identifier', 'secret', credentials, | 193 var client = new oauth2.Client(credentials, |
| 194 identifier: 'identifier', |
| 195 secret: 'secret', |
173 httpClient: httpClient); | 196 httpClient: httpClient); |
174 | 197 |
175 httpClient.expectRequest((request) { | 198 httpClient.expectRequest((request) { |
176 expect(request.method, equals('GET')); | 199 expect(request.method, equals('GET')); |
177 expect(request.url.toString(), equals(requestUri.toString())); | 200 expect(request.url.toString(), equals(requestUri.toString())); |
178 expect(request.headers['authorization'], | 201 expect(request.headers['authorization'], |
179 equals('Bearer access token')); | 202 equals('Bearer access token')); |
180 | 203 |
181 return new Future.value(new http.Response('bad job', 401, | 204 return new Future.value(new http.Response('bad job', 401, |
182 headers: {'www-authenticate': 'Digest'})); | 205 headers: {'www-authenticate': 'Digest'})); |
183 }); | 206 }); |
184 | 207 |
185 expect((await client.get(requestUri)).statusCode, equals(401)); | 208 expect((await client.get(requestUri)).statusCode, equals(401)); |
186 }); | 209 }); |
187 | 210 |
188 test('passes through a 401 response with non-OAuth2 www-authenticate', | 211 test('passes through a 401 response with non-OAuth2 www-authenticate', |
189 () async { | 212 () async { |
190 var credentials = new oauth2.Credentials('access token'); | 213 var credentials = new oauth2.Credentials('access token'); |
191 var client = new oauth2.Client('identifier', 'secret', credentials, | 214 var client = new oauth2.Client(credentials, |
| 215 identifier: 'identifier', |
| 216 secret: 'secret', |
192 httpClient: httpClient); | 217 httpClient: httpClient); |
193 | 218 |
194 httpClient.expectRequest((request) { | 219 httpClient.expectRequest((request) { |
195 expect(request.method, equals('GET')); | 220 expect(request.method, equals('GET')); |
196 expect(request.url.toString(), equals(requestUri.toString())); | 221 expect(request.url.toString(), equals(requestUri.toString())); |
197 expect(request.headers['authorization'], | 222 expect(request.headers['authorization'], |
198 equals('Bearer access token')); | 223 equals('Bearer access token')); |
199 | 224 |
200 return new Future.value(new http.Response('bad job', 401, | 225 return new Future.value(new http.Response('bad job', 401, |
201 headers: {'www-authenticate': 'Bearer'})); | 226 headers: {'www-authenticate': 'Bearer'})); |
202 }); | 227 }); |
203 | 228 |
204 expect((await client.get(requestUri)).statusCode, equals(401)); | 229 expect((await client.get(requestUri)).statusCode, equals(401)); |
205 }); | 230 }); |
206 }); | 231 }); |
207 } | 232 } |
OLD | NEW |