(t *testing.T)
| 131 | } |
| 132 | |
| 133 | func TestIsFailedRefresh(t *testing.T) { |
| 134 | t.Parallel() |
| 135 | |
| 136 | expiredToken := &oauth2.Token{ |
| 137 | RefreshToken: "refresh-token", |
| 138 | // isFailedRefresh returns early at the existingToken.Valid() |
| 139 | // guard if the token is valid. Valid() requires |
| 140 | // AccessToken != "" AND not expired. This fixture has no |
| 141 | // AccessToken so Valid() is always false, but we set an |
| 142 | // expired time as a safety net in case someone later adds |
| 143 | // an AccessToken field. |
| 144 | Expiry: time.Now().Add(-time.Hour), |
| 145 | } |
| 146 | |
| 147 | tests := []struct { |
| 148 | name string |
| 149 | err error |
| 150 | expected bool |
| 151 | }{ |
| 152 | { |
| 153 | name: "IncorrectClientCredentials_StatusOK", |
| 154 | err: &oauth2.RetrieveError{ |
| 155 | Response: &http.Response{StatusCode: http.StatusOK}, |
| 156 | ErrorCode: "incorrect_client_credentials", |
| 157 | }, |
| 158 | // StatusOK fallthrough also returns true, so this test |
| 159 | // documents the combined behavior. See the 403-status |
| 160 | // variant below for error-code-only isolation. |
| 161 | expected: true, |
| 162 | }, |
| 163 | { |
| 164 | // Uses 403 status (excluded from the status code switch) |
| 165 | // so the only path to true is the error code switch. |
| 166 | name: "IncorrectClientCredentials_Status403", |
| 167 | err: &oauth2.RetrieveError{ |
| 168 | Response: &http.Response{StatusCode: http.StatusForbidden}, |
| 169 | ErrorCode: "incorrect_client_credentials", |
| 170 | }, |
| 171 | expected: true, |
| 172 | }, |
| 173 | { |
| 174 | name: "InvalidClient_Status401", |
| 175 | err: &oauth2.RetrieveError{ |
| 176 | Response: &http.Response{StatusCode: http.StatusUnauthorized}, |
| 177 | ErrorCode: "invalid_client", |
| 178 | }, |
| 179 | // StatusUnauthorized fallthrough also returns true, so |
| 180 | // this test documents the combined behavior. |
| 181 | expected: true, |
| 182 | }, |
| 183 | { |
| 184 | // Uses 403 status (excluded from the status code switch) |
| 185 | // so the only path to true is the error code switch. |
| 186 | name: "InvalidClient_Status403", |
| 187 | err: &oauth2.RetrieveError{ |
| 188 | Response: &http.Response{StatusCode: http.StatusForbidden}, |
| 189 | ErrorCode: "invalid_client", |
| 190 | }, |
nothing calls this directly
no test coverage detected