(t *testing.T)
| 334 | } |
| 335 | |
| 336 | func TestExternalAuthDevice(t *testing.T) { |
| 337 | t.Parallel() |
| 338 | // This is an example test on how to do device auth flow using our fake idp. |
| 339 | t.Run("WithFakeIDP", func(t *testing.T) { |
| 340 | t.Parallel() |
| 341 | fake := oidctest.NewFakeIDP(t, oidctest.WithServing()) |
| 342 | externalID := "fake-idp" |
| 343 | cfg := fake.ExternalAuthConfig(t, externalID, &oidctest.ExternalAuthConfigOptions{ |
| 344 | UseDeviceAuth: true, |
| 345 | }) |
| 346 | |
| 347 | client := coderdtest.New(t, &coderdtest.Options{ |
| 348 | ExternalAuthConfigs: []*externalauth.Config{cfg}, |
| 349 | }) |
| 350 | coderdtest.CreateFirstUser(t, client) |
| 351 | // Login! |
| 352 | fake.DeviceLogin(t, client, externalID) |
| 353 | |
| 354 | extAuth, err := client.ExternalAuthByID(context.Background(), externalID) |
| 355 | require.NoError(t, err) |
| 356 | require.True(t, extAuth.Authenticated) |
| 357 | }) |
| 358 | |
| 359 | t.Run("NotSupported", func(t *testing.T) { |
| 360 | t.Parallel() |
| 361 | client := coderdtest.New(t, &coderdtest.Options{ |
| 362 | ExternalAuthConfigs: []*externalauth.Config{{ |
| 363 | ID: "test", |
| 364 | }}, |
| 365 | }) |
| 366 | coderdtest.CreateFirstUser(t, client) |
| 367 | _, err := client.ExternalAuthDeviceByID(context.Background(), "test") |
| 368 | var sdkErr *codersdk.Error |
| 369 | require.ErrorAs(t, err, &sdkErr) |
| 370 | require.Equal(t, http.StatusBadRequest, sdkErr.StatusCode()) |
| 371 | }) |
| 372 | t.Run("FetchCode", func(t *testing.T) { |
| 373 | t.Parallel() |
| 374 | srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { |
| 375 | httpapi.Write(r.Context(), w, http.StatusOK, codersdk.ExternalAuthDevice{ |
| 376 | UserCode: "hey", |
| 377 | }) |
| 378 | })) |
| 379 | defer srv.Close() |
| 380 | client := coderdtest.New(t, &coderdtest.Options{ |
| 381 | ExternalAuthConfigs: []*externalauth.Config{{ |
| 382 | ID: "test", |
| 383 | DeviceAuth: &externalauth.DeviceAuth{ |
| 384 | ClientID: "test", |
| 385 | CodeURL: srv.URL, |
| 386 | Scopes: []string{"repo"}, |
| 387 | }, |
| 388 | }}, |
| 389 | }) |
| 390 | coderdtest.CreateFirstUser(t, client) |
| 391 | device, err := client.ExternalAuthDeviceByID(context.Background(), "test") |
| 392 | require.NoError(t, err) |
| 393 | require.Equal(t, "hey", device.UserCode) |
nothing calls this directly
no test coverage detected