TestOAuth2RegistrationErrorCodes tests all RFC 7591 error codes
(t *testing.T)
| 50 | |
| 51 | // TestOAuth2RegistrationErrorCodes tests all RFC 7591 error codes |
| 52 | func TestOAuth2RegistrationErrorCodes(t *testing.T) { |
| 53 | t.Parallel() |
| 54 | |
| 55 | tests := []struct { |
| 56 | name string |
| 57 | req codersdk.OAuth2ClientRegistrationRequest |
| 58 | expectedError string |
| 59 | expectedCode int |
| 60 | }{ |
| 61 | { |
| 62 | name: "InvalidClientMetadata_NoRedirectURIs", |
| 63 | req: codersdk.OAuth2ClientRegistrationRequest{ |
| 64 | ClientName: fmt.Sprintf("test-client-%d", time.Now().UnixNano()), |
| 65 | // Missing required redirect_uris |
| 66 | }, |
| 67 | expectedError: "invalid_client_metadata", |
| 68 | expectedCode: http.StatusBadRequest, |
| 69 | }, |
| 70 | { |
| 71 | name: "InvalidClientMetadata_InvalidRedirectURI", |
| 72 | req: codersdk.OAuth2ClientRegistrationRequest{ |
| 73 | RedirectURIs: []string{"not-a-valid-uri"}, |
| 74 | ClientName: fmt.Sprintf("test-client-%d", time.Now().UnixNano()), |
| 75 | }, |
| 76 | expectedError: "invalid_client_metadata", |
| 77 | expectedCode: http.StatusBadRequest, |
| 78 | }, |
| 79 | { |
| 80 | name: "InvalidClientMetadata_RedirectURIWithFragment", |
| 81 | req: codersdk.OAuth2ClientRegistrationRequest{ |
| 82 | RedirectURIs: []string{"https://example.com/callback#fragment"}, |
| 83 | ClientName: fmt.Sprintf("test-client-%d", time.Now().UnixNano()), |
| 84 | }, |
| 85 | expectedError: "invalid_client_metadata", |
| 86 | expectedCode: http.StatusBadRequest, |
| 87 | }, |
| 88 | { |
| 89 | name: "InvalidClientMetadata_HTTPRedirectForNonLocalhost", |
| 90 | req: codersdk.OAuth2ClientRegistrationRequest{ |
| 91 | RedirectURIs: []string{"http://example.com/callback"}, // HTTP for non-localhost |
| 92 | ClientName: fmt.Sprintf("test-client-%d", time.Now().UnixNano()), |
| 93 | }, |
| 94 | expectedError: "invalid_client_metadata", |
| 95 | expectedCode: http.StatusBadRequest, |
| 96 | }, |
| 97 | { |
| 98 | name: "InvalidClientMetadata_UnsupportedGrantType", |
| 99 | req: codersdk.OAuth2ClientRegistrationRequest{ |
| 100 | RedirectURIs: []string{"https://example.com/callback"}, |
| 101 | ClientName: fmt.Sprintf("test-client-%d", time.Now().UnixNano()), |
| 102 | GrantTypes: []codersdk.OAuth2ProviderGrantType{"unsupported_grant_type"}, |
| 103 | }, |
| 104 | expectedError: "invalid_client_metadata", |
| 105 | expectedCode: http.StatusBadRequest, |
| 106 | }, |
| 107 | { |
| 108 | name: "InvalidClientMetadata_UnsupportedResponseType", |
| 109 | req: codersdk.OAuth2ClientRegistrationRequest{ |
nothing calls this directly
no test coverage detected