MCPcopy Index your code
hub / github.com/coder/coder / TestOAuth2ErrorResponseStructure

Function TestOAuth2ErrorResponseStructure

coderd/oauth2_error_compliance_test.go:281–327  ·  view source on GitHub ↗

TestOAuth2ErrorResponseStructure tests the JSON structure of error responses

(t *testing.T)

Source from the content-addressed store, hash-verified

279
280// TestOAuth2ErrorResponseStructure tests the JSON structure of error responses
281func TestOAuth2ErrorResponseStructure(t *testing.T) {
282 t.Parallel()
283
284 t.Run("ErrorFieldsPresent", func(t *testing.T) {
285 t.Parallel()
286
287 client := coderdtest.New(t, nil)
288 _ = coderdtest.CreateFirstUser(t, client)
289 ctx := testutil.Context(t, testutil.WaitLong)
290
291 // Make a request that will generate an error
292 req := codersdk.OAuth2ClientRegistrationRequest{
293 RedirectURIs: []string{"invalid-uri"},
294 ClientName: fmt.Sprintf("test-client-%d", time.Now().UnixNano()),
295 }
296
297 _, err := client.PostOAuth2ClientRegistration(ctx, req)
298 require.Error(t, err)
299
300 // Validate that the error contains the expected OAuth2 error structure
301 var httpErr *codersdk.Error
302 require.ErrorAs(t, err, &httpErr)
303
304 // The error should be a 400 status for invalid client metadata
305 require.Equal(t, http.StatusBadRequest, httpErr.StatusCode())
306
307 // Should have error details
308 require.NotEmpty(t, httpErr.Message)
309 })
310
311 t.Run("RegistrationAccessTokenErrors", func(t *testing.T) {
312 t.Parallel()
313
314 client := coderdtest.New(t, nil)
315 _ = coderdtest.CreateFirstUser(t, client)
316 ctx := testutil.Context(t, testutil.WaitLong)
317
318 // Try to access a client configuration with invalid token - use a valid UUID format
319 validUUID := "550e8400-e29b-41d4-a716-446655440000"
320 _, err := client.GetOAuth2ClientConfiguration(ctx, validUUID, "invalid-token")
321 require.Error(t, err)
322
323 var httpErr *codersdk.Error
324 require.ErrorAs(t, err, &httpErr)
325 require.Equal(t, http.StatusUnauthorized, httpErr.StatusCode())
326 })
327}
328
329// TestOAuth2ErrorHTTPHeaders tests that error responses have correct HTTP headers
330func TestOAuth2ErrorHTTPHeaders(t *testing.T) {

Callers

nothing calls this directly

Calls 10

StatusCodeMethod · 0.95
NewFunction · 0.92
CreateFirstUserFunction · 0.92
ContextFunction · 0.92
NotEmptyMethod · 0.80
RunMethod · 0.65
ErrorMethod · 0.45
EqualMethod · 0.45

Tested by

no test coverage detected