authelia/internal/oidc/store_test.go

143 lines
4.1 KiB
Go

package oidc
import (
"context"
"testing"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"github.com/authelia/authelia/internal/authorization"
"github.com/authelia/authelia/internal/configuration/schema"
)
func TestOpenIDConnectStore_GetClientPolicy(t *testing.T) {
s, err := NewOpenIDConnectStore(&schema.OpenIDConnectConfiguration{
IssuerPrivateKey: exampleIssuerPrivateKey,
Clients: []schema.OpenIDConnectClientConfiguration{
{
ID: "myclient",
Description: "myclient desc",
Policy: "one_factor",
Scopes: []string{"openid", "profile"},
Secret: "mysecret",
},
{
ID: "myotherclient",
Description: "myclient desc",
Policy: "two_factor",
Scopes: []string{"openid", "profile"},
Secret: "mysecret",
},
},
})
require.NoError(t, err)
policyOne := s.GetClientPolicy("myclient")
assert.Equal(t, authorization.OneFactor, policyOne)
policyTwo := s.GetClientPolicy("myotherclient")
assert.Equal(t, authorization.TwoFactor, policyTwo)
policyInvalid := s.GetClientPolicy("invalidclient")
assert.Equal(t, authorization.TwoFactor, policyInvalid)
}
func TestOpenIDConnectStore_GetInternalClient(t *testing.T) {
s, err := NewOpenIDConnectStore(&schema.OpenIDConnectConfiguration{
IssuerPrivateKey: exampleIssuerPrivateKey,
Clients: []schema.OpenIDConnectClientConfiguration{
{
ID: "myclient",
Description: "myclient desc",
Policy: "one_factor",
Scopes: []string{"openid", "profile"},
Secret: "mysecret",
},
},
})
require.NoError(t, err)
client, err := s.GetClient(context.Background(), "myinvalidclient")
assert.EqualError(t, err, "not_found")
assert.Nil(t, client)
client, err = s.GetClient(context.Background(), "myclient")
require.NoError(t, err)
require.NotNil(t, client)
assert.Equal(t, "myclient", client.GetID())
}
func TestOpenIDConnectStore_GetInternalClient_ValidClient(t *testing.T) {
c1 := schema.OpenIDConnectClientConfiguration{
ID: "myclient",
Description: "myclient desc",
Policy: "one_factor",
Scopes: []string{"openid", "profile"},
Secret: "mysecret",
}
s, err := NewOpenIDConnectStore(&schema.OpenIDConnectConfiguration{
IssuerPrivateKey: exampleIssuerPrivateKey,
Clients: []schema.OpenIDConnectClientConfiguration{c1},
})
require.NoError(t, err)
client, err := s.GetInternalClient(c1.ID)
require.NoError(t, err)
require.NotNil(t, client)
assert.Equal(t, client.ID, c1.ID)
assert.Equal(t, client.Description, c1.Description)
assert.Equal(t, client.Scopes, c1.Scopes)
assert.Equal(t, client.GrantTypes, c1.GrantTypes)
assert.Equal(t, client.ResponseTypes, c1.ResponseTypes)
assert.Equal(t, client.RedirectURIs, c1.RedirectURIs)
assert.Equal(t, client.Policy, authorization.OneFactor)
assert.Equal(t, client.Secret, []byte(c1.Secret))
}
func TestOpenIDConnectStore_GetInternalClient_InvalidClient(t *testing.T) {
c1 := schema.OpenIDConnectClientConfiguration{
ID: "myclient",
Description: "myclient desc",
Policy: "one_factor",
Scopes: []string{"openid", "profile"},
Secret: "mysecret",
}
s, err := NewOpenIDConnectStore(&schema.OpenIDConnectConfiguration{
IssuerPrivateKey: exampleIssuerPrivateKey,
Clients: []schema.OpenIDConnectClientConfiguration{c1},
})
require.NoError(t, err)
client, err := s.GetInternalClient("another-client")
assert.Nil(t, client)
assert.EqualError(t, err, "not_found")
}
func TestOpenIDConnectStore_IsValidClientID(t *testing.T) {
s, err := NewOpenIDConnectStore(&schema.OpenIDConnectConfiguration{
IssuerPrivateKey: exampleIssuerPrivateKey,
Clients: []schema.OpenIDConnectClientConfiguration{
{
ID: "myclient",
Description: "myclient desc",
Policy: "one_factor",
Scopes: []string{"openid", "profile"},
Secret: "mysecret",
},
},
})
require.NoError(t, err)
validClient := s.IsValidClientID("myclient")
invalidClient := s.IsValidClientID("myinvalidclient")
assert.True(t, validClient)
assert.False(t, invalidClient)
}